Hurricane Electric's IPv6 Tunnel Broker Forums

General IPv6 Topics => IPv6 on Linux & BSD & Mac => Topic started by: horsemen on December 21, 2010, 10:30:42 AM

Title: CentOS routing help
Post by: horsemen on December 21, 2010, 10:30:42 AM
Good day, I have set obtained a /48 and succseffly set up the tunnel, my router can ping6 ipv6.google.com and I get a responce, I can also visit it on my browser. however my other host on my lan can ping only the directly connected interface and nothing else. Any help would be aprechiated. Below is the router set up

ifconfig

eth0      Link encap:Ethernet  HWaddr 00:0C:29:FB:C0:CF 
          inet addr:75.152.109.214  Bcast:75.152.111.255  Mask:255.255.240.0
          inet6 addr: 2001:470:b115::2/48 Scope:Global
          inet6 addr: fe80::20c:29ff:fefb:c0cf/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:158668 errors:0 dropped:0 overruns:0 frame:0
          TX packets:165704 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:33953895 (32.3 MiB)  TX bytes:22004342 (20.9 MiB)
          Interrupt:67 Base address:0x2000

eth1      Link encap:Ethernet  HWaddr 00:0C:29:FB:C0:D9 
          inet6 addr: 2001:470:b115::3/48 Scope:Global
          inet6 addr: fe80::20c:29ff:fefb:c0d9/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:162193 errors:0 dropped:0 overruns:0 frame:0
          TX packets:163066 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:18880419 (18.0 MiB)  TX bytes:18916588 (18.0 MiB)
          Interrupt:67 Base address:0x2080

he-ipv6   Link encap:IPv6-in-IPv4 
          inet6 addr: 2001:470:b115::1/48 Scope:Global
          inet6 addr: fe80::4b98:6dd6/128 Scope:Link
          UP POINTOPOINT RUNNING NOARP  MTU:1480  Metric:1
          RX packets:74935 errors:0 dropped:0 overruns:0 frame:0
          TX packets:74970 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:7818272 (7.4 MiB)  TX bytes:9295572 (8.8 MiB)

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:2379 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2379 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:3452546 (3.2 MiB)  TX bytes:3452546 (3.2 MiB)

ip -6 route show

unreachable ::/96 dev lo  metric 1024  expires 21334176sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable ::ffff:0.0.0.0/96 dev lo  metric 1024  expires 21334176sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
2001:470:b115::/48 via :: dev he-ipv6  metric 256  expires 21334280sec mtu 1480 advmss 1420 hoplimit 4294967295
2001:470:b115::/48 dev eth0  metric 256  expires 21334280sec mtu 1500 advmss 1440 hoplimit 4294967295
2001:470:b115::/48 dev eth1  metric 256  expires 21334280sec mtu 1500 advmss 1440 hoplimit 4294967295
unreachable 2002:a00::/24 dev lo  metric 1024  expires 21334177sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:7f00::/24 dev lo  metric 1024  expires 21334177sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:a9fe::/32 dev lo  metric 1024  expires 21334177sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:ac10::/28 dev lo  metric 1024  expires 21334177sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:c0a8::/32 dev lo  metric 1024  expires 21334177sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:e000::/19 dev lo  metric 1024  expires 21334177sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 3ffe:ffff::/32 dev lo  metric 1024  expires 21334177sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
fe80::/64 dev eth0  metric 256  expires 21334118sec mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev eth1  metric 256  expires 21334126sec mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 via :: dev he-ipv6  metric 256  expires 21334280sec mtu 1480 advmss 1420 hoplimit 4294967295
default dev he-ipv6  metric 1024  expires 21334280sec mtu 1480 advmss 1420 hoplimit 4294967295


Config Script I use

modprobe ipv6
ip tunnel add he-ipv6 mode sit remote 216.66.38.58 local 75.152.109.214 ttl 255
ip link set he-ipv6 up
ip addr add 2001:470:b115::1/48 dev he-ipv6
ip route add ::/0 dev he-ipv6
ip addr add 2001:470:b115::2/48 dev eth0
ip addr add 2001:470:b115::3/48 dev eth1
ip -f inet6 addr
sysctl -w net.ipv6.conf.all.forwarding=1

And my LAN host

ifconfig

eth0      Link encap:Ethernet  HWaddr 00:26:18:3b:0b:1f 
          inet addr:10.0.0.10  Bcast:10.255.255.255  Mask:255.0.0.0
          inet6 addr: fe80::226:18ff:fe3b:b1f/64 Scope:Link
          inet6 addr: 2001:470:b115::4/48 Scope:Global
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:164831 errors:0 dropped:0 overruns:0 frame:0
          TX packets:161984 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:19638355 (18.7 MiB)  TX bytes:18800088 (17.9 MiB)
          Interrupt:222 Base address:0x6000

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:23 errors:0 dropped:0 overruns:0 frame:0
          TX packets:23 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:2840 (2.7 KiB)  TX bytes:2840 (2.7 KiB)

ip -6 route show

2001:470:b115::/48 dev eth0  proto kernel  metric 256  expires 2590586sec mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev eth0  metric 256  mtu 1500 advmss 1440 hoplimit 4294967295
default via fe80::20c:29ff:fefb:c0d9 dev eth0  proto kernel  metric 1024  expires 224sec mtu 1500 advmss 1440 hoplimit 64


Again Thanks for any help

Shawn Foisy
Title: Re: CentOS routing help
Post by: cholzhauer on December 21, 2010, 10:34:08 AM
First, a couple things.

