|
[Linux] aiccu starts but there is no routing
![[nl]](/s/countries/nl.gif) Shadow Hawkins on Friday, 14 January 2011 15:05:29
I'm running Ubuntu linux from behind a NAT router. I'm using a static tunnel together with aiccu. I assume AYIYA is used as protocol 41 forwarding or DMZ is not possible (router is owned by my ISP and can not be configured much).
The routing table before starting the tunnel service looks like this:
Kernel IPv6 routing table
Destination Next Hop Flag Met Ref Use If
fe80::/64 :: U 256 0 0 eth0
fe80::/64 :: U 256 0 0 br0
fe80::/64 :: U 256 0 0 virbr0
fe80::/64 :: U 256 0 0 vnet0
fe80::/64 :: U 256 0 0 tap0
::/0 :: !n -1 1 3441 lo
::1/128 :: Un 0 1 2951 lo
fe80::221:85ff:fe9a:6fce/128 :: Un 0 1 0 lo
fe80::221:85ff:fe9a:6fce/128 :: Un 0 1 0 lo
fe80::30c9:ddff:fefb:593d/128 :: Un 0 1 0 lo
fe80::a8e7:9ff:fed7:4929/128 :: Un 0 1 0 lo
fe80::c018:3fff:feb4:4484/128 :: Un 0 1 0 lo
ff00::/8 :: U 256 0 0 eth0
ff00::/8 :: U 256 0 0 br0
ff00::/8 :: U 256 0 0 virbr0
ff00::/8 :: U 256 0 0 vnet0
ff00::/8 :: U 256 0 0 tap0
::/0 :: !n -1 1 3441 lo
Ip6tables shows that there are no rules active and all default chains use the ACCEPT policy.
Aiccu has the following verbose output:
Tunnel Information for T51369:
POP Id : nlams05
IPv6 Local : 2001:610:600:819::2/64
IPv6 Remote : 2001:610:600:819::1/64
Tunnel Type : 6in4-static
Adminstate : enabled
Userstate : enabled
When starting aiccu the routing table becomes like so:
Kernel IPv6 routing table
Destination Next Hop Flag Met Ref Use If
2001:610:600:819::/64 :: Un 256 0 1 sixxs
fe80::/64 :: U 256 0 0 eth0
fe80::/64 :: U 256 0 0 br0
fe80::/64 :: U 256 0 0 virbr0
fe80::/64 :: U 256 0 0 vnet0
fe80::/64 :: U 256 0 0 tap0
fe80::/64 :: Un 256 0 0 sixxs
::/0 2001:610:600:819::1 UG 1024 0 0 sixxs
::/0 :: !n -1 1 3442 lo
::1/128 :: Un 0 1 2951 lo
2001:610:600:819::2/128 :: Un 0 1 0 lo
fe80::4da8:7304/128 :: Un 0 1 0 lo
fe80::221:85ff:fe9a:6fce/128 :: Un 0 1 0 lo
fe80::221:85ff:fe9a:6fce/128 :: Un 0 1 0 lo
fe80::30c9:ddff:fefb:593d/128 :: Un 0 1 0 lo
fe80::a8e7:9ff:fed7:4929/128 :: Un 0 1 0 lo
fe80::c018:3fff:feb4:4484/128 :: Un 0 1 0 lo
ff00::/8 :: U 256 0 0 eth0
ff00::/8 :: U 256 0 0 br0
ff00::/8 :: U 256 0 0 virbr0
ff00::/8 :: U 256 0 0 vnet0
ff00::/8 :: U 256 0 0 tap0
ff00::/8 :: U 256 0 0 sixxs
::/0 :: !n -1 1 3442 lo
I can ping my own IPv6 address but not the remote PoP IP nor the rest of the world:
root@myserver:~# ping6 2001:610:600:819::1
PING 2001:610:600:819::1(2001:610:600:819::1) 56 data bytes
From 2001:610:600:819::2 icmp_seq=1 Destination unreachable: Address unreachable
Does this mean there is a routing problem? If so, I can't spot it because the routing table looks fine to me.
Or is this a tunneling problem? And if so, where do I start debugging AYIYA? Or is there a third tunneling mode which can be used?
[Linux] aiccu starts but there is no routing [solved]
Shadow Hawkins on Friday, 14 January 2011 22:28:33
Hurray!
Just before I was about to install aiccu on my Gentoo system as well to make sure it wasn't something on the ubuntu box, I decided to ping6 one last time. And it works!
The facts: I haven't touched the machine nor the software so whatever this was, it must be magic that solved it...
[Linux] aiccu starts but there is no routing [solved]
Shadow Hawkins on Friday, 14 January 2011 22:34:58
And I was just a split second too soon for my cheering.
It seems the automatic backups kicked in which use a OpenVPN tunnel to the university network which apparently is handing out IPv6 addresses now as well.
The ping6 I just did used the OpenVPN tunnel and not the aiccu tunnel (which was not active). Shutting down OpenVPN and starting aiccu again gives the same results.
At least I know the problem is not on the ubuntu box...
[Linux] aiccu starts but there is no routing [solved]
Shadow Hawkins on Friday, 14 January 2011 22:49:04
I just found the comparison table at http://www.sixxs.net/faq/connectivity/?faq=comparison which shows that static routing *requires* protocol 41 forwarding and does not handle NAT traversal.
I switched the tunnel to an AYIYA type hoping that will solve things. For now, the TIC information is correctly showing AYIYA instead of 6in4-static.
I still cannot ping anything but I'll assume thats because of the switch. Now I only need to wait for a month before I can request my own subnet *sigh*.
[Linux] aiccu starts but there is no routing [solved]
Pings for me:
64 bytes from 2001:610:600:819::2: icmp_seq=1 ttl=58 time=8.87 ms
I just found the comparison table at [..] which shows that static routing *requires* protocol 41 forwarding and does not handle NAT traversal.
What do you mean with 'static routing'? The only time the word 'static' is used on that page is when it is related to the static IPv4 address which is needed for a proto-41 tunnel.
[Linux] aiccu starts but there is no routing [solved]
Shadow Hawkins on Wednesday, 19 January 2011 16:01:09
The tunnel started working on its own an hour after I posted my last message, sorry for not updating my topic.
At the moment its active on my home storage server but I'll have to wait for my negative credit to get back up again before doing anything else as I want to add IPv6 connectivity to all my computers and web server (which will take a month if I'm not mistaken, that sort of takes the momentum out of things like this imho).
And yes, I meant a static tunnel - since my IPv4 is static, I figured that would be the easy way to go. But since I'm on fiber here with a modem which also provides IPTV and telephony, all configuration panels are restricted. So when I found out that protocol forwarding was needed (port forwarding is sort of available, but not for DMZ purposes) I had to switch back from static to AYIYA...
|
![[ch]](/s/countries/ch.gif)
on Saturday, 15 January 2011 17:56:35
Posting is only allowed when you are