Categories
News

IPV6 and THE ISP

Check out this blog post on the j2blog. Be sure and subscribe over there.

Categories
IPV6 Mikrotik Networking

Vultr, Mikrotik and IPV6

Over at my j2sw Blog I posted an article on setting up a Mikrotik CHR under a Vultr Instance. Check it out.

Categories
IPV6 Networking

Packet Pushers – IPV6 address Planning

IPv6 Buzz 011: An IPv6 Address Planning Guide

Categories
IPV6 Networking

IPV6 point-to-point subnets

Become a Patron to see this content
This content is available exclusively to members of Justin's Patreon at $1 or higher tier, or having at least $1 pledged in total.
Already a qualifying Patreon member? Refresh to access this content.
Categories
IPV6 Mikrotik Networking

Basic IPV6 Mikrotik Firewall

Below is a basic IPV6 firewall fillter for your Mikrotik CPE devices.  This is a good start for customer-facing CPE.

 


/ipv6 firewall filter

add chain=forward comment="allow forwarding established, related" connection state=established,related
add chain=forward comment="allow forward lan->wan" in-interface=lan out-interface=wan
add chain=forward comment="allow ICMPv6 forwarding" in-interface=wan protocol=icmpv6
add action=reject chain=forward comment="reject every other forwarding request" reject-with=icmp-port-unreachable
add chain=input comment="accept established, related" connection-state=established,related
add chain=input comment="allow ICMPv6" in-interface=wan protocol=icmpv6
add chain=input comment="allow DHCPv6 renew" dst-address=fc00::/6 dst-port=546 in-interface=wan protocol=udp src-address=fc00::/6
add chain=input comment="allow lan" in-interface=lan
add action=reject chain=input comment="reject everything else" reject-with=icmp-port-unreachable
Categories
Mikrotik

IPV6 Firewall rules for Mikrotik

Some basic IPV6 Firewall Rules for Mikrotik. Replace in-interface=”” with your appropriate interface.

/ipv6 firewall filter
add chain=input protocol=icmpv6
add chain=input connection-state=established,related
add chain=input dst-port=546 in-interface=ether1-wan protocol=udp src-port=547
add action=drop chain=input connection-state=invalid
add action=drop chain=input connection-state=new in-interface=ether1-wan
add chain=forward protocol=icmpv6
add chain=forward connection-state=established,related
add chain=forward connection-state=new in-interface=!ether1-wan
add action=drop chain=forward connection-state=invalid
add action=drop chain=forward connection-state=new in-interface=ether1-wan
Categories
Uncategorized

Interesting Mikrotik GUI behavior

While bringing up a BGP session for a client I kept trying to add our side of a /126.  It kept reverting to the network address.  The video shows what happens when I tried to add ::12/126 to the IPV6 addresses.

After some second-guessing and then some Facebook chatting I decided to do a terminal /ipv6 address print.  Sure enough the proper IP shows up.  Must be a GUI bug.

Categories
Networking xISP

Netflix, IPv6, and queing

While trying to get my Playstation to download the latest “No Man’s Sky” download quicker I figured I would share a little torch action.  This is showing my wife’s Ipad talking to Netflix while she is watching a streaming TV show. Keep in mind this is just an Ipad, not some 4k TV.

Some things to note as you watch this (no sound).

1.Uncapped the connection bursts to 50-60+ megs.
2.The slower your que the connection the more time it spends downloading data.  At slower ques the bursts last longer.
3.If you are handing out IPv6 to customers you should be queing them as well.

Just something to quick and dirty to keep in mind.

Categories
Uncategorized

Arin announces new fee schedule

https://www.arin.net/fees/2016_fee_schedule.html

Service Categories and Fees
Service Category Fee IPv4 Block Size IPv6 Block Size
3X-Small * $250 /24 or smaller /40 or smaller
2X-Small $500 Larger than /24,
up to and including /22
Larger than /40,
up to and including /36
X-Small $1,000 Larger than /22,
up to and including /20
Larger than /36,
up to and including /32
Small $2,000 Larger than /20,
up to and including /18
Larger than /32,
up to and including /28
Medium $4,000 Larger than /18,
up to and including /16
Larger than /28,
up to and including /24
Large $8,000 Larger than /16,
up to and including /14
Larger than /24,
up to and including /20
X-Large $16,000 Larger than /14,
up to and including /12
Larger than /20,
up to and including /16
2X-Large $32,000 Larger than /12,
up to and including /10
Larger than /16,
up to and including /12
3X-Large $64,000 Larger than /10,
up to and including /8
Larger than /12,
up to and including /8
4X-Large $128,000 Larger than /8,
up to and including /6
Larger than /8,
up to and including /4
5X-Large $256,000 Larger than /6 Larger than /4

 

Categories
Networking

Mac GeekLet for Network Info

As a network person running a Mac I find it hand to know what IP my various connections have, in addition to some other info.  In order to do this, I use a program called Geektool . Once you have GeekTool up and going you can add the following code into a new Geeklet.

!/bin/bash
varSSID1=`system_profiler SPAirPortDataType | grep -A 2 -e "Current Network Information:" | tr '\n' ' ' | tr ':' ' ' | awk '{print $4}'`
varCHAN1=`system_profiler SPAirPortDataType | grep -e "Channel: " | awk '{print $2}'`
varEXTERNAL1=`curl --connect-timeout 5 -s http://checkip.dyndns.org/ | grep "Current IP Address" | awk '{print $6}' | cut -f 1 -d "<"`
varEXTERNALv6=`curl --connect-timeout 5 -s http://checkipv6.dyndns.org/ | grep "Current IP Address" | awk '{print $6}' | cut -f 1 -d "<"`
varWIRED1=`ifconfig en0 | grep "inet " | grep -v 127.0.0.1 | awk '{print $2}'`
varWIREDv6=`ifconfig en0 | grep "inet6 " | grep -v 127.0.0.1 | awk '{print $2}'`
varWIRELESS1=`ifconfig en1 | grep "inet " | grep -v 127.0.0.1 | awk '{print $2}'`
varWIRELESSv6=`ifconfig en1 | grep "inet6 " | grep -v 127.0.0.1 | awk '{print $2}'`
varSSL1=`ifconfig jnc0 | grep "inet " | grep -v 127.0.0.1 | awk '{print $2}'`

if [ “$varEXTERNAL1” != “” ]
then
echo “External : $varEXTERNAL1”
else
echo “External : INACTIVE”
fi

if [ “$varEXTERNALv6” != “” ]
then
echo “External : $varEXTERNALv6”
else
echo “External : INACTIVE”
fi

if [ “$varWIRED1” != “” ]
then
echo “Wired : $varWIRED1”
else
echo “Wired : INACTIVE”
fi

if [ “$varWIREDv6” != “” ]
then
echo “WiredV6 : $varWIREDv6”
else
echo “WiredV6 : INACTIVE”
fi

if [ “$varWIRELESS1” != “” ]
then
echo “AirPort : $varWIRELESS1 SSID: $varSSID1”
else
echo “Airport : INACTIVE”
fi

if [ “$varWIRELESSv6” != “” ]
then
echo “AirPortV6 : $varWIRELESSv6”
else
echo “AirportV6 : INACTIVE”
fi

geektool

As you can see in the above screenshot it displays IP addresses (both IPv4 IPv6),external IP, and the Wireless SSID.