Hello-
I have setup an IPv6 tunnel on my Archer C7 router running OpenWRT:
root@OpenWrt:~# ifconfig
6in4-henet Link encap:IPv6-in-IPv4
inet6 addr: fe80::485b:5169/128 Scope:Link
inet6 addr: 2001:470:d9bf::2/48 Scope:Global
UP POINTOPOINT RUNNING NOARP MTU:1280 Metric:1
RX packets:9 errors:0 dropped:0 overruns:0 frame:0
TX packets:9 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:936 (936.0 B) TX bytes:936 (936.0 B)
As you can see I have setup a /64 subnet, not sure if this correct however it is my first time:
br-lan Link encap:Ethernet HWaddr 14:CC:20:F1:96:DE
inet addr:192.168.11.1 Bcast:192.168.11.255 Mask:255.255.255.0
inet6 addr: 2001:470:db9f:1::1/64 Scope:Global
inet6 addr: fe80::16cc:20ff:fef1:96de/64 Scope:Link
inet6 addr: fdd4:db6:22e2::1/60 Scope:Global
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:6622 errors:0 dropped:0 overruns:0 frame:0
TX packets:4145 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:956650 (934.2 KiB) TX bytes:1865997 (1.7 MiB)
From the openwrt router I can ping ipv6.he.net:
root@OpenWrt:~# ping6 ipv6.he.net
PING ipv6.he.net (2001:470:0:64::2): 56 data bytes
64 bytes from 2001:470:0:64::2: seq=0 ttl=56 time=90.005 ms
64 bytes from 2001:470:0:64::2: seq=1 ttl=56 time=89.341 ms
64 bytes from 2001:470:0:64::2: seq=2 ttl=56 time=89.112 ms
64 bytes from 2001:470:0:64::2: seq=3 ttl=56 time=88.887 ms
64 bytes from 2001:470:0:64::2: seq=4 ttl=56 time=88.665 ms
^C
--- ipv6.he.net ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 88.665/89.202/90.005 ms
On my laptop running OS X, I have the following ipv6 addresses, they were setup automagically I didn't configure radvd or dhcp6:
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1400
ether 84:38:35:5b:c3:50
inet6 fe80::8638:35ff:fe5b:c350%en0 prefixlen 64 scopeid 0x4
inet 192.168.11.216 netmask 0xffffff00 broadcast 192.168.11.255
inet6 fdd4:db6:22e2::8638:35ff:fe5b:c350 prefixlen 64 autoconf
inet6 fdd4:db6:22e2::b1fa:8ca9:3b09:8e8a prefixlen 64 autoconf temporary
inet6 2001:470:db9f:1:8638:35ff:fe5b:c350 prefixlen 64 autoconf
inet6 2001:470:db9f:1:dd44:38d3:ef2b:5bba prefixlen 64 autoconf temporary
inet6 2001:470:db9f:1::b04 prefixlen 64 dynamic
nd6 options=1<PERFORMNUD>
media: autoselect
status: active
But ping6 or traceroute6 from my OS X host does not work:
$ ping6 ipv6.he.net
PING6(56=40+8+8 bytes) 2001:470:db9f:1:dd44:38d3:ef2b:5bba --> 2001:470:0:64::2
^C
--- ipv6.he.net ping6 statistics ---
11 packets transmitted, 0 packets received, 100.0% packet loss
and
$ traceroute6 ipv6.he.net
traceroute6 to ipv6.he.net (2001:470:0:64::2) from 2001:470:db9f:1:dd44:38d3:ef2b:5bba, 64 hops max, 12 byte packets
1 2001:470:db9f:1::1 1.603 ms 0.990 ms 0.840 ms
2 2001:470:db9f:1::1 0.733 ms 1.101 ms 1.030 ms
3 2001:470:db9f:1::1 0.932 ms * 1.948 ms
4 2001:470:db9f:1::1 1.043 ms 0.945 ms 1.412 ms
5 2001:470:db9f:1::1 1.043 ms
Looks like my default gateway is using the link-local for br-lan interface. Is that okay?
