On Fri, 8 Sep 2023, BERTRAND Joël wrote:
Now, both Linux and NetBSD can send and receive IPv6 packets but
workstations on LAN cannot use IPv6 through NetBSD server.
OK, so both legendre and rayleigh can ping6 the outside world?
as my ISP routes PREFIX:a00::/56 network
When I try a ping6 www.google.fr from LAN, NetBSD's wan interface sends:
09:38:32.261784 IP6 PREFIX:a10:d65d:64ff:feb4:9a3b >
par10s21-in-x03.1e100.net: ICMP6, echo request, seq 1, length 64
09:38:33.277892 IP6 PREFIX:a10:d65d:64ff:feb4:9a3b >
par10s21-in-x03.1e100.net: ICMP6, echo request, seq 2, length 64
So, if ICMP packets from the LAN are going out of your gateway
machine to the ISP, I would say your internal routing is fine. You
should've seen a reply because now the sending of those ICMP packets
and the routing of the replies are your ISPs responsibility. Your
part is done.
I suppose NetBSD cannot route ICMP6 answer as www.google.fr sends its
answer to PREFIX:a10:d65d:64ff:feb4:9a3b and WAN address is
PREFIX:a00::/64 (PREFIX:a10::/64 is only on LAN side).
PREFIX:a00::/56 is "wider" than PREFIX:a00::/64 or PREFIX:a10::/64,
and since your ISP will (or should!) send all packets destined for
PREFIX:a00::/56 to legendre, ICMP replies to requests from LAN
hosts should also be seen on wm2.
How can I configure WAN interface to accept IPv6 packets for LAN ?
You can't--your ISP should routing this (ie. the whole of
PREFIX:a00::/56) for you.
You say only legendre and rayleigh work OK. Can you do this:
Install a ping app on your smartphone. Then ping legendre, rayleigh
and some other machines on the LAN (make sure to use the cellular
network rather than your local WiFi connection!). Do a tcpdump on
legendre/wm3. See what packets arrive and which doesn't. Also try
out a bunch of IPv6 addresses in the range assigned to you, even
if they're not assigned to any of your machines. You should see
all of them on the gateway machine.
-RVP
