SixXS::Sunset 2017-06-06

Using AICCU/Linux - Can't ping6 POP (or anything else on the internet)
[us] Shadow Hawkins on Sunday, 19 October 2008 01:15:39
First a statement: I've gotten freenet6 up & running before; I realize that SixXS is not the same thing, but I am able to use freenet6 (if that helps with any firewall rules, etc.) My tunnel is setup to use heartbeat. The machine using aiccu is also the host that acts as the NAT machine; however I'm not sure which side of the NAT the IPv6-in-IPv4 "device" created by AICCU is on. Wireshark shows only outbound packets from the aiccu interface. Here's what I'm seeing:
# aiccu autotest ####### ####### AICCU Quick Connectivity Test ####### ####### [1/8] Ping the IPv4 Local/Your Outer Endpoint (66.134.182.32) ### This should return so called 'echo replies' ### If it doesn't then check your firewall settings ### Your local endpoint should always be pingable ### It could also indicate problems with your IPv4 stack PING 66.134.182.32 (66.134.182.32) 56(84) bytes of data. 64 bytes from 66.134.182.32: icmp_seq=1 ttl=64 time=0.064 ms 64 bytes from 66.134.182.32: icmp_seq=2 ttl=64 time=0.044 ms 64 bytes from 66.134.182.32: icmp_seq=3 ttl=64 time=0.056 ms --- 66.134.182.32 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 1998ms rtt min/avg/max/mdev = 0.044/0.054/0.064/0.011 ms ###### ####### [2/8] Ping the IPv4 Remote/PoP Outer Endpoint (209.197.4.66) ### These pings should reach the PoP and come back to you ### In case there are problems along the route between your ### host and the PoP this could not return replies ### Check your firewall settings if problems occur PING 209.197.4.66 (209.197.4.66) 56(84) bytes of data. 64 bytes from 209.197.4.66: icmp_seq=1 ttl=51 time=88.0 ms 64 bytes from 209.197.4.66: icmp_seq=2 ttl=51 time=88.3 ms 64 bytes from 209.197.4.66: icmp_seq=3 ttl=51 time=88.1 ms --- 209.197.4.66 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2004ms rtt min/avg/max/mdev = 88.007/88.150/88.310/0.364 ms ###### ####### [3/8] Traceroute to the PoP (209.197.4.66) over IPv4 ### This traceroute should reach the PoP ### In case this traceroute fails then you have no connectivity ### to the PoP and this is most probably the problem traceroute to 209.197.4.66 (209.197.4.66), 30 hops max, 60 byte packets 1 h-66-134-182-1.dnvtco56.dynamic.covad.net (66.134.182.1) 38.114 ms 41.248 ms 46.618 ms 2 192.168.37.101 (192.168.37.101) 49.545 ms 52.476 ms 55.405 ms 3 ge-6-21.car1.Denver1.Level3.net (63.211.250.49) 58.829 ms 61.523 ms 64.952 ms 4 ae-31-53.ebr1.Denver1.Level3.net (4.68.107.94) 69.357 ms 70.824 ms 87.586 ms 5 ae-2.ebr2.Dallas1.Level3.net (4.69.132.106) 103.305 ms 103.753 ms 104.088 ms 6 ae-72-72.csw2.Dallas1.Level3.net (4.69.136.142) 114.318 ms ae-82-82.csw3.Dallas1.Level3.net (4.69.136.146) 79.204 ms ae-92-92.csw4.Dallas1.Level3.net (4.69.136.150) 70.259 ms 7 ae-61-61.ebr1.Dallas1.Level3.net (4.69.136.121) 66.335 ms 55.107 ms ae-81-81.ebr1.Dallas1.Level3.net (4.69.136.129) 57.000 ms 8 ae-8-8.car1.Phoenix1.Level3.net (4.69.133.29) 