現在、DS-Lite(IPoE + IPv4 over IPv6)で外部へのアクセスをしています。
特に困っていなかったのですが、使っている exciteのMEC光 サービスで、最近気になるほど速度が落ち込むことが頻繁にありました。
IPv6(IPoE)アクセスであれば、多少は改善するのでしょうか…。
うちのER-Xは、購入時点から v2系 のファームウェアを使っているのですが、リリースノートを読むと v2.0.4 から DHCPv6 と DHCPv6-pd のどちらか片方であれば使える…などとわけのわからないことが書いてあるようです。
※ DHCPv6 と DHCPv6-pd の同時利用NG
ER-Xのソフトウェアをv2.0.8 へアップグレードして確認してみると、確かにDHCPv6-PDでプレフィックスの移譲が出来ています。
v2.0.3のときにはIPv6部分で期待通りの動作をしてくれず、v1系にダウングレードすることも考えたのですが、v2系 もしっかりと進化しているようですからまだまだ使えそうですね。
DHCPv6-PDの設定
うちの場合、Switch0をVLANで2つに分け、ゲスト用セグメントを作ってあります。このため、下記のように設定しました。
$ configure
# edit interfaces ethernet eth0
# set dhcpv6-pd pd 0
# set dhcpv6-pd prefix-only
# set dhcpv6-pd pd 0 prefix-length /60
# up
# edit dhcpv6-pd pd 0 interface switch0.10
# set host-address '::1'
# set prefix-id ':0'
# set service slaac
# up
# edit dhcpv6-pd pd 0 interface switch0.20
# set host-address '::2'
# set prefix-id ':1'
# set service slaac
# commit;save
# exit
IPv6のフレフィックス移譲が出来ているか確認してみます。
$ show interfaces
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface IP Address S/L Description
--------- ---------- --- -----------
eth0 192.168.24.2/30 u/u WAN
****:***:****:****:****:****:****:***/64
eth1 - u/u
eth2 - u/D
eth3 - u/u
eth4 - u/u
lo 127.0.0.1/8 u/u
::1/128
switch0 - u/u LAN
switch0.10 192.168.1.1/24 u/u vlan10
****:***:****:****::1/64
switch0.20 192.168.2.1/24 u/u vlan20
****:***:****:****::2/64
v6tun0 - u/u DSLite
これで、DS-Lite(IPoE + IPv4 over IPv6)だけじゃなく、IPv6(IPoE)でも外にお出掛け出来る環境になりました。
こんなところ※1 や こんなところ※2 で、IPv6でアクセス出来ているか確認してください。
※1 http://kiriwake.jpne.co.jp
※2 https://test-ipv6.com
ついでに、設定用PCからHGWに直接アクセス出来るよう、NAT設定を入れておきます。
※HGW管理用PCを限定するためIP指定しました
※このためプリンターのIPを移動しました
$ configure
# edit service nat rule 5010
# set description 'masquerade for WAN'
# set type masquerade
# set outbound-interface eth0
# set protocol all
# set source address 192.168.1.5-192.168.1.9
# set log disable
# commit;save
# exit
$ reboot
これで、HGWの設定や確認が楽になりますね。
で、結論ですが、IPv6(IPoE) の場合、調子の良いときは DS-Lite(IPoE + IPv4 over IPv6)と比較して倍くらいの速度が出ています。
しかし、調子の悪いときはダウンロード側が遅く、あまり変化はありません。
※みんなのネット回線速度 「こんなもん」 でデータを残してあります。
個人的には、exciteのMEC光 お勧め出来ませんね。
光コラボでも、事業者変更が可能になり、光コラボ→他社光コラボへの変更が可能になりましたので、そろそろどこかに移ることも検討したいと思います。
どこかお勧めないでしょうか?
