Three virtual machines with Ubuntu Server 20.04 LTS in Oracle Virtual Box 6.1 were used as a test setup. It is possible to configure IPv4 and IPv6 at the same machines and at the same network interfaces. This document provides instructions how to prepare: - IPv4 only setup; - IPv4 + IPv6 setup. ======================================================================================================================== [ IPv4 only setup ] ======================================================================================================================== |----------| |----------| |----------| | | enp0s3 | | enp0s3 enp0s3 | | | H1 | enp0s8 192.168.200.10 ---- 192.168.200.1 enp0s8 | H2 | enp0s9 192.168.201.1 --- 192.168.201.10 enp0s8 | H3 | | Zabbix | | | | 192.168.200.11 enp0s9 | | |----------| | |----------| | |----------| | | |-----------------------------------------------------------------------------------------------------| Host H1 enp0s3 NAT DHCP just to connect to the Internet for package installation, etc. enp0s8 Host-only Adapter static IP 192.168.200.10/24, no gateway is needed Host H2 enp0s3 NAT DHCP just to connect to the Internet for package installation, etc. enp0s8 Host-only Adapter static IP 192.168.200.1/24, no gateway is needed enp0s9 Host-only Adapter static IP 192.168.201.1/24, no gateway is needed Host H3 enp0s3 NAT DHCP just to connect to the Internet for package installation, etc. enp0s8 Host-only Adapter static IP 192.168.201.10/24, no gateway is needed enp0s9 Host-only Adapter static IP 192.168.200.11/24, no gateway is needed Zabbix server and Zabbix frontend may be placed at H1. Note: configuration set by "ip route" and "iptables" is flushed during restart of machines. They may be added to ~/.bashrc file. --- H1 configuration --- Add routing to a non existing hosts in 192.168.202.0/24 sub-network. H1$ sudo ip route add 192.168.202.0/24 via 192.168.200.1 --- H2 configuration --- H2$ sudo iptables -t nat -A PREROUTING -d 192.168.202.0/24 -j DNAT --to-destination 192.168.201.10 H2$ sudo vi /etc/sysctl.conf uncomment net.ipv4.ip_forward=1 H2$ sudo sysctl -p --- H3 configuration --- H3$ sudo vi /etc/sysctl.conf add the following lines net.ipv4.conf.enp0s8.rp_filter = 0 net.ipv4.conf.enp0s9.rp_filter = 0 H3$ sudo sysctl -p --- Testing: --- Install fping at host H1: H1$ sudo apt install fping To get a reply to fping from the same host: H1$ fping 192.168.200.1 To get a reply to fping from another host: H1$ fping 192.168.202.10 To get NO reply to fping from any host: H1$ fping 192.168.203.10 ======================================================================================================================== [ IPv4 + IPv6 setup ] ======================================================================================================================== N.B. In IPv6, the block fe80::/10 is reserved for IP address autoconfiguration. Such automaticaly provided IPv6 addresses would be probably already assigned network interfaces. Do not touch them. The IPv6 block fd00::/8 unique local addresses described below must be configured IN ADDITION the automatically configuted block fe80::/10 instead of replacing them. |----------| |----------| |----------| | | enp0s3 IPv4 | | enp0s3 IPv4 IPv4 enp0s3 | | | | | | | | | H1 | enp0s8 IPv4 192.168.200.10 -------------------- IPv4 192.168.200.1 enp0s8 | H2 | enp0s9 IPv4 192.168.201.1 ------------------- IPv4 192.168.201.10 enp0s8 | H3 | | Zabbix | ^ IPv6 fd12:3456:789a:200::10 IPv6 fd12:3456:789a:200::1 | | IPv6 fd12:3456:789a:201::1 IPv6 fd12:3456:789a:201::10 | | | | | | | | | | | | | | IPv4 192.168.200.11 enp0s9 | | |----------| | |----------| IPv6 fd12:3456:789a:200::11 | |----------| | | |---------------------------------------------------------------------------------------------------------------------------------------------------------| ------------------------------------------------- [ Host H1] ---------------------------------------------------------- enp0s3 NAT DHCP IPv4: just to connect to the Internet for package installation, etc. enp0s8 Host-only Adapter static IPv4 192.168.200.10/24, no gateway is needed IPv6 fd12:3456:789a:200::10/64, no gateway is needed ------------------------------------------------- [ Host H2] ---------------------------------------------------------- enp0s3 NAT DHCP IPv4 just to connect to the Internet for package installation, etc. enp0s8 Host-only Adapter static IPv4 192.168.200.1/24 no gateway is needed IPv6 fd12:3456:789a:200::1/64 no gateway is needed enp0s9 Host-only Adapter static IPv4 192.168.201.1/24 no gateway is needed IPv6 fd12:3456:789a:201::1/64 no gateway is needed ------------------------------------------------- [ Host H3 ] ---------------------------------------------------------- enp0s3 NAT DHCP IPv4: just to connect to the Internet for package installation, etc. enp0s8 Host-only Adapter static IPv4 192.168.201.10/24 no gateway is needed IPv6 fd12:3456:789a:201::10/64 no gateway is needed enp0s9 Host-only Adapter static IPv4 192.168.200.11/24 no gateway is needed IPv6 fd12:3456:789a:200::11/64 no gateway is needed Zabbix server and Zabbix frontend may be placed at H1. Note: configuration set by "ip route" and "iptables" is flushed during restart of machines. They may be added to ~/.bashrc file. --- H1 configuration --- Add routing to a non existing hosts in 192.168.202.0/24 sub-network. Add IPv4 routing to a non existing hosts in 192.168.202.0/24 sub-network. H1$ sudo ip route add 192.168.202.0/24 via 192.168.200.1 Add IPv6 routing to a non existing hosts in fd12:3456:789a:202::0/64 sub-network. H1$ sudo ip -6 route add fd12:3456:789a:202::0/64 via fd12:3456:789a:200::1 --- H2 configuration --- Add entry into iptables table NAT to redirect IPv4 requests H2$ sudo iptables -t nat -A PREROUTING -d 192.168.202.0/24 -j DNAT --to-destination 192.168.201.10 Add entry into iptables table NAT to redirect IPv6 requests H2$ sudo ip6tables -t nat -A PREROUTING -d fd12:3456:789a:202::0/64 -j DNAT --to-destination fd12:3456:789a:201::10 H2$ sudo vi /etc/sysctl.conf uncomment net.ipv4.ip_forward=1 to enable forwarding IPv4 requests uncomment net.ipv6.conf.all.forwarding=1 to enable forwarding IPv6 requests H2$ sudo sysctl -p --- H3 configuration --- H3$ sudo vi /etc/sysctl.conf add the following lines net.ipv4.conf.enp0s8.rp_filter = 0 net.ipv4.conf.enp0s9.rp_filter = 0 H3$ sudo sysctl -p --- Testing: --- Install fping at host H1: H1$ sudo apt install fping To get a reply to fping from the same host via IPv4: H1$ fping 192.168.200.1 To get a reply to fping from the same host via IPv6: H1$ fping fd12:3456:789a:200::1 To get a reply to fping from another host via IPv4: H1$ fping 192.168.202.10 To get a reply to fping from another host via IPv6: H1$ fping fd12:3456:789a:202::10 To get NO reply to fping from any host via IPv4: H1$ fping 192.168.203.10 To get NO reply to fping from any host via IPv6: fping fd12:3456:789a:203::10