2016-05-12 19:06:24 +00:00
|
|
|
# This file describes the network interfaces available on your system
|
|
|
|
# and how to activate them. For more information, see interfaces(5).
|
|
|
|
|
|
|
|
source /etc/network/interfaces.d/*
|
|
|
|
|
|
|
|
# The loopback network interface
|
|
|
|
auto lo
|
|
|
|
iface lo inet loopback
|
|
|
|
up ip address add 185.66.193.107/32 dev lo
|
|
|
|
|
|
|
|
iface lo inet6 loopback
|
2016-07-30 16:55:13 +00:00
|
|
|
up ip address add 2a03:2260:121:7000::107/52 dev lo
|
2016-05-12 19:06:24 +00:00
|
|
|
|
|
|
|
|
|
|
|
# The primary network interface
|
|
|
|
allow-hotplug eth0
|
2016-05-28 13:34:57 +00:00
|
|
|
iface eth0 inet static
|
2016-07-30 16:55:13 +00:00
|
|
|
address 212.129.50.141
|
2016-05-28 13:34:57 +00:00
|
|
|
netmask 255.255.255.255
|
|
|
|
gateway 163.172.210.1
|
|
|
|
pointopoint 163.172.210.1
|
2016-05-12 19:06:24 +00:00
|
|
|
post-up iptables -P OUTPUT ACCEPT
|
|
|
|
post-up iptables -A OUTPUT -o eth0 -d 10.0.0.0/8 -j DROP
|
|
|
|
post-up iptables -A OUTPUT -o eth0 -d 172.16.0.0/12 -j DROP
|
|
|
|
post-up iptables -A OUTPUT -o eth0 -d 169.254.0.0/16 -j DROP
|
|
|
|
post-up iptables -A OUTPUT -o eth0 -d 192.168.0.0/16 -j DROP
|
|
|
|
post-up iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
|
|
|
|
auto 6to4
|
2016-05-28 13:34:57 +00:00
|
|
|
iface 6to4 inet6 6to4
|
2016-07-30 16:55:13 +00:00
|
|
|
local 212.129.50.141
|
2016-05-12 19:06:24 +00:00
|
|
|
|
|
|
|
# GRE Tunnel zum Rheinland Backbone
|
|
|
|
# - Die Konfigurationsdaten werden vom Rheinland Backbone vergeben und zugewiesen
|
|
|
|
|
|
|
|
# Berlin Router A
|
|
|
|
auto gre-bb-a.ak.ber
|
|
|
|
iface gre-bb-a.ak.ber inet static
|
|
|
|
address 100.64.6.25
|
|
|
|
netmask 255.255.255.254
|
2016-07-30 16:55:13 +00:00
|
|
|
pre-up ip tunnel add $IFACE mode gre local 212.129.50.141 remote 185.66.195.0 ttl 255
|
2016-05-12 19:06:24 +00:00
|
|
|
post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.107
|
|
|
|
post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
|
|
|
|
post-up ip link set $IFACE mtu 1400
|
|
|
|
post-down iptables -t nat -D POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.107
|
|
|
|
post-down ip tunnel del $IFACE
|
|
|
|
|
|
|
|
iface gre-bb-a.ak.ber inet6 static
|
|
|
|
address 2a03:2260:0:30c::2/64
|
|
|
|
netmask 64
|
|
|
|
post-up ip6tables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
|
|
|
|
|
|
|
|
# Berlin Router B
|
|
|
|
auto gre-bb-b.ak.ber
|
|
|
|
iface gre-bb-b.ak.ber inet static
|
|
|
|
address 100.64.6.31
|
|
|
|
netmask 255.255.255.254
|
2016-07-30 16:55:13 +00:00
|
|
|
pre-up ip tunnel add $IFACE mode gre local 212.129.50.141 remote 185.66.195.1 ttl 255
|
2016-05-12 19:06:24 +00:00
|
|
|
post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.107
|
|
|
|
post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
|
|
|
|
post-up ip link set $IFACE mtu 1400
|
|
|
|
post-down iptables -t nat -D POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.107
|
|
|
|
post-down ip tunnel del $IFACE
|
|
|
|
|
|
|
|
iface gre-bb-b.ak.ber inet6 static
|
|
|
|
address 2a03:2260:0:30f::2/64
|
|
|
|
netmask 64
|
|
|
|
post-up ip6tables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
|
|
|
|
|
|
|
|
|
|
|
|
# Duesseldorf Router A
|
|
|
|
auto gre-bb-a.ix.dus
|
|