The IP on he-ipv6 should be 2001:470:b115::2 and your default route should point to 2001:470:b115::1

The IP you have on eth0 should be out of the /48 you grabbed.  

EDIT:

Same thing for eth1..take a /64 out of your /48 and assign an address out of that

Same thing for your lan host...take another /64 out of your /48 and assign an IP address out of that
Title: Re: CentOS routing help
Post by: horsemen on December 21, 2010, 10:40:50 AM
Routed /48:    2001:470:b115::/48

the 2001:470:b115:: is my routable address space so using    2001:470:b115::X should be alright?

I am going to make the change noted above and let you know.
Title: Re: CentOS routing help
Post by: cholzhauer on December 21, 2010, 10:46:49 AM
If that's what you say it is, so be it.

The problem is you're using that same network for your tunnel /64

Let me see if I can make this clearer...  Lets say 2001:db8:1:1::/64 is your tunnel /64 and 2001:db8:f::/48 is your routed /48.  The address on he-ipv6 should be 2001:db8:1:1::2 and the default route should point to 2001:db8:1:1::1  For eth0 on your tunnel machine, you would select a /64 out of your /48, say 2001:db8:f:1::/64 and assign an address, say 2001:db8:f:1::1.  Then, for eth1, you assign another, say 2001:db8:f:2::1  (assuming those are connected to different networks).  For eth0 on your host computer, you select another, say 2001:db8:f:3::1

Make sense?

What is your tunnel /64 that's listed on the webpage?
Title: Re: CentOS routing help
Post by: horsemen on December 21, 2010, 11:00:28 AM
   Routed /64:    2001:470:1d:417::/64

so I made some changes to the script

modprobe ipv6
ip tunnel add he-ipv6 mode sit remote 216.66.38.58 local 75.152.109.214 ttl 255
ip link set he-ipv6 up
ip addr add 2001:470:1d:417::2/64  dev he-ipv6
ip route add ::/0 dev he-ipv6
ip addr add 2001:470:b115::1:1/64 dev eth0
ip addr add 2001:470:b115::2:1/64 dev eth1
ip -f inet6 addr
sysctl -w net.ipv6.conf.all.forwarding=1

I think this right?
so on the host machine I would use say 2001:470:b115::3:1/64 dev eth0 ? and what about the next machine on the LAN i could use 2001:470:b115::3:2/64 ?

but eth1 and LAN machine are connected via a swith so they should be on the same network 2001:470:b115::2:2/64 ?

I am going to restart the router with the canges and see if anything works.

also how do i make the default route: 2001:db8:1:1::1  For eth0 on my tunnel machine?

Title: Re: CentOS routing help
Post by: cholzhauer on December 21, 2010, 11:06:29 AM
You are hosting this tunnel on a PC, right?  (as opposed to a cisco router or something)

If eth1 and your lan machines are on the same network segment, then yes, they should have the same  /64.  One host could be 2001:470:b115::2:2, one could be 2001:470:b115::2:3, ect.  If you did that, 2001:470:b115::3:1 would be acceptable to use on eth0

I'm not sure what you mean by this

Quote
also how do i make the default route: 2001:db8:1:1::1  For eth0 on my tunnel machine?
Title: Re: CentOS routing help
Post by: horsemen on December 21, 2010, 11:30:31 AM
You are hosting this tunnel on a PC, right?  (as opposed to a cisco router or something)
yes its a CentOS Linux box or well VM

and I ment how do I add the default route
ip -6 route add :: via 2001:470:1d:417::1/64 ?

So I canged the address and they are

eth0      Link encap:Ethernet  HWaddr 00:0C:29:FB:C0:CF 
          inet addr:75.152.109.214  Bcast:75.152.111.255  Mask:255.255.240.0
          inet6 addr: 2001:470:b115::1:1/64 Scope:Global
          inet6 addr: fe80::20c:29ff:fefb:c0cf/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2539 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2274 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:2522712 (2.4 MiB)  TX bytes:378260 (369.3 KiB)
          Interrupt:75 Base address:0x2000

eth1      Link encap:Ethernet  HWaddr 00:0C:29:FB:C0:D9 
          inet6 addr: 2001:470:b115::2:1/64 Scope:Global
          inet6 addr: fe80::20c:29ff:fefb:c0d9/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:412 errors:0 dropped:0 overruns:0 frame:0
          TX packets:422 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:48828 (47.6 KiB)  TX bytes:51682 (50.4 KiB)
          Interrupt:75 Base address:0x2080

he-ipv6   Link encap:IPv6-in-IPv4 
          inet6 addr: 2001:470:1d:417::2/64 Scope:Global
          inet6 addr: fe80::4b98:6dd6/128 Scope:Link
          UP POINTOPOINT RUNNING NOARP  MTU:1480  Metric:1
          RX packets:841 errors:0 dropped:0 overruns:0 frame:0
          TX packets:850 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:622887 (608.2 KiB)  TX bytes:231573 (226.1 KiB)

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:2636 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2636 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:3861316 (3.6 MiB)  TX bytes:3861316 (3.6 MiB)

and LAN host is now 2001:470:b115::2:2/64 and it can ping 2001:470:b115::2:1 not a problem but not 2001:470:b115::1:1 I get destination unreachable address unreachable. If I try to ping the tunnel 2001:470:1d:417::2 I get Connect: Network unreachable.

Sorry for my ignorance, and thaks for the help
Title: Re: CentOS routing help
Post by: cholzhauer on December 21, 2010, 11:42:26 AM
So if you do a "ping6 2001:470:1d:417::1" it doesn't work?  That's the other end of the tunnel, which means your runnel isn't up.  But, from the traffic statistics, it looks like traffic is being sent. (There's more traffic there than there is on eth1)

You're going to want to route your /48 out eth1.

