Re: [IPv6 Users] ipv6 routing, problem with neighbour solicitation
Volker Böhme schrieb: ip -6 nei show 2001:2::1 dev wldev lladdr 137.226.18.145 router REACHABLE You have IPv4 addresses as linklayer addresses? When i run tcpdump on host B (while running ping6 from A to C), i can see, that the ping gets to host B but host B does not request the linklayeraddress from host C. That is what i am thinking is causing the problem. But i do not know why B is not requesting the linklayeraddress. I can get the ping6 from A to C and from C to A work when i manually add the linklayeraddress from A and C into the cache from B with ip -6 neigh add IPv6 address lladdr link-layer address dev device. Which kernel version do you use? Can you send the output on host B of # sysctl net.ipv6.conf.eth0 Peter ___ Users mailing list Users@ipv6.org https://lists.ipv6.org/mailman/listinfo/users
Re: [IPv6 Users] ipv6 routing, problem with neighbour solicitation
On Friday 22 June 2007 16:42:20 Jun-ichiro itojun Hagino wrote: so in your configuration, A, B and C are all on the same link but A and C has to use B as the gateway. B would send A/B ICMPv6 redirects. I have checked with tcpdump, B is not sending any ICMPv6 redirect messages. for ICMPv6 to work correctly, you MUST use link-local addresses (fe80::blah) for the gateway setting. this is a hidden rule in the RFCs. Ok, i'll try that. Greets, Volker ___ Users mailing list Users@ipv6.org https://lists.ipv6.org/mailman/listinfo/users
Re: [IPv6 Users] ipv6 routing, problem with neighbour solicitation
Hi, On Friday 22 June 2007 16:15:07 Ed Kapitein wrote: Hi Volker, I am missing the mask you use for the various networks. i think you would get it to work with a setup like this: A has Ipv6-Address 2001:1::1 B has Ipv6-Address 2001:2::1 C has Ipv6-Address 2001:3::1 and a /64 mask I think in your setup al ip addresses are in the same subnet, so routing will not be done. I dont think think the problem is caused by using one subnet. I am working on routing in wireless adhoc networks and there it can happen that routing has to be done in the same subnet (not each client can hear each other because of the wireless connections). But nevertheless i have tried your configuration. Unfortunately my problem still exists. Here some outputs which can be usefull: On host A: ip -6 addr show 2: lo: LOOPBACK,UP mtu 16436 inet6 ::1/128 scope host valid_lft forever preferred_lft forever 34: [EMAIL PROTECTED]: BROADCAST,UP mtu 1472 inet6 2001:1::1/64 scope global valid_lft forever preferred_lft forever ip -6 route show 2001:1::/64 dev wldev metric 256 expires -73726sec mtu 1472 advmss 1412 hoplimit 4294967295 2001:2::/64 dev wldev metric 1 expires -73515sec mtu 1472 advmss 1412 hoplimit 4294967295 2001:3::/64 via 2001:2::1 dev wldev metric 1024 expires -73397sec mtu 1472 advmss 1412 hoplimit 4294967295 fe80::/64 dev wldev metric 256 expires -73726sec mtu 1472 advmss 1412 hoplimit 4294967295 ff00::/8 dev wldev metric 256 expires -73726sec mtu 1472 advmss 1412 hoplimit 4294967295 unreachable default dev lo proto none metric -1 error -101 hoplimit 255 ip -6 nei show 2001:2::1 dev wldev lladdr 137.226.18.145 router REACHABLE On host B: ip -6 add show 2: lo: LOOPBACK,UP mtu 16436 inet6 ::1/128 scope host valid_lft forever preferred_lft forever 24: [EMAIL PROTECTED]: BROADCAST,UP mtu 1472 inet6 2001:2::1/64 scope global valid_lft forever preferred_lft forever ip -6 route show 2001:1::/64 dev wldev metric 1 expires -73429sec mtu 1472 advmss 1412 hoplimit 4294967295 2001:2::/64 dev wldev metric 256 expires -73800sec mtu 1472 advmss 1412 hoplimit 4294967295 2001:3::/64 dev wldev metric 1 expires -73424sec mtu 1472 advmss 1412 hoplimit 4294967295 fe80::/64 dev wldev metric 256 expires -73800sec mtu 1472 advmss 1412 hoplimit 4294967295 ff00::/8 dev wldev metric 256 expires -73800sec mtu 1472 advmss 1412 hoplimit 4294967295 unreachable default dev lo proto none metric -1 error -101 hoplimit 255 ip -6 nei show - shows nothing On host C: ip -6 addr show 2: lo: LOOPBACK,UP mtu 16436 inet6 ::1/128 scope host valid_lft forever preferred_lft forever 23: [EMAIL PROTECTED]: BROADCAST,UP mtu 1472 inet6 2001:3::1/64 scope global valid_lft forever preferred_lft forever ip -6 route