SixXS::Sunset 2017-06-06

Routing issue
[de] Shadow Hawkins on Monday, 14 April 2008 09:36:46
Hi folks, I've setup a tunnle and requested a subnet but I can't route traffic from my local network through the tunnel. Looks like I missed something in the router configuration. Tunnle is up and I can ping6 from the router: [root@black ~]# ping6 -c 3 ipv6.google.com PING ipv6.google.com(2001:4860:0:1001::68) 56 data bytes 64 bytes from 2001:4860:0:1001::68: icmp_seq=1 ttl=56 time=63.3 ms 64 bytes from 2001:4860:0:1001::68: icmp_seq=2 ttl=56 time=61.8 ms 64 bytes from 2001:4860:0:1001::68: icmp_seq=3 ttl=56 time=61.9 ms --- ipv6.google.com ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2000ms rtt min/avg/max/mdev = 61.880/62.382/63.344/0.738 ms [root@black ~]# BTW: My router is running FC7. Interface configuration is IMHO ok: [root@black ~]# ifconfig eth0 Link encap:Ethernet HWaddr 00:40:63:D4:18:4B inet addr:192.168.1.42 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: 2a01:198:XXXX:1::1/64 Scope:Global inet6 addr: fe80::240:63ff:fed4:184b/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:15995 errors:0 dropped:0 overruns:0 frame:0 TX packets:13711 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:2495368 (2.3 MiB) TX bytes:1589213 (1.5 MiB) Interrupt:11 Base address:0x6000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:36605 errors:0 dropped:0 overruns:0 frame:0 TX packets:36605 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:2214997 (2.1 MiB) TX bytes:2214997 (2.1 MiB) sixxs Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet6 addr: 2a01:198:200:YYYY::2/64 Scope:Global inet6 addr: fe80::98:200:YYYY:2/64 Scope:Link UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1280 Metric:1 RX packets:981 errors:0 dropped:0 overruns:0 frame:0 TX packets:404 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:500 RX bytes:88256 (86.1 KiB) TX bytes:41921 (40.9 KiB) [root@black ~]# ...and the radvd is advertising my IPv6-Prefix to my network. It's config looks like this: [root@black ~]# cat /etc/radvd.conf interface eth0 { AdvSendAdvert on; MinRtrAdvInterval 30; MaxRtrAdvInterval 100; AdvDefaultPreference high; # Disable Mobile IPv6 support AdvHomeAgentFlag off; prefix 2a01:198:XXXX:1::/64 { AdvOnLink on; AdvAutonomous on; AdvRouterAddr off; }; }; [root@black ~]# On the network computers (running WinXP SP2) I get TWO (???) IPv6-Address asigned Ethernetadapter LAN-Verbindung: Verbindungsspezifisches DNS-Suffix: IP-Adresse. . . . . . . . . . . . : 192.168.1.12 Subnetzmaske. . . . . . . . . . . : 255.255.255.0 IP-Adresse. . . . . . . . . . . . : 2a01:198:XXXX:1:c51c:afd3:bac2:ee64 IP-Adresse. . . . . . . . . . . . : 2a01:198:XXXX:1:214:85ff:fe1f:c328 IP-Adresse. . . . . . . . . . . . : fe80::214:85ff:fe1f:c328%6 Standardgateway . . . . . . . . . : 192.168.1.1 ...why do I get two IPv6-Addresses?! ...and I can't reach any IPv6-Address outside my local network: C:\Dokumente und Einstellungen\bergt>ping6 ipv6.google.com ipv6.l.google.com [2001:4860:0:1001::68] wird angepingt von 2a01:198:22b:1:c51c:afd3:bac2:ee64 mit 32 Bytes Daten: Antwort von 2a01:198:XXXX:1::1: Zielport nicht erreichbar. Antwort von 2a01:198:XXXX:1::1: Zielport nicht erreichbar. Antwort von 2a01:198:XXXX:1::1: Zielport nicht erreichbar. Antwort von 2a01:198:XXXX:1::1: Zielport nicht erreichbar. Ping-Statistik für 2001:4860:0:1001::68 Pakete: Gesendet = 4, Empfangen = 0, Verloren = 4 (100% Verlust), C:\Dokumente und Einstellungen\bergt>ping6 noc.sixxs.net noc.sixxs.net [2001:838:1:1:210:dcff:fe20:7c7c] wird angepingt von 2a01:198:22b:1:c51c:afd3:bac2:ee64 mit 