As for your default route, take a look at this  (Which, if you don't have a default route, pings wouldn't be working)
 
http://www.cyberciti.biz/tips/linux-ipv6-default-route-not-working.html
Title: Re: CentOS routing help
Post by: horsemen on December 21, 2010, 11:52:38 AM
this is what I get from the router

[root@d75-152-109-214 ~]# ping6 2001:470:1d:417::1
PING 2001:470:1d:417::1(2001:470:1d:417::1) 56 data bytes
From 2001:470:1d:417::2 icmp_seq=0 Time exceeded: Hop limit
From 2001:470:1d:417::2 icmp_seq=1 Time exceeded: Hop limit

[root@d75-152-109-214 ~]# ping6 ipv6.google.com
PING ipv6.google.com(iw-in-x68.1e100.net) 56 data bytes
64 bytes from iw-in-x68.1e100.net: icmp_seq=0 ttl=54 time=101 ms
64 bytes from iw-in-x68.1e100.net: icmp_seq=1 ttl=54 time=101 ms
64 bytes from iw-in-x68.1e100.net: icmp_seq=2 ttl=54 time=102 ms

as for routing the /48
[root@d75-152-109-214 ~]# ip -6 route add 2001:470:b115::/48 via 2001:470:b115::2:1 dev eth1
RTNETLINK answers: No route to host

I'm lost


Title: Re: CentOS routing help
Post by: cholzhauer on December 21, 2010, 11:53:58 AM
What do your routing tables look like now
Title: Re: CentOS routing help
Post by: horsemen on December 21, 2010, 11:56:03 AM
[root@d75-152-109-214 ~]# ip -6 route show
:: via 2001:470:1d:417::1 dev he-ipv6  metric 1024  expires 21333788sec mtu 1480 advmss 1420 hoplimit 4294967295
unreachable ::/96 dev lo  metric 1024  expires 21333664sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable ::ffff:0.0.0.0/96 dev lo  metric 1024  expires 21333664sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
2001:470:1d:417::/64 via :: dev he-ipv6  metric 256  expires 21333739sec mtu 1480 advmss 1420 hoplimit 4294967295
2001:470:b115::/64 dev eth0  metric 256  expires 21333739sec mtu 1500 advmss 1440 hoplimit 4294967295
2001:470:b115::/64 dev eth1  metric 256  expires 21333739sec mtu 1500 advmss 1440 hoplimit 4294967295
unreachable 2002:a00::/24 dev lo  metric 1024  expires 21333664sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:7f00::/24 dev lo  metric 1024  expires 21333664sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:a9fe::/32 dev lo  metric 1024  expires 21333664sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:ac10::/28 dev lo  metric 1024  expires 21333664sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:c0a8::/32 dev lo  metric 1024  expires 21333664sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:e000::/19 dev lo  metric 1024  expires 21333664sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 3ffe:ffff::/32 dev lo  metric 1024  expires 21333664sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
fe80::/64 dev eth0  metric 256  expires 21333618sec mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev eth1  metric 256  expires 21333622sec mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 via :: dev he-ipv6  metric 256  expires 21333739sec mtu 1480 advmss 1420 hoplimit 4294967295
default dev he-ipv6  metric 1024  expires 21333739sec mtu 1480 advmss 1420 hoplimit 4294967295
[root@d75-152-109-214 ~]#
Title: Re: CentOS routing help
Post by: cholzhauer on December 21, 2010, 12:03:29 PM
Code: [Select]
default dev he-ipv6  metric 1024  expires 21333739sec mtu 1480 advmss 1420 hoplimit 4294967295

That's your default route.

I've read that for some kernels, you need to add that route from the link before

ip route add 2000::/3 dev he-ipv6
Title: Re: CentOS routing help
Post by: horsemen on December 21, 2010, 12:18:34 PM
i've added the route.

here is what I get from router

[root@d75-152-109-214 ~]# ping6 ipv6.google.com
PING ipv6.google.com(iw-in-x63.1e100.net) 56 data bytes
64 bytes from iw-in-x63.1e100.net: icmp_seq=0 ttl=54 time=101 ms
64 bytes from iw-in-x63.1e100.net: icmp_seq=1 ttl=54 time=102 ms
64 bytes from iw-in-x63.1e100.net: icmp_seq=2 ttl=54 time=101 ms

--- ipv6.google.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 9875ms
rtt min/avg/max/mdev = 101.408/101.679/102.186/0.443 ms, pipe 2
[root@d75-152-109-214 ~]# ping6 2001:470:1d:417::1
PING 2001:470:1d:417::1(2001:470:1d:417::1) 56 data bytes
From 2001:470:1d:417::2 icmp_seq=0 Time exceeded: Hop limit
From 2001:470:1d:417::2 icmp_seq=1 Time exceeded: Hop limit
From 2001:470:1d:417::2 icmp_seq=2 Time exceeded: Hop limit

