Search This Blog

Tuesday, February 14, 2012

Re: How to setup OpenVPN?

> for some days I have encountered that i can have an IPv6 range on my
> VServer at my Hoster.
>
> Since I am on an FTTH with a fixed IP (v4) and has only IPv4 Support, I
> like to do use my IPv6 space on my server at home.
>
> So, now I do not know, how and where to start.

What are your goals? Would you like to have IP6 connectivity to just
your VServer, or to the IP6 Internet? Do you want the servers in your
home network reachable from the IP6 Internet?

I'd say it would be most beneficial for you to just enable IP6 in your home
network by connecting to a tunnel broker, or by using 6to4. Then you can
connect to all IP6 hosts, including your vserver. And those hosts can connect
to your home-servers, depending on your firewall rules, of course.

The rationale for IP6 was to create another unlimited address space, like
IP4 was years ago. Getting an IP6 prefix for your home network is easy.
There's no need to recycle what you got for your vserver.

> My Setup is:
>
> Intenet -> FTTH -> Media-Converter -> DebianRouter -> InternalNet
> (Fiber-> Eth) (Mini-ITX)
>
> So, currently I have NAT'ed my InternelNet and setup some physical servers
> using IPv4 private space.
>
> Now I gaved my @home severs a second IP like
>
> 192.168.0.11 -> xxxx:xxxx:xxxx:xxxx:::1:11
>
> (while ignoring the alphabetical chars) and installed OpenVPN on my
> DebianRouter and on my Server at my Hoster...
>
> OK, but how do I create a IPv6 channel from my ficxed HOME IP To the fixed
> Server IP (IPv4 and/or IPv6) and then tell OpenVPN, that ::::::1:x is not
> more on the Server but @home?

The only reason to do it this way would be if you wanted to have a secure
channel between your home servers and your vserver. I don't know enough
about OpenVPN to give you specific advice on this.

Still, it would be simpler to use a different IP6 prefix for your
home servers, instead of subnetting within your vserver's prefix.

> Question: It is better to ask on <debian-ipv6> ?

Ask them :-)


--
To UNSUBSCRIBE, email to debian-firewall-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/20120214084418.GA31405@lia.ch

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)