Internet6:
Destination Gateway Flags Netif Expire
default fe80::16cc:20ff:fef1:96de%en0 UGc en0
::1 ::1 UHL lo0
2001:470:db9f:1::/64 link#4 UC en0
2001:470:db9f:1::1 14:cc:20:f1:96:de UHLWIi en0
2001:470:db9f:1::b04 84:38:35:5b:c3:50 UHL lo0
2001:470:db9f:1:8638:35ff:fe5b:c350 84:38:35:5b:c3:50 UHL lo0
2001:470:db9f:1:dd44:38d3:ef2b:5bba 84:38:35:5b:c3:50 UHL lo0
fdd4:db6:22e2::/64 link#4 UC en0
fdd4:db6:22e2::8638:35ff:fe5b:c350 84:38:35:5b:c3:50 UHL lo0
fdd4:db6:22e2::b1fa:8ca9:3b09:8e8a 84:38:35:5b:c3:50 UHL lo0
fe80::%lo0/64 fe80::1%lo0 UcI lo0
fe80::1%lo0 link#1 UHLI lo0
fe80::%en0/64 link#4 UCI en0
fe80::16cc:20ff:fef1:96de%en0 14:cc:20:f1:96:de UHLWIir en0
fe80::8638:35ff:fe5b:c350%en0 84:38:35:5b:c3:50 UHLI lo0
fe80::%awdl0/64 link#8 UCI awdl0
fe80::c82:a4ff:fe43:7281%awdl0 e:82:a4:43:72:81 UHLI lo0
ff01::%lo0/32 ::1 UmCI lo0
ff01::%en0/32 link#4 UmCI en0
ff01::%awdl0/32 link#8 UmCI awdl0
ff02::%lo0/32 ::1 UmCI lo0
ff02::%en0/32 link#4 UmCI en0
ff02::%awdl0/32 link#8 UmCI awdl0
Actually, now the route has disappeared:
Internet6:
Destination Gateway Flags Netif Expire
::1 ::1 UHL lo0
fe80::%lo0/64 fe80::1%lo0 UcI lo0
fe80::1%lo0 link#1 UHLI lo0
fe80::%en0/64 link#4 UCI en0
fe80::8638:35ff:fe5b:c350%en0 84:38:35:5b:c3:50 UHLI lo0
fe80::%awdl0/64 link#8 UCI awdl0
fe80::c82:a4ff:fe43:7281%awdl0 e:82:a4:43:72:81 UHLI lo0
ff01::%lo0/32 ::1 UmCI lo0
ff01::%en0/32 link#4 UmCI en0
ff01::%awdl0/32 link#8 UmCI awdl0
ff02::%lo0/32 ::1 UmCI lo0
ff02::%en0/32 link#4 UmCI en0
ff02::%awdl0/32 link#8 UmCI awdl0
$ ping6 ipv6.he.net
ping6: UDP connect: No route to host
1) do not put any of your routed address space on the tunnel interface.
2) get rid of ULA unless you actually use it, and if you do, you need to figure out what exactly on your lan is spewing out RA, because you have SLAAC IPs on your windows box in both ULA and HE routed subnet.
3) link-local of the bridged interface as default gateway is expected when your autoconfigure. again if you didn't configure radvd on the WRT, then something on that device decided to without you knowing. it disappearing is probably a big issue with why you can't get out, but so is address selection, since ULA won't route over the tunnel/internet, and if you are sourcing from that, nothing will work.
Thanks for replying!
1) Please be more verbose, I do not know exactly what you mean.
2) I will remove the ULA
3) Okay, it seems like my changes weren't static.
The good news is that it is working on the host side now.
