SixXS::Sunset 2017-06-06

conversion from dynamic to static tunnel issues
[nl] Shadow Hawkins on Saturday, 22 October 2005 12:51:04
Hello all, Because i have a static ip at my isp for a while now i considered to change my tunnel from dynamic to a static one. I removed aiccu and configured a static tunnel, that i have not been able to get up and running. :) My setup is that i have a speedtouch routing ipv4 (my internet connection) and a linksys which is on my internal network (private v4 range) routing ipv6. With aiccu everything worked perfect. I have changed the speedtouch's configuration to point to a default server (the linksys on my internal network) and this works fine. Tested it with an ssh connection. The changes that i made are active for 3 hours now. What i find strange is that is get carrier errors on my tunnel interface:
root@OpenWrt:/etc# ifconfig sixxs sixxs Link encap:UNSPEC HWaddr 56-50-3C-0D-00-00-00-00-00-00-00-00-00-00-00-00 inet6 addr: fe80::5650:3c0d/128 Scope:Link inet6 addr: 2001:838:300:2b9::2/64 Scope:Global UP POINTOPOINT RUNNING NOARP MTU:1280 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:900 dropped:0 overruns:0 carrier:900 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) root@OpenWrt:/etc# root@OpenWrt:/etc# ip addr show 1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host 2: eth0: <BROADCAST,MULTICAST,PROMISC,UP> mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:0f:66:da:04:a3 brd ff:ff:ff:ff:ff:ff inet6 fe80::20f:66ff:feda:4a3/64 scope link 3: eth1: <BROADCAST,MULTICAST,PROMISC,UP> mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:0f:66:da:04:a5 brd ff:ff:ff:ff:ff:ff inet6 fe80::20f:66ff:feda:4a5/64 scope link 4: sit0@NONE: <NOARP> mtu 1480 qdisc noop link/sit 0.0.0.0 brd 0.0.0.0 6: br0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue link/ether 00:0f:66:da:04:a3 brd ff:ff:ff:ff:ff:ff inet 10.0.0.1/24 brd 10.0.0.255 scope global br0 inet6 fe80::20f:66ff:feda:4a3/64 scope link 7: vlan0: <BROADCAST,MULTICAST,PROMISC,UP> mtu 1500 qdisc noqueue link/ether 00:0f:66:da:04:a3 brd ff:ff:ff:ff:ff:ff inet6 fe80::20f:66ff:feda:4a3/64 scope link 9: sixxs@NONE: <POINTOPOINT,NOARP,UP> mtu 1280 qdisc noqueue link/sit 86.80.60.13 peer 213.197.27.252 inet6 fe80::5650:3c0d/128 scope link inet6 2001:838:300:2b9::2/64 scope global root@OpenWrt:/etc# root@OpenWrt:/etc# route -A inet6 Kernel IPv6 routing table Destination Next Hop Flags Metric Ref Use Iface ::1/128 :: U 0 2 0 lo 2001:838:300:2b9::/128 :: U 0 0 0 lo 2001:838:300:2b9::2/128 :: U 0 917 1 lo 2001:838:300:2b9::/64 :: U 256 862 1 sixxs fe80::/128 :: U 0 0 0 lo fe80::5650:3c0d/128 :: U 0 0 0 lo fe80::20f:66ff:feda:4a3/128 :: U 0 23 0 lo fe80::20f:66ff:feda:4a5/128 :: U 0 0 0 lo fe80::/64 :: U 256 0 0 eth0 fe80::/64 :: U 256 0 0 vlan0 fe80::/64 :: U 256 0 0 eth1 fe80::/64 :: U 256 0 0 br0 fe80::/64 :: U 256 0 0 sixxs ff02::1/128 ff02::1 UC 0 1 1 br0 ff00::/8 :: U 256 0 0 eth0 ff00::/8 :: U 256 0 0 vlan0 ff00::/8 :: U 256 0 0 eth1 ff00::/8 :: U 256 0 0 br0 ff00::/8 :: U 256 0 0 sixxs ::/0 2001:838:300:2b9::1 UG 1024 178 0 sixxs root@OpenWrt:/etc#
When i run a tcpdump i see it's routed correctly over the tunnel interface, however i dont get anything back. The tunnel is enabled in my profile. :) Anyone knows what's going on? Do i just have to wait or.. ? :) Regards, Wouter
conversion from dynamic to static tunnel issues
[nl] Shadow Hawkins on Sunday, 23 October 2005 17:31:14
Ok i tracked down the problem, but i dont understand it unless aiccu does something else then updating the ipv4 endpoint address. tcpdump shows the following message on int br0:
14:19:57.033193 IP tunnelserver.concepts-ict.net > 10.0.0.1: fe80::d5c5:1bfc > ff02::1: HBH icmp6: multicast listener query [hlim 1] 14:19:57.033660 IP 10.0.0.1 > tunnelserver.concepts-ict.net: icmp 104: 10.0.0.1 protocol 41 unreachable
That probably means that the speedtouch does not forward protocol 41. I have unbinded the 6TO4 application already. This worked fine when using aiccu also. Speedtouch output: =>nat bindlist There is no NAT/PAT helper-port binding. => Is aiccu doing more then updating the ipv4 endpoint? Is it my endpoint that didnt update things correctly? Is anyone else using a static tunnel with a speedtouch in between? :) Wouter
conversion from dynamic to static tunnel issues
[ch] Jeroen Massar SixXS Staff on Sunday, 23 October 2005 17:22:52
The trick is that when using AICCU with a dynamic (thus heartbeat) tunnel, AICCU sends a heartbeat every now and then to the PoP, this thus creates state in most NAT devices and thus allows the traffic to flow properly. But this is not what is really your problem. As you can see from the tcpdump the PoP is sending you packets and they are reaching your 10.0.0.1 address as intended. But your endpoint seems to not want them. Most likely you configured the source of the tunnel wrongly and thus your endpoint rejects it. Use something like: ip tun change sixxs local 10.0.0.1 Where 'sixxs' is the tunnel device (could be sit0 for instance). This should fix your issue.
conversion from dynamic to static tunnel issues
[nl] Shadow Hawkins on Sunday, 23 October 2005 17:33:33
That worked Jeroen! Thank you very much, i hope this works for someone else digging stuff up. :) Wouter

Please note Posting is only allowed when you are logged in.
Static Sunset Edition of SixXS
©2001-2017 SixXS - IPv6 Deployment & Tunnel Broker