Configurando IPV6 com a Copel Telecom no PFSense

Se você utiliza os serviços da Copel Telecom e precisa/prefere de mais funcionalidades do que o roteador oferecido por eles, deve ter se deparado com um problema grande, a falta de conexões entrantes no IPv4 e a impossibilidade de se configurar o PFSense para distribuir IPs por IPv6.
Usando alguns tutoriais encontrados na internet você logo descobre que as configurações que parecem funcionar em outros provedores não funciona para Copel Telecom, alguns exemplos citados abaixo:

 

Avisos:

Vamos começar com uma lista de limitações do método proposto:
1) Continua sendo impossível conexões entrantes por IPv4, isso se da devido ao uso de CGNAT por parte dos provedores, isto não eh um problema limitado a Copel Telecom. O link do ipv6br eh um bom lugar para se iniciar as leituras sobre o IPv6.
 
2) Os prefixos distribuídos são dinâmicos e mudam a cada dois dias aproximadamente.
 
3) Como os prefixos são dinâmicos não eh possível fazer balanceamento de conexões caso você tenha mais de um link IPv6 disponível.
 
4) O método descrito não eh oficialmente suportado pela Copel Telecom, ou seja em caso de problemas na conexão vai ser necessário fazer um reset no modem antes de ligar para o suporte.
 
5) Essa configuração provavelmente não eh compatível caso você use os serviços de telefonia deles.
 
Continue reading “Configurando IPV6 com a Copel Telecom no PFSense”

nvidia-kernel-dkms debian buster kernel 5.3

If you use the 5.3 kernel with a Debian Buster install ( ie: Proxmox 6.1 ) you will find that the kernel module for the nvidia driver version 418.X fails to build.
Fortunately it’s an easy fix.
First you need to create a file in your sources.list.d directory:


echo 'deb http://deb.debian.org/debian buster-backports main non-free contrib
deb-src http://deb.debian.org/debian buster-backports main contrib non-free
' > /etc/apt/sources.list.d/buster-backports.list 

 
Continue reading “nvidia-kernel-dkms debian buster kernel 5.3”

Custom Proxmox Instalation as a Workstation

If you read my other article in this topic Here for Proxmox 5.0 or Here for Proxmox 6.0 after following all the steps you have a fully functional proxmox server installation.
 
But you might be wondering “Can I use proxmox in my workstation?”.

The answer is “Sure you can, but you might want/need to follow a few extra steps,make sure you install the pve-headers, or else you’ll have problems with packages that need the linux kernel headers.
Continue reading “Custom Proxmox Instalation as a Workstation”

Installing ARM64 Debian 10 ( Buster ) in a virtual Machine

If you run Proxmox VE > 5.3 and want to test an ARM64 virtual machine, it’s kind of easy.
drop by the Debian Buster iso download site,
 
I’ll be using the debian-10.3.0-arm64-netinst.iso, the same process might work with Debian 9 but I didn’t tested it.

If you just want the working configuration click here
 
With that out of the way let’s explain the needed steps to get a vm up and running.
First create a generic machine with the following configuration, remember to check the “Advanced” box.
keep note the ID of the machine, you will need it to edit the configuration file.
Continue reading “Installing ARM64 Debian 10 ( Buster ) in a virtual Machine”

Install PFSense on a Digital Ocean Droplet

This article is a rewrite of the following Original and Updated Version only with a few thoughts and observations added.

The technique described here may or may not work on other cloud/vps providers, it is imperative that you have some kind of console access so you can follow the pfsense installation steps.

Start by logging in your Digital Ocean Dashboard then create a new droplet, it actually doesn’t matter the size of the droplet but it ideally it you should enable the following options:
1) Select FreeBSD 11.X, the exact version probably doesn’t matter 11.x or 12.x are fine
2) Enable “Private Networking”, it will be nicer in the long term when you setup a VPN then you’ll be able to access your DigitalOcean VMs like a big LAN.
3) Enable “IPv6”, because ipv6 its the future, better start adapting now rather than later.
Continue reading “Install PFSense on a Digital Ocean Droplet”

Shell Script to get the network list by domain name

If you followed my guide HERE and HERE you might be wondering if there is no easier/more automated way of doing it, and in fact there is a simple script that you could build.


#!/bin/bash
if [ "$#" -eq 0 ]; then
  echo "Usage: ./${0}  [v4|v6]"
  exit 1
fi

FILTER="route"
if [ "$#" -eq 2 ]; then
  if [ "$2" == "v4" ]
  then
     FILTER="route:"
  fi
  if [ "$2" == "v6" ]
     then
         FILTER="route6:"
  fi
fi

WHOISSERVER="whois.radb.net"
IPN=$(dig +short $1 | head -1)
ASN=$( whois -h ${WHOISSERVER} ${IPN} | grep -i origin | tr -s " " | cut -d " " -f2)
for i in $ASN; do
  whois -h ${WHOISSERVER} -- "-i origin ${i}" | grep ^${FILTER} | tr -s " " | cut -d " " -f2-
done

Continue reading “Shell Script to get the network list by domain name”

Get IP address Space By AS(Autonomous System) Number

Sometimes you need to get all possible address blocks of a network but most of the time there is no easy way to figure it out, looking at you Facebook and Google, but fear not sysadmin we have one handy trick up in our sleeve, by using whois with the AS number of the company we can build this kind of list.
 
We’ll use Facebook(AS32934) as an example, but it should work for any Autonomous System.


whois -h whois.radb.net -- "-i origin AS32934" | grep ^route | tr -s " " | cut -d " " -f2-

Continue reading “Get IP address Space By AS(Autonomous System) Number”

IPv4 Subnet from /8 to /30 Cheat Sheet

This is handy cheat sheet for calculating the size you will need for a subnet and to convert from CIDR to Netmask format.
The number of Avaliable Address is always the number (Total Addresses – 2 ), one address is broadcast and the other is the network address

Continue reading “IPv4 Subnet from /8 to /30 Cheat Sheet”

CIDR Total Addresses Netmask
/30 4 255.255.255.252
/29 8 255.255.255.248
/28 16 255.255.255.240
/27 32 255.255.255.224
/26 64 255.255.255.192
/25 128 255.255.255.128
/24 256 255.255.255.0

Centos 7 with IPV6 at Server4You

As of 2019-10-01, the hosting company server4you.com doesn’t support IPv6, but if you want to test IPv6 or support your IPv6 capable clients there are still a few tricks you can try.
A good way is to use a broker to create a 6in4 tunnel with your IPv4 to the IPv6 enabled internet.

***** Disclaimer *****
 
This guide DOES NOT WORK if you are using their offerings of the vServer family because it’s powered by OpenVZ, but it will work perfectly with the VDS family powered by KVM or with their dedicated servers.
This is NOT a “true” IPv6 solution as you will use a tunnel broker to make a 6in4 tunnel, but it gets the job done for most workloads.
 
***** End Of Disclaimer *****
 
Continue reading “Centos 7 with IPV6 at Server4You”