$ traceroute6 ipv6.he.net
traceroute6 to ipv6.he.net (2001:470:0:64::2) from 2001:470:d9bf:1:64f3:8da0:d1d7:3d93, 64 hops max, 12 byte packets
1 2001:470:d9bf:1::1 1.748 ms 1.163 ms 1.181 ms
2 jfargen-1.tunnel.tserv12.mia1.ipv6.he.net 16.596 ms 32.035 ms 19.996 ms
3 ge2-3.core1.mia1.he.net 42.073 ms 14.984 ms 14.920 ms
4 10ge15-4.core1.dal1.he.net 47.535 ms 46.659 ms 102.897 ms
5 10ge15-4.core1.phx2.he.net 85.078 ms 71.766 ms 77.381 ms
6 10ge15-6.core1.lax2.he.net 85.018 ms 76.905 ms 84.932 ms
7 10ge9-5.core1.sjc2.he.net 107.556 ms 104.405 ms 102.468 ms
8 10ge4-2.core3.fmt2.he.net 94.626 ms 91.890 ms 100.026 ms
9 10ge2-1.core1.fmt1.he.net 94.854 ms
ipv6.he.net 176.856 ms 179.322 ms
I figured out why my changes did not survive restart. I guess OpenWRT uses some kind of overlay and you need to execute 'uci commit network' to write the changes. Kind of new to OpenWRT and all. Thanks for you help!
1) below is the output you provided for your tunnel interface
6in4-henet Link encap:IPv6-in-IPv4
inet6 addr: fe80::485b:5169/128 Scope:Link
inet6 addr: 2001:470:d9bf::2/48 Scope:Global
that /48 doesn't belong there, only your tunnel Client IPv6 IP does.
Weird. It was working with the /48, but I swapped it out for my Client IPv6 Address as shown below and my host behind the router doesn't work any longer.
6in4-henet Link encap:IPv6-in-IPv4
inet6 addr: fe80::485b:5169/128 Scope:Link
inet6 addr: 2001:470:4:599::2/64 Scope:Global
Things seem to work fine with the /48.
6in4-henet Link encap:IPv6-in-IPv4
inet6 addr: fe80::485b:5169/128 Scope:Link
inet6 addr: 2001:470:d9bf::2/48 Scope:Global
One other interesting things to note...
I am able to ping6 google.com, ipv6.he.net, but ping6 www.cogentco.com is not working.
$ ping6 google.com
PING6(56=40+8+8 bytes) 2001:470:d9bf:1:88be:9875:f57a:34c5 --> 2607:f8b0:4008:808::200e
16 bytes from 2607:f8b0:4008:808::200e, icmp_seq=0 hlim=58 time=13.195 ms
16 bytes from 2607:f8b0:4008:808::200e, icmp_seq=1 hlim=58 time=22.982 ms
16 bytes from 2607:f8b0:4008:808::200e, icmp_seq=2 hlim=58 time=17.973 ms
^C
--- google.com ping6 statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 13.195/18.050/22.982/3.996 ms
and here is the ping from www.cogentco.com:
$ ping6 www.cogentco.com
PING6(56=40+8+8 bytes) 2001:470:d9bf:1:88be:9875:f57a:34c5 --> 2001:550:1::cc01
^C
--- cogentco.com ping6 statistics ---
9 packets transmitted, 0 packets received, 100.0% packet loss
When I go to Level3's looking glass I am able to ping6 www.cogentco.com.
Ping results from Miami, FL to 2001:550:1::cc01
icmp_seq=1 ttl=56 time=26.2 ms
icmp_seq=2 ttl=56 time=26.1 ms
icmp_seq=3 ttl=56 time=26.1 ms
icmp_seq=4 ttl=56 time=26.1 ms
icmp_seq=5 ttl=56 time=26.2 ms
icmp_seq=6 ttl=56 time=26.2 ms
icmp_seq=7 ttl=56 time=26.1 ms
icmp_seq=8 ttl=56 time=26.1 ms
icmp_seq=9 ttl=56 time=26.2 ms
icmp_seq=10 ttl=56 time=26.1 ms
---- target statistics ----
10 packets transmitted, 10 packets received, 0% packet loss
rtt min/avg/median/max/mdev/stddev = 26.1/26.14/26.1/26.2/0.219/0.049 ms
Is this a routing issue?
It is a Cogent issue. They don't peer with HE or use an IPv6 transit. Their loss and their customer's loss.
Back to my earlier question... Why doesn't doesn't my tunnel work when I use the Client IPv6 Address:2001:470:4:599::2/64, but it works fine when I use an IP in my Routed /48:2001:470:d9bf::/48 subnet?
Thanks
Is ipv6 forwarding enabled?