これまでの全設定のConfigとcommandリストを載せておきます。
※一部伏せ字
$ show configuration
firewall {
all-ping enable
broadcast-ping disable
group {
port-group PRINT_TCP {
description Printing_TCP
port 80
port 443
port 515
port 8000
port 8080
port 8443
port 9013
port 9100
}
port-group PRINT_UDP {
description Printing_UDP
port 161
port 427
port 47545
}
}
ipv6-name WANv6_IN {
default-action drop
description "WANv6 to LAN"
enable-default-log
rule 10 {
action accept
description "Allow established/related"
state {
established enable
related enable
}
}
rule 20 {
action accept
description "Allow IPv6 ICMP"
protocol ipv6-icmp
}
rule 30 {
action drop
description "Drop invalid state"
state {
invalid enable
}
}
}
ipv6-name WANv6_LOCAL {
default-action drop
description "WANv6 to Router"
enable-default-log
rule 10 {
action accept
description "Allow established/related"
state {
established enable
related enable
}
}
rule 20 {
action accept
description "Allow IPv6 ICMP"
protocol ipv6-icmp
}
rule 30 {
action accept
description "Allow DHCPv6"
destination {
port 546
}
protocol udp
source {
port 547
}
}
rule 40 {
action accept
description "Allow DSLite"
protocol ipip
}
rule 50 {
action drop
description "Drop invalid state"
state {
invalid enable
}
}
}
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable
name DSLite_IN {
default-action drop
description "WAN(DSLite)to LAN"
rule 10 {
action accept
description "Allow established/related"
state {
established enable
related enable
}
}
rule 20 {
action drop
description "Drop invalid state"
state {
invalid enable
}
}
}
name DSLite_LOCAL {
default-action drop
description "WAN(DSLite)to Router"
rule 10 {
action accept
description "Allow established/related"
state {
established enable
related enable
}
}
rule 20 {
action drop
description "Drop invalid state"
state {
invalid enable
}
}
}
name guest-in {
default-action accept
description guest-in
rule 10 {
action accept
description "Allow Printer tcp"
destination {
address 192.168.1.4
group {
port-group PRINT_TCP
}
}
log disable
protocol tcp
}
rule 11 {
action accept
description "Allow Printer udp"
destination {
address 192.168.1.4
group {
port-group PRINT_UDP
}
}
log disable
protocol udp
}
rule 20 {
action drop
description Other
destination {
address 192.168.1.0/24
}
log disable
protocol all
}
}
name guest-local {
default-action drop
description guest-local
rule 10 {
action accept
description "Allow DNS"
destination {
address 192.168.2.1
port 53
}
log disable
protocol udp
source {
address 192.168.2.0/24
}
}
rule 20 {
action drop
description Other
log disable
protocol all
}
}
receive-redirects disable
send-redirects enable
source-validation disable
syn-cookies enable
}
interfaces {
ethernet eth0 {
address 192.168.24.2/30
address ****:***:****:****:****:****:****:***/64
description WAN
dhcpv6-pd {
pd 0 {
interface switch0.10 {
host-address ::1
prefix-id :0
service slaac
}
interface switch0.20 {
host-address ::2
prefix-id :1
service slaac
}
prefix-length /60
}
prefix-only
rapid-commit enable
}
duplex auto
firewall {
in {
ipv6-name WANv6_IN
}
local {
ipv6-name WANv6_LOCAL
}
}
speed auto
}
ethernet eth1 {
duplex auto
speed auto
}
ethernet eth2 {
duplex auto
speed auto
}
ethernet eth3 {
duplex auto
speed auto
}
ethernet eth4 {
duplex auto
poe {
output off
}
speed auto
}
ipv6-tunnel v6tun0 {
description DSLite
encapsulation ipip6
firewall {
in {
name DSLite_IN
}
local {
name DSLite_LOCAL
}
}
local-ip ****:***:****:****:****:****:****:***
mtu 1460
multicast disable
remote-ip 2404:8e01::feed:100
ttl 64
}
loopback lo {
}
switch switch0 {
description LAN
mtu 1500
switch-port {
interface eth1 {
vlan {
pvid 10
}
}
interface eth2 {
vlan {
pvid 10
}
}
interface eth3 {
vlan {
pvid 10
}
}
interface eth4 {
vlan {
pvid 20
}
}
vlan-aware enable
}
vif 10 {
address 192.168.1.1/24
description vlan10
}
vif 20 {
address 192.168.2.1/24
description vlan20
firewall {
in {
name guest-in
}
local {
