|
What did I break?
![[us]](/s/countries/us.gif) Shadow Hawkins on Saturday, 21 February 2009 00:12:58
I've had my router running as a ipv4 nat router/ipv6 firewalled router for months now. It's been working great. At some point in the last 36-48 hours 'something' has changed, and it no longer routes ipv6. I've reviewed the relevant config files, the routing tables, and the iptables, and nothing stands out to me. IPv6 still works from the router, and connectivity from the lan to the router works over IPv6, but not routing through. I just rebooted without any IPv6 firewalling, but no luck.
What seems fishy to me is the default route set on the clients, which leads me to believe it's a radvd problem. Inspecting the radvd logs reinforces this theory, but I have no clue what would cause this problem.
Any tips here would be MUCH appreciated.
Relevant info:
IPv6 Tunnel Endpoint: 2001:4978:f:a2::2/64
IPv6 Subnet: 2001:4978:142::/48
ifconfig br0
br0 Link encap:Ethernet HWaddr 00:11:50:f6:c1:f0
inet addr:10.0.1.100 Bcast:10.0.1.255 Mask:255.255.255.0
inet6 addr: 2001:4978:142::1/64 Scope:Global
inet6 addr: fe80::211:50ff:fef6:c1f0/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2649 errors:0 dropped:0 overruns:0 frame:0
TX packets:2183 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:260300 (254.1 KiB) TX bytes:939790 (917.7 KiB)
radvd.conf (comments stripped)
interface br0
{
AdvSendAdvert on;
IgnoreIfMissing on;
MinRtrAdvInterval 3;
MaxRtrAdvInterval 10;
prefix 2001:4978:142::1/64
{
AdvOnLink on;
AdvAutonomous on;
AdvRouterAddr on;
};
};
fishy radvd log lines (this just repeats a lot):
Feb 19 22:31:36 bigiron radvd[25806]: sendmsg: Network is unreachable
ip -6 route show (router)
2001:4978:f:a2::/64 via :: dev aiccu proto kernel metric 256 mtu 1280 advmss 1220 hoplimit 4294967295
2001:4978:142::/64 dev br0 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev eth0 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev eth1 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev br0 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 via :: dev aiccu proto kernel metric 256 mtu 1280 advmss 1220 hoplimit 4294967295
fe80::/64 dev wlan0 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
ff00::/8 dev eth0 metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
ff00::/8 dev eth1 metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
ff00::/8 dev br0 metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
ff00::/8 dev aiccu metric 256 mtu 1280 advmss 1220 hoplimit 4294967295
ff00::/8 dev wlan0 metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
default via 2001:4978:f:a2::1 dev aiccu metric 1024 mtu 1280 advmss 1220 hoplimit 4294967295
ip -6 route show (client)
2001:4978:142::/64 dev eth0 proto kernel metric 256 expires 86391sec mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev eth0 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
ff00::/8 dev eth0 metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
default via fe80::211:50ff:fef6:c1f0 dev eth0 proto kernel metric 1024 expires 27sec mtu 1500 advmss 1440 hoplimit 64
ip6tables -L (router)
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
I'm sure there is info I'm forgetting to provide, so please just let me know. aiccu autotest passes on the router(as expected, as ipv6 works on the router).
What did I break?
![[fr]](/s/countries/fr.gif) Carmen Sandiego on Saturday, 21 February 2009 18:24:38
Try a traceroute somewhere (e.g. traceroute6 www.free.fr) from both your router and hosts and post the results here.
Also, the prefix directive in the radvd.conf file is supposed to take a prefix (a /64 subnet, actually) as argument, but you've put the address of the bridge interface.
Try replacing "prefix 2001:4978:142::1/64" with "prefix 2001:4978:142::/64".
What did I break?
Shadow Hawkins on Saturday, 21 February 2009 18:38:11
Changing the prefix to remove the 1 from the end fixed it. Why this has worked for months is beyond me. Thanks!
Pat
|
Posting is only allowed when you are