[SLUG] IPv6 question

[Robert Barnett]

Just for fun, I'm setting up a FC10 machine with as an IPv6 router.
The tunnel device (tun0) is automatically created using a script (aiccu)
I want to allow other machines to use this box as a gateway, but I  
think I have the config wrong


1: lo: LOOPBACK,UP,LOWER_UP mtu 16436
inet6 ::1/128 scope host
   valid_lft forever preferred_lft forever
2: eth0: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qlen 100
inet6 2001:1938:83:52::3/64 scope global
   valid_lft forever preferred_lft forever
inet6 fe80::20d:57ff:fd9b:4b24/64 scope link
   valid_lft forever preferred_lft forever
40: tun0: POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP mtu 1280 qlen 500
inet6 2001:1938:83:52::2/64 scope global
   valid_lft forever preferred_lft forever
inet6 fe80::1838:83:52:2/64 scope link
   valid_lft forever preferred_lft forever

2001:1938:83:52::/64 dev eth0  proto kernel  metric 256  mtu 1500  
advmss 1440 hoplimit 4294967295
2001:1938:83:52::/64 dev tun0  proto kernel  metric 256  mtu 1280  
advmss 1220 hoplimit 4294967295
fe80::/64 dev eth0  proto kernel  metric 256  mtu 1500 advmss 1440  
hoplimit 4294967295
fe80::/64 dev tun0  proto kernel  metric 256  mtu 1280 advmss 1220  
hoplimit 4294967295
default via 2001:1938:83:52::1 dev tun0  metric 1024  mtu 1280 advmss  
1220 hoplimit 4294967295


I have radvd running and everything works well on the LAN using the  
stateless addresses.


--

I've tried many combinations of a few things to solve the problem

turning off /etc/init.d/iptables

turning off /etc/init.d/ip6tables

sysctl -w net.ipv6.conf.default.forwarding=1

sysctl -w net.ipv6.conf.all.forwarding=1

Restricting prefix of tun0
#   /sbin/ip -6 addr del 2001:1938:83:52::2/64 dev tun0
#   /sbin/ip -6 addr add 2001:1938:83:52::2/126 dev tun0

Changing the global ip on eth0 to the same as tun0

Any thoughts?

Thanks

Robbie Barnett

rob...@barnett.id.au
0431864709
Skype Name: retsil42

--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Re: [SLUG] IPv6 question

[Alex Samad]

On Tue, Mar 03, 2009 at 10:55:27PM +1100, Robert Barnett wrote:

 Just for fun, I'm setting up a FC10 machine with as an IPv6 router.
 The tunnel device (tun0) is automatically created using a script (aiccu)

is this a 6to4 sit or are you using a tunnel broker ?


You can use ip -6 r g ipv6.google.com

or ping6 

ping6 ipv6.google.com
PING ipv6.google.com(2001:4860:c003::68) 56 data bytes
64 bytes from 2001:4860:c003::68: icmp_seq=1 ttl=60 time=387 ms

i use 6to4 addressing because I have a static ipv4 adsl address

 ip -6 r
::/96 via :: dev ppp06to4  metric 256  mtu 1440 advmss 1380 hoplimit
4294967295
unreachable 2002:3cf1:f856:8::1 dev lo  proto kernel  metric 256  error
-128 mtu 16436 advmss 16376 hoplimit 4294967295
2002:3cf1:f856:11::/64 dev eth0.0  proto kernel  metric 256  mtu 1500
advmss 1440 hoplimit 4294967295
2002::/16 dev ppp06to4  proto kernel  metric 256  mtu 1440 advmss 1380
hoplimit 4294967295
2000::/3 via ::192.88.99.1 dev ppp06to4  metric 10  mtu 1440 advmss 1380
hoplimit 4294967295
fe80::/64 dev eth0  proto kernel  metric 256  mtu 1500 advmss 1440
hoplimit 4294967295
fe80::/64 dev eth1  proto kernel  metric 256  mtu 1500 advmss 1440
hoplimit 4294967295
fe80::/64 dev eth0.0  proto kernel  metric 256  mtu 1500 advmss 1440
hoplimit 4294967295
fe80::/64 dev eth0.1  proto kernel  metric 256  mtu 1460 advmss 1400
hoplimit 4294967295
fe80::/64 dev ppp06to4  proto kernel  metric 256  mtu 1440 advmss 1380
hoplimit 4294967295
unreachable fe80::/64 dev lo  proto kernel  metric 256  error -128 mtu
16436 advmss 16376 hoplimit 4294967295
fe80::/64 dev wlan0  proto kernel  metric 256  mtu 1500 advmss 1440
hoplimit 4294967295
fe80::/64 dev tap0  proto kernel  metric 256  mtu 1500 advmss 1440
hoplimit 4294967295

