[ale] IPv6 routing issues
Michael H. Warfield
mhw at WittsEnd.com
Fri Sep 4 12:41:50 EDT 2009
On Fri, 2009-09-04 at 10:02 -0600, JK wrote:
> Michael H. Warfield wrote:
> > On Thu, 2009-09-03 at 09:53 -0600, JK wrote:
> >> Hi ALE,
> >
> >> I installed the freenet6.net IPv6 tunnel client (tspc) on my Ubuntu box,
> >> and it establishes a tunnel successfully using my account credentials.
> >> However, I can't get a reply from ping6'ing any remote host -- "No
> >> route to host".
> >
> >> So, hmm, I guess it's a routing problem. And in fact "ip route list"
> >> reveals no IP6 routing info. Google is rife with advice to set up a
> >> default IP6 route via the tunnel device:
> >
> >> ip route add ::/0 dev sit1
> >
> >> But this does not help at all. Further, the route does not even seem
> >> to be added (even though the "ip route" command succeeds): subsequently,
> >
> >> ip route list dev sit1
> >
> >> returns no entries, and a plain "ip route list" shows nothing that
> >> looks like the IP6 route I just added.
> >
> > Try "ip -6 route ls". Without the -6 it's only going to show you the
> > v4 routes.
> >
> > Sounds like IPv6 has been initialized properly OR you have IPv6
> > forwarding enabled. It's a peculiarity (a deliberate peculiarity) that
> > the kernel will not honor the IPv6 default route if IPv6 forwarding is
> > enabled. This was, ostensibly, to prevent the accidental routing of
> > link-local, site-local, and scoped multicast beyond their designed
> > scopes.
> >
> > Try this instead: "ip -6 route add 2000::/3 dev sit1"
> >
> > See if that works any better for you.
>
> Nope. I also disabled IP6 forwarding, and no joy :-( Plus I do
> actually want this machine to be a router.
That's not a problem. Leave forwarding on. It really just means you
can not use the default route and you need the 2000::/3 route down the
sit1 device. That route is the entire global unicast space. You're not
allowed to route anything outside of that down the sit device anyways.
I think the last time I played with tspc, I actually had to modify the
up script to add the 2000::/3 route instead of adding a default route.
I've never looked at the Debian / Ubuntu scripts for tspc.
> "ip -6 neigh list" returns nothing, even when my tunnel is up. Should
> this worry me?
No not really. That's really the IPv6 equivalent of the arp tables and
"arp -a". If you had other machines on your local ethernet that were
responding on IPv6, they would show up there.
> Also, the v6 address on the sit1 interface is 2001:blah:blah::blah/128,
> which seems to indicate that maybe I didn't get the /64 I (thought I)
> asked for? Their info page makes a distinction between the prefix
> assigned to the tunnel vs the "delegated" prefix, but I don't understand
> the distinction.
That's not a problem either. That's all you should have on that p2p
link. You should see your /64 show up on your eth0 interface. The tspc
app and scripts should set that up for you automatically.
> Probably I need to read more :-/
Run the following and post them. Sanitize them if you like,
personally, I don't care about mine, people can look up my v6 addresses
in my DNS just like all my v4 address. My space is 2001:4830:3000::/48
from OCCAID.
Run the following.
ip -6 addr ls
ip -6 route ls
I'm a Fedora / rpm / sysv init person so it may be a little more
challenging for me to figure out whats wrong on that Ubuntu box.
> Thx,
> -- JK
Regards,
Mike
--
Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw at WittsEnd.com
/\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 481 bytes
Desc: This is a digitally signed message part
Url : http://mail.ale.org/pipermail/ale/attachments/20090904/510d6553/attachment.bin
More information about the Ale
mailing list