Übersetzungen dieser Seite:

TCP/IPv6 thru ssh tunnel

on the client box my sshd_config is:

| Host *
|   Tunnel yes

and on the remote box my sshd_config is:

| Protocol 2
| PermitRootLogin without-password
| X11Forwarding no
| PermitTunnel yes
| Subsystem        sftp        /usr/libexec/sftp-server


sudo ssh  -w 0:0 root@

On the server:

server# ip link set tun0 up
server# ip addr add fec0:1::1/112 dev tun0

On the client:

client# ip link set tun0 up
client# ip addr add fec0:1::2/112 dev tun0

This is enough so that you can ping the other side through the tunnel, if there is no firewall rule blocking. The next step is to set routes over the tunnel (don't forget net.ipv6.conf.default.forwarding=1), and then adjust the link MTU to get optimal performance.

server# sysctl net.ipv6.conf.all.forwarding=1
client# ip -6 route add default via fec0:1::1

This will allow your client to ping other networks that the server has access to, given that the targets have routes back to your remote client.

de/tcp_ipv6_thru_ssh_tunnel.txt · Zuletzt geändert: 2013/07/18 17:09 von wikisysop