Hi guys,
Ive got my tunnel.
And have run this config:
ifconfig sit0 up
ifconfig sit0 inet6 tunnel ::216.66.80.26
ifconfig sit1 up
ifconfig sit1 inet6 add 2001:470:1f08:b3::2/64
route -A inet6 add ::/0 dev sit1
--
Output ftom ifconfig.
eth0 Link encap:Ethernet HWaddr 00:19:99:56:C0:53
inet addr:217.174.254.30 Bcast:217.174.255.255 Mask:255.255.252.0
inet6 addr: fe80::219:99ff:fe56:c053/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:536035 errors:0 dropped:0 overruns:0 frame:0
TX packets:296733 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:58459953 (55.7 MiB) TX bytes:147989333 (141.1 MiB)
Memory:fc400000-fc420000
eth0:0 Link encap:Ethernet HWaddr 00:19:99:56:C0:53
inet addr:217.174.254.115 Bcast:217.174.255.255 Mask:255.255.252.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Memory:fc400000-fc420000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:833 errors:0 dropped:0 overruns:0 frame:0
TX packets:833 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1488999 (1.4 MiB) TX bytes:1488999 (1.4 MiB)
sit0 Link encap:IPv6-in-IPv4
inet6 addr: ::217.174.254.115/96 Scope:Compat
inet6 addr: ::127.0.0.1/96 Scope:Unknown
inet6 addr: ::217.174.254.30/96 Scope:Compat
UP RUNNING NOARP MTU:1480 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
sit1 Link encap:IPv6-in-IPv4
inet6 addr: 2001:470:1f08:b3::2/64 Scope:Global
inet6 addr: fe80::d9ae:fe73/64 Scope:Link
inet6 addr: fe80::d9ae:fe1e/64 Scope:Link
UP POINTOPOINT RUNNING NOARP MTU:1480 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:38 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:4592 (4.4 KiB)
I cant ping your end:
[root@server217-174-254-30 html]# ping6 2001:470:1f08:b3::1
PING 2001:470:1f08:b3::1(2001:470:1f08:b3::1) 56 data bytes
--- 2001:470:1f08:b3::1 ping statistics ---
1 packets transmitted, 0 received, 100% packet loss, time 0ms
Any ideas?
Ive lowered the firewall but still nothing.
Thanks
G
I took this from the #ipv6 channel on freenode irc:
manual defaultroute broken in RHEL/CentOS 5.[012], use 2000::/3
OK erm?
What?
lol.
not sure what you mean?
Perhaps the tunnel is binding to both IPv4 addresses? Try forcing it to bind to one of the two.
Not sure how you do that using ifconfig, but with iproute (which you should be able to install) you can specify the IPv4 local end of the tunnel.
Quote from: lynxus on August 12, 2009, 04:58:36 AM
OK erm?
What?
lol.
not sure what you mean?
He means that instead of using ::/0 as your default route, use 2000::/3: route -A inet6 add 2000::/3 dev sit1
(remove the ::/0 route too: route -A inet6 del ::/0)
Ah right.
Ok.
Tried that, still nothing :(
Any other thoughts?
I also noticed that there are zero RX packets. So make sure that your firewall isn't blocking. Make realllly sure. Check both iptables, and ip6tables. :P
Also verify that you gave HE the correct IPv4 address for your tunnel endpoint, and that you're using the correct one theirs.
Ok,
I just notice ip6tables was on, so just turned off. - No avail.
Ive double checked the details:
Server IPv4 address: 216.66.80.26
Server IPv6 address: 2001:470:1f08:b3::1/64
Client IPv4 address: 217.174.254.30
Client IPv6 address: 2001:470:1f08:b3::2/64
Anycasted IPv6 Caching Nameserver: 2001:470:20::2
Anycasted IPv4 Caching Nameserver: 74.82.42.42
Routed /48: 2001:470:93e5::/48
Routed /64: 2001:470:1f09:b3::/64
RDNS Delegation NS1: none
RDNS Delegation NS2: none
RDNS Delegation NS3: none
ASN: none
Registration Date: Wed, Aug 12, 2009
Any thoughts on what my setup config should actually be?
