FireBrick 2700 Configuration run-through: Difference between revisions

← Older edit Newer edit →

Content deleted Content added

Inline

@@ Line 21: / Line 21: @@
 *Username= abc@a.1 Password=secret
 *Routed IP block = 192.0.2.0/28
-(Later in the page, we'll be adding an IPv6 block, and bonding with a second line)
+(Later in the page, we'll be adding an [[IPv6]] block, and [[bonding]] with a second line)
 (192.0.2.0/28 is used in this example as the 192.9.2 block is a special block reserved for documentation (RFC 5737). We will also use the v6 documentation prefixes 2001:DB8:: (RFC 3849))
@@ Line 52: / Line 52: @@
 </syntaxhighlight>
-Which sets up the 4 Ethernet ports as separate LANs, and an IP of 10.0.0.1 (and 2001:DB8::1)&nbsp;with the FireBrick acting DHCP server on the first port. So, connecting a computer to Port 1 should get you a 10.0.0.x IP address, and you can access http://10.0.0.1 . Port 1 is also a DHCP client, so it will try to get an IP from your DHCP server, if you have one. -Check your DHCP server logs for what IP is allocated.
+Which sets up the 4 [[Ethernet]] ports as separate LANs, and an IP of 10.0.0.1 (and 2001:DB8::1)&nbsp;with the FireBrick acting DHCP server on the first port. So, connecting a computer to Port 1 should get you a 10.0.0.x IP address, and you can access http://10.0.0.1 . Port 1 is also a DHCP client, so it will try to get an IP from your DHCP server, if you have one. -Check your DHCP server logs for what IP is allocated.
-Port 4 is set as an example of a PPPoE client, (ie to be plugged in to a ADSL modem/FTTC/FTTP modem etc) we'll set this up a little later.
+Port 4 is set as an example of a PPPoE client, (ie to be plugged in to a [[ADSL modem]]/FTTC/FTTP modem etc) we'll set this up a little later.
 = Configuring Initial Basic Settings  =
@@ Line 85: / Line 85: @@
 = LAN Subnet  =
-We want to use just Ethernet port 1 on the FireBrick for our LAN, we'll be connecting port 1 to a switch, and all our devices will be plugged in to that switch.
+We want to use just [[Ethernet]] port 1 on the FireBrick for our LAN, we'll be connecting port 1 to a switch, and all our devices will be plugged in to that switch.
 So, first we'll add a new subnet, this can go under the current 10.0.0.1 subnet (which we'll delete later.)&nbsp;And we'll make this a DHCP server:
@@ Line 147: / Line 147: @@
 More info on&nbsp;http://www.firebrick.co.uk/fb2700/pppoe.php
-The FireBrick 2700 supports PPPoE - so you can use it to connect via an xDSL modem, eg a:
+The [[FireBrick 2700]] supports PPPoE - so you can use it to connect via an xDSL modem, eg a:
 *A BT supplied&nbsp;FTTC/FTTP Modem
 *A standard issue AAISP ZyXEL P660-D1, in bridge mode (Go to: Wan - Wan setup, mode Bridge, Encapsulation RFC1483, Multiplex LLC)
-*Another ADSL router set for bridge mode
+*Another [[ADSL Router|ADSL router]] set for bridge mode
 *A modem such as a Draytek [[Vigor_120]] (firmware 3.2.4.3 and above)
@@ Line 160: / Line 160: @@
 <ppp port="LAN4" username="startup_user@startup_domain" password="" comment="Example PPPoE config for DSL/FTTC/FTTP/etc"/>
 </syntaxhighlight>
-This is using Ethernet port 4, so plug your modem in to that port.
+This is using [[Ethernet]] port 4, so plug your modem in to that port.
 This line can be changed for your ADSL settings, eg:
@@ Line 212: / Line 212: @@
 ==ZyXEL P660R-D1 Notes==
-(These notes will be similar for any type of ADSL router in Bridge mode, or ADSL modems.)
+(These notes will be similar for any type of [[ADSL Router|ADSL router]] in Bridge mode, or ADSL modems.)
-The P660R-D1 also supports a hybrid [http://www.zyxel.co.uk/web/support_faq_detail.php?faqID=136&pid=20040812093058 Half Bridge mode]; the PPP session is terminated on the modem but its internal NAT is disabled and the WAN IP is assigned to the firewall / router connected to its ethernet port via short DHCP lease. This configuration may suffice for some simpler setups, the advantage being the modem can be used with a PPPoA setup (e.g. Opal / Tiscali Business LLU). The modem remains accessible on its default LAN IP address.