--- 2001:470:1d:417::1 ping statistics ---
5 packets transmitted, 0 received, +3 errors, 100% packet loss, time 5380ms

also i did
ip route add 2001:470:b115::/48 dev eth1

[root@d75-152-109-214 ~]# ip -6 route show
:: via 2001:470:1d:417::1 dev he-ipv6  metric 1024  expires 21333005sec mtu 1480 advmss 1420 hoplimit 4294967295
unreachable ::/96 dev lo  metric 1024  expires 21332882sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable ::ffff:0.0.0.0/96 dev lo  metric 1024  expires 21332882sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
2001:470:1d:417::/64 via :: dev he-ipv6  metric 256  expires 21332957sec mtu 1480 advmss 1420 hoplimit 4294967295
2001:470:b115::/64 dev eth0  metric 256  expires 21332957sec mtu 1500 advmss 1440 hoplimit 4294967295
2001:470:b115::/64 dev eth1  metric 256  expires 21332957sec mtu 1500 advmss 1440 hoplimit 4294967295
2001:470:b115::/48 dev eth1  metric 1024  expires 21334321sec mtu 1500 advmss 1440 hoplimit 4294967295
unreachable 2002:a00::/24 dev lo  metric 1024  expires 21332882sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:7f00::/24 dev lo  metric 1024  expires 21332882sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:a9fe::/32 dev lo  metric 1024  expires 21332882sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:ac10::/28 dev lo  metric 1024  expires 21332882sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:c0a8::/32 dev lo  metric 1024  expires 21332882sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:e000::/19 dev lo  metric 1024  expires 21332882sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 3ffe:ffff::/32 dev lo  metric 1024  expires 21332882sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
2000::/3 dev he-ipv6  metric 1024  expires 21334136sec mtu 1480 advmss 1420 hoplimit 4294967295
fe80::/64 dev eth0  metric 256  expires 21332836sec mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev eth1  metric 256  expires 21332840sec mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 via :: dev he-ipv6  metric 256  expires 21332957sec mtu 1480 advmss 1420 hoplimit 4294967295
default dev he-ipv6  metric 1024  expires 21332957sec mtu 1480 advmss 1420 hoplimit 4294967295
[root@d75-152-109-214 ~]#

Host still can't ping outside 2001:470:b115::2:/64

Thanks for your help so far


Title: Re: CentOS routing help
Post by: cholzhauer on December 21, 2010, 12:30:11 PM
Something strange is happening

Code: [Select]
[carl@mars ~]$ ping6 2001:470:1d:417::2
PING6(56=40+8+8 bytes) 2001:470:c27d:e000:20c:29ff:fe8a:1618 --> 2001:470:1d:417::2
16 bytes from 2001:470:1d:417::2, icmp_seq=0 hlim=57 time=252.102 ms
16 bytes from 2001:470:1d:417::2, icmp_seq=1 hlim=57 time=149.014 ms
16 bytes from 2001:470:1d:417::2, icmp_seq=2 hlim=57 time=144.916 ms
16 bytes from 2001:470:1d:417::2, icmp_seq=3 hlim=57 time=144.671 ms
^C
--- 2001:470:1d:417::2 ping6 statistics ---
4 packets transmitted, 4 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 144.671/172.676/252.102/45.889 ms

[carl@mars ~]$ ping6 2001:470:1d:417::1
PING6(56=40+8+8 bytes) 2001:470:c27d:e000:20c:29ff:fe8a:1618 --> 2001:470:1d:417::1
^C
--- 2001:470:1d:417::1 ping6 statistics ---
3 packets transmitted, 0 packets received, 100.0% packet loss

According to that, I can ping your side of the tunnel, but not HE's side

I can even ping your eth1

Code: [Select]

[carl@mars ~]$ ping6  2001:470:b115::2:1
PING6(56=40+8+8 bytes) 2001:470:c27d:e000:20c:29ff:fe8a:1618 --> 2001:470:b115::2:1
16 bytes from 2001:470:b115::2:1, icmp_seq=0 hlim=57 time=146.072 ms
16 bytes from 2001:470:b115::2:1, icmp_seq=1 hlim=57 time=145.695 ms
16 bytes from 2001:470:b115::2:1, icmp_seq=2 hlim=57 time=145.200 ms
^C
--- 2001:470:b115::2:1 ping6 statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 145.200/145.656/146.072/0.357 ms
Title: Re: CentOS routing help
Post by: horsemen on December 21, 2010, 12:37:45 PM
can you ping6  2001:470:b115::2:2 ?

and that is weird?

I will restart the router maybe somthing got cofufled in changing settings?

Title: Re: CentOS routing help
Post by: cholzhauer on December 21, 2010, 12:41:08 PM
Code: [Select]
[carl@mars ~]$ ping6  2001:470:b115::2:2
PING6(56=40+8+8 bytes) 2001:470:c27d:e000:20c:29ff:fe8a:1618 --> 2001:470:b115::2:2
^C
--- 2001:470:b115::2:2 ping6 statistics ---
6 packets transmitted, 0 packets received, 100.0% packet loss
Title: Re: CentOS routing help
Post by: horsemen on December 21, 2010, 12:48:06 PM
Ok I restarted

setup config:
[root@d75-152-109-214 ~]# modprobe ipv6
[root@d75-152-109-214 ~]# ip tunnel add he-ipv6 mode sit remote 216.66.38.58 local 75.152.109.214 ttl 255
[root@d75-152-109-214 ~]# ip link set he-ipv6 up
[root@d75-152-109-214 ~]# ip addr add 2001:470:1d:417::2/64  dev he-ipv6
[root@d75-152-109-214 ~]# ip route add ::/0 dev he-ipv6
[root@d75-152-109-214 ~]# ip addr add 2001:470:b115::1:1/64 dev eth0
[root@d75-152-109-214 ~]# ip addr add 2001:470:b115::2:1/64 dev eth1
[root@d75-152-109-214 ~]# ip -f inet6 addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 1000
    inet6 2001:470:b115::1:1/64 scope global tentative
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fefb:c0cf/64 scope link
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 1000
    inet6 2001:470:b115::2:1/64 scope global tentative
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fefb:c0d9/64 scope link
       valid_lft forever preferred_lft forever
5: he-ipv6@NONE: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1480
    inet6 2001:470:1d:417::2/64 scope global
       valid_lft forever preferred_lft forever
    inet6 fe80::4b98:6dd6/128 scope link
       valid_lft forever preferred_lft forever
[root@d75-152-109-214 ~]# sysctl -w net.ipv6.conf.all.forwarding=1
net.ipv6.conf.all.forwarding = 1
[root@d75-152-109-214 ~]# ip -6 route add :: via 2001:470:1d:417::1
[root@d75-152-109-214 ~]# ip route add 2000::/3 dev he-ipv6
[root@d75-152-109-214 ~]# ip route add 2001:470:b115::/48 dev eth1
[root@d75-152-109-214 ~]#

