routing inside a subnet
Shadow Hawkins on Monday, 15 June 2009 23:10:33
Hello,
I successfull set up a tunnel via aiccu, and also a subnet via radvd [1]
From the router i can ping6 the clients, the clients can ping6 the router, everyone can ping6 internet hosts f.e. noc.sixxs.net.
But ping6 from client to client is not possible. It seems that the router doesn't answer the neighbor discovery , see [2].
The clients connected via openvpn tap, the connection itself via ipv4 is ok, as I said the Clients can ping anything in the web via ipv6, but not inside the subnet.
ip6tables is currently ACCEPT. IPv6 routing is enabled [3]. Any hints?
[1] radvd.conf
interface br0
{
AdvSendAdvert on;
MaxRtrAdvInterval 4;
MinRtrAdvInterval 3;
prefix 2a01:XXX:XXX::/64
{
AdvOnLink on;
AdvRouterAddr on;
AdvAutonomous on;
};
};
[2] tcpdump on the router: IP6 2a01:XXX:XXX:0:f818:36ff:fe87:5eda > ff02::1:ff00:4: ICMP6, neighbor solicitation, who has 2a01:XXX:XXX::4, length 32
[3] the router is enabled cat /proc/sys/net/ipv6/conf/all/forwarding == 1
[4] ip -6 addr on the router (shorten)
6: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500
inet6 2a01:198:XXX::1/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::250:4ff:fe3a:645f/64 scope link
valid_lft forever preferred_lft forever
12: sixxs: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1280 qlen 500
inet6 2a01:XXX:XXX:518::2/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::98:200:518:2/64 scope link
valid_lft forever preferred_lft forever
[5] ip -6 route on the router (shorten)
2a01:XXX:XXX:518::/64 dev sixxs proto kernel metric 256 mtu 1280 advmss 1220 hoplimit 4294967295
2a01:XXX:XXX::/64 dev br0 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev br0 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev sixxs proto kernel metric 256 mtu 1280 advmss 1220 hoplimit 4294967295
default via 2a01:XXX:XXX:518::1 dev sixxs metric 1024 mtu 1280 advmss 1220 hoplimit 4294967295
[6] ip -6 route on a client (shorten)
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
5: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 1000
inet6 fe80::21d:e0ff:feb5:6fdd/64 scope link
valid_lft forever preferred_lft forever
8: tap1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 100
inet6 2a01:XXX:XXX:0:f818:36ff:fe87:5eda/64 scope global dynamic
valid_lft 2591998sec preferred_lft 604798sec
inet6 fe80::f818:36ff:fe87:5eda/64 scope link
valid_lft forever preferred_lft forever
[7] ip -6 add on a client (shorten)
2a01:XXX:XXX::/64 dev tap1 proto kernel metric 256 expires 2147154sec mtu 1500 advmss 1440 hoplimit 0
fe80::/64 dev tap1 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 0
fe80::/64 dev wlan0 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 0
ff00::/8 dev tap1 metric 256 mtu 1500 advmss 1440 hoplimit 0
ff00::/8 dev wlan0 metric 256 mtu 1500 advmss 1440 hoplimit 0
default via fe80::250:4ff:fe3a:645f dev tap1 proto kernel metric 1024 expires 10sec mtu 1500 advmss 1440 hoplimit 64
Many thanks
Stefan
[solved] routing inside a subnet
Shadow Hawkins on Tuesday, 23 June 2009 20:05:52
the openvpn directive
client-to-client
wasn't set on the server. So the clients can't see each other, also ipv4.
best regards
Stefan
Posting is only allowed when you are logged in. |