+The P660R-D1 also supports a hybrid [http://www.zyxel.co.uk/web/support_faq_detail.php?faqID=136&pid=20040812093058 Half Bridge mode]; the PPP session is terminated on the modem but its internal NAT is disabled and the WAN IP is assigned to the firewall / router connected to its [[ethernet]] port via short DHCP lease. This configuration may suffice for some simpler setups, the advantage being the modem can be used with a PPPoA setup (e.g. Opal / Tiscali Business LLU). The modem remains accessible on its default LAN IP address.
 When setting up the ZyXEL to work with the FireBrick, set the WAN settings to be:
-===For a BT Line ( which will do PPPoA or PPPoE ):===
+===For a BT or TT Line ( which will do PPPoA or PPPoE ):===
 *Name: AAISP (But can be anything)
 *Mode: Bridge
 *Encapsulation: RFC 1483
-*Multiplexing: LLC (VC may work on 20cn, but stick with LLC)
+*Multiplexing: LLC (VC may work on BT 20cn, but stick with LLC)
 *VPI: 0
 *VCI: 38
@@ Line 290: / Line 290: @@
 = Native IPv6  =
-Assuming you have an IPv6 block allocated to your line on Clueless and you're using the FB for PPPoE, then all the FB config needs is:
+Assuming you have an [[IPv6]] block allocated to your line on Clueless and you're using the FB for PPPoE, then all the FB config needs is:
-*An IPv6 address on the LAN subnet
+*An [[IPv6]] address on the LAN subnet
 *ra="true" in the subnet
-Your computers should then get IPv6 details. test on http://ip.help.me.uk.
+Your computers should then get [[IPv6]] details. test on http://ip.help.me.uk.
-If you previously had your IPv6 allocation routed over a Protocol 41 tunnel to a tunnel end-point machine on your LAN, you now need to remove that on clueless to allow native IPv6 to the FB.  Log in to clueless and simply clear the IPv4 endpoint address, and save the changes. You then need to drop the connection to AAISP, and re-connect, for the routing change to take effect.  Also remember to shut down your LAN tunnel endpoint, so it's not still announcing routes it can't honour any more.
+If you previously had your [[IPv6]] allocation routed over a Protocol 41 tunnel to a tunnel end-point machine on your LAN, you now need to remove that on clueless to allow native [[IPv6]] to the FB.  Log in to clueless and simply clear the IPv4 endpoint address, and save the changes. You then need to drop the connection to AAISP, and re-connect, for the routing change to take effect.  Also remember to shut down your LAN tunnel endpoint, so it's not still announcing routes it can't honour any more.
-If you still need to use Tunnelled IPv6, rather than Native, see this page: *[[FireBrick 2700 v6 Tunnel]]
+If you still need to use Tunnelled [[IPv6]], rather than Native, see this page: *[[FireBrick 2700 v6 Tunnel]]
 So, our config will look like this:
 <syntaxhighlight>
 <interface name="LAN1" port="LAN1">
-<subnet ip="2001:8B0:123:1::1/64" ra="true" comment="IPv6 LAN"/>
+<subnet ip="2001:8B0:123:1::1/64" ra="true" comment="[[IPv6]] LAN"/>
 ...
 </interface>
@@ Line 321: / Line 321: @@
 <port name="WAN1" ports="4"/>
 <interface name="LAN1" port="LAN1">
-<subnet ip="2001:8B0:123:1::1/64" ra="true" comment="IPv6 LAN"/>
+<subnet ip="2001:8B0:123:1::1/64" ra="true" comment="[[IPv6]] LAN"/>
 <subnet ip="192.0.2.1/28" comment="LAN"/>
 <dhcp ip="192.0.2.2-12"/>
@@ Line 342: / Line 342: @@
 ( since release V0.02.039 )
-Setting 'ra=true' will enable auto-configuration of IPv6 addresses, and of the Default Route.
+Setting 'ra=true' will enable auto-configuration of [[IPv6]] addresses, and of the Default Route.
-You may also wish to configure IPv6 DNS servers ( DNS servers that are to be queried over IPv6 ).
+You may also wish to configure [[IPv6]] DNS servers ( DNS servers that are to be queried over [[IPv6]] ).
-There are a couple of different mechanisms available to push out IPv6 DNS servers, and the FB2700 supports both.
+There are a couple of different mechanisms available to push out [[IPv6]] DNS servers, and the FB2700 supports both.
-Be sure your DNS server actually responds on it's IPv6 address!
