RVP a écrit :
> On Fri, 8 Sep 2023, BERTRAND Joël wrote:
>
>> Now, both Linux and NetBSD can send and receive IPv6 packets but
>> workstations on LAN cannot use IPv6 through NetBSD server.
>>
>
> OK, so both legendre and rayleigh can ping6 the outside world?
Yes :
rayleigh:[~] > ping6 -c1 www.google.fr
PING www.google.fr(par21s23-in-x03.1e100.net (2a00:1450:4007:81a::2003))
56 data bytes
64 bytes from par21s23-in-x03.1e100.net (2a00:1450:4007:81a::2003):
icmp_seq=1 ttl=120 time=15.1 ms
--- www.google.fr ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 15.128/15.128/15.128/0.000 ms
rayleigh:[~] >
legendre:[~] > ping6 -c1 www.google.fr
PING6(56=40+8+8 bytes) 2a0a:1c84:1000:a00::3 --> 2a00:1450:4007:80e::2003
16 bytes from 2a00:1450:4007:80e::2003, icmp_seq=0 hlim=120 time=15.498 ms
--- www.google.fr ping6 statistics ---
1 packets transmitted, 1 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 15.498/15.498/15.498/0.000 ms
legendre:[~] >
>> as my ISP routes PREFIX:a00::/56 network
>>
>> When I try a ping6 www.google.fr from LAN, NetBSD's wan interface
>> sends:
>>
>> 09:38:32.261784 IP6 PREFIX:a10:d65d:64ff:feb4:9a3b >
>> par10s21-in-x03.1e100.net: ICMP6, echo request, seq 1, length 64
>> 09:38:33.277892 IP6 PREFIX:a10:d65d:64ff:feb4:9a3b >
>> par10s21-in-x03.1e100.net: ICMP6, echo request, seq 2, length 64
>>
>
> So, if ICMP packets from the LAN are going out of your gateway
> machine to the ISP, I would say your internal routing is fine. You
> should've seen a reply because now the sending of those ICMP packets
> and the routing of the replies are your ISPs responsibility. Your
> part is done.
>
>> I suppose NetBSD cannot route ICMP6 answer as www.google.fr sends its
>> answer to PREFIX:a10:d65d:64ff:feb4:9a3b and WAN address is
>> PREFIX:a00::/64 (PREFIX:a10::/64 is only on LAN side).
>>
>
> PREFIX:a00::/56 is "wider" than PREFIX:a00::/64 or PREFIX:a10::/64,
> and since your ISP will (or should!) send all packets destined for
> PREFIX:a00::/56 to legendre, ICMP replies to requests from LAN
> hosts should also be seen on wm2.
When legendre sends a ICMP packet on wm2, it receives answer. But when
a workstation on LAN side tries to send a ICMP packet through
legendre:wm2, tcpdump only shows ICMP request.
>> How can I configure WAN interface to accept IPv6 packets for LAN ?
>>
>
> You can't--your ISP should routing this (ie. the whole of
> PREFIX:a00::/56) for you.
>
> You say only legendre and rayleigh work OK. Can you do this:
>
> Install a ping app on your smartphone. Then ping legendre, rayleigh
> and some other machines on the LAN (make sure to use the cellular
> network rather than your local WiFi connection!). Do a tcpdump on
> legendre/wm3. See what packets arrive and which doesn't. Also try
> out a bunch of IPv6 addresses in the range assigned to you, even
> if they're not assigned to any of your machines. You should see
> all of them on the gateway machine.
I have a LTE modem but ISP doesn't provide IPv6 access...
I will send to you a private email with public IPv6.
Best regards,
JB