6to4 addresses are inthe 2002::/16 space

 ifconfig ppp06to4
ppp06to4  Link encap:IPv6-in-IPv4
  inet6 addr: 2002:3cf1:f856::1/16 Scope:Global
  inet6 addr: ::60.241.248.86/128 Scope:Compat
  UP RUNNING NOARP  MTU:1440  Metric:1
  RX packets:9712 errors:0 dropped:0 overruns:0 frame:0
  TX packets:13236 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:0
  RX bytes:2045103 (1.9 MiB)  TX bytes:1264034 (1.2 MiB)


i create it with 
$IP tunnel add $TUNNAME mode sit ttl 32 remote any local $IPV4ADDR
  
if you are using a broker then it will setup the interface



 I want to allow other machines to use this box as a gateway, but I think 
 I have the config wrong

 1: lo: LOOPBACK,UP,LOWER_UP mtu 16436
 inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
 2: eth0: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qlen 100
 inet6 2001:1938:83:52::3/64 scope global
valid_lft forever preferred_lft forever
 inet6 fe80::20d:57ff:fd9b:4b24/64 scope link
valid_lft forever preferred_lft forever
 40: tun0: POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP mtu 1280 qlen 500
 inet6 2001:1938:83:52::2/64 scope global
valid_lft forever preferred_lft forever
 inet6 fe80::1838:83:52:2/64 scope link
valid_lft forever preferred_lft forever

 2001:1938:83:52::/64 dev eth0  proto kernel  metric 256  mtu 1500 advmss 
 1440 hoplimit 4294967295
 2001:1938:83:52::/64 dev tun0  proto kernel  metric 256  mtu 1280 advmss 
 1220 hoplimit 4294967295
 fe80::/64 dev eth0  proto kernel  metric 256  mtu 1500 advmss 1440  
 hoplimit 4294967295
 fe80::/64 dev tun0  proto kernel  metric 256  mtu 1280 advmss 1220  
 hoplimit 4294967295
 default via 2001:1938:83:52::1 dev tun0  metric 1024  mtu 1280 advmss  
 1220 hoplimit 4294967295

 I have radvd running and everything works well on the LAN using the  
 stateless addresses.

 --

 I've tried many combinations of a few things to solve the problem

 turning off /etc/init.d/iptables

 turning off /etc/init.d/ip6tables

 sysctl -w net.ipv6.conf.default.forwarding=1

 sysctl -w net.ipv6.conf.all.forwarding=1

 Restricting prefix of tun0
 # /sbin/ip -6 addr del 2001:1938:83:52::2/64 dev tun0
 # /sbin/ip -6 addr add 2001:1938:83:52::2/126 dev tun0

 Changing the global ip on eth0 to the same as tun0

 Any thoughts?

 Thanks

 Robbie Barnett

 rob...@barnett.id.au
 0431864709
 Skype Name: retsil42

 -- 
 SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
 Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html


-- 
I glance at the headlines just to kind of get a flavor for what's moving. I 
rarely read the stories, and get briefed by people who are probably read the 
news themselves.

- George W. Bush
09/21/2003
Washington, DC


signature.asc
Description: Digital signature
-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Re: [SLUG] IPv6 question

[Daniel Pittman]

Robert Barnett rob...@barnett.id.au writes:

 Just for fun, I'm setting up a FC10 machine with as an IPv6 router.
 The tunnel device (tun0) is automatically created using a script (aiccu)
 I want to allow other machines to use this box as a gateway, but I think I
 have the config wrong

...you didn't tell us why: what is actually going wrong?

[...]

 I have radvd running and everything works well on the LAN using the
 stateless addresses.

 --
 I've tried many combinations of a few things to solve the problem
 turning off /etc/init.d/iptables
 turning off /etc/init.d/ip6tables
 sysctl -w net.ipv6.conf.default.forwarding=1
 sysctl -w net.ipv6.conf.all.forwarding=1

 Restricting prefix of tun0
 # /sbin/ip -6 addr del 2001:1938:83:52::2/64 dev tun0
 # /sbin/ip -6 addr add 2001:1938:83:52::2/126 dev tun0

 Changing the global ip on eth0 to the same as tun0

 Any thoughts?

My psychic powers fail to detect your actual problem, but nothing stands
out in that configuration as obviously broken.

Um, how about you tell us how the clients fail, what their IPv6 routing
tables say, and show us the output of ping6, traceroute6, and/or tcpdump
on the router to show where traffic is getting to?

Regards,
Daniel
-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html