On 08/27/12 18:49, John Hawkes-Reed wrote:
BSD-box (9.1-PRE) is acting as default router/NAT gateway for local LAN.
IP4 works.
IP6 rig, per the setup on tunnelbroker.net, appears to work on the BSD box.
However, while LAN clients (XP, OSX) manage to acquire addresses with
the right prefix, the autoconfigured default route is a link-local
address. Some bits of the internet think that's ok. Other bits don't.
Bits of the internet does not see anything about whether your default
gateway is link-local or not and do not care.
The default gateway on the box that I'm writing this from is link-local
and IPv6 works quite nicely.
Trying to ping6/traceroute6 out to (say) Google works on the BSD box,
but not on the clients.
Do I need to be running a routing daemon, or is there some ip6
handwaving I'm missing?
If you are running pf or another firewall, you should have rules that
allow traffic to pass through.
rc.conf:
(I'm not convinced that obfuscating the addresses is worth the confusion)
ipv6_gateway_enable="YES"
ip6addrctl_verbose="YES"
rtadvd_enable="YES"
rtadvd_interfaces="rl0"
ipv6_cpe_wanif="pcn0"
ipv6_defaultrouter="2001:470:1f0a:b5a::1"
gif_interfaces="gif0"
gifconfig_gif0="192.168.1.100 216.66.80.30"
ifconfig_gif0_ipv6="inet6 2001:470:1f0a:b5a::2 2001:470:1f0a:b5a::1
prefixlen 128"
ifconfig_pcn0_ipv6="inet6 2001:470:1f0b:b5a::4 prefixlen 64"
ifconfig_rl0_ipv6="inet6 2001:470:1f0b:b5a::3 prefixlen 64 -accept_rtadv"
It looks like you are trying to use the /64 used for your tunnel on the
inside network. That's probably what causes the problem.
You should use the "Routed /64" on the inside. If you need more than one
/64, you can request a /48.
I'm not exactly sure what ipv6_cpe_wanif does, but I have never needed
it and I run a setup similar to what you describe.
--
Christian Laursen
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "[email protected]"