name guest-local
}
}
}
}
}
protocols {
static {
interface-route 0.0.0.0/0 {
next-hop-interface v6tun0 {
}
}
route6 ::/0 {
next-hop ****::****:****:****:**** {
interface eth0
}
}
}
}
service {
dhcp-server {
disabled false
hostfile-update disable
shared-network-name vlan10 {
authoritative enable
subnet 192.168.1.0/24 {
default-router 192.168.1.1
dns-server 192.168.1.1
lease 86400
start 192.168.1.90 {
stop 192.168.1.168
}
static-mapping Canon_C356F {
ip-address 192.168.1.4
mac-address **:**:**:**:**:**
}
static-mapping TPx_HGW_Set_Ether {
ip-address 192.168.1.5
mac-address **:**:**:**:**:**
}
static-mapping PC0001 {
ip-address 192.168.1.9
mac-address **:**:**:**:**:**
}
}
}
shared-network-name vlan20 {
authoritative disable
subnet 192.168.2.0/24 {
default-router 192.168.2.1
dns-server 192.168.2.1
lease 86400
start 192.168.2.90 {
stop 192.168.2.168
}
static-mapping ThinkPad_X201 {
ip-address 192.168.2.13
mac-address **:**:**:**:**:**
}
static-mapping ThinkPad_X201_Wi-Fi {
ip-address 192.168.2.15
mac-address **:**:**:**:**:**
}
static-mapping WN-AX1167GR2 {
ip-address 192.168.2.4
mac-address **:**:**:**:**:**
}
}
}
static-arp disable
use-dnsmasq disable
}
dns {
forwarding {
cache-size 5000
listen-on switch0.10
listen-on switch0.20
listen-on lo
name-server 2606:4700:4700::1111
name-server 2606:4700:4700::1001
options strict-order
}
}
gui {
http-port 80
https-port 443
listen-address 192.168.1.1
older-ciphers enable
}
nat {
rule 5010 {
description "masquerade for WAN"
log disable
outbound-interface eth0
protocol all
source {
address 192.168.1.5-192.168.1.9
}
type masquerade
}
}
ssh {
listen-address 192.168.1.1
port 22
protocol-version v2
}
ubnt-discover {
disable
}
ubnt-discover-server {
disable
}
unms {
disable
}
}
system {
config-management {
commit-revisions 20
}
host-name GW-Router
login {
user ******** {
authentication {
encrypted-password ****************
plaintext-password ****************
}
level admin
}
user ******** {
authentication {
encrypted-password ****************
plaintext-password ****************
}
level operator
}
}
name-server 127.0.0.1
ntp {
server ntp.nict.jp {
}
}
offload {
hwnat enable
}
syslog {
global {
facility all {
level notice
}
facility protocols {
level debug
}
}
}
time-zone Asia/Tokyo
}
$ show configuration commands
set firewall all-ping enable
set firewall broadcast-ping disable
set firewall group port-group PRINT_TCP description Printing_TCP
set firewall group port-group PRINT_TCP port 80
set firewall group port-group PRINT_TCP port 443
set firewall group port-group PRINT_TCP port 515
set firewall group port-group PRINT_TCP port 8000
set firewall group port-group PRINT_TCP port 8080
set firewall group port-group PRINT_TCP port 8443
set firewall group port-group PRINT_TCP port 9013
set firewall group port-group PRINT_TCP port 9100
set firewall group port-group PRINT_UDP description Printing_UDP
set firewall group port-group PRINT_UDP port 161
set firewall group port-group PRINT_UDP port 427
set firewall group port-group PRINT_UDP port 47545
set firewall ipv6-name WANv6_IN default-action drop
set firewall ipv6-name WANv6_IN description 'WANv6 to LAN'
set firewall ipv6-name WANv6_IN enable-default-log
set firewall ipv6-name WANv6_IN rule 10 action accept
set firewall ipv6-name WANv6_IN rule 10 description 'Allow established/related'
set firewall ipv6-name WANv6_IN rule 10 state established enable
set firewall ipv6-name WANv6_IN rule 10 state related enable
set firewall ipv6-name WANv6_IN rule 20 action accept
set firewall ipv6-name WANv6_IN rule 20 description 'Allow IPv6 ICMP'
set firewall ipv6-name WANv6_IN rule 20 protocol ipv6-icmp
set firewall ipv6-name WANv6_IN rule 30 action drop
set firewall ipv6-name WANv6_IN rule 30 description 'Drop invalid state'
set firewall ipv6-name WANv6_IN rule 30 state invalid enable
set firewall ipv6-name WANv6_LOCAL default-action drop
