I have a Internet connection of 8mbit/s adsl (half mbit/s up) -> connected to a Linux pc (kernel 2.4.21)
*on this pc I run firewall, squid, pop3, sendmail, dhcpd, named, sshd, apache, ntpd, jabberd, routed, etc.
Thus, it acts like a isp (for users of my lan)
there are several other pcs on lan, running different OS(s) win98, linux, win2k, winxp,frebsd, amiga,qnx,etc.
*user pcs are spread over two subnets, hard wired, for each pc @ 10,mbit/s up/down.
This setup has been working stable for a long time (over 10 years )
Thinking on providing ipv6 connectivity to my users, I registered a ipv6 tunnel on Hurricane Electric's.
Well , the tunnel is working, and several services are now available via ipv6 too. :D
httpd , named, sshd, yacy server ..., (I hope squid ipv6 works next week)
however I am failing to provide ipv6 connectity to other pcs of my lan.
I have already installed radvd
*radvd.conf
interface eth2
{
AdvSendAdvert on;
MinRtrAdvInterval 5;
MaxRtrAdvInterval 15;
prefix 2001:470:5:27::/64
{
AdvOnLink on;
AdvAutonomous on;
};
};
RDNSS 2001:470:4:27::2 2001:470:5:27::
{
AdvRDNSSPreference 8;
AdvRDNSSOpen off;
AdvRDNSSLifetime 30;
};
};
then I go to my son pc, (winxp sp3) and typed on a dos prompt
netsh interface ipv6 add v6v4tunnel IP6Tunnel 192.168.22.50 192.168.22.14
netsh interface ipv6 add address IP6Tunnel 2001:470:5:27::2
netsh interface ipv6 add route ::/0 IP6Tunnel 2001:470:5:27::1
all nice ,
only problem ; this is *not* working -:(
From pc that has ip 2001:470:4:27::2 I can ping 2001:470:5:27::1 and 2001:470:5:27::2 and the world
From pc that has ip 2001:470:5:27::2 I can ping 2001:470:5:27::1 and 2001:470:4:27::2 but the world
Is the problem that he-ipv6 tunnels are limited to a single pc :?:
Thus , Do I need a bgp tunnel instead , to get this working :?:
ps: I dont have a RIR Allocated ASN :wink:
Thanks
make sure you've enabled ipv6 forwarding in sysctl?
Quote from: broquea on July 18, 2008, 10:47:05 PM
make sure you've enabled ipv6 forwarding in sysctl?
Yes, I did this
sysctl -w net.ipv6.conf.all.forwarding=1
ping test from my son pc -> ip 2001:470:5:27::2
C:\>ping 2001:470:5:27::1
Pinging 2001:470:5:27::1 with 32 bytes of data:
Reply from 2001:470:5:27::1: time<1ms
Reply from 2001:470:5:27::1: time<1ms
Reply from 2001:470:5:27::1: time<1ms
Reply from 2001:470:5:27::1: time<1ms
Ping statistics for 2001:470:5:27::1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
C:\>
C:\>ping 2001:470:4:27::2
Pinging 2001:470:4:27::2 with 32 bytes of data:
Reply from 2001:470:4:27::2: time<1ms
Reply from 2001:470:4:27::2: time<1ms
Reply from 2001:470:4:27::2: time<1ms
Reply from 2001:470:4:27::2: time<1ms
Ping statistics for 2001:470:4:27::2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
C:\>
C:\>ping 2001:470:4:27::1
Pinging 2001:470:4:27::1 with 32 bytes of data:
Request timed out.
Request timed out.
Ping statistics for 2001:470:4:27::1:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
Control-C
^C
C:\>
thanks
sysctl -w will only write the values to the current running kernel, after the next reboot the options will be back to their default values. Depending on your distribution, you will need to add or modify the options in /etc/sysctl.conf or perform the adjustments through an init script.
Also no you don't need to run BGP. I set up a similar test network up several times a week without issue, except I don't try and hardcode the address on the client, I just RADVD advertise and the systems pick everything up. The basic radvd config I use is:
interface eth0
{
AdvSendAdvert on;
AdvHomeAgentFlag off;
MinRtrAdvInterval 30;
MaxRtrAdvInterval 100;
prefix 2001:470:A:B::/64
{
AdvOnLink on;
AdvAutonomous on;
AdvRouterAddr on;
};
};
sorry its late and im not reading everything. you dont need to make tunnel interfaces on the clients that want to use the routed /64. if they have ipv6 enabled they should get the address from radvd. unless you are creating sit interfaces for the clients on the linux box, using their tunnel interfaces won't work.
Basically:
1) configure tunnel on linux machine.
2) configure first usable IP of routed range on the interface that faces the LAN (in your case eth2)
3) configure radvd to advertise that range over that interface
4) configure client machines on the LAN to support IPv6, and after 30 seconds they should automatically assign an address
XP/2000/2003 will require an IPv4 nameserver connection for DNS resolution, Vista/2008 won't.
Mac/Linux/BSD are generally already IPv6 enabled and will get an address.
Hi !
