• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

Ubuntu as ipv6 router, not working

Started by moparisthebest, July 25, 2010, 06:00:46 PM

Previous topic - Next topic

moparisthebest

I have an Ubuntu 10.04 LTS box sitting between my cable modem and the rest of my network, with two NICs, serving as a router.  This setup works perfectly with ipv4 with NAT, and I set up the ipv6 tunnel on this router and I can access the ipv6 internet just fine from the ubuntu router, ping6 and traceroute6 to ipv6.google.com works perfectly, as does a wget of ipv6.google.com.  I can also ping6 my desktop computer (also running ubuntu 10.04 LTS) from the router, and ping6 the router from the desktop.  BUT I can't get past the router from the desktop, ping6, traceroute6, and wget all fails to ipv6.google.com, though the DNS lookup is successful.

The default route on the desktop is set as the router, and I'm out of ideas.  If anyone can point me in the right direction please do so, if I need to post any more info, let me know.

I do have sysctl set to forward ipv6 traffic:
mopar@mytorrentflux1:~$ cat /proc/sys/net/ipv6/conf/*/forwarding
1
1
1
1
1
1
1


Thanks.

patrickdk

Did you check your ipv6 firewall?

Next steps would probably be to tell us what ip's you configured, and your routing table.

moparisthebest

I've disabled all firewalls, because they can cause problems during setup.  Also radvd is installed and working, with this for a config file:

interface eth1 {
  AdvSendAdvert on;
    prefix 2001:470:1f11:88c::/64
    {
    AdvOnLink on;
    AdvAutonomous on;
    AdvRouterAddr on;
    };
  };


Here are some commands on the router:
mopar@mytorrentflux1:~$ ifconfig
eth0      Link encap:Ethernet  HWaddr 00:30:48:90:f0:9c 
          inet addr:24.172.204.242  Bcast:24.172.204.255  Mask:255.255.255.252
          inet6 addr: fe80::230:48ff:fe90:f09c/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:56448 errors:0 dropped:0 overruns:0 frame:0
          TX packets:55908 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:35520051 (35.5 MB)  TX bytes:13160969 (13.1 MB)
          Memory:e0200000-e0220000

eth1      Link encap:Ethernet  HWaddr 00:30:48:90:f0:9d 
          inet addr:192.168.1.3  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: 2001:470:1f10:88c::2/64 Scope:Global
          inet6 addr: fe80::230:48ff:fe90:f09d/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:60742 errors:0 dropped:0 overruns:0 frame:0
          TX packets:84437 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:13255302 (13.2 MB)  TX bytes:83572416 (83.5 MB)
          Memory:e0300000-e0320000

he-ipv6   Link encap:IPv6-in-IPv4 
          inet6 addr: 2001:470:1f10:88c::2/64 Scope:Global
          inet6 addr: fe80::18ac:ccf2/128 Scope:Link
          UP POINTOPOINT RUNNING NOARP  MTU:1480  Metric:1
          RX packets:16179 errors:0 dropped:0 overruns:0 frame:0
          TX packets:16190 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1804908 (1.8 MB)  TX bytes:1769209 (1.7 MB)

