firewall { all-ping enable broadcast-ping disable ipv6-receive-redirects disable ipv6-src-route disable ip-src-route disable log-martians enable modify mssclamp { default-action accept rule 1 { action modify modify { tcp-mss 1420 } protocol tcp tcp { flags SYN } } } receive-redirects disable send-redirects disable source-validation disable syn-cookies enable } interfaces { ethernet eth0 { address 2400:8700:31:601::14/64 duplex auto hw-id 52:54:00:18:46:e2 smp_affinity auto speed auto } ethernet eth1 { address 192.168.11.1/24 address 2400:8700:31:600::1/64 duplex auto firewall { in { modify mssclamp } } hw-id 52:54:00:ec:16:d9 ipv6 { dup-addr-detect-transmits 1 router-advert { cur-hop-limit 64 link-mtu 0 managed-flag false max-interval 600 other-config-flag true prefix 2400:8700:31:600::/64 { autonomous-flag true on-link-flag true valid-lifetime 2592000 } reachable-time 0 retrans-timer 0 send-advert true } } smp_affinity auto speed auto } loopback lo { } map map0 { br-address 2400:8700:31:610::1/64 default-forwarding-mode encapsulation ipv6-fragment-size 1500 rĂ´le ce rule 1 { ea-length 8 ipv4-prefix 157.112.198.104/32 ipv6-prefix 2400:8700:31:600::/56 } tunnel-source eth1 } } protocols { static { interface-route 0.0.0.0/0 { next-hop-interface map0 { } } route6 ::/0 { next-hop 2400:8700:31:601::1 { } } } } service { dhcp-server { disabled false shared-network-name MAP_E1 { authoritative disable subnet 192.168.11.0/24 { default-router 192.168.11.1 dns-server 192.168.11.1 lease 86400 start 192.168.11.32 { stop 192.168.11.253 } } } } dhcpv6-server { name-server 2400:8700:31:ca11::53 shared-network-name MAP_E1 { subnet 2400:8700:31:600::/64 { } } } dns { forwarding { cache-size 150 listen-on eth1 } } ssh { port 22 protocol-version v2 } } system { config-management { commit-revisions 20 } console { device ttyS0 { speed 9600 } } host-name janog31-asamap login { user vyatta { authentication { encrypted-password ******** } level admin } } name-server 2400:8700:31:ca11::53 ntp { server 0.vyatta.pool.ntp.org { } server 1.vyatta.pool.ntp.org { } server 2.vyatta.pool.ntp.org { } } package { auto-sync 1 repository community { components main distribution stable password "" url http://packages.vyatta.com/vyatta username "" } } syslog { global { facility all { level notice } facility protocols { level debug } } } time-zone Asia/Tokyo } // /* Warning: Do not remove the following line. */ // /* === vyatta-config-version: "firewall@5:qos@1:ipsec@3:dhcp-relay@1:config-management@1:wanloadbalance@3:conntrack-sync@1:system@5:conntrack@1:quagga@2:webproxy@1:webgui@1:dhcp-server@4:nat@4:vrrp@2:content-inspection@3:zone-policy@1:cluster@1" === */ // /* Release version: 999.oxnard.01011556 */