|
|
iface gre-bb-a.ix.dus inet static
|
2016-05-12 20:19:33 +00:00
|
|
|
address 100.64.6.29
|
2016-05-12 19:06:24 +00:00
|
|
|
netmask 255.255.255.254
|
2016-07-30 16:55:13 +00:00
|
|
|
pre-up ip tunnel add $IFACE mode gre local 212.129.50.141 remote 185.66.193.0 ttl 255
|
2016-05-12 19:06:24 +00:00
|
|
|
post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.107
|
|
|
|
post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
|
|
|
|
post-up ip link set $IFACE mtu 1400
|
|
|
|
post-down iptables -t nat -D POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.107
|
|
|
|
post-down ip tunnel del $IFACE
|
|
|
|
|
|
|
|
iface gre-bb-a.ix.dus inet6 static
|
|
|
|
address 2a03:2260:0:30e::2/64
|
|
|
|
netmask 64
|
|
|
|
post-up ip6tables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
|
|
|
|
|
|
|
|
|
|
|
|
# Duesseldorf Router B
|
|
|
|
auto gre-bb-b.ix.dus
|
|
|
|
iface gre-bb-b.ix.dus inet static
|
|
|
|
address 100.64.6.35
|
|
|
|
netmask 255.255.255.254
|
2016-07-30 16:55:13 +00:00
|
|
|
pre-up ip tunnel add $IFACE mode gre local 212.129.50.141 remote 185.66.193.1 ttl 255
|
2016-05-12 19:06:24 +00:00
|
|
|
post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.107
|
|
|
|
post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
|
|
|
|
post-up ip link set $IFACE mtu 1400
|
|
|
|
post-down iptables -t nat -D POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.107
|
|
|
|
post-down ip tunnel del $IFACE
|
|
|
|
|
|
|
|
iface gre-bb-b.ix.dus inet6 static
|
|
|
|
address 2a03:2260:0:311::2/64
|
|
|
|
netmask 64
|
|
|
|
post-up ip6tables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
|
|
|
|
|
|
|
|
# Frankfurt Router A
|
|
|
|
auto gre-bb-a.fra3.f
|
|
|
|
iface gre-bb-a.fra3.f inet static
|
|
|
|
address 100.64.6.27
|
|
|
|
netmask 255.255.255.254
|
2016-07-30 16:55:13 +00:00
|
|
|
pre-up ip tunnel add $IFACE mode gre local 212.129.50.141 remote 185.66.194.0 ttl 255
|
2016-05-12 19:06:24 +00:00
|
|
|
post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.107
|
|
|
|
post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
|
|
|
|
post-up ip link set $IFACE mtu 1400
|
|
|
|
post-down iptables -t nat -D POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.107
|
|
|
|
post-down ip tunnel del $IFACE
|
|
|
|
|
|
|
|
iface gre-bb-a.fra3.f inet6 static
|
|
|
|
address 2a03:2260:0:30d::2/64
|
|
|
|
netmask 64
|
|
|
|
post-up ip6tables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
|
|
|
|
|
|
|
|
|
|
|
|
# Frankfurt Router B
|
|
|
|
auto gre-bb-b.fra3.f
|
|
|
|
iface gre-bb-b.fra3.f inet static
|
|
|
|
address 100.64.6.33
|
|
|
|
netmask 255.255.255.254
|
2016-07-30 16:55:13 +00:00
|
|
|
pre-up ip tunnel add $IFACE mode gre local 212.129.50.141 remote 185.66.194.1 ttl 255
|
2016-05-12 19:06:24 +00:00
|
|
|
post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.107
|
|
|
|
post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
|
|
|
|
post-up ip link set $IFACE mtu 1400
|
|
|
|
post-down iptables -t nat -D POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.107
|
|
|
|
post-down ip tunnel del $IFACE
|
|
|
|
|
|
|
|
iface gre-bb-b.fra3.f inet6 static
|
|
|
|
address 2a03:2260:0:310::2/64
|
|
|
|
netmask 64
|
|
|
|
post-up ip6tables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
|