No connection through tunnel
Shadow Hawkins on Saturday, 23 May 2009 01:01:34
I have set up my new tunnel using Aiccu (installed from the EPEL repo) on CentOS 5.2. The tunnel connects, and the POP knows it is alive is responding to pings but, when I run the test it fails at stage 7 with:
###### [7/8] Traceroute6 to the central SixXS machine (noc.sixxs.net)
### This confirms that you can reach the central machine of SixXS
### If that one is reachable you should be able to reach most IPv6 destinations
### Also check http://www.sixxs.net/ipv6calc/ which should show an IPv6 connection
### If your browser supports IPv6 and uses it of course.
traceroute to noc.sixxs.net (2001:838:1:1:210:dcff:fe20:7c7c), 30 hops max, 40 byte packets
connect: Network is unreachable
This is the output from Aiccu Verbose:
sock_getline() : "200 SixXS TIC Service on noc.sixxs.net ready (http://www.sixxs.net)"
sock_printf() : "client TIC/draft-00 AICCU/2007.01.15-console-linux Linux/2.6.18-92.1.18.el5"
sock_getline() : "200 Client Identity accepted"
sock_printf() : "get unixtime"
sock_getline() : "200 1243032421"
sock_printf() : "starttls"
sock_getline() : "400 This service is not SSL enabled (yet)"
TIC Server does not support TLS but TLS is not required, continuing
sock_printf() : "username DLB3-SIXXS"
sock_getline() : "200 Choose your authentication challenge please"
sock_printf() : "challenge md5"
sock_getline() : "200 0f053c3633269439edf2e737b262c7d8"
sock_printf() : "authenticate md5 727fa111e87a6e61cbc05d6ee9d73f84"
sock_getline() : "200 Succesfully logged in using md5 as DLB3-SIXXS (Daniel Lintott) from 2001:7b8:3:4f:202:b3ff:fe46:bec"
sock_printf() : "tunnel list"
sock_getline() : "201 Listing tunnels"
sock_getline() : "T21528 2a01:348:6:215::2 ayiya gblon02"
sock_getline() : "202 <tunnel_id> <ipv6_endpoint> <ipv4_endpoint> <pop_name>"
sock_printf() : "tunnel show T21528"
sock_getline() : "201 Showing tunnel information for T21528"
sock_getline() : "TunnelId: T21528"
sock_getline() : "Type: ayiya"
sock_getline() : "IPv6 Endpoint: 2a01:348:6:215::2"
sock_getline() : "IPv6 POP: 2a01:348:6:215::1"
sock_getline() : "IPv6 PrefixLength: 64"
sock_getline() : "Tunnel MTU: 1280"
sock_getline() : "Tunnel Name: My First Tunnel"
sock_getline() : "POP Id: gblon02"
sock_getline() : "IPv4 Endpoint: ayiya"
sock_getline() : "IPv4 POP: 77.75.104.126"
sock_getline() : "UserState: enabled"
sock_getline() : "AdminState: enabled"
sock_getline() : "Password: e0ab5fd236189d92eff41e1293c3e2f5"
sock_getline() : "Heartbeat_Interval: 60"
sock_getline() : "202 Done"
Succesfully retrieved tunnel information for T21528
sock_printf() : "QUIT Thank you for the information"
Tunnel Information for T21528:
POP Id : gblon02
IPv6 Local : 2a01:348:6:215::2/64
IPv6 Remote : 2a01:348:6:215::1/64
Tunnel Type : ayiya
Adminstate : enabled
Userstate : enabled
[AYIYA-start] : Anything in Anything (draft-02)
[AYIYA-tun->tundev] : (Socket to TUN) started
which seems to look OK to me?!?!
output from ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:13:72:86:0B:1A
inet addr:192.168.0.2 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::213:72ff:fe86:b1a/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:115433 errors:0 dropped:0 overruns:0 frame:0
TX packets:101251 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:25982515 (24.7 MiB) TX bytes:43167754 (41.1 MiB)
Interrupt:169
eth0:1 Link encap:Ethernet HWaddr 00:13:72:86:0B:1A
inet addr:192.168.14.2 Bcast:192.168.14.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:169
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:6013916 errors:0 dropped:0 overruns:0 frame:0
TX packets:6013916 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:556181701 (530.4 MiB) TX bytes:556181701 (530.4 MiB)
sit0 Link encap:IPv6-in-IPv4
NOARP MTU:1480 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet6 addr: 2a01:348:6:215::2/64 Scope:Global
inet6 addr: fe80::48:6:215:2/64 Scope:Link
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1280 Metric:1
RX packets:3 errors:0 dropped:0 overruns:0 frame:0
TX packets:5 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:284 (284.0 b) TX bytes:352 (352.0 b)
Output from route -A inet6
Kernel IPv6 routing table
Destination Next Hop Flags Metric Ref Use Iface
gw-534.lon-02.gb.sixxs.net/128 gw-534.lon-02.gb.sixxs.net UC 0 13 0 tun0
2a01:348:6:215::/64 * U 256 1 0 tun0
fe80::/64 * U 256 0 0 eth0
fe80::/64 * U 256 0 0 tun0
*/0 gw-534.lon-02.gb.sixxs.net UG 1024 0 0 tun0
::1/128 * U 0 222 1 lo
cl-534.lon-02.gb.sixxs.net/128 * U 0 13 1 lo
fe80::48:6:215:2/128 * U 0 0 1 lo
fe80::213:72ff:fe86:b1a/128 * U 0 0 1 lo
ff00::/8 * U 256 0 0 eth0
ff00::/8 * U 256 0 0 tun0
Firewall is not currently in use as the machine is behind NAT at the moment.
All IPv4 tests(ping and tracert) are fine.
IPv6 ping and tracert tests are fine to the POP only, but tracert to anywhere outside the POP is not.
From other bits I have read, I think this might be a routing issue, but I couldn't put my finger on it.
Thanks
Daniel Lintott (DLB3-SIXXS)
No connection through tunnel
Jeroen Massar on Saturday, 23 May 2009 01:10:14
Try: # ip -6 ro add 2000::/3 via 2A01:348:6:215:0:0:0:1
That will add a 'global unicast default route', this as some Linux Kernels don't allow ::/0 to be used as a default. If that makes it work, bug your Linux vendor as it is providing you with a very old kernel (and quite some security fixes have gone into the IPv6 stack recently).
PS: When showing routing tables *always* use "-n" or similar option to avoid resolving addresses to names.
No connection through tunnel
Shadow Hawkins on Saturday, 23 May 2009 01:19:07
Thankyou, that works great, I thought it would something simple!!
Posting is only allowed when you are logged in. |