[Solved] IPv6 on Hetzner vSwitch / 64 er Subnet Seperation

Started by niclas, November 14, 2024, 12:32:37 AM

Previous topic - Next topic
Print
Go Down Pages 1 2 3
User actions
November 14, 2024, 10:02:30 PM #30 Last Edit: November 14, 2024, 10:11:18 PM by Monviech (Cedrik)
Quote from: niclas on November 14, 2024, 09:08:36 PM
Quote from: Monviech (Cedrik) on November 14, 2024, 09:02:27 PM
Probably in the next minor version.  :)

So 24.7.9

Theres 4 settings, check out the man page. Its only 4 settings but it feels rather complicated (at least to me) even though it should be simple. Guess it depends highly on the exact usecase.

Ah, found it. Can I do multiple LAN Networks? Because i have to put the MAC and IP in the config.



No it can only proxy for one network. Other vendors offer an enterprise level implementation of the same feature that support multi interfaces.

https://www.juniper.net/documentation/us/en/software/junos/neighbor-discovery/topics/topic-map/ndp-dad-proxy.html#concept_m34_4lq_qsb__section_xzt_g2p_ssb

Though this shows again how bad network design choices by ISP spawn new "features" to fix things that are just as bad as NAT. If everybody would adhere to IPv6 standards everybody would have properly routet subnets. IPv6 is dirt cheap, theres no reason to make it hard for everybody but greed and bad choices.
Hardware:
DEC740
November 14, 2024, 10:28:55 PM #31
Quote from: Monviech (Cedrik) on November 14, 2024, 10:02:30 PM
Though this shows again how bad network design choices by ISP spawn new "features" to fix things that are just as bad as NAT. If everybody would adhere to IPv6 standards everybody would have properly routet subnets. IPv6 is dirt cheap, theres no reason to make it hard for everybody but greed and bad choices.

Word, bro!  8)
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
November 14, 2024, 10:37:53 PM #32
 ;D
Hardware:
DEC740
November 14, 2024, 10:42:46 PM #33
Thanks for Your Help!!!

Now i understood the Problem and also have 2 Solutions for it.

I also wrote the Hetzner Support about it, lets see what they thing about it.

I will use NAT for now and then try the nd-proxy. After implementing it in production i will write a guide on Hetzner for it.

Thanks and i keep you updated on nd-proxy :)
November 14, 2024, 10:57:23 PM #34
Quote from: niclas on November 14, 2024, 10:42:46 PM
Thanks for Your Help!!!

Now i understood the Problem and also have 2 Solutions for it.

I also wrote the Hetzner Support about it, lets see what they thing about it.

I will use NAT for now and then try the nd-proxy. After implementing it in production i will write a guide on Hetzner for it.

Thanks and i keep you updated on nd-proxy :)

The answer from Hetzner is: "On vSwitch its not possible to set a MAC for your Subnet, but Yyou can add up to 32 Mac Adresses (Server) to a vSwitch, so NAT is not needed. "

But if you wanna use the Features from OPNSense like Geoblocking or the FireHole Lists etc. you need it.
Print
Go Up Pages 1 2 3
User actions