[root@d75-152-109-214 ~]# ip -6 route show
:: via 2001:470:1d:417::1 dev he-ipv6  metric 1024  expires 21334325sec mtu 1480 advmss 1420 hoplimit 4294967295
unreachable ::/96 dev lo  metric 1024  expires 21334278sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable ::ffff:0.0.0.0/96 dev lo  metric 1024  expires 21334278sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
2001:470:1d:417::/64 via :: dev he-ipv6  metric 256  expires 21334324sec mtu 1480 advmss 1420 hoplimit 4294967295
2001:470:b115::/64 dev eth0  metric 256  expires 21334324sec mtu 1500 advmss 1440 hoplimit 4294967295
2001:470:b115::/64 dev eth1  metric 256  expires 21334324sec mtu 1500 advmss 1440 hoplimit 4294967295
2001:470:b115::/48 dev eth1  metric 1024  expires 21334325sec mtu 1500 advmss 1440 hoplimit 4294967295
unreachable 2002:a00::/24 dev lo  metric 1024  expires 21334278sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:7f00::/24 dev lo  metric 1024  expires 21334278sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:a9fe::/32 dev lo  metric 1024  expires 21334278sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:ac10::/28 dev lo  metric 1024  expires 21334278sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:c0a8::/32 dev lo  metric 1024  expires 21334278sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:e000::/19 dev lo  metric 1024  expires 21334278sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 3ffe:ffff::/32 dev lo  metric 1024  expires 21334278sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
2000::/3 dev he-ipv6  metric 1024  expires 21334325sec mtu 1480 advmss 1420 hoplimit 4294967295
fe80::/64 dev eth0  metric 256  expires 21334235sec mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev eth1  metric 256  expires 21334238sec mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 via :: dev he-ipv6  metric 256  expires 21334324sec mtu 1480 advmss 1420 hoplimit 4294967295
default dev he-ipv6  metric 1024  expires 21334324sec mtu 1480 advmss 1420 hoplimit 4294967295
[root@d75-152-109-214 ~]#

[root@d75-152-109-214 ~]# ping6 2001:470:1d:417::1
PING 2001:470:1d:417::1(2001:470:1d:417::1) 56 data bytes
From 2001:470:1d:417::2 icmp_seq=0 Time exceeded: Hop limit
From 2001:470:1d:417::2 icmp_seq=1 Time exceeded: Hop limit
From 2001:470:1d:417::2 icmp_seq=2 Time exceeded: Hop limit

[root@d75-152-109-214 ~]# ping6 ipv6.google.com
PING ipv6.google.com(iw-in-x67.1e100.net) 56 data bytes
64 bytes from iw-in-x67.1e100.net: icmp_seq=0 ttl=54 time=101 ms
64 bytes from iw-in-x67.1e100.net: icmp_seq=1 ttl=54 time=101 ms
64 bytes from iw-in-x67.1e100.net: icmp_seq=2 ttl=54 time=101 ms

--- ipv6.google.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 9904ms
rtt min/avg/max/mdev = 101.299/101.556/101.728/0.185 ms, pipe 2
[root@d75-152-109-214 ~]#
Title: Re: CentOS routing help
Post by: cholzhauer on December 21, 2010, 01:00:33 PM
One thought I had...you have two different /64's on your tunnel page...what's the other one?  One is your tunnel /64 and the other is your routed /64 that you can use for hosts.
Title: Re: CentOS routing help
Post by: broquea on December 21, 2010, 01:17:02 PM
You have very odd 2002 and 3ffe routes on your system, yet I don't see a 6to4 interface, nor anything with 3ffe on it...only thing that pops into mind.
Title: Re: CentOS routing help
Post by: horsemen on December 21, 2010, 01:17:58 PM
   Server IPv4 address:    216.66.38.58
   Server IPv6 address:    2001:470:1c:417::1/64
   Client IPv4 address:    75.152.109.214
   Client IPv6 address:    2001:470:1c:417::2/64
Available DNS Resolvers
   Anycasted IPv6 Caching Nameserver:    2001:470:20::2
   Anycasted IPv4 Caching Nameserver:    74.82.42.42
Routed IPv6 Prefixes and rDNS Delegations
   Routed /48:    2001:470:b115::/48
   Routed /64:    2001:470:1d:417::/64
Title: Re: CentOS routing help
Post by: cholzhauer on December 21, 2010, 01:19:42 PM
Ah ha.