32 Bytes Daten: Antwort von 2a01:198:XXXX:1::1: Zielport nicht erreichbar. Antwort von 2a01:198:XXXX:1::1: Zielport nicht erreichbar. Antwort von 2a01:198:XXXX:1::1: Zielport nicht erreichbar. Antwort von 2a01:198:XXXX:1::1: Zielport nicht erreichbar. Ping-Statistik für 2001:838:1:1:210:dcff:fe20:7c7c Pakete: Gesendet = 4, Empfangen = 0, Verloren = 4 (100% Verlust), My router is answering: C:\Dokumente und Einstellungen\bergt>ping6 2a01:198:XXXX:1::1 Pinging 2a01:198:XXXX:1::1 wird angepingt von 2a01:198:XXXX:1:c51c:afd3:bac2:ee64 mit 32 Bytes Daten: Antwort von 2a01:198:XXXX:1::1: Bytes=32 Zeit<1ms Antwort von 2a01:198:XXXX:1::1: Bytes=32 Zeit<1ms Antwort von 2a01:198:XXXX:1::1: Bytes=32 Zeit<1ms Antwort von 2a01:198:XXXX:1::1: Bytes=32 Zeit<1ms Ping-Statistik für 2a01:198:XXXX:1::1 Pakete: Gesendet = 4, Empfangen = 4, Verloren = 0 (0% Verlust), Ungefähre Zeitangaben in Millisekunden: Minimum = 0ms, Maximum = 0ms, Mittelwert = 0ms ...and I'm able to use PuTTY to login via the IPv6-Address. Would be nice to get a hint, what I've done wrong or what I missed. Thanks birko --
Routing issue
[si] Shadow Hawkins on Monday, 14 April 2008 12:35:54
1.) there is a bug in current version of aiccu, that causes symptoms like yours. Workaround: stop aiccu, then start it again. 2.) the ...:fe1f:c328 address seems to be the correct one. Did you setup anything manually on the Windows PC regarding IPv6 ? If nothing else, try a reboot ;-) 3.) This is my radvd.conf, it works for me : interface br0 { AdvSendAdvert on; # Disable Mobile IPv6 support AdvHomeAgentFlag off; # example of a standard prefix prefix 2001:db8:1234:5678::/64 { AdvOnLink on; AdvAutonomous on; AdvRouterAddr off; }; }; 4.) You could try to boot knoppix, ubuntu or any other live linux on that PC, to see how it behaves. (I know that ubuntu has IPv6 support by default, I am don't know about other distros)
Routing issue
[de] Shadow Hawkins on Monday, 14 April 2008 13:37:54
Hi David, looks like restaring the aiccu didn't help. 've done its several times. :-( Is there a newer or updated version of aiccu? I've installed the aiccu-package via fc7 repository using yum install aiccu. Is the current source newer than the package? [root@black ~]# aiccu version AICCU 2007.01.15-console-linux by Jeroen Massar [root@black ~]# Reboot of the PC did not help at all but I think the two IPv6-Addresses on the PC are correct. I have seen it in other postings too. Please correct me if I'm wrong! I'll reduce my radvd.conf to your config and give it a try but I think my radvd is working correct. Using knoppix for testing is a good point. Have to download... Still any hints are welcome! Cheers birko --
Routing issue
[si] Shadow Hawkins on Monday, 14 April 2008 14:00:08
Strange, my Windows only has one : Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : lan IP Address. . . . . . . . . . . . : 192.168.100.20 Subnet Mask . . . . . . . . . . . : 255.255.255.0 IP Address. . . . . . . . . . . . : 2001:15c0:1234:1234:ffff:8cff:fe11:1111 IP Address. . . . . . . . . . . . : fe80::ffff:8cff:fe11:1111%6 Default Gateway . . . . . . . . . : 192.168.100.1 fe80::ffff:8cff:fe11:2222%6 (changed actual IPs) About your problem, do you have any IPv6 firewalls ? Forwarding enabled on the router ? You did read the FAQ, right ? -> https://noc.sixxs.net/faq/connectivity/?faq=usingsubnet PS: AICCU info : https://noc.sixxs.net/tools/aiccu/ (the latest version is not yet available for unix, only windows)
Routing issue
[de] Shadow Hawkins on Monday, 14 April 2008 14:26:06
