Hallo @fiwswe,
You guessed well. My ISP is Deutsche Telekom. The parts from a, b and c described by you apply and have already been implemented by me. The host is a Raspberry Pi 4b with a 32-bit Debian distribution (Raspberry OS / Bullseye).
Except that I had to stall eht0’s privacy extension. So far I have not been able to find the possibility of setting a self-generated random MAC address for eht0 for the Raspberry OS. Derivatives from Ubuntu are not applicable as far as I know. If a solution were revealed to me, this construction site would also be eliminated. However, that shouldn’t be the topic of this thread.
Your experimental solution is interesting and how practical it is.
Is it possible to port ksh to classic Debian-sh? I’m not familiar with ksh. Or does it make more sense to reload the shell extension?
An adjustment of the firewall via the script is not necessary for the time being. I use the firewall of the Fritzbox. In Debian Stretch I used to rely on itpables. Unfortunately, I haven’t managed to switch to nftables to this day.
@nils
The solution with two domains for one host is not practical for me.
Here I already fail to issue the SSL certificate (letsencrypt/cerbot) for two domains. There may be a way to merge both domains back into one. Unfortunately I do not know this.
Unfortunately, this is also cumbersome for outsiders who access the host.
The outsider must then know which IP protocol is currently being used to communicate. Especially with public hotspots or mobile communications, this is not always clear to everyone.
Therefore, it would be important for me to be able to update IPv4 and IPv6 for a domain via DDNS.
I apologize for my bad english
I am pleased to read from you.
Best regards