Hi there, i am getting some trouble using proxyndp on shorewall6. I cannot access to the ipv6 internet from the host inside my local network or ping this internal host from outside networks.
This is my setup: Firewall eth0 2801:0:100::2/48 GW=2801:0:100::1 eth1=not initialized only local ipv6 link fe80:xxxx ... SHOREWALL6 versiĆ³n 4.5.9.3 interfaces net eth0 tcpflags,forward=1 loc eth1 tcpflags,forward=1 zone fw firewall loc ipv6 net ipv6 policy loc net ACCEPT net all DROP info fw all ACCEPT all all REJECT info rules ACCEPT net fw ipv6-icmp SSH(ACCEPT) net:<2001:xxxxx:2> $FW ACCEPT net loc:<2801:0:100::58> ipv6-icmp proxyndp #ADDRESS INTERFACE EXTERNAL HAVEROUTE PERSISTENT 2801:0:100::58 eth1 eth0 sysctl -a | grep proxy_ndp net.ipv6.conf.all.proxy_ndp = 1 net.ipv6.conf.default.proxy_ndp = 0 net.ipv6.conf.lo.proxy_ndp = 0 net.ipv6.conf.eth0.proxy_ndp = 0 net.ipv6.conf.eth1.proxy_ndp = 1 sysctl -a | grep forwarding net.ipv6.conf.all.forwarding = 1 net.ipv6.conf.all.mc_forwarding = 0 net.ipv6.conf.default.forwarding = 1 net.ipv6.conf.default.mc_forwarding = 0 net.ipv6.conf.lo.forwarding = 1 net.ipv6.conf.lo.mc_forwarding = 0 net.ipv6.conf.eth0.forwarding = 1 net.ipv6.conf.eth0.mc_forwarding = 0 net.ipv6.conf.eth1.forwarding = 1 net.ipv6.conf.eth1.mc_forwarding = 0 Neighbors discovered on firewall: 2801:0:100::58 dev eth1 lladdr 00:04:23:88:ed:1d REACHABLE fe80::204:23ff:fe88:ed1d dev eth1 lladdr 00:04:23:88:ed:1d REACHABLE (local ipv6 link on internal host) 2801:0:100::1 dev eth0 lladdr e0:5f:b9:26:b0:80 router STALE fe80::e25f:b9ff:fe26:b080 dev eth0 lladdr e0:5f:b9:26:b0:80 router REACHABLE (local ipv6 link on router) fe80::210:dcff:fefe:d05f dev eth0 lladdr 00:10:dc:fe:d0:5f REACHABLE (local ipv6 link on host on external network) Host IPv6's config inside my network eth0=2801:0:100::58/48 GWIPv6=2801:0:100::1 When I try to look the neighbors address on the internal host I get this: ip -6 neigh show 2801:0:100::12 dev eth0 INCOMPLETE 2801:0:100::1 dev eth0 FAILED fe80::210:4bff:fe0b:e07d dev eth0 lladdr 00:10:4b:0b:e0:7d router REACHABLE The internal host cannot answer pings comming from outside networks or access outside networks ... What am i missing or misconfigured? Thanks for your help. German Molano ------------------------------------------------------------------------------ LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial Remotely access PCs and mobile devices and provide instant support Improve your efficiency, and focus on delivering more value-add services Discover what IT Professionals Know. Rescue delivers http://p.sf.net/sfu/logmein_12329d2d _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