Ok! ;-) You got it! Your hint regarding the firewall was the point. [root@black ~]# service ip6tables stop ip6tables: Flushing firewall rules: [ OK ] ip6tables: Setting chains to policy ACCEPT: filter [ OK ] ip6tables: Unloading modules: [ OK ] [root@black ~]# After the ip6tables shutdown it looks like this on the Windows PC C:\Dokumente und Einstellungen\bergt>ping6 noc.sixxs.net noc.sixxs.net [2001:838:1:1:210:dcff:fe20:7c7c] wird angepingt von 2a01:198:22b:1:393a:f48e:3470:6c6a mit 32 Bytes Daten: Antwort von 2001:838:1:1:210:dcff:fe20:7c7c: Bytes=32 Zeit=53ms Antwort von 2001:838:1:1:210:dcff:fe20:7c7c: Bytes=32 Zeit=61ms Antwort von 2001:838:1:1:210:dcff:fe20:7c7c: Bytes=32 Zeit=52ms Antwort von 2001:838:1:1:210:dcff:fe20:7c7c: Bytes=32 Zeit=52ms Ping-Statistik für 2001:838:1:1:210:dcff:fe20:7c7c Pakete: Gesendet = 4, Empfangen = 4, Verloren = 0 (0% Verlust), Ungefähre Zeitangaben in Millisekunden: Minimum = 52ms, Maximum = 61ms, Mittelwert = 54ms C:\Dokumente und Einstellungen\bergt>ping6 ipv6.google.com ipv6.l.google.com [2001:4860:0:1001::68] wird angepingt von 2a01:198:22b:1:393a:f48e:3470:6c6a mit 32 Bytes Daten: Antwort von 2001:4860:0:1001::68: Bytes=32 Zeit=62ms Antwort von 2001:4860:0:1001::68: Bytes=32 Zeit=61ms Antwort von 2001:4860:0:1001::68: Bytes=32 Zeit=61ms Antwort von 2001:4860:0:1001::68: Bytes=32 Zeit=61ms Ping-Statistik für 2001:4860:0:1001::68 Pakete: Gesendet = 4, Empfangen = 4, Verloren = 0 (0% Verlust), Ungefähre Zeitangaben in Millisekunden: Minimum = 61ms, Maximum = 62ms, Mittelwert = 61ms C:\Dokumente und Einstellungen\bergt>tracert6 noc.sixxs.net Routenverfolgung zu noc.sixxs.net [2001:838:1:1:210:dcff:fe20:7c7c] von 2a01:198:22b:1:393a:f48e:3470:6c6a über eine maximale Anzahl von 30 Hops: 1 <1 MSek <1 MSek <1 MSek 2a01:198:XXXX:1::1 2 42 MSek 41 MSek 41 MSek gw-34.dus-01.de.sixxs.net [2a01:198:200:21::1] 3 42 MSek 42 MSek 41 MSek edge1.dus1.de.as34225.net [2a01:198::1] 4 43 MSek 42 MSek 45 MSek speedpartner.r1.dus1.de.opencarrier.eu [2001:7f8:3a:e101::1] 5 99 MSek 46 MSek 48 MSek oc-r1-dus1.r1.fra3.de.opencarrier.eu [2001:7f8:3a:e000::2] 6 48 MSek 48 MSek 48 MSek ge6-0.br0.fra2.de.gbxs.net [2001:7f8::2331:0:1] 7 51 MSek 51 MSek 51 MSek ge-3-3-4.bb2.bru1.be.gbxs.net [2a01:300:30:8::1] 8 52 MSek 54 MSek 123 MSek ams-ix2.ipv6.concepts.nl [2001:7f8:1::a501:2871:2] 9 510 MSek 53 MSek 52 MSek 2001:838:0:14::2 10 54 MSek 54 MSek 54 MSek 2001:838:0:10::2 11 54 MSek 53 MSek 54 MSek noc.sixxs.net [2001:838:1:1:210:dcff:fe20:7c7c] Ablaufverfolgung beendet. C:\Dokumente und Einstellungen\bergt>tracert6 ipv6.google.com Routenverfolgung zu ipv6.l.google.com [2001:4860:0:1001::68] von 2a01:198:22b:1:393a:f48e:3470:6c6a über eine maximale Anzahl von 30 Hops: 1 <1 MSek <1 MSek <1 MSek 2a01:198:XXXX:1::1 2 41 MSek 42 MSek 42 MSek gw-34.dus-01.de.sixxs.net [2a01:198:200:21::1] 3 89 MSek 286 MSek 42 MSek edge1.dus1.de.as34225.net [2a01:198::1] 4 43 MSek 43 MSek 43 MSek speedpartner.r1.dus1.de.opencarrier.eu [2001:7f8:3a:e101::1] 5 47 MSek 48 MSek 47 MSek oc-r1-dus1.r1.fra3.de.opencarrier.eu [2001:7f8:3a:e000::2] 6 48 MSek 48 MSek 49 MSek de-cix.he.net [2001:7f8::1b1b:0:1] 7 287 MSek 50 MSek 51 MSek 10g-1-4.core1.ams1.ipv6.he.net [2001:470:0:47::1] 8 302 MSek 59 MSek 59 MSek pr61.ams04.net.google.com [2001:7f8:1::a501:5169:1] 9 * * * Zeitüberschreitung der Anforderung. 10 62 MSek 62 MSek 62 MSek 2001:4860:0:1001::68 Ablaufverfolgung beendet. C:\Dokumente und Einstellungen\bergt> ...looks like I have to configure my ip6tables at first. ;-) Thanks birko --

Please note Posting is only allowed when you are logged in.
Static Sunset Edition of SixXS
©2001-2017 SixXS - IPv6 Deployment & Tunnel Broker