+Be sure your DNS server actually responds on it's [[IPv6]] address!
 The first method is to have the FB include the DNS server addresses as a new option( RDNSS ) in the Router Announcements. ( RFC6106 ).
 RFC6106 aware clients are, however, somewhat thin on the ground at the moment.
-To enable this, set the 'ra-dns' option to point to your IPv6 Recursive DNS Server.
+To enable this, set the 'ra-dns' option to point to your [[IPv6]] Recursive DNS Server.
 In this example, I'm pointing it to a DNS server on 2001:8B0:B7:1::2.
@@ Line 385: / Line 385: @@
 Note:
 It's not always clear on the win boxes whether this worked.
-On a Vista box, the command 'ipconfig /all' will show both IPv4 and IPv6 DNS servers configured.
+On a Vista box, the command 'ipconfig /all' will show both IPv4 and [[IPv6]] DNS servers configured.
 Win7 seems lame, and only reports IPv4.
-To show the IPv6 DNS servers, you need to use the command 'netsh interface ipv6 show dns'.
+To show the [[IPv6]] DNS servers, you need to use the command 'netsh interface [[IPv6|ipv6]] show dns'.
 = Next Steps, Bonding a Second Line  =
@@ Line 419: / Line 419: @@
 == Bond the PPPoE:  ==
-''Bonding on a 2700 requires the Bonding capability - found on the Fully-Loaded and Bonding variants.''
+''[[Bonding]] on a 2700 requires the [[Bonding]] capability - found on the Fully-Loaded and [[Bonding]] variants.''
 Simply setting speed=x in the ppp config will bond the PPPoE for uplink.
@@ Line 443: / Line 443: @@
 <port name="WAN1" ports="4"/>
 <interface name="LAN1" port="LAN1">
-<subnet ip="2001:8B0:123:1::1/64" ra="true" ra-other="dhcpv6" ra-dns="2001:8B0:123:1::2" comment="IPv6 LAN"/>
+<subnet ip="2001:8B0:123:1::1/64" ra="true" ra-other="dhcpv6" ra-dns="2001:8B0:123:1::2" comment="[[IPv6]] LAN"/>
 <subnet ip="192.0.2.1/28" comment="LAN"/>
 <dhcp ip="192.0.2.2-12"/>
@@ Line 463: / Line 463: @@
 = Setting up 3G Fallback =
-If you have an AA data SIM, the FireBrick can configured to use this as a backup connection, by using a 3G dongle plugged into the USB port. Any routed legacy IP blocks will continue to work across this link, but so far IPv6 isn't supported. The FireBrick is known to support the ZTE MF112 Dongle and some Huawei dongles. Others may work too.
+If you have an AA data SIM, the FireBrick can configured to use this as a backup connection, by using a 3G dongle plugged into the USB port. Any routed legacy IP blocks will continue to work across this link, but so far [[IPv6]] isn't supported. The FireBrick is known to support the ZTE MF112 Dongle and some Huawei dongles. Others may work too.
 The basic config is:
 <syntaxhighlight>
@@ Line 496: / Line 496: @@
 == Accessing the Modem  ==
-The modem, or ADSL router in bridge mode, will also have a LAN IP that you can use to get to it's config pages etc. eg, the ZyXEL P660-R will still have a LAN setting, with an IP set. For the purpose of this example, let's assume the modem is on 192.168.1.2 mask 255.255.255.0.
+The modem, or [[ADSL Router|ADSL router]] in bridge mode, will also have a LAN IP that you can use to get to it's config pages etc. eg, the ZyXEL P660-R will still have a LAN setting, with an IP set. For the purpose of this example, let's assume the modem is on 192.168.1.2 mask 255.255.255.0.
 In order to talk to the Modem from the LAN side of the FireBrick, a Subnet on the FireBrick needs to be made. This subnet would be on the WAN Interface, eg:
@@ Line 514: / Line 514: @@
 You will have configured the IP and Netmask on the 'LAN' tab. But there's no 'Gateway', so we must go to 'Advanced' -&gt; 'Static Routes' tab, and create one. Enter it as follows: IP, Mask = base address of your internal LAN; eg: 81.xx.xx.0, 255.255.255.192. The 'Gateway' address is pointing back at the FB, eg 192.168.1.1. Check the box to Activate the route, hit the 'Apply' button, and that's it done.
-Vigor 120:
+[[Vigor 120]]:
 You need to telnet in to the CLI to set the route. The commands to set a route back to 81.x.x.0 via the FB at 192.168.1.1 are: