SixXS::Sunset 2017-06-06

subnet: not quite there yet
[nl] Shadow Hawkins on Monday, 31 March 2008 17:49:37
Hi all, I can't seem to get my subnet working. The client (running Ubuntu) appears to getting a valid IPv6 lease and route, but I can't, for example, ping6 the relevant ethernet inferface on my server: $ ping6 2001:610:645:3:2e0:4cff:fe43:c09a PING 2001:610:645:3:2e0:4cff:fe43:c09a(2001:610:645:3:2e0:4cff:fe43:c09a) 56 data bytes From 2001:610:645:3:20f:b0ff:fe99:41fb icmp_seq=1 Destination unreachable: Address unreachable From 2001:610:645:3:20f:b0ff:fe99:41fb icmp_seq=2 Destination unreachable: Address unreachable From 2001:610:645:3:20f:b0ff:fe99:41fb icmp_seq=3 Destination unreachable: Address unreachable At this point, I don't have the foggiest idea where to look, what to try or even what information might be helpful to help debug the problem. Suggestions anyone?
subnet: not quite there yet
[ch] Jeroen Massar SixXS Staff on Monday, 31 March 2008 17:54:30
Well, 2001:610:645:3:20f:b0ff:fe99:41fb, which I guess is your router (or the localhost you are pinging from), is telling you that it can't send packets to 2001:610:645:3:2e0:4cff:fe43:c09a Most important thing, is to start looking at your routing tables. See the Contact page's "Reporting Problems Checklist". That checklist goes through the most common issues that might occur and where to look for problems. Most likely you have a routing issue, or you are just trying to reach the wrong address in the first place. Also: the more information you look at the better, and you will actually learn something from it in the process.
subnet: not quite there yet
[si] Shadow Hawkins on Monday, 31 March 2008 20:12:41
On which node are you running that ping ? What IP does it how ? How did it get it ? What is the IP address(es) of the router ? More info, more help ;)
subnet: not quite there yet
[nl] Shadow Hawkins on Monday, 31 March 2008 23:20:58
I've been assigned this subnet: 2001:610:645::/48 The three internal network interfaces on my FreeBSD box I configure for rtadvd like this: $ cat /etc/rtadvd.conf rl0:\ :addrs#1:addr="2001:610:645:1::":prefixlen#64:tc=ether: rl1:\ :addrs#1:addr="2001:610:645:2::":prefixlen#64:tc=ether: ath0:\ :addrs#1:addr="2001:610:645:3::":prefixlen#64:tc=ether: The fourth NIC, facing the WAN, I has my tunnel endpoint IP: $ ifconfig fxp0 | grep inet6 inet6 fe80::202:55ff:feeb:6e65%fxp0 prefixlen 64 scopeid 0x1 inet6 2001:610:600:46e::2 prefixlen 64 FWIW, here is my GIF tunnel, which works fine: $ ifconfig gif0 gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1280 tunnel inet 78.27.18.102 --> 192.87.102.107 inet6 2001:610:600:46e::2 --> 2001:610:600:46e::1 prefixlen 128 inet6 fe80::202:55ff:feeb:6e65%gif0 prefixlen 64 scopeid 0x7 Now, on my Ubuntu client, this is what it gets via dhcp: $ ifconfig | grep inet6 inet6 addr: 2001:610:645:3:20f:b0ff:fe99:41fb/64 Scope:Global inet6 addr: fe80::20f:b0ff:fe99:41fb/64 Scope:Link inet6 addr: ::1/128 Scope:Host Here is the routing table: $ route -A inet6 Kernel IPv6 routing table Destination Next Hop Flag Met Ref Use If ::1/128 :: Un 0 1 10 lo 2001:610:645:3:20f:b0ff:fe99:41fb/128 :: Un 0 1 0 lo 2001:610:645:3::/64 :: UAe 256 0 20 eth0 fe80::20f:b0ff:fe99:41fb/128 :: Un 0 1 0 lo fe80::/64 :: U 256 0 0 eth0 ff00::/8 :: U 256 0 0 eth0 ::/0 fe80::2e0:4cff:fe43:c09a UGDAe 1024 0 1 eth0 ::/0 :: !n -1 1 1 lo Does anything catch anyone's eye? TIA
subnet: not quite there yet
[ch] Jeroen Massar SixXS Staff on Tuesday, 01 April 2008 00:06:20
::/0 fe80::2e0:4cff:fe43:c09a UGDAe 1024 0 1 eth0
::/0 :: !n -1 1 1 lo
Two defaults, with one going to the blackhole. Remove the one over lo. Of course, also check that you have forwarding enabled. (See sysctl -a ...)
subnet: not quite there yet
[nl] Shadow Hawkins on Tuesday, 01 April 2008 21:18:03
::/0 :: !n -1 1 1 lo
Two defaults, with one going to the blackhole. Remove the one over lo.
I can't seem to figure out the syntax; something like route -A inet6 del gw ::/0 ???
Of course, also check that you have forwarding enabled. (See sysctl -a ...)
Yes I did that already. Thanks for your help.
subnet: not quite there yet
[si] Shadow Hawkins on Tuesday, 01 April 2008 17:30:17
1.) do not configure anything on hosts, they must work automatically 2.) current aicc has a bug, until the new version is available, the workaround is to stop aicc and the start it again 3.) what is this GIF thing ? Are you running it at the same time as the sixxs tunnel ? 4.) posting complete config (of the router) would help more: - complete output of "ifconfig" (when sixxs tunnel is running) - aicc.conf (do not post you password !) - routing table Basicaly this is what should have been done to make subnets work: - client : no setup needed (except enabling IPv6) - router : 1) rtadvd.conf 2) each nic mentioned in rtadvd.conf must have an inet6 address from its subnet. If this does not happen automatically, add them manually.
subnet: not quite there yet
[nl] Shadow Hawkins on Tuesday, 01 April 2008 21:31:22
3.) what is this GIF thing ? Are you running it at the same time as the sixxs tunnel ?
GIF is the BSD Generic Tunneling interface; this is the 6-in-4 tuunel. See http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-ipv6.html
4.) posting complete config (of the router) would help more:
- complete output of "ifconfig" (when sixxs tunnel is running) OK, here it is:
$ ifconfig fxp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8<VLAN_MTU> ether 00:02:55:eb:6e:65 inet6 fe80::202:55ff:feeb:6e65%fxp0 prefixlen 64 scopeid 0x1 inet 78.27.18.102 netmask 0xff000000 broadcast 78.255.255.255 inet6 2001:610:600:46e::2 prefixlen 64 media: Ethernet autoselect (100baseTX <full-duplex>) status: active rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8<VLAN_MTU> ether 00:19:e0:11:f8:8d inet6 fe80::219:e0ff:fe11:f88d%rl0 prefixlen 64 scopeid 0x2 inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255 inet6 2001:610:645:3:219:e0ff:fe11:f88d prefixlen 64 autoconf media: Ethernet autoselect (100baseTX <full-duplex>) status: active ath0: flags=28943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST,PPROMISC> metric 0 mtu 1500 ether 00:19:e0:8d:d5:1d inet6 fe80::219:e0ff:fe8d:d51d%ath0 prefixlen 64 scopeid 0x3 inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255 inet6 2001:610:645:3:219:e0ff:fe8d:d51d prefixlen 64 autoconf media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <hostap> status: associated ssid venus channel 9 (2452 Mhz 11g) bssid 00:19:e0:8d:d5:1d authmode OPEN privacy OFF txpower 31.5 scanvalid 60 bgscan bgscanintvl 300 bgscanidle 250 roam:rssi11g 7 roam:rate11g 5 protmode CTS burst dtimperiod 1 rl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8<VLAN_MTU> ether 00:e0:4c:43:c0:9a inet6 fe80::2e0:4cff:fe43:c09a%rl1 prefixlen 64 scopeid 0x4 inet 192.168.2.1 netmask 0xffffff00 broadcast 192.168.2.255 inet6 2001:610:645:3:2e0:4cff:fe43:c09a prefixlen 64 autoconf media: Ethernet autoselect (100baseTX <full-duplex>) status: active lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5 inet 127.0.0.1 netmask 0xff000000 pflog0: flags=141<UP,RUNNING,PROMISC> metric 0 mtu 33204 gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1280 tunnel inet 78.27.18.102 --> 192.87.102.107 inet6 2001:610:600:46e::2 --> 2001:610:600:46e::1 prefixlen 128 inet6 fe80::202:55ff:feeb:6e65%gif0 prefixlen 64 scopeid 0x7
- aicc.conf (do not post you password !)
$ cat /usr/local/etc/aiccu.conf # AICCU Configuration # # 21 Feb 2008 # Login information username CBB3-SIXXS password *********** # Interface names to use # ipv6_interface is the name of the interface that will be used as a tunnel interface. # On *BSD the ipv6_interface should be set to gifX (eg gif0) for proto-41 tunnels # or tunX (eg tun0) for AYIYA tunnels. ipv6_interface gif0 # The tunnel_id to use # (only required when there are multiple tunnels in the list) #tunnel_id Txxxx # Be verbose? verbose true # Daemonize? daemonize true # Automatic Login and Tunnel activation? automatic true # Require TLS? requiretls false
- routing table
$ netstat -r -f inet6 Routing tables Internet6: Destination Gateway Flags Netif Expire :: localhost UGRS lo0 => default gw-1135.ams-05.nl. UGS gif0 localhost localhost UHL lo0 ::ffff:0.0.0.0 localhost UGRS lo0 gw-1135.ams-05.nl. link#7 UHL gif0 cl-1135.ams-05.nl. 00:02:55:eb:6e:65 UHL lo0 2001:610:645:3:: link#3 UC ath0 2001:610:645:3:219 00:19:e0:11:f8:8d UHL lo0 2001:610:645:3:219 00:19:e0:8d:d5:1d UHL lo0 2001:610:645:3:2e0 00:e0:4c:43:c0:9a UHL lo0 fe80:: localhost UGRS lo0 fe80::%fxp0 link#1 UC fxp0 fe80::202:55ff:fee 00:02:55:eb:6e:65 UHL lo0 fe80::%rl0 link#2 UC rl0 fe80::219:e0ff:fe1 00:19:e0:11:f8:8d UHL lo0 fe80::%ath0 link#3 UC ath0 fe80::219:e0ff:fe8 00:19:e0:8d:d5:1d UHL lo0 fe80::%rl1 link#4 UC rl1 fe80::2e0:4cff:fe4 00:e0:4c:43:c0:9a UHL lo0 fe80::%lo0 fe80::1%lo0 U lo0 fe80::1%lo0 link#5 UHL lo0 fe80::%gif0 link#1 UC fxp0 fe80::202:55ff:fee link#7 UHL lo0 ff01:1:: link#1 UC fxp0 ff01:2:: link#2 UC rl0 ff01:3:: link#3 UC ath0 ff01:4:: link#4 UC rl1 ff01:5:: localhost UC lo0 ff01:7:: link#1 UC fxp0 ff02:: localhost UGRS lo0 ff02::%fxp0 link#1 UC fxp0 ff02::%rl0 link#2 UC rl0 ff02::%ath0 link#3 UC ath0 ff02::%rl1 link#4 UC rl1 ff02::%lo0 localhost UC lo0 ff02::%gif0 link#1 UC fxp0
subnet: not quite there yet
[ch] Jeroen Massar SixXS Staff on Tuesday, 01 April 2008 21:38:14
What does: "inet6 2001:610:600:46e::2 prefixlen 64" do on fxp0? That definitely is a tunnel address and should only exist on your tunnel. 2001:610:645:3:219:e0ff:fe11:f88d/64 on rl0 2001:610:645:3:219:e0ff:fe8d:d51d/64 on ath0 2001:610:645:3:2e0:4cff:fe43:c09a/64 on rl1 Unless those interfaces in some kind of bridge that definitely is wrong. use 2001:610:645:xxxx:..../64 per interface xxxx indeed means hex and means you have 65536 combinations to use. Strangely enough you only have:
2001:610:645:3:: link#3 UC ath0
2001:610:645:3:219 00:19:e0:11:f8:8d UHL lo0
2001:610:645:3:219 00:19:e0:8d:d5:1d UHL lo0
2001:610:645:3:2e0 00:e0:4c:43:c0:9a UHL lo0
Thus for some weird reason the 2001:610:645:3::/64 only exists on ath0. Clean up your routing and interfaces, that will help a lot. Btw, when listing things like routes, interfaces and firewall entries, use '-n' or the equivalent option for numeric to avoid resolving hostnames as it makes it unclear what is really what.
subnet: not quite there yet
[nl] Shadow Hawkins on Tuesday, 21 October 2008 16:02:37
Hi, I have exactly the same problem, my tunnel works (IPv6-in-IPv4), but i can't ping my addresses. I have a Ubuntu 8.04 box running and this is my subnet:
IPv6 Them2001:7b8:2ff:23d::2 (T17131) Prefix2001:7b8:3b3::/48
First my ifconfig
eth0 Link encap:Ethernet HWaddr 00:30:48:86:0b:26 inet addr:85.92.128.48 Bcast:85.92.128.255 Mask:255.255.255.0 inet6 addr: fe80::230:48ff:fe86:b26/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:12558 errors:0 dropped:0 overruns:0 frame:0 TX packets:1511 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:2628383 (2.5 MB) TX bytes:1567182 (1.4 MB) Interrupt:16 eth1 Link encap:Ethernet HWaddr 00:30:48:86:0b:27 inet6 addr: 2001:7b8:3b3::1/64 Scope:Global UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) Interrupt:17 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:165 errors:0 dropped:0 overruns:0 frame:0 TX packets:165 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:17455 (17.0 KB) TX bytes:17455 (17.0 KB) sixxs Link encap:IPv6-in-IPv4 inet6 addr: 2001:7b8:2ff:23d::2/64 Scope:Global inet6 addr: fe80::555c:8030/64 Scope:Link UP POINTOPOINT RUNNING NOARP MTU:1280 Metric:1 RX packets:4 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:304 (304.0 B) TX bytes:0 (0.0 B)
I can ping IPv6 addresses like ipv6.google.com, that is working fine. Now i added my subnet to my eth1 wich is not connected to a network at the moment, but when the routing works i want to start testing some Cisco equipment behind it. When i try to ping the address on eth1, i get:
PING 2001:7b8:3b3::1(2001:7b8:3b3::1) 56 data bytes From 2001:7b8:2ff:23d::2 icmp_seq=1 Destination unreachable: Address unreachable From 2001:7b8:2ff:23d::2 icmp_seq=2 Destination unreachable: Address unreachable From 2001:7b8:2ff:23d::2 icmp_seq=3 Destination unreachable: Address unreachable
I get a response back from my tunnel? So i checked my IPv6 routing table and it looks like this:
Kernel IPv6 routing table Destination Next Hop Flag Met Ref Use If 2001:7b8:2ff:23d::/64 :: Un 256 0 1 sixxs 2001:7b8:3b3::/64 :: U 256 0 0 eth1 fe80::/64 :: U 256 0 0 eth0 fe80::/64 :: Un 256 0 0 sixxs fe80::/64 :: U 256 0 0 eth1 ::/0 2001:7b8:2ff:23d::1 UG 1024 0 0 sixxs ::/0 :: !n -1 1 10 lo ::1/128 :: Un 0 1 10 lo 2001:7b8:2ff:23d::/128 :: Un 0 2 0 lo 2001:7b8:2ff:23d::2/128 :: Un 0 1 12 lo fe80::/128 :: Un 0 2 0 lo fe80::/128 :: Un 0 2 0 lo fe80::555c:8030/128 :: Un 0 1 0 lo fe80::230:48ff:fe86:b26/128 :: Un 0 1 0 lo ff00::/8 :: U 256 0 0 eth0 ff00::/8 :: U 256 0 0 sixxs ff00::/8 :: U 256 0 0 eth1 ::/0 :: !n -1 1 10 lo
I also have a default route into lo, wich is pretty strange. I have forwarding enabled on my router in /proc When i ping my address on eth1, the "hitcount" on the route to lo goes up, so the kernel seems to route it all into a blackhole, why!? To make the post complete, my interfaces file:
auto eth0 iface eth0 inet static address 85.92.128.48 netmask 255.255.255.0 gateway 85.92.128.4 auto sixxs iface sixxs inet6 v4tunnel address 2001:7b8:2ff:23d::2 netmask 64 endpoint 193.109.122.244 ttl 64 up ip link set mtu 1280 dev sixxs up ip route add default via 2001:7b8:2ff:23d::1 dev sixxs iface eth1 inet6 static address 2001:7b8:3b3:0::1 netmask 64
This seems to me like a valid configuration? What is going wrong here?
subnet: not quite there yet
[ch] Jeroen Massar SixXS Staff on Tuesday, 21 October 2008 17:15:02
eth1 Link encap:Ethernet HWaddr 00:30:48:86:0b:27
inet6 addr: 2001:7b8:3b3::1/64 Scope:Global
UP BROADCAST MULTICAST MTU:1500 Metric:1
The interface is not in RUNNING state, thus no packets will go there. Plug it in and it should work. Your tunnel is on the default route, thus that one is chosen for outbound packets, and then you get replies from it. The defaults to 'lo' are marked with !n, thus they are backups for when there is no default. Use 'ip -6 ro sho' to see a full table. Also try 'ip -6 ro get 2001:7b8:3b3::1' to get the entry that gets chosen for that destination.
auto sixxs
iface sixxs inet6 v4tunnel
address 2001:7b8:2ff:23d::2
netmask 64
endpoint 193.109.122.244
ttl 64
up ip link set mtu 1280 dev sixxs
up ip route add default via 2001:7b8:2ff:23d::1 dev sixxs
works, but that should be: up ip -6 route add default via 2001:7b8:2ff:23d::1 dev sixxs

Please note Posting is only allowed when you are logged in.
Static Sunset Edition of SixXS
©2001-2017 SixXS - IPv6 Deployment & Tunnel Broker