惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

酷 壳 – CoolShell
酷 壳 – CoolShell
T
Threatpost
Latest news
Latest news
N
News | PayPal Newsroom
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Help Net Security
Help Net Security
D
Darknet – Hacking Tools, Hacker News & Cyber Security
AI
AI
Simon Willison's Weblog
Simon Willison's Weblog
TaoSecurity Blog
TaoSecurity Blog
The Last Watchdog
The Last Watchdog
L
LINUX DO - 热门话题
Google DeepMind News
Google DeepMind News
T
Threat Research - Cisco Blogs
O
OpenAI News
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
T
The Exploit Database - CXSecurity.com
NISL@THU
NISL@THU
Application and Cybersecurity Blog
Application and Cybersecurity Blog
S
Securelist
小众软件
小众软件
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Martin Fowler
Martin Fowler
S
SegmentFault 最新的问题
Cisco Talos Blog
Cisco Talos Blog
云风的 BLOG
云风的 BLOG
AWS News Blog
AWS News Blog
GbyAI
GbyAI
N
News and Events Feed by Topic
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
美团技术团队
Engineering at Meta
Engineering at Meta
A
About on SuperTechFans
博客园 - 三生石上(FineUI控件)
S
Schneier on Security
博客园 - 聂微东
V2EX - 技术
V2EX - 技术
T
Troy Hunt's Blog
SecWiki News
SecWiki News
S
Secure Thoughts
B
Blog RSS Feed
Hugging Face - Blog
Hugging Face - Blog
WordPress大学
WordPress大学
腾讯CDC
H
Heimdal Security Blog
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
Apple Machine Learning Research
Apple Machine Learning Research
月光博客
月光博客
www.infosecurity-magazine.com
www.infosecurity-magazine.com
P
Privacy International News Feed

UBNT

unifi 在线设备 - V2EX 请问各位大佬, UBNT 的 UDR7 到底有没有国行版本? - V2EX Cloud Gateway Max 国行什么时候上,大家有消息吗 - V2EX UniFi 新出的 2.5G 小交换机 - V2EX UniFi Express 的性能咋样? - V2EX Unifi WAN2 做 Surge 主路由问题 - V2EX UDMSE Internet 设置成 PPPoE 部分网络不能访问 - V2EX unifi UDM SE 不间断电源适配 UniFi Cloud Gateway Ultra 上市,小尺寸网关路由器,集成 Controller UniFi U7 Pro 上市 UniFi6 In-Wall 上市,国行售价¥1599 UniFi 出品的各种 Router 的性能对比(2022 年初) Dream Machine SE 结束 Early Access 正式发售 ubnt 购买求助 - V2EX Ubiquiti 终于推出 Access Point WiFi 6 Pro - V2EX UDM 二代来啦,但他不叫 UDM,叫 UDR - V2EX 现在闲鱼卖 AmpliFi Alien 挂多少钱合适? 求 UBNT UniFi 购买渠道? - V2EX AmpliFi Alien 美区,有限货源,现在 - V2EX 不懂 AmpliFi 套装的设计逻辑,硬编码,互相锁定,其中一个不能和其他设备组网 - V2EX 今天把家里的 UCK 从 1 代升级到 UCK Gen 2 Plus 的过程 - V2EX 买 UBNT 股票 UniFi 出了一款 6 口的小型 10G 交换机 UniFi Switch 6 XG PoE UniFi 出了一款整合了 UCK/USG/USW/UAC 的产品 UniFi Dream Machine - V2EX 关于 USG 设置 IPv6 后 CPU 高负载或无法获得 IPv6 这个链接也许对你有用 - V2EX 刚刚开了 IPS 然后收到木马提示 UniFi Fast Roaming 是指 AP 支持 802.11r 就可以么 UniFi Dream Machine 应该还会有一个黑色带显示屏的版本 闲置 ubnt 24 口交换机+usg 网关+cloud key 有人要吗? 这个好, 四合一, 才 300 美元 UAP 如何换 Controller? - V2EX 给 unifi USG 和 Switch 用的散热配件有什么推荐吗 - V2EX AmpliFi 推出了一款 Gamer's Edition 最近研究了一下 Ubiquiti 的 airMAX 系列 - V2EX 家用有线/无线的布局方案 EdgeRouter_ER-X 配合 UniFi_AP-AC-Lite 是不是纯 UBNT 最经济方案? - V2EX 请各位帮忙看看这个别墅 WiFi 方案,准备做 UBNT 全家桶。 - V2EX UniFi Cloud Key 推出了一个带硬盘和显示屏的第 2 代产品 UBNT 的 In-Wall HD 现在可以选多种不同的表面材质了 amplifi 现在还有没有团购活动? - V2EX 关于 UniFi DPI 的一个疑问 上海中心——UBNT 企业网络设备 进驻中国之巅 UniFi 的 WPA2 安全问题修复固件已经发布 - V2EX UBNT TPROXY 支持能力 - V2EX 请问你的 AmpliFi 主机和扩展器的网速能跑到多少? AmpliFi HD 的 Mesh Point 现在也可以用于任何无线路由器的信号扩展 - V2EX UBNT 高端无线路由器 AmpliFi 团购活动——V2EX 网友专享! - V2EX ubnt EdgeOS 下如何固化 iptables 规则,每次开机都生效。 - V2EX 家里 130 平方平层,两个 UBNT Unifi AP-AC-Lite 够覆盖了吗? - V2EX
Edge OS 开启 IPv6
luchengdst · 2022-02-19 · via UBNT