set firewall ipv6-name WANv6_LOCAL description 'WANv6 to Router'
set firewall ipv6-name WANv6_LOCAL enable-default-log
set firewall ipv6-name WANv6_LOCAL rule 10 action accept
set firewall ipv6-name WANv6_LOCAL rule 10 description 'Allow established/related'
set firewall ipv6-name WANv6_LOCAL rule 10 state established enable
set firewall ipv6-name WANv6_LOCAL rule 10 state related enable
set firewall ipv6-name WANv6_LOCAL rule 20 action accept
set firewall ipv6-name WANv6_LOCAL rule 20 description 'Allow IPv6 ICMP'
set firewall ipv6-name WANv6_LOCAL rule 20 protocol ipv6-icmp
set firewall ipv6-name WANv6_LOCAL rule 30 action accept
set firewall ipv6-name WANv6_LOCAL rule 30 description 'Allow DHCPv6'
set firewall ipv6-name WANv6_LOCAL rule 30 destination port 546
set firewall ipv6-name WANv6_LOCAL rule 30 protocol udp
set firewall ipv6-name WANv6_LOCAL rule 30 source port 547
set firewall ipv6-name WANv6_LOCAL rule 40 action accept
set firewall ipv6-name WANv6_LOCAL rule 40 description 'Allow DSLite'
set firewall ipv6-name WANv6_LOCAL rule 40 protocol ipip
set firewall ipv6-name WANv6_LOCAL rule 50 action drop
set firewall ipv6-name WANv6_LOCAL rule 50 description 'Drop invalid state'
set firewall ipv6-name WANv6_LOCAL rule 50 state invalid enable
set firewall ipv6-receive-redirects disable
set firewall ipv6-src-route disable
set firewall ip-src-route disable
set firewall log-martians enable
set firewall name DSLite_IN default-action drop
set firewall name DSLite_IN description 'WAN(DSLite)to LAN'
set firewall name DSLite_IN rule 10 action accept
set firewall name DSLite_IN rule 10 description 'Allow established/related'
set firewall name DSLite_IN rule 10 state established enable
set firewall name DSLite_IN rule 10 state related enable
set firewall name DSLite_IN rule 20 action drop
set firewall name DSLite_IN rule 20 description 'Drop invalid state'
set firewall name DSLite_IN rule 20 state invalid enable
set firewall name DSLite_LOCAL default-action drop
set firewall name DSLite_LOCAL description 'WAN(DSLite)to Router'
set firewall name DSLite_LOCAL rule 10 action accept
set firewall name DSLite_LOCAL rule 10 description 'Allow established/related'
set firewall name DSLite_LOCAL rule 10 state established enable
set firewall name DSLite_LOCAL rule 10 state related enable
set firewall name DSLite_LOCAL rule 20 action drop
set firewall name DSLite_LOCAL rule 20 description 'Drop invalid state'
set firewall name DSLite_LOCAL rule 20 state invalid enable
set firewall name guest-in default-action accept
set firewall name guest-in description guest-in
set firewall name guest-in rule 10 action accept
set firewall name guest-in rule 10 description 'Allow Printer tcp'
set firewall name guest-in rule 10 destination address 192.168.1.4
set firewall name guest-in rule 10 destination group port-group PRINT_TCP
set firewall name guest-in rule 10 log disable
set firewall name guest-in rule 10 protocol tcp
set firewall name guest-in rule 11 action accept
set firewall name guest-in rule 11 description 'Allow Printer udp'
set firewall name guest-in rule 11 destination address 192.168.1.4
set firewall name guest-in rule 11 destination group port-group PRINT_UDP
set firewall name guest-in rule 11 log disable
set firewall name guest-in rule 11 protocol udp
set firewall name guest-in rule 20 action drop
set firewall name guest-in rule 20 description Other
set firewall name guest-in rule 20 destination address 192.168.1.0/24
set firewall name guest-in rule 20 log disable
set firewall name guest-in rule 20 protocol all
set firewall name guest-local default-action drop
set firewall name guest-local description guest-local
set firewall name guest-local rule 10 action accept
set firewall name guest-local rule 10 description 'Allow DNS'
set firewall name guest-local rule 10 destination address 192.168.2.1
set firewall name guest-local rule 10 destination port 53