80.145 ms 83.564 ms 85.990 ms 9 ae-11-11.car2.Phoenix1.Level3.net (4.69.133.34) 89.667 ms 93.930 ms 96.780 ms 10 HIGHWINDS-N.car2.Phoenix1.Level3.net (4.79.164.30) 109.574 ms 109.777 ms 110.248 ms 11 2-1.r1.la.hwng.net (69.16.191.37) 120.345 ms 123.019 ms 126.205 ms 12 209.197.4.66 (209.197.4.66) 129.873 ms 133.301 ms 135.906 ms ###### ###### [4/8] Checking if we can ping IPv6 localhost (::1) ### This confirms if your IPv6 is working ### If ::1 doesn't reply then something is wrong with your IPv6 stack PING ::1(::1) 56 data bytes 64 bytes from ::1: icmp_seq=1 ttl=64 time=0.030 ms 64 bytes from ::1: icmp_seq=2 ttl=64 time=0.036 ms 64 bytes from ::1: icmp_seq=3 ttl=64 time=0.034 ms --- ::1 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 1998ms rtt min/avg/max/mdev = 0.030/0.033/0.036/0.005 ms ###### ###### [5/8] Ping the IPv6 Local/Your Inner Tunnel Endpoint (2001:1938:82:3::2) ### This confirms that your tunnel is configured ### If it doesn't reply then check your interface and routing tables PING 2001:1938:82:3::2(2001:1938:82:3::2) 56 data bytes 64 bytes from 2001:1938:82:3::2: icmp_seq=1 ttl=64 time=0.034 ms 64 bytes from 2001:1938:82:3::2: icmp_seq=2 ttl=64 time=0.054 ms 64 bytes from 2001:1938:82:3::2: icmp_seq=3 ttl=64 time=0.055 ms --- 2001:1938:82:3::2 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 1999ms rtt min/avg/max/mdev = 0.034/0.047/0.055/0.012 ms ###### ###### [6/8] Ping the IPv6 Remote/PoP Inner Tunnel Endpoint (2001:1938:82:3::1) ### This confirms the reachability of the other side of the tunnel ### If it doesn't reply then check your interface and routing tables ### Don't forget to check your firewall of course ### If the previous test was succesful then this could be both ### a firewalling and a routing/interface problem PING 2001:1938:82:3::1(2001:1938:82:3::1) 56 data bytes --- 2001:1938:82:3::1 ping statistics --- 3 packets transmitted, 0 received, 100% packet loss, time 2011ms ###### ###### [7/8] Traceroute6 to the central SixXS machine (noc.sixxs.net) ### This confirms that you can reach the central machine of SixXS ### If that one is reachable you should be able to reach most IPv6 destinations ### Also check http://www.sixxs.net/ipv6calc/ which should show an IPv6 connection ### If your browser supports IPv6 and uses it of course. traceroute to noc.sixxs.net (2001:838:1:1:210:dcff:fe20:7c7c) from 2001:1938:82:3::2, 30 hops max, 24 byte packets 1 * * * 2 * * * 3 * * * 4 * * * 5 * * * 6 * * * 7 * * * 8 * * * 9 * * * 10 * * * 11 * * * 12 * * * 13 * * * 14 * * * 15 * * * 16 * * * 17 * * * 18 * * * 19 * * * 20 * * * 21 * * * 22 * * * 23 * * * 24 * * * 25 * * * 26 * * * 27 * * * 28 * * * 29 * * * 30 * * * ###### ###### [8/8] Traceroute6 to (www.kame.net) ### This confirms that you can reach a Japanese IPv6 destination ### If that one is reachable you should be able to reach most IPv6 destinations ### You should also check http://www.kame.net which should display ### a animated kame (turtle), of course only when your browser supports and uses IPv6 traceroute