假设 WAN 口在 eth0 ,运营商给的前缀长度是 60 ,可以配成 DHCPv6-stateless ,记得把防火墙规则给写了:

```

configure
# Configure the PPPoE for IPv6(eth0):
set interfaces ethernet eth0 pppoe 0 ipv6 enable
set interfaces ethernet eth0 pppoe 0 ipv6 address autoconf
set interfaces ethernet eth0 pppoe 0 ipv6 dup-addr-detect-transmits 1
set interfaces ethernet eth0 pppoe 0 dhcpv6-pd pd 0 prefix-length /60
set interfaces ethernet eth0 pppoe 0 dhcpv6-pd rapid-commit enable
set interfaces ethernet eth0 pppoe 0 dhcpv6-pd prefix-only

# Enable IPv6 DHCPv6-stateless on the LAN(switch0):
set interfaces ethernet eth0 pppoe 0 dhcpv6-pd pd 0 interface switch0 host-address ::1
set interfaces ethernet eth0 pppoe 0 dhcpv6-pd pd 0 interface switch0 prefix-id :0
set interfaces ethernet eth0 pppoe 0 dhcpv6-pd pd 0 interface switch0 service dhcpv6-stateless

# Enable IPv6 on switch0:
set interfaces switch switch0 ipv6 dup-addr-detect-transmits 1
set interfaces switch switch0 ipv6 router-advert cur-hop-limit 64
set interfaces switch switch0 ipv6 router-advert link-mtu 0
set interfaces switch switch0 ipv6 router-advert managed-flag false
set interfaces switch switch0 ipv6 router-advert max-interval 600
set interfaces switch switch0 ipv6 router-advert other-config-flag false
set interfaces switch switch0 ipv6 router-advert prefix '::/64' autonomous-flag true
set interfaces switch switch0 ipv6 router-advert prefix '::/64' on-link-flag true
set interfaces switch switch0 ipv6 router-advert prefix '::/64' valid-lifetime 259200
set interfaces switch switch0 ipv6 router-advert reachable-time 0
set interfaces switch switch0 ipv6 router-advert retrans-timer 0
set interfaces switch switch0 ipv6 router-advert send-advert true

# create a policy for WAN->Router:
set firewall ipv6-name WANv6_LOCAL default-action drop
set firewall ipv6-name WANv6_LOCAL description 'Local network traffic'
set firewall ipv6-name WANv6_LOCAL enable-default-log
set firewall ipv6-name WANv6_LOCAL rule 10 action accept
set firewall ipv6-name WANv6_LOCAL rule 10 description 'Allow established/related sessions'
set firewall ipv6-name WANv6_LOCAL rule 10 state established enable
set firewall ipv6-name WANv6_LOCAL rule 10 state related enable
set firewall ipv6-name WANv6_LOCAL rule 20 action drop
set firewall ipv6-name WANv6_LOCAL rule 20 description 'Drop invalid state'
set firewall ipv6-name WANv6_LOCAL rule 20 state invalid enable
set firewall ipv6-name WANv6_LOCAL rule 30 action accept
set firewall ipv6-name WANv6_LOCAL rule 30 description 'Allow IPv6 icmp'
set firewall ipv6-name WANv6_LOCAL rule 30 protocol icmpv6
set firewall ipv6-name WANv6_LOCAL rule 40 action accept
set firewall ipv6-name WANv6_LOCAL rule 40 description 'allow dhcpv6'
set firewall ipv6-name WANv6_LOCAL rule 40 destination port 546
set firewall ipv6-name WANv6_LOCAL rule 40 protocol udp
set firewall ipv6-name WANv6_LOCAL rule 40 source port 547

# create a policy for WAN->LAN Clients:
set firewall ipv6-name WANv6_IN default-action drop
set firewall ipv6-name WANv6_IN description 'WAN inbound traffic to the router'
set firewall ipv6-name WANv6_IN enable-default-log
set firewall ipv6-name WANv6_IN rule 10 action accept
set firewall ipv6-name WANv6_IN rule 10 description 'Allow established/related sessions'
set firewall ipv6-name WANv6_IN rule 10 state established enable
set firewall ipv6-name WANv6_IN rule 10 state related enable
set firewall ipv6-name WANv6_IN rule 20 action drop
set firewall ipv6-name WANv6_IN rule 20 description 'Drop invalid state'
set firewall ipv6-name WANv6_IN rule 20 state invalid enable
set firewall ipv6-name WANv6_IN rule 30 action accept
set firewall ipv6-name WANv6_IN rule 30 description 'Allow IPv6 icmp'
set firewall ipv6-name WANv6_IN rule 30 protocol icmpv6
set firewall ipv6-name WANv6_IN rule 40 action accept
set firewall ipv6-name WANv6_IN rule 40 description 'allow dhcpv6'
set firewall ipv6-name WANv6_IN rule 40 destination port 546
set firewall ipv6-name WANv6_IN rule 40 protocol udp
set firewall ipv6-name WANv6_IN rule 40 source port 547
set firewall ipv6-receive-redirects disable
set firewall ipv6-src-route disable
set interfaces ethernet eth0 pppoe 0 firewall in ipv6-name WANv6_IN
set interfaces ethernet eth0 pppoe 0 firewall local ipv6-name WANv6_LOCAL

commit
save
exit

```

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。