set firewall name guest-local rule 10 log disable
set firewall name guest-local rule 10 protocol udp
set firewall name guest-local rule 10 source address 192.168.2.0/24
set firewall name guest-local rule 20 action drop
set firewall name guest-local rule 20 description Other
set firewall name guest-local rule 20 log disable
set firewall name guest-local rule 20 protocol all
set firewall receive-redirects disable
set firewall send-redirects enable
set firewall source-validation disable
set firewall syn-cookies enable
set interfaces ethernet eth0 address 192.168.24.2/30
set interfaces ethernet eth0 address '****:***:****:****:****:****:****:***/64'
set interfaces ethernet eth0 description WAN
set interfaces ethernet eth0 dhcpv6-pd pd 0 interface switch0.10 host-address '::1'
set interfaces ethernet eth0 dhcpv6-pd pd 0 interface switch0.10 prefix-id ':0'
set interfaces ethernet eth0 dhcpv6-pd pd 0 interface switch0.10 service slaac
set interfaces ethernet eth0 dhcpv6-pd pd 0 interface switch0.20 host-address '::2'
set interfaces ethernet eth0 dhcpv6-pd pd 0 interface switch0.20 prefix-id ':1'
set interfaces ethernet eth0 dhcpv6-pd pd 0 interface switch0.20 service slaac
set interfaces ethernet eth0 dhcpv6-pd pd 0 prefix-length /60
set interfaces ethernet eth0 dhcpv6-pd prefix-only
set interfaces ethernet eth0 dhcpv6-pd rapid-commit enable
set interfaces ethernet eth0 duplex auto
set interfaces ethernet eth0 firewall in ipv6-name WANv6_IN
set interfaces ethernet eth0 firewall local ipv6-name WANv6_LOCAL
set interfaces ethernet eth0 speed auto
set interfaces ethernet eth1 duplex auto
set interfaces ethernet eth1 speed auto
set interfaces ethernet eth2 duplex auto
set interfaces ethernet eth2 speed auto
set interfaces ethernet eth3 duplex auto
set interfaces ethernet eth3 speed auto
set interfaces ethernet eth4 duplex auto
set interfaces ethernet eth4 poe output off
set interfaces ethernet eth4 speed auto
set interfaces ipv6-tunnel v6tun0 description DSLite
set interfaces ipv6-tunnel v6tun0 encapsulation ipip6
set interfaces ipv6-tunnel v6tun0 firewall in name DSLite_IN
set interfaces ipv6-tunnel v6tun0 firewall local name DSLite_LOCAL
set interfaces ipv6-tunnel v6tun0 local-ip '****:***:****:****:****:****:****:***'
set interfaces ipv6-tunnel v6tun0 mtu 1460
set interfaces ipv6-tunnel v6tun0 multicast disable
set interfaces ipv6-tunnel v6tun0 remote-ip '2404:8e01::feed:100'
set interfaces ipv6-tunnel v6tun0 ttl 64
set interfaces loopback lo
set interfaces switch switch0 description LAN
set interfaces switch switch0 mtu 1500
set interfaces switch switch0 switch-port interface eth1 vlan pvid 10
set interfaces switch switch0 switch-port interface eth2 vlan pvid 10
set interfaces switch switch0 switch-port interface eth3 vlan pvid 10
set interfaces switch switch0 switch-port interface eth4 vlan pvid 20
set interfaces switch switch0 switch-port vlan-aware enable
set interfaces switch switch0 vif 10 address 192.168.1.1/24
set interfaces switch switch0 vif 10 description vlan10
set interfaces switch switch0 vif 20 address 192.168.2.1/24
set interfaces switch switch0 vif 20 description vlan20
set interfaces switch switch0 vif 20 firewall in name guest-in
set interfaces switch switch0 vif 20 firewall local name guest-local
set protocols static interface-route 0.0.0.0/0 next-hop-interface v6tun0
set protocols static route6 '::/0' next-hop '****::****:****:****:****' interface eth0
set service dhcp-server disabled false
set service dhcp-server hostfile-update disable
set service dhcp-server shared-network-name vlan10 authoritative enable
set service dhcp-server shared-network-name vlan10 subnet 192.168.1.0/24 default-router 192.168.1.1
set service dhcp-server shared-network-name vlan10 subnet 192.168.1.0/24 dns-server 192.168.1.1
set service dhcp-server shared-network-name vlan10 subnet 192.168.1.0/24 lease 86400
