Hi Phil; is ipv6 forwarding enabled?
cat /proc/sys/net/ipv6/conf/all/forwarding should show "1" kp Am Montag, 16. Juni 2014, 12:24:05 schrieb Phil Faris: > I am trying to add IPv6 capability to my LAN. I have successfully > installed a SixXS IPv4 to IPv6 tunnel (i.e. I can ping6 IPv6 hosts from > the LEAF command line). My problem is when I try to ping6 an IPv6 host > from one of the systems on the LAN I get "Network unreachable". I > followed the Bering-uClibc 5.x Users Guide when configuring Shorewall > and dnsmasq; however, I suspect that is where I have made a mistake. The > changes I made are shown below. I would appreciate any help in solving > the problem. > > Phil Faris > > ###################################################################### > > The only change to my working IP4 dnsmasq was adding: > > dhcp-range=2604:8800:100:2a2::, ra-only > > where the value is the subnet prefix assigned by SixSX. > > ######################################################################## > > The following modifications were made to shorewall6.conf: > > **ZONES** > #ZONE TYPE OPTIONS IN > fw firewall > loc ipv6 > net ipv6 > > **INTERFACES** > #ZONE INTERFACE OPTIONS > net sixxs - > loc eth1 - > > **POLICY** > #SOURCE DEST POLICY LOG LIMIT: > fw loc ACCEPT > loc net ACCEPT > net all DROP NFLOG(4) > all all REJECT NFLOG(4) > > **RULES** > SECTION NEW > # Accept DNS connections from the firewall to the network > # and from the local network to the firewall (in case dnsmasq is > running) > DNS(ACCEPT) fw net > DNS(ACCEPT) loc fw > > # Accept SSH connections from the local network for administration > # > SSH(ACCEPT) loc fw > > # Allow Ping to Firewall > # > Ping(ACCEPT) net fw > Ping(ACCEPT) loc fw > # > # Allow all ICMP types (including ping) from firewall > ACCEPT fw loc icmp > ACCEPT fw net icmp > # Allow local network to access weblet/webconf > # > HTTP(ACCEPT) loc fw > HTTPS(ACCEPT) loc fw > # timeserver (allow syncing with time servers (default: pool.ntp.org)) > NTP(ACCEPT) fw net > # timeserver (allow LAN clients to sync with the time service on the router) > NTP(ACCEPT) loc fw > # IPv6 Tunnel > SixXS(ACCEPT) fw net > > > > > > > ---------------------------------------------------------------------------- > -- HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions > Find What Matters Most in Your Big Data with HPCC Systems > Open Source. Fast. Scalable. Simple. Ideal for Dirty Data. > Leverages Graph Analysis for Fast Processing & Easy Data Exploration > http://p.sf.net/sfu/hpccsystems > ------------------------------------------------------------------------ > leaf-user mailing list: leaf-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/leaf-user > Support Request -- http://leaf-project.org/ ------------------------------------------------------------------------------ HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions Find What Matters Most in Your Big Data with HPCC Systems Open Source. Fast. Scalable. Simple. Ideal for Dirty Data. Leverages Graph Analysis for Fast Processing & Easy Data Exploration http://p.sf.net/sfu/hpccsystems ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