Ive evidently balled something up lol
Do this:
tcpdump -n -i eth0 proto 41
Then try to do an ipv6 ping. Watch the 6in4 traffic.
Check to see which IPv4 address that the tunnel is trying to use. It should be using 217.174.254.30. If it's not, and it's using 217.174.254.115 instead, then there's your problem. Force it it use 217.174.254.30. I think you might be able to do it by using "ifconfig sit0 inet6 del ::217.174.254.115/96", but I'm not sure. I always use the "iproute" commands instead of ifconfig for this sort of thing, because the tunnel setup, etc is much easier to use.
Gah, Still no luck.
Ive tried the iproute way but nada:
iptables and ip6tables are both off.
Any thoughts anyone?
[root@server217-174-254-30 ~]# modprobe ipv6
[root@server217-174-254-30 ~]# ip tunnel add he-ipv6 mode sit remote 216.66.80.26 local 217.174.254.30 ttl 255
[root@server217-174-254-30 ~]# ip link set he-ipv6 up
[root@server217-174-254-30 ~]# ip addr add 2001:470:1f08:b3::2/64 dev he-ipv6
[root@server217-174-254-30 ~]# ip route add ::/0 dev he-ipv6
[root@server217-174-254-30 ~]# ip -f inet6 addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 100
inet6 fe80::219:99ff:fe56:c053/64 scope link
valid_lft forever preferred_lft forever
5: he-ipv6@NONE: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1480
inet6 2001:470:1f08:b3::2/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::d9ae:fe1e/128 scope link
valid_lft forever preferred_lft forever
[root@server217-174-254-30 ~]#
[root@server217-174-254-30 ~]#
[root@server217-174-254-30 ~]# ping6 2001:470:1f08:b3::2
PING 2001:470:1f08:b3::2(2001:470:1f08:b3::2) 56 data bytes
64 bytes from 2001:470:1f08:b3::2: icmp_seq=0 ttl=64 time=0.027 ms
64 bytes from 2001:470:1f08:b3::2: icmp_seq=1 ttl=64 time=0.026 ms
--- 2001:470:1f08:b3::2 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 0.026/0.026/0.027/0.005 ms, pipe 2
[root@server217-174-254-30 ~]# ping6 2001:470:1f08:b3::1
PING 2001:470:1f08:b3::1(2001:470:1f08:b3::1) 56 data bytes
--- 2001:470:1f08:b3::1 ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 3999ms
[root@server217-174-254-30 ~]#
[root@server217-174-254-30 ~]# service ip6tables stop
[root@server217-174-254-30 ~]# ping6 2001:470:1f08:b3::1
PING 2001:470:1f08:b3::1(2001:470:1f08:b3::1) 56 data bytes
--- 2001:470:1f08:b3::1 ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 3999ms
[root@server217-174-254-30 ~]# service iptables stop
[root@server217-174-254-30 ~]# ping6 2001:470:1f08:b3::1
PING 2001:470:1f08:b3::1(2001:470:1f08:b3::1) 56 data bytes
--- 2001:470:1f08:b3::1 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 1999ms
[root@server217-174-254-30 ~]#
FYI: tunnel appears configured correctly for your 217.174.254.30 IP address, however we cannot ping either your IPv4 address or IPv6. I'd guess that either the machine is offline, or filtering ICMP/ICMPv6.
Just turned the firewalls back on.
it could* ping them when i setup the tunnel, so i would assume your end is fine.
Must be something here causing it.
Changed firewall rule to allow icmp
Perhaps there's another firewall on the way to the internet? Your ISP/hosting company blocking proto 41?
it could be possible however i dont think there is as its just a dedicated 10meg feed.
Is there anyway to verify this?
Quote from: lynxus on October 14, 2009, 02:23:14 PM
it could be possible however i dont think there is as its just a dedicated 10meg feed.
Is there anyway to verify this?
Ask the host? You could also sniff on the interface with tcpdump or something (see my above message). If you don't see return IPv4 proto 41 traffic it either means the outbound or inbound is being blocked.
EDIT: Also, presuming you haven't checked already, you may want to see if the host offers native IPv6?
Cool ill give that a try.
I have asked them and they dont do native v6 :( my last host did and it made my life so much better lol