set service dhcp-server shared-network-name vlan10 subnet 192.168.1.0/24 start 192.168.1.90 stop 192.168.1.168
set service dhcp-server shared-network-name vlan10 subnet 192.168.1.0/24 static-mapping Canon_C356F ip-address 192.168.1.4
set service dhcp-server shared-network-name vlan10 subnet 192.168.1.0/24 static-mapping Canon_C356F mac-address '**:**:**:**:**:**'
set service dhcp-server shared-network-name vlan10 subnet 192.168.1.0/24 static-mapping PC0001 ip-address 192.168.1.9
set service dhcp-server shared-network-name vlan10 subnet 192.168.1.0/24 static-mapping PC0001 mac-address '**:**:**:**:**:**'
set service dhcp-server shared-network-name vlan10 subnet 192.168.1.0/24 static-mapping TPx_HGW_Set_Ether ip-address 192.168.1.5
set service dhcp-server shared-network-name vlan10 subnet 192.168.1.0/24 static-mapping TPx_HGW_Set_Ether mac-address '**:**:**:**:**:**'
set service dhcp-server shared-network-name vlan20 authoritative disable
set service dhcp-server shared-network-name vlan20 subnet 192.168.2.0/24 default-router 192.168.2.1
set service dhcp-server shared-network-name vlan20 subnet 192.168.2.0/24 dns-server 192.168.2.1
set service dhcp-server shared-network-name vlan20 subnet 192.168.2.0/24 lease 86400
set service dhcp-server shared-network-name vlan20 subnet 192.168.2.0/24 start 192.168.2.90 stop 192.168.2.168
set service dhcp-server shared-network-name vlan20 subnet 192.168.2.0/24 static-mapping ThinkPad_X201 ip-address 192.168.2.13
set service dhcp-server shared-network-name vlan20 subnet 192.168.2.0/24 static-mapping ThinkPad_X201 mac-address '**:**:**:**:**:**'
set service dhcp-server shared-network-name vlan20 subnet 192.168.2.0/24 static-mapping ThinkPad_X201_Wi-Fi ip-address 192.168.2.15
set service dhcp-server shared-network-name vlan20 subnet 192.168.2.0/24 static-mapping ThinkPad_X201_Wi-Fi mac-address '**:**:**:**:**:**'
set service dhcp-server shared-network-name vlan20 subnet 192.168.2.0/24 static-mapping WN-AX1167GR2 ip-address 192.168.2.4
set service dhcp-server shared-network-name vlan20 subnet 192.168.2.0/24 static-mapping WN-AX1167GR2 mac-address '**:**:**:**:**:**'
set service dhcp-server static-arp disable
set service dhcp-server use-dnsmasq disable
set service dns forwarding cache-size 5000
set service dns forwarding listen-on switch0.10
set service dns forwarding listen-on switch0.20
set service dns forwarding listen-on lo
set service dns forwarding name-server '2606:4700:4700::1111'
set service dns forwarding name-server '2606:4700:4700::1001'
set service dns forwarding options strict-order
set service gui http-port 80
set service gui https-port 443
set service gui listen-address 192.168.1.1
set service gui older-ciphers enable
set service nat rule 5010 description 'masquerade for WAN'
set service nat rule 5010 log disable
set service nat rule 5010 outbound-interface eth0
set service nat rule 5010 protocol all
set service nat rule 5010 source address 192.168.1.5-192.168.1.9
set service nat rule 5010 type masquerade
set service ssh listen-address 192.168.1.1
set service ssh port 22
set service ssh protocol-version v2
set service ubnt-discover disable
set service ubnt-discover-server disable
set service unms disable
set system config-management commit-revisions 20
set system host-name GW-Router
set system login user ******** authentication encrypted-password '********'
set system login user ******** authentication plaintext-password ''
set system login user ******** level admin
set system login user ******** authentication encrypted-password '********'
set system login user ******** authentication plaintext-password ''
set system login user ******** level operator
set system name-server 127.0.0.1
set system ntp server ntp.nict.jp
set system offload hwnat enable
set system syslog global facility all level notice
set system syslog global facility protocols level debug
set system time-zone Asia/Tokyo
0 件のコメント:
コメントを投稿