aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTrygve Laugstøl <trygvis@inamo.no>2025-04-27 11:36:39 +0200
committerTrygve Laugstøl <trygvis@inamo.no>2025-06-01 20:37:28 +0200
commit132ff3476b8131bfecff6d63c2014dd559e823c9 (patch)
treee175449fa2df80b95782cb6a2e8274a7648a173a
parent90e9fe9041e24a9f47167f4142312ece25d85787 (diff)
downloadinfra-132ff3476b8131bfecff6d63c2014dd559e823c9.tar.gz
infra-132ff3476b8131bfecff6d63c2014dd559e823c9.tar.bz2
infra-132ff3476b8131bfecff6d63c2014dd559e823c9.tar.xz
infra-132ff3476b8131bfecff6d63c2014dd559e823c9.zip
kv42ix: Removing tunnels, edgeos is too limited
Diffstat
-rw-r--r--config/kv24ix.txt25
1 files changed, 2 insertions, 23 deletions
diff --git a/config/kv24ix.txt b/config/kv24ix.txt
index 8814c23..a29716b 100644
--- a/config/kv24ix.txt
+++ b/config/kv24ix.txt
@@ -1,13 +1,5 @@
set firewall all-ping enable
set firewall broadcast-ping disable
-set firewall ipv6-modify PBR rule 20 action modify
-set firewall ipv6-modify PBR rule 20 description he.net
-set firewall ipv6-modify PBR rule 20 modify table 10
-set firewall ipv6-modify PBR rule 20 source address '2001:470:28:791::/64'
-set firewall ipv6-modify PBR rule 30 action modify
-set firewall ipv6-modify PBR rule 30 description route64.org
-set firewall ipv6-modify PBR rule 30 modify table 11
-set firewall ipv6-modify PBR rule 30 source address '2a11:6c7:1201:1601::1/64'
set firewall ipv6-name WANv6_IN default-action drop
set firewall ipv6-name WANv6_IN description 'WAN inbound traffic forwarded to LAN'
set firewall ipv6-name WANv6_IN enable-default-log
@@ -95,10 +87,9 @@ set interfaces ethernet eth4 poe output off
set interfaces ethernet eth4 speed auto
set interfaces loopback lo
set interfaces switch switch0 address 192.168.10.1/24
-set interfaces switch switch0 address '2001:470:28:791::1/64'
-set interfaces switch switch0 address '2a11:6c7:1201:1601::1/64'
set interfaces switch switch0 description Local
-set interfaces switch switch0 firewall in ipv6-modify PBR
+set interfaces switch switch0 firewall in
+set interfaces switch switch0 ipv6 address
set interfaces switch switch0 ipv6 dup-addr-detect-transmits 1
set interfaces switch switch0 mtu 1500
set interfaces switch switch0 switch-port interface eth1
@@ -106,14 +97,6 @@ set interfaces switch switch0 switch-port interface eth2
set interfaces switch switch0 switch-port interface eth3
set interfaces switch switch0 switch-port interface eth4
set interfaces switch switch0 switch-port vlan-aware disable
-set interfaces tunnel tun0 address '2001:470:27:791::2/64'
-set interfaces tunnel tun0 description 'HE.NET IPv6 Tunnel'
-set interfaces tunnel tun0 encapsulation sit
-set interfaces tunnel tun0 ipv6 dup-addr-detect-transmits 1
-set interfaces tunnel tun0 local-ip 81.166.205.176
-set interfaces tunnel tun0 multicast disable
-set interfaces tunnel tun0 remote-ip 216.66.80.90
-set interfaces tunnel tun0 ttl 255
set interfaces wireguard wg0 address 'fdf3:aad9:a885:0b3a::16/64'
set interfaces wireguard wg0 mtu 1420
set interfaces wireguard wg0 peer cuUgTdFH1UEXpUH6V1nashdH7K/L+pl6dmJCpBWN+Xw= allowed-ips '::0/0'
@@ -150,10 +133,6 @@ set protocols bgp 4242423538 neighbor 'fe80:fef1:78a:5b64:efd3:ae7b:d286:d7ce' n
set protocols bgp 4242423538 neighbor 'fe80:fef1:78a:5b64:efd3:ae7b:d286:d7ce' password trygvis
set protocols bgp 4242423538 neighbor 'fe80:fef1:78a:5b64:efd3:ae7b:d286:d7ce' remote-as 4242423538
set protocols bgp 4242423538 parameters
-set protocols static table 10 description he.net
-set protocols static table 10 interface-route6 '::/0' next-hop-interface tun0
-set protocols static table 11 description route64.org
-set protocols static table 11 interface-route6 '::/0' next-hop-interface wg2
set service dhcp-server disabled false
set service dhcp-server hostfile-update disable
set service dhcp-server shared-network-name LAN authoritative enable
generated by cgit v1.2.3 (git 2.46.0) at 2025-06-06 05:29:48 +0000