Hurricane Electric's IPv6 Tunnel Broker Forums

General IPv6 Topics => IPv6 on Linux & BSD & Mac => Topic started by: Coolmax on December 02, 2011, 06:41:12 AM

Title: More ipv6 tunnels
Post by: Coolmax on December 02, 2011, 06:41:12 AM
Hi all,
Sorry for the newbie question. I have VPS (on vmware host). I have IPv4 connection on the eth0 interface. I want to know if it is possible to get working ipv6 from different brokers? Now, I have following tunnels:

# ip tunnel
sit0: ipv6/ip  remote any  local any  ttl 64  nopmtudisc
nn-ipv6: ipv6/ip  remote 210.86.228.4  local 195.117.191.110  ttl 255
lewy-ipv6: ipv6/ip  remote 95.211.30.223  local 195.117.191.110  ttl 255
he-ipv6: ipv6/ip  remote 216.66.84.46  local 195.117.191.110  ttl 255

# ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
   link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
   link/ether 00:50:56:85:00:e7 brd ff:ff:ff:ff:ff:ff
3: sit0: <NOARP> mtu 1480 qdisc noqueue state DOWN
   link/sit 0.0.0.0 brd 0.0.0.0
6: nn-ipv6: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1480 qdisc noqueue state UNKNOWN
   link/sit 195.117.191.110 peer 210.86.228.4
8: lewy-ipv6: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1480 qdisc noqueue state UNKNOWN
   link/sit 195.117.191.110 peer 95.211.30.223
37: he-ipv6: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1480 qdisc noqueue state UNKNOWN
   link/sit 195.117.191.110 peer 216.66.84.46
91: sixxs: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1280 qdisc pfifo_fast state UNKNOWN qlen 500


Only tunnel from HE is now working. What is interesting is at night I could ping ipv6 of sixxs, I made no changes and now (10-12hrs later) there is no reply for ping packets. "tcpdump -Unvvi sixxs" doesn't capture any packet. Also, response for pings (he-ipv6) was for the second time.  If someone want to help me, I can paste more information. Thanks in advance.

Kind regards, Matthew
Title: Re: More ipv6 tunnels
Post by: broquea on December 02, 2011, 07:55:21 AM
You need to implement source-based routing. This involves creating 2 separate routing tables/entries so that when sourced from HE space it goes over He, and when sixxs sourced, over sixxs. As it is, we have RPF installed upstream of the tservs, so it will only allow stuff out sourced from our space.
Title: Re: More ipv6 tunnels
Post by: Coolmax on December 02, 2011, 05:14:51 PM
Thanks! Now my ipv6 tunnels are working OOTB. It's amazing how linux is powerful for networking ^.^