You need to be using 2001:470:1c:417::1 for your default route and 2001:470:1c:417::2 for he-ipv6
Title: Re: CentOS routing help
Post by: horsemen on December 21, 2010, 01:42:26 PM
Ok here we go again

[root@d75-152-109-214 ~]# modprobe ipv6
[root@d75-152-109-214 ~]# ip tunnel add he-ipv6 mode sit remote 216.66.38.58 local 75.152.109.214 ttl 255
[root@d75-152-109-214 ~]# ip link set he-ipv6 up
[root@d75-152-109-214 ~]# ip addr add 2001:470:1c:417::2/64  dev he-ipv6
[root@d75-152-109-214 ~]# ip route add ::/0 dev he-ipv6
[root@d75-152-109-214 ~]# ip addr add 2001:470:b115::1:1/64 dev eth0
[root@d75-152-109-214 ~]# ip addr add 2001:470:b115::2:1/64 dev eth1
[root@d75-152-109-214 ~]# ip -f inet6 addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 1000
    inet6 2001:470:b115::1:1/64 scope global tentative
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fefb:c0cf/64 scope link
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 1000
    inet6 2001:470:b115::2:1/64 scope global tentative
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fefb:c0d9/64 scope link
       valid_lft forever preferred_lft forever
5: he-ipv6@NONE: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1480
    inet6 2001:470:1c:417::2/64 scope global
       valid_lft forever preferred_lft forever
    inet6 fe80::4b98:6dd6/128 scope link
       valid_lft forever preferred_lft forever
[root@d75-152-109-214 ~]# sysctl -w net.ipv6.conf.all.forwarding=1
net.ipv6.conf.all.forwarding = 1
[root@d75-152-109-214 ~]# ip -6 route add :: via 2001:470:1c:417::1
[root@d75-152-109-214 ~]# ip route add 2000::/3 dev he-ipv6
[root@d75-152-109-214 ~]# ip route add 2001:470:b115::/48 dev eth1
[root@d75-152-109-214 ~]#

This should be right now, I hope.

[root@d75-152-109-214 ~]# ping6 2001:470:1c:417::1
PING 2001:470:1c:417::1(2001:470:1c:417::1) 56 data bytes
64 bytes from 2001:470:1c:417::1: icmp_seq=0 ttl=64 time=63.3 ms
64 bytes from 2001:470:1c:417::1: icmp_seq=1 ttl=64 time=63.2 ms
64 bytes from 2001:470:1c:417::1: icmp_seq=2 ttl=64 time=62.8 ms

--- 2001:470:1c:417::1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 3194ms
rtt min/avg/max/mdev = 62.873/63.137/63.302/0.188 ms, pipe 2
[root@d75-152-109-214 ~]#

Thats better :)

[root@d75-152-109-214 ~]# ping6 ipv6.google.com
PING ipv6.google.com(pw-in-x67.1e100.net) 56 data bytes
64 bytes from pw-in-x67.1e100.net: icmp_seq=0 ttl=50 time=148 ms
64 bytes from pw-in-x67.1e100.net: icmp_seq=1 ttl=50 time=149 ms
64 bytes from pw-in-x67.1e100.net: icmp_seq=2 ttl=50 time=148 ms
64 bytes from pw-in-x67.1e100.net: icmp_seq=3 ttl=50 time=148 ms

--- ipv6.google.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 11080ms
rtt min/avg/max/mdev = 148.711/148.858/149.111/0.414 ms, pipe 2
[root@d75-152-109-214 ~]#

still works

LAN host can still only ping 2001:470:b115::2:1

All the Time I have today need to goto work.
I'll get back at it tomorrow
Title: Re: CentOS routing help
Post by: broquea on December 21, 2010, 01:43:11 PM
Make sure sysctl is configured to enable ipv6 packet forwarding., and what is the IP of the LAN host?
Title: Re: CentOS routing help
Post by: horsemen on December 21, 2010, 01:51:23 PM
sysctl -w net.ipv6.conf.all.forwarding=1
[root@d75-152-109-214 ~]# cat /proc/sys/net/ipv6/conf/all/forwarding
1
[root@d75-152-109-214 ~]#

LAN host
2001:470:b115::2:2/64
Title: Re: CentOS routing help
Post by: broquea on December 21, 2010, 01:56:24 PM
Well mtr can reach 2001:470:b115::2:1 but not 2001:470:b115::2:2 so not sure, but at least the /48 is routed correctly on our side.
Title: Re: CentOS routing help
Post by: cholzhauer on December 21, 2010, 03:56:23 PM
It's probably either a firewall or routing issue..what does your routing table look like now
Title: Re: CentOS routing help
Post by: horsemen on December 21, 2010, 11:47:52 PM
[root@d75-152-109-214 ~]# ip -6 route show
:: via 2001:470:1c:417::1 dev he-ipv6  metric 1024  expires 21312055sec mtu 1480 advmss 1420 hoplimit 4294967295
unreachable ::/96 dev lo  metric 1024  expires 21312000sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable ::ffff:0.0.0.0/96 dev lo  metric 1024  expires 21312000sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
2001:470:1c:417::/64 via :: dev he-ipv6  metric 256  expires 21312054sec mtu 1480 advmss 1420 hoplimit 4294967295
2001:470:b115::/64 dev eth0  metric 256  expires 21312054sec mtu 1500 advmss 1440 hoplimit 4294967295
2001:470:b115::/64 dev eth1  metric 256  expires 21312054sec mtu 1500 advmss 1440 hoplimit 4294967295
2001:470:b115::/48 dev eth1  metric 1024  expires 21312057sec mtu 1500 advmss 1440 hoplimit 4294967295
unreachable 2002:a00::/24 dev lo  metric 1024  expires 21312000sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:7f00::/24 dev lo  metric 1024  expires 21312000sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:a9fe::/32 dev lo  metric 1024  expires 21312000sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:ac10::/28 dev lo  metric 1024  expires 21312000sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:c0a8::/32 dev lo  metric 1024  expires 21312000sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:e000::/19 dev lo  metric 1024  expires 21312000sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 3ffe:ffff::/32 dev lo  metric 1024  expires 21312000sec error -101 mtu 16436 advmss 16376 hoplimit 4294967295
2000::/3 dev he-ipv6  metric 1024  expires 21312055sec mtu 1480 advmss 1420 hoplimit 4294967295
fe80::/64 dev eth0  metric 256  expires 21311958sec mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev eth1  metric 256  expires 21311962sec mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 via :: dev he-ipv6  metric 256  expires 21312054sec mtu 1480 advmss 1420 hoplimit 4294967295
default dev he-ipv6  metric 1024  expires 21312054sec mtu 1480 advmss 1420 hoplimit 4294967295