show 2001:1::/64 via 2001:2::1 dev wldev metric 1024 expires -73651sec mtu 1472 advmss 1412 hoplimit 4294967295 2001:2::/64 dev wldev metric 1 expires -73701sec mtu 1472 advmss 1412 hoplimit 4294967295 2001:3::/64 dev wldev metric 1 expires -73544sec mtu 1472 advmss 1412 hoplimit 4294967295 fe80::/64 dev wldev metric 256 expires -73782sec mtu 1472 advmss 1412 hoplimit 4294967295 ff00::/8 dev wldev metric 256 expires -73782sec mtu 1472 advmss 1412 hoplimit 4294967295 unreachable default dev lo proto none metric -1 error -101 hoplimit 255 ip -6 nei show 2001:2::1 dev wldev lladdr 137.226.18.145 router REACHABLE Here the results of some ping6: ping6 from A to B - works ping6 from A to C - Destination unreachable: Address unreachable ping6 from B to A - works ping6 from B to C - works ping6 from C to B - works ping6 from C to A - Destination unreachable: Address unreachable When i run tcpdump on host B (while running ping6 from A to C), i can see, that the ping gets to host B but host B does not request the linklayeraddress from host C. That is what i am thinking is causing the problem. But i do not know why B is not requesting the linklayeraddress. I can get the ping6 from A to C and from C to A work when i manually add the linklayeraddress from A and C into the cache from B with ip -6 neigh add IPv6 address lladdr link-layer address dev device. Hope you now have all information you need and you have an idea to help me. Kind regards Volker ___ Users mailing list Users@ipv6.org https://lists.ipv6.org/mailman/listinfo/users
Re: [IPv6 Users] ipv6 routing, problem with neighbour solicitation
On Friday 22 June 2007 16:16:42 Peter Bieringer wrote: Which prefix lengths do you use? Usually, each link has a /64, don't play around with /128 on local networks. I was using /128. Why shouldn't i use this prefix? But like you can see in my other mail in reply to Ed Kapitein i have the same problem when i use /64 and different subnets. Improve your IPv6 setup by a more realistic configuration with proper prefixes and try again (and think about whether you want to use routing or bridging). I definitly want to use routing. In my examples i set my routes by myself (for better debugging) but actually the routes are set with use of olsr-routing. BTW: you should at least use fec0:: addresses for local testing or take the prefix from the documentation space (2001:db80::/32) or use a Unique Local prefix, if you have no proper global /48 prefix assigned to you. The addresses i used, were only for testing. I thought perhaps the cause of my problem lies in the used type of addresses. I have tried all different address types then (ULAN, site-local, global) but i have the same problem with all address types. Kind regards Volker ___ Users mailing list Users@ipv6.org https://lists.ipv6.org/mailman/listinfo/users
Re: [IPv6 Users] ipv6 routing, problem with neighbour solicitation
On Friday 22 June 2007 15:47:17 Jeroen Massar wrote: If you want to use example addresses, use 2001:db8::/32 or generate a ULA prefix using RFC4193 (See also http://www.sixxs.net/tools/grh/ula/). Ok, i will use 2001:db8::/32 then. When everythin is working i will gernerate a ULA prefix. The big interesting thing you are not providing is the prefix lengths. I was using /128. In the beneath example i am using 2001:db8::/32. In my other mail as answer to Ed Kapitein i used 2001:1::/64, 2001:2::/64 and 2001:3::/64 as he proposed. The results are the same. Providing the output of ip -6 ro sho and ip -6 nei sho on all the boxes is helpful. The other thing you might want to try to do is: - ping6 from A to B - ping6 from B to A - ping6 from B to C - ping6 from C to B - ping6 from A to C - ping6 from C to A then you can pinpoint where it goes wrong. Running a tcpdump on the links involved while doing these tests helps. Ok here you go: On host A: ip -6 addr show 2: lo: LOOPBACK,UP mtu 16436 inet6 ::1/128 scope host valid_lft forever preferred_lft forever 35: [EMAIL PROTECTED]: BROADCAST,UP mtu 1472 inet6 2001:db80::11/32 scope global valid_lft forever preferred_lft forever ip -6 route show 2001:db80::13 via 2001:db80::12 dev wldev metric 1024 expires -168sec mtu 1472 advmss 1412 hoplimit 4294967295 2001:db80::/32 dev wldev