Showing posts with label ipv6. Show all posts
Showing posts with label ipv6. Show all posts

Wednesday, July 08, 2015

Running TFTP server on Ubuntu 14.04

# Install tftpd-hpa package
apt-get update
apt-get -y install tftpd-hpa

# Fix config file broken by default
# - use correct tftpboot directory rather than random location under /var
# - chroot to tftpboot
# - allow uploading of files but not overwriting existing
# - listen IPv4 and IPv6 instead of IPv6 only
# - enable logging
mv /etc/default/tftpd-hpa /etc/default/tftpd-hpa.old
cat <<'__EOF__' >/etc/default/tftpd-hpa
TFTP_USERNAME="tftp" 
TFTP_DIRECTORY="/tftpboot" 
TFTP_ADDRESS=":69"
TFTP_OPTIONS="--secure --create --listen --verbose"
__EOF__

# Create tftpboot directory and use proper permissions
mkdir /tftpboot
chmod -R 1770 /tftpboot 
chown -R root:tftp /tftpboot

# Restart service
service tftpd-hpa restart

P.S. There's config file bug causing tftpd to listen only IPv6 connections by default... https://bugs.launchpad.net/ubuntu/+source/tftp-hpa/+bug/1448500

Sunday, December 14, 2014

Using Sonera 6rd IPv6 with Cisco IOS router

Sonera recently started offering 6rd tunnels to their customers in Finland. Based on this Comcast example it was easy to get Sonera 6rd up with Cisco 892 running IOS 15.5(1)T.

Saturday, December 13, 2014

Prefer IPv4 over IPv6 on CentOS 6

To prefer IPv4 (A) addresses over IPv6 (AAAA) on CentOS 6 you need to add new file named /etc/gai.conf with following content. Last line is what controls if IPv4 or IPv6 should be tried first.

Wednesday, December 10, 2014

Oddities of dnsmasq when used with IPv6 resolvers

# dnsmasq --version
Dnsmasq version 2.68  Copyright (c) 2000-2013 Simon Kelley
Compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack ipset auth

# md5sum dnsmasq*
8a704b6aa977df9485b3faf940cc5e35  dnsmasq_2.68-1_all.deb
60bafb9b863671bb02595505a447270c  dnsmasq-base_2.68-1_amd64.deb

There was odd "[icmp6 sum ok] ICMP6, destination unreachable, unreachable port" going out from my server every time DNS reply was received. Turns out it was because dnsmasq IPv6 support is buggy.