no firewall enabled on this machine
Title: Re: CentOS routing help
Post by: horsemen on December 21, 2010, 11:54:48 PM
LAN host routing

2001:470:b115::/64 dev eth0  metric 256  mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev eth0  metric 256  mtu 1500 advmss 1440 hoplimit 4294967295
default dev eth0  metric 1024  mtu 1500 advmss 1440 hoplimit 4294967295
Title: Re: CentOS routing help
Post by: horsemen on December 22, 2010, 12:35:48 AM
if this helps
 
   I-NET -------> eth0-------------CentOS Box----------------------------------------------------------------eth1----------------[switch]---------->LAN (one ipv6
                         75.152.109.214                                                                                                 2001:470:b115::2:1/64                 so far)
                         2001:470:b115::1:1/64(probably don't need)                                                                                                 2001:470:b115::2:2/64
                         he-ipv6(2001:470:1c:417::2/64)
                          
Title: Re: CentOS routing help
Post by: cholzhauer on December 22, 2010, 04:52:56 AM
This might be a different between FreeBSD and CentOS, but on my router, I specify the next hop.  For example, my default route points to my tunnel interface (gif1) but I've routed my /48 at the next router in the mix.

Code: [Select]
default                                   gif1                          US         gif1
2001:470:1f10:2aa::/64            link#6                        U          gif1
2001:470:c27d::/48                2001:470:c27d:d000:21d:a2ff:feaf:2ffd UGS        nfe0
Title: Re: CentOS routing help
Post by: horsemen on December 22, 2010, 10:23:13 AM
I thought I was he-ipv6 is the tunnel

default dev he-ipv6  metric 1024  expires 21312054sec mtu 1480 advmss 1420 hoplimit 4294967295

my LAN machine can't ping that address so I didn't think that would work.
maybe I should try somthing other than centOS for the router
Title: Re: CentOS routing help
Post by: cholzhauer on December 22, 2010, 10:25:47 AM
That would be my vote ;)
Title: Re: CentOS routing help
Post by: horsemen on December 22, 2010, 10:36:38 AM
I think I'll try debian, I have more experience with it as a IPV4 router.
Thanks for the help
I'll probably be back.
Title: Re: CentOS routing help
Post by: horsemen on December 22, 2010, 01:59:14 PM
I used debian and it works, you can now ping 2001:470:b115:2::1 and 2001:470:b115:2::2  ;D

THANKS for all the help
Title: Re: CentOS routing help
Post by: cholzhauer on December 23, 2010, 06:08:36 AM
Funny how easy it was that time ;)

Glad to hear it's up and working
Title: Re: CentOS routing help
Post by: jasonvp on December 31, 2010, 02:49:42 PM
It seems as tho though the OP got his Linux/V6 stuff working by switching away from CentOS.  If anyone's still struggling through it, I'll provide my experience.  I just set this up today (31 December).  My configuration is a small Linux router with 3 Ethernet interfaces:

I have a /28 of public IPv4 space from my Internet provider, which is why I have a "public" and "private" side to the router.  For v4, the router routes natively through all interfaces except when the private LAN tries to talk out to the Internet.  Then, and only then, does it NAT.

Now, for v6.  Three basic steps:

1. Set the Tunnel Up with HE and Enable IP Forwarding
Edit the following files:
/etc/sysconfig/network
Code: [Select]
NETWORKING_IPV6=yes
IPV6_AUTOCONF=no
IPV6_DEFAULTGW=<V6 Gateway on other end of Tunnel>
IPV6_DEFAULTDEV=sit1

/etc/sysconfig/network-scripts/ifcfg-sit1
Code: [Select]
DEVICE=sit1
IPV6INIT=yes
IPV6TUNNELIPV4=<V4 Remote end of Tunnel>
IPV6TUNNELIPV4LOCAL=<V4 Local end of Tunnel>
IPV6ADDR=<V6 Local end of Tunnel>

/etc/sysctl.conf
Code: [Select]
net.ipv4.ip_forward = 1
net.ipv6.conf.all.forwarding = 1

Once those files are saved, perform this as root:
Code: [Select]
service network restart
The tunnel should be up at this point.  Verify that by grabbing the v6 IP of the remote end of the tunnel and:
Code: [Select]
ping6 <v6 remote end>
2. Set up Manual v6 IPs on Router Interfaces
Assuming you have a block from HE, you'll want to pick a /64 from it and set that LAN up on the internal Ethernet interface.  Since I have 2 Ethernets, I actually have 2 /64s.  Either way, let's say eth1 is your internal LAN.  Figure out what static(!) IP address you want your router to have, and configure it thusly:

/etc/sysconfig/network-scripts/ifcfg-eth1
Code: [Select]
IPV6INIT=yes
IPV6_AUTOCONF=no
IPV6ADDR=<your v6 router IP>
IPV6_ROUTER=yes

Most people like to IP their routers as the first IP in the subnet.  I'm a bit goofy in that I typically configure mine at the very end of the subnet.  My subnet from HE is: 2001:470:e2f8::/48.  I carved off 2 /64s from that and IP'd my router interfaces as: 2001:470:e2f8:6969:ffff:ffff:ffff:ffff/64 and 2001:470:e2f8:7777:ffff:ffff:ffff:ffff/64 (yep, I'm a pig).  I put those IPs into my ifcfg-eth0 and ifcfg-eth1 files accordingly.

