Re: [IPv6 Users] ipv6 routing, problem with neighbour solicitation

Volker Böhme Sat, 23 Jun 2007 05:37:02 -0700

On Friday 22 June 2007 15:47:17 Jeroen Massar wrote:
> If you want to use example addresses, use 2001:db8::/32 or generate a ULA
> prefix using RFC4193 (See also http://www.sixxs.net/tools/grh/ula/).


Ok, i will use 2001:db8::/32 then. When everythin is working i will gernerate 
a ULA prefix.

> The big interesting thing you are not providing is the prefix lengths.

I was using /128. In the beneath example i am using 2001:db8::/32. In my other 
mail as answer to Ed Kapitein i used 2001:1::/64, 2001:2::/64 and 2001:3::/64 
as he proposed. The results are the same.

> Providing the output of "ip -6 ro sho" and "ip -6 nei sho" on all the
> boxes is helpful. The other thing you might want to try to do is:
>  - ping6 from A to B
>  - ping6 from B to A
>  - ping6 from B to C
>  - ping6 from C to B
>  - ping6 from A to C
>  - ping6 from C to A
>
> then you can pinpoint where it goes wrong. Running a tcpdump on the links
> involved while doing these tests helps.

Ok here you go:

On host A:
ip -6 addr show
2: lo: <LOOPBACK,UP> mtu 16436
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
35: [EMAIL PROTECTED]: <BROADCAST,UP> mtu 1472
    inet6 2001:db80::11/32 scope global
       valid_lft forever preferred_lft forever

ip -6 route show
2001:db80::13 via 2001:db80::12 dev wldev  metric 1024  expires -168sec mtu 
1472 advmss 1412 hoplimit 4294967295
2001:db80::/32 dev wldev  metric 256  expires -362sec mtu 1472 advmss 1412 
hoplimit 4294967295
fe80::/64 dev wldev  metric 256  expires -362sec mtu 1472 advmss 1412 hoplimit 
4294967295
ff00::/8 dev wldev  metric 256  expires -362sec mtu 1472 advmss 1412 hoplimit 
4294967295
unreachable default dev lo  proto none  metric -1  error -101 hoplimit 255

ip -6 nei show
2001:db80::12 dev wldev lladdr 137.226.18.145 router STALE

On host B:
ip -6 add show
2: lo: <LOOPBACK,UP> mtu 16436
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
25: [EMAIL PROTECTED]: <BROADCAST,UP> mtu 1472
    inet6 2001:db80::12/32 scope global
       valid_lft forever preferred_lft forever

ip -6 route show
2001:db80::/32 dev wldev  metric 256  expires -404sec mtu 1472 advmss 1412 
hoplimit 4294967295
fe80::/64 dev wldev  metric 256  expires -404sec mtu 1472 advmss 1412 hoplimit 
4294967295
ff00::/8 dev wldev  metric 256  expires -404sec mtu 1472 advmss 1412 hoplimit 
4294967295
unreachable default dev lo  proto none  metric -1  error -101 hoplimit 255

ip -6 nei show -> shows nothing

On host C:
ip -6 addr show
2: lo: <LOOPBACK,UP> mtu 16436
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
24: [EMAIL PROTECTED]: <BROADCAST,UP> mtu 1472
    inet6 2001:db80::13/32 scope global
       valid_lft forever preferred_lft forever

ip -6 route show
2001:db80::11 via 2001:db80::12 dev wldev  metric 1024  expires -240sec mtu 
1472 advmss 1412 hoplimit 4294967295
2001:db80::/32 dev wldev  metric 256  expires -440sec mtu 1472 advmss 1412 
hoplimit 4294967295
fe80::/64 dev wldev  metric 256  expires -440sec mtu 1472 advmss 1412 hoplimit 
4294967295
ff00::/8 dev wldev  metric 256  expires -440sec mtu 1472 advmss 1412 hoplimit 
4294967295
unreachable default dev lo  proto none  metric -1  error -101 hoplimit 255

ip -6 nei show
2001:db80::12 dev wldev lladdr 137.226.18.145 router STALE


Here the results of ping6:
ping6 from A to B -> works
ping6 from B to A -> works
ping6 from B to C -> works
ping6 from C to B -> works
ping6 from A to C -> Destination unreachable: Address unreachable
ping6 from C to A -> Destination unreachable: Address unreachable

Like i have also written in another mail, when i run tcpdump on host B (while 
running ping6 from A to C), i can see, that the ping gets to host B but host 
B does not request the linklayeraddress from host C. That is what i am 
thinking is causing the problem. But i do not know why B is not requesting 
the linklayeraddress. 
I can get the ping6 from A to C and from C to A work when i manually add the 
linklayeraddress from A and C into the cache from B with "ip -6 neigh add 
<IPv6 address> lladdr <link-layer address> dev <device>". 

> Also remember that there is ICMP Redirects which can instruct the host
> to still use the link directly instead of going via another.

I have checked that with tcpdum, no ICMP Redirects are send.

> Also don't forget to check to check sysctl's and firewall settings.

Here the firewall setting (the same on host A,B and C:
ip6tables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

With the sysctl settings, perhaps theres something wrong. I did enable 
forwarding, but do i have to change some other parameters to? 


Greets,
Volker
_______________________________________________
Users mailing list
[email protected]
https://lists.ipv6.org/mailman/listinfo/users

Re: [IPv6 Users] ipv6 routing, problem with neighbour solicitation

Reply via email to