Author: Keith Williams Date: To: BitFolk Users Subject: Re: [bitfolk] How to set up 2 default routes for IPv6 on Debian
automatically on boot to give a fall back
Of course I have just realised, my head has been so tied up with thoughts
of IPv6 I have forgotten, that turning off autoconfig via ra would not
affect the LAN communications etc on IPv4. But still would like to solve
this
On Thu, 4 Jul 2019 at 18:53, Keith Williams <keithwilliamsnp@???>
wrote:
> Sorry long long post. tl;dr 2 default IPv6 routes different metrics set up
> persistent on Debian.
>
> I need a bit of advice concerning routing IPv6.
> Here is the problem. I do quite a bit of travelling around and a lot of it
> in SE Asia. I frequently find my self where the relevant ISP does not
> provide IPv6 connectivity. Even here at home my connection will
> occasionally change my address or I have to reboot the router and get a
> different one. I do things over the net for which I want IPv6, but also for
> DNS I need a stable fixed address.
> So I have an additional /56 subnet allocated to my VPS. Over the years I
> have tinkered with different VPN solutions to push these addresses down to
> my home network. I have found a different solution which not only was easy
> to set up, but works a dream except for one tiny issue.
> The /56 has been added to eth0 of my VPS. I am running wireguard and have
> it set up interface wg0 to which I route a /60 subnet. <bitfolk
> prefix>:e10::/60. Packets hitting this are encrypted with the server key
> and then encapsulated in IPv4 UDP packets and sent to the wg0 interface on
> my home machine, decrypted and if meeting criteria move through firewall
> etc. Sending out it is the same in reverse, encryption being via the
> client keypair. The client wg0 has subnet <bitfolk prefix>:e10::2/64, the
> server only accepting packets from this range and properly encrypted.
> Now here comes the problem. It is the default route issue. All that I read
> says that you cannot have 2 default routes in the same table. I have looked
> at a variety of solutions but find none except the one everyone seems to
> say is impossible but which works. I set the route
> *ip -6 route add ::0/0 dev wg0 metric 512. *
> Note the metric 512. The autoconfigured one has a metric of 1024. which
> gives me
>
>
> *ip -6 routedefault dev wg0 metric 512 pref mediumdefault via
> fe80::42c7:29ff:fe26:78c9 dev enp3s0 proto ra metric 1024 expires 265sec
> mtu 1488 hoplimit 64 pref medium*
>
> When I have finished fiddling and checking I will change the wg0 route to
> metric 2000 so that traffic will normally go through the main interface and
> when that has no IPv6 connectivity or is playing up, the wg0 route will be
> selected, (I hope).
> My 2 laptops, and Raspberry Pi will then be set up with their own wg1 etc
> interfaces and will then have their own /64 subnets.
> But when I try to get the route established automatically through the
> wireguard conf files or through PostUp I get the message can't do it as
> there is already an autoconfigured default. So I am stuck, at the moment
> with adding manually after every boot/reboot. Any suggestions please?
> VPS running Debian Stretch This box at home running Debian Buster.
> The only answer I can think of at the mo is turn off autoconfig, but then
> I lose this fallback mechanism and add difficulties with communicating with
> mobile phone/router etc. Or I guess I could forget the fancy fall back idea
> and just go through VPS but that could add a long delay when doing ordinary
> surfing. IPv4 of course just goes out through the normal interface
>