Doing another:
Code: [Select]
service network restart
will bring up eth1 with the new v6 IP.

3. Enable Route Advertisement
If you want the rest of your machines to auto-config properly, you want to make sure you have the RADVD daemon installed and running.  If it isn't:
Code: [Select]
yum install radvd
The configuration for radvd is in the file /etc/radvd.conf.  A quick and dirty config for eth1 would look like:
Code: [Select]
interface eth1
{
       AdvSendAdvert on;
       MinRtrAdvInterval 30;
       MaxRtrAdvInterval 100;
       prefix <YOUR SUBNET HERE>/64
       {
               AdvOnLink on;
               AdvAutonomous on;
               AdvRouterAddr on;
       };

};

Make sure it'll start when you reboot:
Code: [Select]
chkconfig radvd on
And kick it into gear:
Code: [Select]
service radvd start
Once done, you should have a running v6 router with internal clients that are all able to connect via v6.

ETA: Fixed IP Forwarding and Default Device configurations

jas
Title: Re: CentOS routing help
Post by: aboron on November 25, 2011, 12:06:14 PM
Thanks for your summary jasonvp - that was pretty much exactly the information I needed to start getting my configs created, as I run a very similar network setup at home with 3 zones, etc.

One significant difference I have here though, my ISP gives me a dynamic IP address.  It doesn't change often, but it was preventing me from taking full advantage of automatic network scripts.  So I came up with a pair of bash scripts to help automate the changes that happen when my external IP changes.

(just fyi, I'm running Scientific Linux 6 - in case someone catches a minor variance from Centos - they are both downstream from RHEL either way)

The first script is my IP address detector, it gets run every minute via crontab:

Code: [Select]
#!/bin/bash
# checkip dev save-file run-script
NUMPARAMS=3
if [ $# -lt "$NUMPARAMS" ]
then
  echo "Usage:  checkip dev save-file change-script"
  echo "   eg:  checkip eth0 /etc/dhcp/current_ip.txt /etc/dhcp/ip_changed_script"
  echo ""
  echo "   change-script will be called with the new ip as a parameter"
  echo "   This script is best run from crontab every few minutes"
  exit 0
fi

# This method of cropping out an IP address from ifconfig is like web page scraping, and may break on future text output format changes...
current_ip=`/sbin/ifconfig "$1" | /bin/grep 'inet addr:[0-9]' | /usr/bin/tr -s " " | /bin/cut -d":" -f2 | /bin/cut -d" " -f1`
if [ -z "$current_ip" ]
then
  exit 0
fi

touch "$2"

last_ip=`cat "$2"`
if [ "$current_ip" != "$last_ip" ]
then
  echo "$current_ip" > "$2"
  $3 $current_ip
fi

The above script will save what it thinks is the current IP in the file you specify and only fires the change script if it is different (if you need to force it, delete the save file.)

the crontab line:
Code: [Select]
*  *  *  *  *  /etc/dhcp/checkip eth0 /etc/dhcp/ip.txt /etc/dhcp/ipchanged

And here is the script it runs when the IP changes (/etc/dhcp/ipchanged):

Code: [Select]
#!/bin/bash

# Do the DNS server update
TTL=3600
SERVER=ns.example.com
ZONE=example.com.
HOSTNAME=dynip.example.com.
KEYFILE=/etc/dhcp/Kdynip.example.com.+123+45678.key
/usr/bin/nsupdate -v -k $KEYFILE > /dev/null << EOF
server $SERVER
zone $ZONE
update delete $HOSTNAME A
update add $HOSTNAME $TTL A $1
send
EOF

# Ping HE from our new IPv4 address
/usr/bin/wget --delete-after --no-check-certificate "https://username:password@ipv4.tunnelbroker.net/ipv4_end.php?tid=000000" > /dev/null 2>&1

# Edit the tunnel config file to contain our new IPv4
/bin/cp -f /etc/sysconfig/network-scripts/ifcfg-sit1 /etc/sysconfig/network-scripts/ifcfg-sit1.tmp
/bin/sed -e "/^IPV6TUNNELIPV4LOCAL=/ s/IPV6TUNNELIPV4LOCAL=[0-9.]*/IPV6TUNNELIPV4LOCAL=$1/" </etc/sysconfig/network-scripts/ifcfg-sit1.tmp >/etc/sysconfig/network-scripts/ifcfg-sit1

# Wait for the dust to settle, then restart our tunnel
/bin/sleep 90 | /sbin/ifdown sit1 && /sbin/ifup sit1

This script will:
1) Contact my colo server and update my dns (change that example.com stuff for your own use, see: http://linux.yyz.us/nsupdate/ and http://dag.wieers.com/howto/bits/bind-ddns.php for how to get this set up)
2) Send a web request out my new IP to HE's simple tunnelbroker ipv4 endpoint updater, change "tid=000000" to your tunnel id and use your login/pw
3) Update the ifcfg-sit1 tunnel config file with the new IP and restart the tunnel.