|
|
|
|
@ -101,26 +101,13 @@ So, the router must align with that and avoid them altogether: `/int wifi set [.
|
|
|
|
|
* Wait for ARP cache expiry!
|
|
|
|
|
* Swicth other WiFi to trunk/VLAN
|
|
|
|
|
* Ether ports config _will break connectivity_ (bridge membership and VLAN setting -- must disable default bridge membership)
|
|
|
|
|
* Proxy ARP
|
|
|
|
|
* Proxy ARP (make sure to include dummy routes to mark the target virtual addresses as reachable)
|
|
|
|
|
* Firewall rule: allow management traffic from WAN side
|
|
|
|
|
* dst-nat on Freebox network
|
|
|
|
|
* authoritative nameservers to authoritative container
|
|
|
|
|
* recursive resolver to resolver container
|
|
|
|
|
* IPv6
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
No longer needed:
|
|
|
|
|
|
|
|
|
|
Dummy routes for proxy ARP
|
|
|
|
|
```
|
|
|
|
|
add comment="dummy route to enable selective proxy ARP (DNS resolver)" \
|
|
|
|
|
distance=1 dst-address=192.168.0.53/32 gateway=fixed-containers
|
|
|
|
|
add comment=\
|
|
|
|
|
"dummy route to enable selective proxy ARP (authoritative name server)" \
|
|
|
|
|
distance=1 dst-address=192.168.0.99/32 gateway=fixed-containers
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
### Other configurations to update
|
|
|
|
|
|
|
|
|
|
* FreeBOX: Nothing to update, IPv6 uses role address fe80::7 and IPv4 role addresses 192.168.0.53 and .99
|
|
|
|
|
|
Thomas Quinot
2 months ago