Untitled

#!/bin/bash
# Make sure the following package is installed:
# apt install wide-dhcp6c-client

# IFACE is our public facing ethernet interface.
EXT=enp7s1
INT=bond0
FORWARD=1
IPV6SUFFIX=::1

doit() {
# Fulfill my prerequisites
if [ ! $(which dhcp6c) ]; then apt install wide-dhcpv6-client; fi

# Completely reset IPV6
if [ "$1" = "reset" ]; then
 dhcp6c_conf
 echo "[IPV6]: Fully resetting IPv6."
 ip -6 addr flush dev $EXT
 if [ "$FORWARD" = "0" ]; then
  ip -6 addr flush dev $INT
 fi
 sysctl -qw net.ipv6.conf.all.disable_ipv6=1
 sysctl -qw net.ipv6.conf.all.disable_ipv6=0
 sleep 2
fi

# Kill off DHCPv6 so we can refresh our lease.
echo -n "[IPV6]: Killing DHCPv6"
killall -9 dhcp6c
while true; do
 echo -n .
 sleep 1
 if [ "$(pgrep -f dhcp6c)" == "" ]; then echo ""; break; fi
done
dhcp6c $EXT
sleep 1

# Accept router advertisements on the proper interface
# and configure ip forwarding
sysctl -qw net.ipv6.conf.all.forwarding=$FORWARD
sysctl -qw net.ipv6.conf.default.forwarding=$FORWARD
sysctl -qw net.ipv6.conf.$EXT.forwarding=0

sysctl -qw net.ipv6.conf.all.accept_ra=0
sysctl -qw net.ipv6.conf.default.accept_ra=0
sysctl -qw net.ipv6.conf.$EXT.accept_ra=2

# Get a lease for our external interface
echo -n "[IPV6]: Waiting for lease"
while true; do
 echo -n .
 IPV6PREFIX=`ip -6 addr show $INT | grep "scope global" | cut -d' ' -f6 | cut -d: -f1-4`
 if [ "$IPV6PREFIX" != "" ]; then echo ""; break; fi
 sleep 1
done

# Depreciate Comcast unicast global address immediately
echo -n "[IPV6]: Depreciating Unicast address: "
sleep 1
OLDADDR=`ip -6 addr show $EXT | grep "2001.*scope global" | cut -d' ' -f6`
if [ "$OLDADDR" != "" ]; then
 ip -6 addr change $OLDADDR dev $EXT preferred_lft 0
fi
echo $OLDADDR

echo -n $IPV6PREFIX > /etc/ipv6-network
echo "[IPV6]: IPv6 prefix detected: $IPV6PREFIX"

ip -6 addr replace ${IPV6PREFIX}${IPV6SUFFIX} dev $EXT home
echo "[IPV6]: IPV6 address added to external interface $EXT: ${IPV6PREFIX}${IPV6SUFFIX}"

# Turn off receiving more router advertisements and make our current route semi-permanent.
echo -n "[IPV6]: Waiting for route"
while true; do
 echo -n :
 IPV6ROUTER=`ip -6 route | grep default | cut -d' ' -f3`
 if [ "$IPV6ROUTER" != "" ]; then break; fi
 sleep 1
done
ip -6 route replace default via $IPV6ROUTER dev $EXT
echo " $IPV6ROUTER"

# Stop accepting router announcements
sysctl -qw net.ipv6.conf.$EXT.accept_ra=0

# If we're routing, restart radvd for any new prefix updates.
if [ "$FORWARD" = "1" ]; then
 radvd_conf
 echo -n "[IPV6]: "
 /etc/init.d/radvd restart
fi
}

# HELPERS
# This sets up wide-dhcp6c whenever the script requests a reset.
dhcp6c_conf() {
cat <<EOF >/etc/wide-dhcpv6/dhcp6c.conf
profile default
{
  information-only;
  request domain-name-servers;
  request domain-name;
  script "/etc/wide-dhcpv6/dhcp6c-script";
};
EOF
echo "interface $EXT {" >> /etc/wide-dhcpv6/dhcp6c.conf
cat <<EOF >>/etc/wide-dhcpv6/dhcp6c.conf
    send rapid-commit;
    send ia-na 0;
    send ia-pd 0;
};
id-assoc na 0 { };
id-assoc pd 0 {
    prefix ::/60 infinity;
    # Internal interface (LAN)
EOF
echo "    prefix-interface $INT {" >> /etc/wide-dhcpv6/dhcp6c.conf
cat <<EOF >>/etc/wide-dhcpv6/dhcp6c.conf
        sla-len 4;
        sla-id 0;
        ifid 1;
    };
};
# Yerf
EOF
}

# This sets up radvd.conf for routers.
radvd_conf() {
echo "interface $INT {" > /etc/radvd.conf
cat <<EOF >>/etc/radvd.conf
 AdvSourceLLAddress off;
 AdvSendAdvert on;
 prefix ::/64 {
  AdvOnLink on;
  AdvAutonomous on;
 };
};
# Yerf
EOF
}

doit $*