On 2012-08-25 13:32, Koenraad Lelong wrote: > On 24-08-12 11:28, Koenraad Lelong wrote: >> Could anyone give some hints where to look, and how ? The first >> thing I'm going to do is a traceroute6 on the WRT54. Also I'm >> going to put a networkhub between the WRT54 and the >> internet-router so I can sniff what's going on. Any suggestions >> what to look for ? > When trying to surf the web, sniffing the output of the WRT shows > a http-session is started ([SYN]), but there it ends also. No > response whatsoever. I'm stuck. Any suggestions ?
I had some nonsense like this when OpenWRT 10.03.1 was used as the 'second' router. I fixed it by adding "ip6tables -I INPUT -p ICMPv6 -j ACCEPT" on the 'second' router. It seemed that without that, neighbour-discovery wasn't working properly between the 2 routers so traffic wouldn't get properly routed between them. [NB: this allows the second router to be ping'ed from outside, it may be possible to make a more specific rule]. You can add the line above in your /etc/firewall.local or whatever-it-is file... ;-). Note, also, you need to setup static-routing on the first/outside router so that the 'extra network subnet' is routed to the WAN-side-ipv6 address of the second router, to get packets to come back to that router from the internet correctly. I also found it was necessary to add an ip6tables rule on the 'first'/outside router, to allow packets to be bounced through the 'first' router back down to the 'second' router [when they come from the 'first' lan via the 'wrong' gateway]... e.g. "ip6tables -I FORWARD -s 2001:b:fe:200::/56 -d 2001:b:fe:200::/56 -j ACCEPT" sort of thing.... [without this many machines on the 'first' lan couldn't round-trip packets to the 'second' lan]. --Simon _______________________________________________ openwrt-users mailing list [email protected] https://lists.openwrt.org/mailman/listinfo/openwrt-users
