Hi, I'm getting some errors when trying to connect using the tunnel.
I am getting a no route to host error.
Here's the output of ping6
westly@westly-laptop /usr/src/linux $ ping6 ipv6.google.com
PING ipv6.google.com(nuq04s01-in-x63.1e100.net) 56 data bytes
From sonicrules1234-1-pt.tunnel.tserv3.fmt2.ipv6.he.net icmp_seq=1 Destination unreachable: Address unreachable
I am using gentoo linux.
Need a bit more detail. Did you add the IPv6 default route through your tunnel interface?
Not sure what you mean by default route.
Here is part of my ifconfig
he-ipv6 Link encap:IPv6-in-IPv4
inet6 addr: 2001:470:1f04:cbe::2/64 Scope:Global
inet6 addr: fe80::476c:8e08/128 Scope:Link
UP POINTOPOINT RUNNING NOARP MTU:1480 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:219 dropped:0 overruns:0 carrier:219
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
still same question, ifconfig doesn't show anything useful, except your ip address :)
ip -6 route show
Will give the most useful info as far as that goes.
Here is how I configure my interface on a debian/ubuntu type system in /etc/network/interfaces
auto he-ipv6
iface he-ipv6 inet6 v4tunnel
address 2001:470:7:xxxx::2
netmask 64
local my.ipv4.ip.addr
endpoint 216.66.22.2
gateway ::216.66.22.2
ttl 255
mtu 1480
Can't ping his side of tunnel from the tunnel-server itself. I suspect NAT not passing Protocol41 or some route misconfiguration on client side.
Presuming you have the the actual tunnel up (not sure given the last post), you need a default route.
You'd add this by doing:
ip route add default via <IPv6 of other side of tunnel (the ::1 address)> dev <tunnel device name>
Under gentoo you can add this in /etc/conf.d/net like this:
routes_<tunnel device name>=( "default via <IPv6 of other side of tunnel (the ::1 address)> dev <tunnel device name>" )
Under ubuntu /etc/network/interfaces add the line to your inet6 v4tunnel section:
gateway <IPv6 of other side of tunnel (the ::1 address)>
As for the tunnel not working, test this by trying to ping the other side of the tunnel (gateway) from that machine. If you can't get a ping even there, then your 6in4 tunnel isn't working. Make sure firewall isn't blocking it. If you're behind a NAT, make sure you're using the real address of the machine, not your NATed public IP. Make sure your NAT box is passing IP protocol #41 to your router.
Sorry about not posting enough info. I didn't know what to post :P
I tried using that command to add a default route. Nothing seemed to happen.
Here is the output of ip -6 route show
westly@westly-laptop /usr/src/linux $ sudo ip -6 route show
2001:470:1f04:cbe::/64 via :: dev he-ipv6 proto kernel metric 256 mtu 1480 advmss 1420 hoplimit 0
fe80::/64 dev wlan0 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 0
fe80::/64 via :: dev he-ipv6 proto kernel metric 256 mtu 1480 advmss 1420 hoplimit 0
ff00::/8 dev wlan0 metric 256 mtu 1500 advmss 1440 hoplimit 0
ff00::/8 dev he-ipv6 metric 256 mtu 1480 advmss 1420 hoplimit 0
default dev he-ipv6 metric 1024 mtu 1480 advmss 1420 hoplimit 0
default via 2001:470:1f04:cbe::1 dev he-ipv6 metric 1024 mtu 1480 advmss 1420 hoplimit 0
Looks good to me, and I changed my routes to mirror what you have and it works here.
Probably like he said above, not passing protocol 41 over your router, or possible maybe your set the tunnel to the wrong ip?
How would I go about passing protocol41 over my router?
Ok, I changed the IP from my public one to my private one, 10.10.10.100. Now I can connect, but its only one way.
westly-laptop westly # ping6 ipv6.google.comPING ipv6.google.com(nuq04s01-in-x93.1e100.net) 56 data bytes
^C
--- ipv6.google.com ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 3999ms
You only need to do that if your box doesn't actually have an public IP. If it's on the edge of your LAN, then use the public. If it's behind a firewall/router and only has a private IP, use that.
On your firewall, make sure IP protocol 41 is able to pass out, and in, and is NATed back to your IPv6 router box. Unfortunately some firewalls can't set up a static NAT for this. But most will properly handle it if it's originated from behind the firewall by setting up a connection table entry. However, if there is more than one box behind it trying to do 6in4 and being NATed to the same public IP, it will get confused, so make sure only your IPv6 router is trying to do 6in4. You may also want to try the DMZ.