metric 256 expires -362sec mtu 1472 advmss 1412 hoplimit 4294967295 fe80::/64 dev wldev metric 256 expires -362sec mtu 1472 advmss 1412 hoplimit 4294967295 ff00::/8 dev wldev metric 256 expires -362sec mtu 1472 advmss 1412 hoplimit 4294967295 unreachable default dev lo proto none metric -1 error -101 hoplimit 255 ip -6 nei show 2001:db80::12 dev wldev lladdr 137.226.18.145 router STALE On host B: ip -6 add show 2: lo: LOOPBACK,UP mtu 16436 inet6 ::1/128 scope host valid_lft forever preferred_lft forever 25: [EMAIL PROTECTED]: BROADCAST,UP mtu 1472 inet6 2001:db80::12/32 scope global valid_lft forever preferred_lft forever ip -6 route show 2001:db80::/32 dev wldev metric 256 expires -404sec mtu 1472 advmss 1412 hoplimit 4294967295 fe80::/64 dev wldev metric 256 expires -404sec mtu 1472 advmss 1412 hoplimit 4294967295 ff00::/8 dev wldev metric 256 expires -404sec mtu 1472 advmss 1412 hoplimit 4294967295 unreachable default dev lo proto none metric -1 error -101 hoplimit 255 ip -6 nei show - shows nothing On host C: ip -6 addr show 2: lo: LOOPBACK,UP mtu 16436 inet6 ::1/128 scope host valid_lft forever preferred_lft forever 24: [EMAIL PROTECTED]: BROADCAST,UP mtu 1472 inet6 2001:db80::13/32 scope global valid_lft forever preferred_lft forever ip -6 route show 2001:db80::11 via 2001:db80::12 dev wldev metric 1024 expires -240sec mtu 1472 advmss 1412 hoplimit 4294967295 2001:db80::/32 dev wldev metric 256 expires -440sec mtu 1472 advmss 1412 hoplimit 4294967295 fe80::/64 dev wldev metric 256 expires -440sec mtu 1472 advmss 1412 hoplimit 4294967295 ff00::/8 dev wldev metric 256 expires -440sec mtu 1472 advmss 1412 hoplimit 4294967295 unreachable default dev lo proto none metric -1 error -101 hoplimit 255 ip -6 nei show 2001:db80::12 dev wldev lladdr 137.226.18.145 router STALE Here the results of ping6: ping6 from A to B - works ping6 from B to A - works ping6 from B to C - works ping6 from C to B - works ping6 from A to C - Destination unreachable: Address unreachable ping6 from C to A - Destination unreachable: Address unreachable Like i have also written in another mail, when i run tcpdump on host B (while running ping6 from A to C), i can see, that the ping gets to host B but host B does not request the linklayeraddress from host C. That is what i am thinking is causing the problem. But i do not know why B is not requesting the linklayeraddress. I can get the ping6 from A to C and from C to A work when i manually add the linklayeraddress from A and C into the cache from B with ip -6 neigh add IPv6 address lladdr link-layer address dev device. Also remember that there is ICMP Redirects which can instruct the host to still use the link directly instead of going via another. I have checked that with tcpdum, no ICMP Redirects are send. Also don't forget to check to check sysctl's and firewall settings. Here the firewall setting (the same on host A,B and C: ip6tables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination With the sysctl settings, perhaps theres something wrong. I did enable forwarding, but do i have to change some other parameters to? Greets, Volker ___ Users mailing list Users@ipv6.org https://lists.ipv6.org/mailman/listinfo/users
Re: [IPv6 Users] ipv6 routing, problem with neighbour solicitation
Hi, At 22.06.2007 15:30, Volker Böhme wrote: Hello, I have a problem with routing and ipv6. Consider the following senario: i have three PCs setup in a chain (A - B - C ). All PCs do only have one NIC. A has Ipv6-Address 2001::1 B has Ipv6-Address 2001::2 C has Ipv6-Address 2001::3 The following routes exist on PC A: 2001::2 via eth0 2001::3 via gateway 2001::2 On PC B i have the this routes: 2001::1 via eth0 2001::3 via eth0 On PC C: 2001::2 via eth0 2001::1 via gateway 2001::2 PC A can talk to PC B and PC B can talk to PC C. No direct communikation between PC A and PC C is possible (i am simulating wireless connections). I can send a ping6 from A-B, B-A, B-C, C-B. My problem now is, that i cannot send a ping6 from A-C. Forwarding has been enabled by doing echo 1 /proc/sys/net/ipv6/conf/all/forwarding. I think i have found out why this is not possible. When PC B gehts the data from PC A it has to look in is neighbour solicitaion table to get