[ale] Anyone here use 6to4?
Michael B. Trausch
mike at trausch.us
Thu May 1 14:12:39 EDT 2008
I was toying around with IPv6 using a tunnel from go6 for a little
while, but I am finding the tunnel connection to them to be a bit too
unreliable. This causes me some issues. I can work around it by
bouncing the tunnel every fifteen minutes or so, but after that it seems
to just go dead.
So, I thought maybe I should set up my system to create a 6to4 IPv6
setup, which is supposedly more reliably routed because it doesn't go
through a single endpoint any more---AIUI, it instead goes through a
(the closest) public 6to4 server by way of encapsulation in IPv4, which
then hits another 6to4 user or someone on the native IPv6 Internet.
I seem to be getting stuck, though. I set up my server to pass protocol
41 so that the packets would get through that, and then I set up the
6to4 interface by computing my IPv6 prefix (2002:4c11:2f98) and
assigning the address. From what I am reading (or the way that I am
reading it?) it seems that once you do that, you just need to create the
6to4 interface, give it an address within your prefix, and then set a
default route to the magic 6to4 anycast address 2002:c058:6301:: (which,
according to RFC 3068, will set your route to the nearest 6to4 relay
router).
So, I have set up things such that:
mbt at allspice:~$ cat /proc/sys/net/ipv6/conf/6to4/forwarding
1
mbt at allspice:~$ /sbin/route -6
Kernel IPv6 routing table
Destination Next Hop Flag Met Ref
Use If
::/96 :: Un 256 0
1 6to4
2002::/16 :: U 256 0
0 6to4
fe80::/64 :: U 256 0
0 inet0
fe80::/64 :: U 256 0
0 lan0
fe80::/64 :: U 256 0
0 lan1
fe80::/64 :: U 256 0
0 lanbr0
fe80::/64 :: U 256 0
0 6to4
::/0 2002:c058:6301:: UG 1026 0
3 6to4
::/0 :: !n -1 1
34156 lo
::1/128 :: Un 0 1
22749 lo
::76.17.47.152/128 :: Un 0 1
0 lo
2002::/128 :: Un 0 2
0 lo
2002:4c11:2f98::1/128 :: Un 0 1
8 lo
fe80::/128 :: Un 0 2
0 lo
fe80::/128 :: Un 0 2
0 lo
fe80::/128 :: Un 0 2
0 lo
fe80::/128 :: Un 0 2
0 lo
fe80::202:2aff:fecb:4198/128 :: Un 0 1
3516 lo
fe80::202:2aff:fecb:4198/128 :: Un 0 1
0 lo
fe80::204:75ff:fee2:f76b/128 :: Un 0 1
0 lo
fe80::213:d3ff:fe15:32c9/128 :: Un 0 1
0 lo
ff00::/8 :: U 256 0
0 inet0
ff00::/8 :: U 256 0
0 lan0
ff00::/8 :: U 256 0
0 lan1
ff00::/8 :: U 256 0
0 lanbr0
ff00::/8 :: U 256 0
0 6to4
::/0 :: !n -1 1
34156 lo
mbt at allspice:~$ /sbin/ifconfig 6to4
6to4 Link encap:IPv6-in-IPv4
inet6 addr: 2002:4c11:2f98::1/16 Scope:Global
inet6 addr: ::76.17.47.152/128 Scope:Compat
UP RUNNING NOARP MTU:1480 Metric:1
RX packets:5 errors:0 dropped:0 overruns:0 frame:0
TX packets:50 errors:144 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:617 (617.0 B) TX bytes:6070 (5.9 KB)
mbt at allspice:~$ ping6 2002:c058:6301::
PING 2002:c058:6301::(2002:c058:6301::) 56 data bytes
64 bytes from 2002:c058:6301::: icmp_seq=1 ttl=64 time=45.5 ms
64 bytes from 2002:c058:6301::: icmp_seq=2 ttl=64 time=56.1 ms
64 bytes from 2002:c058:6301::: icmp_seq=3 ttl=64 time=44.2 ms
64 bytes from 2002:c058:6301::: icmp_seq=4 ttl=64 time=44.2 ms
--- 2002:c058:6301:: ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 2999ms
rtt min/avg/max/mdev = 44.224/47.542/56.199/5.032 ms
mbt at allspice:~$ host -t AAAA go6.net
go6.net has IPv6 address 2001:5c0:0:1::6
mbt at allspice:~$ ping6 -c 4 2001:5c0:0:1::6
PING 2001:5c0:0:1::6(2001:5c0:0:1::6) 56 data bytes
From 2002:4c11:2f98::1 icmp_seq=1 Destination unreachable: Address
unreachable
From 2002:4c11:2f98::1 icmp_seq=2 Destination unreachable: Address
unreachable
From 2002:4c11:2f98::1 icmp_seq=3 Destination unreachable: Address
unreachable
From 2002:4c11:2f98::1 icmp_seq=4 Destination unreachable: Address
unreachable
--- 2001:5c0:0:1::6 ping statistics ---
4 packets transmitted, 0 received, +4 errors, 100% packet loss, time 3000ms
mbt at allspice:~$
And this is where I am stuck. I can't figure out why 2001:5c0:0:1::6 is
unreachable, because 2002:c058:6301:: is (and is responding), and the
default gateway is set through 2002:c058:6301::. Now, this of course
means that either I have something configured incorrectly (which I would
say is probably the likely case), or the advertised closest relay router
is not a router at all, and something is horribly wrong that is no fault
of mine (this time). Certainly, I hope for the former.
Anybody see what I did wrong? I have been scratching my head on this
one for more than a few hours now, and I am not finding anything that is
giving me what I am apparently missing.
--- Mike
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
Url : http://mail.ale.org/pipermail/ale/attachments/20080501/281843fc/attachment.bin
More information about the Ale
mailing list