Seems that my problem is that nor windows nor linux are using a tunnel ::)
rather these boxes that are hardwired with cross cable @ 100 mbit/s up/down
they are talking one with the other as if both are native ipv6
However windows is autoconfiguring some weird ip address/gteways on Local Area Connection
as result of radvd advertisments
C:\>ipconfig
Windows IP Configuration
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 192.168.22.14
Subnet Mask . . . . . . . . . . . : 255.255.255.0
IP Address. . . . . . . . . . . . : 2001:470:5:27:d58f:1a5e:ac64:c2a3
IP Address. . . . . . . . . . . . : 2001:470:5:27:2e0:4cff:fe39:5c1
IP Address. . . . . . . . . . . . : fe80::2e0:4cff:fe39:5c1%4
Default Gateway . . . . . . . . . : 192.168.22.50
fe80::2e0:18ff:fee9:d1ff%4
Tunnel adapter IP6Tunnel:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 2001:470:5:27::2
IP Address. . . . . . . . . . . . : fe80::6:c0a8:1632%6
Default Gateway . . . . . . . . . : 2001:470:5:27::1
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : fe80::ffff:ffff:fffd%5
Default Gateway . . . . . . . . . :
Tunnel adapter Automatic Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : fe80::5efe:192.168.22.14%2
Default Gateway . . . . . . . . . :
C:\>
the worst is that netsh is not allowing the right ip/gateway to be set on Local Area Connection
C:\>netsh interface ipv6 add address Local Area Connection 2001:470:5:27::2
The parameter is incorrect.
Thanks
:-[ ops ; I get that pc accessing the world (now is working)
I need to in addition to to dev he-ipv6 to define sit0 too (to get ipv6 working on lan)
and route /0 via sit1
routed ranges /48 & /64 are connected too , to dev he-ipv6 w/ nothing routed to
(to allow external access to servers running on other pcs of my lan (most httpd servers with personal pages)
with these changing weird ip addess of autoconf , better stick with my complicated v4 nat iptables :-\
*I hope there is way to fix ipv6 ips of lan pcs , ;) (so I may stop maitenance on nat iptables)
Thanks
btw: ifconfig on my linux (only to show it) - may help others
eth2 Link encap:Ethernet HWaddr 00:E0:18:E9:D1:FF
inet addr:192.168.22.50 Bcast:192.168.22.255 Mask:255.255.255.0
inet6 addr: 2001:470:5:27::1/128 Scope:Global
inet6 addr: 2001:470:5:27::1/128 Scope:Global
inet6 addr: fe80::2e0:18ff:fee9:d1ff/10 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:32620755 errors:0 dropped:0 overruns:0 frame:0
TX packets:37738978 errors:0 dropped:3 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:780956144 (744.7 Mb) TX bytes:2084633824 (1988.0 Mb)
Interrupt:9 Base address:0xa000
he-ipv6 Link encap:IPv6-in-IPv4
inet6 addr: 2001:470:5:27::/64 Scope:Global
inet6 addr: 2001:470:d814::/48 Scope:Global
inet6 addr: fe80::c933:376d/128 Scope:Link
UP POINTOPOINT RUNNING NOARP MTU:1472 Metric:1
RX packets:94579 errors:0 dropped:0 overruns:0 frame:0
TX packets:79632 errors:5666 dropped:0 overruns:0 carrier:56
collisions:0 txqueuelen:0
RX bytes:18930450 (18.0 Mb) TX bytes:24215650 (23.0 Mb)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:7351281 errors:0 dropped:0 overruns:0 frame:0
TX packets:7351281 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:653934425 (623.6 Mb) TX bytes:653934425 (623.6 Mb)
ppp0 Link encap:Point-to-Point Protocol
inet addr:201.51.55.109 P-t-P:200.222.117.76 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1
RX packets:44765844 errors:0 dropped:0 overruns:0 frame:0
TX packets:42628748 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:710517916 (677.6 Mb) TX bytes:2538087711 (2420.5 Mb)
sit0 Link encap:IPv6-in-IPv4
inet6 addr: ::192.168.10.50/96 Scope:Compat
inet6 addr: ::10.192.0.1/96 Scope:Compat
inet6 addr: ::192.168.22.50/96 Scope:Compat
inet6 addr: ::127.0.0.1/96 Scope:Unknown
inet6 addr: ::201.51.55.109/96 Scope:Compat
UP RUNNING NOARP MTU:1480 Metric:1
RX packets:72 errors:0 dropped:0 overruns:0 frame:0
TX packets:150 errors:4 dropped:0 overruns:0 carrier:4
collisions:0 txqueuelen:0
RX bytes:5784 (5.6 Kb) TX bytes:18480 (18.0 Kb)
sit1 Link encap:IPv6-in-IPv4
inet6 addr: fe80::c0a8:a32/10 Scope:Link
inet6 addr: 2001:470:4:27::2/0 Scope:Global
inet6 addr: fe80::ac0:1/10 Scope:Link
inet6 addr: fe80::c0a8:1632/10 Scope:Link
inet6 addr: fe80::c933:376d/10 Scope:Link
UP POINTOPOINT RUNNING NOARP MTU:1472 Metric:1
RX packets:263897 errors:0 dropped:0 overruns:0 frame:0
TX packets:360346 errors:1777 dropped:0 overruns:0 carrier:1777
collisions:0 txqueuelen:0
RX bytes:25349252 (24.1 Mb) TX bytes:84300059 (80.3 Mb)
[root@crobertp root]#