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:2039 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2039 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:145938 (145.9 KB)  TX bytes:145938 (145.9 KB)
mopar@mytorrentflux1:~$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
24.172.204.240  0.0.0.0         255.255.255.252 U     0      0        0 eth0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
0.0.0.0         24.172.204.241  0.0.0.0         UG    100    0        0 eth0
You have new mail in /var/mail/mopar
mopar@mytorrentflux1:~$ route -n --inet6
Kernel IPv6 routing table
Destination                    Next Hop                   Flag Met Ref Use If
2001:470:1f10:88c::/64         ::                         Un   256 0     2 he-ipv6
2001:470:1f10:88c::/64         ::                         U    256 0     0 eth1
2000::/3                       ::                         U    1024 0     0 he-ipv6
fe80::/64                      ::                         Un   256 0     0 he-ipv6
fe80::/64                      ::                         U    256 0     0 eth1
fe80::/64                      ::                         U    256 0     0 eth0
::/0                           ::                         U    1024 0     0 he-ipv6
::/0                           ::                         !n   -1  1 16978 lo
::1/128                        ::                         Un   0   1     6 lo
2001:470:1f10:88c::/128        ::                         Un   0   1     0 lo
2001:470:1f10:88c::/128        ::                         Un   0   1     0 lo
2001:470:1f10:88c::2/128       ::                         Un   0   1   149 lo
2001:470:1f10:88c::2/128       ::                         Un   0   1    23 lo
fe80::/128                     ::                         Un   0   1     0 lo
fe80::/128                     ::                         Un   0   1     0 lo
fe80::18ac:ccf2/128            ::                         Un   0   1   397 lo
fe80::230:48ff:fe90:f09c/128   ::                         Un   0   1     0 lo
fe80::230:48ff:fe90:f09d/128   ::                         Un   0   1    71 lo
ff00::/8                       ::                         U    256 0     0 he-ipv6
ff00::/8                       ::                         U    256 0     0 eth1
ff00::/8                       ::                         U    256 0     0 eth0
::/0                           ::                         !n   -1  1 16978 lo


And on the desktop:

mopar@killer-linux:~$ ifconfig
eth0      Link encap:Ethernet  HWaddr 00:16:17:bb:72:02 
          inet addr:192.168.1.44  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: 2001:470:1f11:88c:216:17ff:febb:7202/64 Scope:Global
          inet6 addr: fe80::216:17ff:febb:7202/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:50052 errors:0 dropped:0 overruns:0 frame:0
          TX packets:26423 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:57004404 (57.0 MB)  TX bytes:3452898 (3.4 MB)
          Interrupt:20 Base address:0xcc00

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:64 errors:0 dropped:0 overruns:0 frame:0
          TX packets:64 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:3280 (3.2 KB)  TX bytes:3280 (3.2 KB)
mopar@killer-linux:~$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     1000   0        0 eth0
0.0.0.0         192.168.1.1     0.0.0.0         UG    100    0        0 eth0
mopar@killer-linux:~$ route -n --inet6
Kernel IPv6 routing table
Destination                    Next Hop                   Flag Met Ref Use If
2001:470:1f11:88c::/64         ::                         UAe  256 0    31 eth0
fe80::/64                      ::                         U    256 0     0 eth0
::/0                           fe80::230:48ff:fe90:f09d   UGDAe 1024 0   432 eth0
::/0                           ::                         !n   -1  1   495 lo
::1/128                        ::                         Un   0   1     5 lo
2001:470:1f11:88c:216:17ff:febb:7202/128 ::                         Un   0   1     0 lo
fe80::216:17ff:febb:7202/128   ::                         Un   0   1    62 lo
ff00::/8                       ::                         U    256 0     0 eth0
::/0                           ::                         !n   -1  1   495 lo



And, as I said above, ipv4 routing works fine.  And ipv6 works fine from the router, but it doesn't seem to be routing ipv6 traffic.

patrickdk

Looks like you misconfigured your ip address on eth1

moparisthebest

Quote from: patrickdk on July 25, 2010, 07:31:02 PM
Looks like you misconfigured your ip address on eth1

How is it supposed to be configured?  The only thing I configured manually was the ipv4 address, 192.168.1.3.  The ipv6 address appeared there after configuring radvd.

patrickdk

hmm, I can't believe that radvd would put that in there.

From what I can figure out. your HE tunnel is using 2001:470:1f10:88c::

So you eth1 (looks like it's your local lan port, and eth0 would be your internet port) should be using 2001:470:1f11:88c:: (if this is your HE ROUTED /64)

I would pobably just shove 2001:470:1f10:88c::1 on eth1 myself.

radvd config looks right, it has 2001:470:1f10:88c:: in it.