to www.kame.net (2001:200:0:8002:203:47ff:fea5:3085) from 2001:1938:82:3::2, 30 hops max, 24 byte packets 1 * * * 2 * * * 3 * * * 4 * * * 5 * * * 6 * * * 7 * * * 8 * * * 9 * * * 10 * * * 11 * * * 12 * * * 13 * * * 14 * * * 15 * * * 16 * * * 17 * * * 18 * * * 19 * * * 20 * * * 21 * * * 22 * * * 23 * * * 24 * * * 25 * * * 26 * * * 27 * * * 28 * * * 29 * * * 30 * * * ###### ###### ACCU Quick Connectivity Test (done)
I have a number of devices: eth0 (connects do the DSL modem), link-local IPv6 address eth1 (connects to the 'home' network), link-local IPv6 address ppp0 (PPPoE connection from ISP) (no IPv6 address) lo sixxs (IPv6-in-IPv4) (global IPv6 address) My routing table:
# route -n --inet6 Kernel IPv6 routing table Destination Next Hop Flag Met Ref Use If 2001:5c0:98b3::/48 :: !n 1 0 0 lo 2001:1938:82:3::/64 :: Un 256 0 6 sixxs fe80::/64 :: U 256 0 0 eth1 fe80::/64 :: U 256 0 0 eth0 fe80::/64 :: Un 256 0 0 sixxs ::/0 2001:1938:82:3::1 UG 1024 0 37 sixxs ::/0 :: !n -1 1 479 lo ::1/128 :: Un 0 1 43 lo 2001:1938:82:3::/128 :: Un 0 1 0 lo 2001:1938:82:3::2/128 :: Un 0 1 7 lo fe80::/128 :: Un 0 1 0 lo fe80::/128 :: Un 0 1 0 lo fe80::/128 :: Un 0 1 0 lo fe80::4286:b620/128 :: Un 0 1 0 lo fe80::c0a8:1/128 :: Un 0 1 0 lo fe80::c0a8:101/128 :: Un 0 1 0 lo fe80::204:75ff:feac:c16f/128 :: Un 0 1 0 lo fe80::21d:7dff:fee9:b70/128 :: Un 0 1 53 lo ff00::/8 :: U 256 0 0 eth1 ff00::/8 :: U 256 0 0 eth0 ff00::/8 :: U 256 0 0 sixxs ::/0 :: !n -1 1 479 lo
And finally, my IP6tables:
# ip6tables -L Chain INPUT (policy DROP) target prot opt source destination ACCEPT all anywhere anywhere ipv6input all anywhere anywhere ipv6input all anywhere anywhere Chain FORWARD (policy DROP) target prot opt source destination ipv6input all anywhere anywhere ipv6input all anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination ACCEPT all anywhere anywhere Chain ipv6dump (0 references) target prot opt source destination Chain ipv6input (4 references) target prot opt source destination ACCEPT all anywhere anywhere ACCEPT ipv6-icmp anywhere anywhere ACCEPT all anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp anywhere anywhere state NEW tcp dpt:ssh flags:FIN,SYN,RST,ACK/SYN REJECT all anywhere anywhere reject-with icmp6-adm-prohibited ACCEPT all anywhere anywhere ACCEPT ipv6-icmp anywhere anywhere ACCEPT all anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp anywhere anywhere state NEW tcp dpt:ssh flags:FIN,SYN,RST,ACK/SYN REJECT all anywhere anywhere reject-with icmp6-adm-prohibited
Using AICCU/Linux - Can't ping6 POP (or anything else on the internet)
[gb] Shadow Hawkins on Tuesday, 18 November 2008 10:53:44
Hello Troy, I realise that this is a bit of an old posting, has it ever been resolved? If not, can you post your /etc/aiccu.conf (without the password, of course) and the output of "ifconfig sixxs" ? It looks as if your tunnel is just not active. Regards, Frank

Please note Posting is only allowed when you are logged in.

Static Sunset Edition of SixXS
©2001-2017 SixXS - IPv6 Deployment & Tunnel Broker