the linklayeraddress from PC C. Now we have the case, that there is no entry for PC C and so PC B is sendeing a ICMP6 host unreachable message back to A. This is where the error occurs. In my opinion PC B first have to try to get the linklayeraddress from PC C by sending a neighbour solicitation message but it is no doing that it directly sends back the host unreachable message. When i add PC A and PC B in the neighbour solicitation list on PC B by hand everything works fine. My question now is do i have forget to configure something? Do i have done something wrong? Or can this be a bug in the kernel? Which prefix lengths do you use? Usually, each link has a /64, don't play around with /128 on local networks. Improve your IPv6 setup by a more realistic configuration with proper prefixes and try again (and think about whether you want to use routing or bridging). BTW: you should at least use fec0:: addresses for local testing or take the prefix from the documentation space (2001:db80::/32) or use a Unique Local prefix, if you have no proper global /48 prefix assigned to you. Peter -- Dr. Peter Bieringer http://www.bieringer.de/pb/ GPG/PGP Key 0x958F422D mailto:[EMAIL PROTECTED] Deep Space 6 Co-Founder and Core Member http://www.deepspace6.net/ Xing/OpenBC http://www.xing.com/hp/Peter_Bieringer/ Personal invitation to Xing http://www.xing.com/go/invita/3889 ___ Users mailing list Users@ipv6.org https://lists.ipv6.org/mailman/listinfo/users
Re: [IPv6 Users] ipv6 routing, problem with neighbour solicitation
I have a problem with routing and ipv6. Consider the following senario: i have three PCs setup in a chain (A - B - C ). All PCs do only have one NIC. (snip) so in your configuration, A, B and C are all on the same link but A and C has to use B as the gateway. B would send A/B ICMPv6 redirects. for ICMPv6 to work correctly, you MUST use link-local addresses (fe80::blah) for the gateway setting. this is a hidden rule in the RFCs. itojun ___ Users mailing list Users@ipv6.org https://lists.ipv6.org/mailman/listinfo/users
Re: [IPv6 Users] ipv6 routing, problem with neighbour solicitation
Hi Volker, I am missing the mask you use for the various networks. i think you would get it to work with a setup like this: A has Ipv6-Address 2001:1::1 B has Ipv6-Address 2001:2::1 C has Ipv6-Address 2001:3::1 and a /64 mask I think in your setup al ip addresses are in the same subnet, so routing will not be done. I hope this helps. Kind regards, @ On Fri, 2007-06-22 at 15:30 +0200, Volker Böhme wrote: Hello, I have a problem with routing and ipv6. Consider the following senario: i have three PCs setup in a chain (A - B - C ). All PCs do only have one NIC. A has Ipv6-Address 2001::1 B has Ipv6-Address 2001::2 C has Ipv6-Address 2001::3 The following routes exist on PC A: 2001::2 via eth0 2001::3 via gateway 2001::2 On PC B i have the this routes: 2001::1 via eth0 2001::3 via eth0 On PC C: 2001::2 via eth0 2001::1 via gateway 2001::2 PC A can talk to PC B and PC B can talk to PC C. No direct communikation between PC A and PC C is possible (i am simulating wireless connections). I can send a ping6 from A-B, B-A, B-C, C-B. My problem now is, that i cannot send a ping6 from A-C. Forwarding has been enabled by doing echo 1 /proc/sys/net/ipv6/conf/all/forwarding. I think i have found out why this is not possible. When PC B gehts the data from PC A it has to look in is neighbour solicitaion table to get the linklayeraddress from PC C. Now we have the case, that there is no entry for PC C and so PC B is sendeing a ICMP6 host unreachable message back to A. This is where the error occurs. In my opinion PC B first have to try to get the linklayeraddress from PC C by sending a neighbour solicitation message but it is no doing that it directly sends back the host unreachable message. When i add PC A and PC B in the neighbour solicitation list on PC B by hand everything works fine. My question now is do i have forget to configure something? Do i have done something wrong? Or can this be a bug in the kernel? Kind regards Volker ___ Users mailing list Users@ipv6.org https://lists.ipv6.org/mailman/listinfo/users ___ Users mailing list Users@ipv6.org https://lists.ipv6.org/mailman/listinfo/users