To fix it, do something like:
ifconfig eth1 del 2001:470:1f10:88c::2/64
ifconfig eth1 add 2001:470:1f11:88c::1/64



moparisthebest

I don't see what good changing the IP from ending in 2 to ending in 1 would do, but I did do it as you described with the exact same effect as before, perfect ipv6 connectivity from the router but not from the desktop.

patrickdk

no, the change from 1f10 to 1f11 is the important one, not the 2 to 1.

moparisthebest

Thanks much!  I was using the tunnel address instead of the routed address.  But it works great now. Thanks again! :)

jimb


Gapppy

I think i need some help too :)
my /etc/network/interfaces HE part
IPv6 via HE tunnel...
    auto he-ipv6
    iface he-ipv6 inet6 v4tunnel
        address 2001:470:1f0a:1b01::2
        netmask 64
        remote 216.66.80.30
        local 84.52.158.222
        endpoint any
        ttl 64
        up      ip -6 route add 2000::/3 via ::216.66.80.30 dev he-ipv6
        up      ip -6 addr add 2001:470:1f0b:1b01::1:1/128 dev he-ipv6
        up      ip -6 addr add 2001:470:1f0b:1b01::2:1/128 dev he-ipv6
        down    ip -6 route flush dev he-ipv6


From router i can browse on ipv6 enabled pages like  ipv6.google.com

But what is behind router i can not get to this pages.

eth0      Link encap:Ethernet  HWaddr 00:30:05:1b:10:24 
          inet addr:84.52.158.222  Bcast:84.52.158.255  Mask:255.255.255.0
          inet6 addr: fe80::230:5ff:fe1b:1024/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:475499 errors:0 dropped:0 overruns:0 frame:0
          TX packets:431684 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:323785842 (323.7 MB)  TX bytes:291689649 (291.6 MB)

eth1      Link encap:Ethernet  HWaddr 00:22:15:10:b8:38 
          inet addr:192.168.0.1  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: fe80::222:15ff:fe10:b838/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:388148 errors:0 dropped:0 overruns:0 frame:0
          TX packets:393372 errors:74 dropped:0 overruns:74 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:289075359 (289.0 MB)  TX bytes:311468019 (311.4 MB)
          Interrupt:19

he-ipv6   Link encap:IPv6-in-IPv4 
          inet6 addr: 2001:470:1f0b:1b01::1:1/128 Scope:Global
          inet6 addr: 2001:470:1f0a:1b01::2/64 Scope:Global
          inet6 addr: ::84.52.158.222/128 Scope:Compat
          inet6 addr: 2001:470:1f0b:1b01::2:1/128 Scope:Global
          UP RUNNING NOARP  MTU:1480  Metric:1
          RX packets:18198 errors:0 dropped:0 overruns:0 frame:0
          TX packets:19087 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:3404840 (3.4 MB)  TX bytes:1608008 (1.6 MB)




What ip to set for eth1 to this will work

My radvd.conf
interface eth1
{

prefix 2001:470:1f0b:1b01::/64
   {
      AdvRouterAddr on;
      AdvOnLink on;
      AdvAutonomous on;
   };


};



broquea

2001:470:1f0b:1b01::1/64 on eth1

also make certain ipv6 packet forwarding is enabled

snarked

Quotealso make certain ipv6 packet forwarding is enabled
Note that to enable it involves accessing a separate "/proc" file than for IPv4.

Gapppy


Gapppy

Ok one problem solved.
Second problem is  i can not connect to irc via ipv6. If i connect via ipv6 sesion last for 10 minutes then disconect and reconect via ipv4.

Ipv6 pages (ipv6.google.com) work like a charm. Even http://www.whatismyipv6.net/ work

Firewall open

Any suggestion?

ip6tables no rules yet.


Sorry on noob questions but i have no experiance with network related stuff in linux.