• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

no default gateway when using IPv6 router advertisements

Started by jschweitzer, January 26, 2011, 08:19:39 AM

Previous topic - Next topic

jschweitzer

Here's my test environment. very basic test.

i have 1 laptop on a network configured w/ a 6to4 tunnel to HE. the tunnel works great. my next step was to configure that laptop as a router, of sorts, and have it advertise the /64 prefix issued to me by HE. i typed in the appropriate commands in cmd and everything seemed to check out. here are the commands:

    * netsh interface ipv6 add address interface="Local Area Connection" address=<ipv6 address>
    * netsh interface ipv6 set interface interface="Local Area Connection" advertise=enabled
    * netsh interface ipv6 set route prefix=::/0 interface="Local Area Connection" nexthop=:: publish=Yes
    * netsh interface ipv6 set route interface="Local Area Connection" prefix=<ipv6 prefix>/64 publish=yes

ok so that seemed to work. next, i attached a 2nd laptop to the network and booted. upon boot, i did an ipconfig and that laptop did indeed create its own IPv6 address using the RA from the 1st laptop. the problem is, the 2nd laptop did NOT obtain a default gateway. the gateway should be the fe80 (link-local) address of the 1st laptop.

this is where im stuck. the 2nd laptop cannot get to the "ipv6 internet" b/c it wont obtain the link-local address from the 1st laptop as the default gateway.

if you notice in the 3rd command listed above, it says 'nexthop=::' i thought this was where i needed to add the link-local address. i modded the command and it worked, but the 2nd laptop still doesnt get the gateway.

any thoughts? i dont know what im missing...

thanks

jimb

Make sure you're using the correct /64.  You are given two.  One for the tunnel, one for the LAN.

jschweitzer


cholzhauer

Maybe a problem with the OS?

Have you tried spinning up a VM and trying to use a different OS to do RA?

holgersson

I wanted to do a similar thing (see http://www.tunnelbroker.net/forums/index.php?topic=1484.0), but when I run the commands you used to set up your system, I got the following messages. The problem is highlighted in red. Do you have any idea what causes this? The interface name is correct.

netsh interface ipv6 add address interface="Marvell1" address=<my ipv6 address>

netsh interface ipv6 set interface interface="Marvell1" advertise=enabled
Ok.

netsh interface ipv6 set route prefix=::/0 interface="Marvell1" nexthop=:: publish=yes
Element not found.

netsh interface ipv6 set route interface="Marvell1" prefix=<my ipv6 prefix> publish=yes
Ok.

cholzhauer

Is your interface actually called marvel1?  I've never seen one named that before.

holgersson

Yes, it is. I renamed it from "Local Area Connection 3" (it's one of the 2 integrated Marvell gigabit adapters of the board). And 3 out of 4 statements do work, indicating that the name itself is fine in other instances.

cholzhauer

#7
There are some people that have come across this error before...basically the element not found error is pretty generic.

Have you tried resetting everything back to square one and starting over?   Clear all of your IPv6 configs, reset the TCPIP stack, ect

EDIT:

Regarding the element not found..... http://www.tunnelbroker.net/forums/index.php?topic=1492.0

holgersson

Thanks, I've looked at the thread you mentioned - the problem discussed there doesn't apply, my tunnel in itself is working just fine. I'll continue with my original thread, I didn't really want to hijack yours here. Could you please have a look there as well.

jschweitzer

sorry i've been absent...

i'm still experimenting with this default gateway issue.  My test laptop uses SAA correctly and assigns itself its own IPv6 address.  that works great.  The issue still lies w/ the autoconfiguration of the test laptop's gateway.  it simply will not obtain the gateway from the laptop acting as a router.

i think it has to do something w/ the 'nexthop' portion in this command: netsh interface ipv6 set route prefix=::/0 interface="Local Area Connection" nexthop=:: publish=Yes  what does nexthop need to contain?  I've tried the fe80 link-locals, as well as both ipv6 addresses from my IPv6Tunnel and Local Area Connection.  none of these seem to work.

anyone know how to get the default gateway published/advertised?

johnpoz

So this snipp of a post I sent jschweitzer, figured I would post it here as well in case it might help someone else.  He had asked for my help on the other board, I had not played with ipv6 much at all other than to disable it ;)  I still don't really see much need for other than playing..  But to help him out I figured what the hell, I knew a bit about it - just never saw the need to run it on my home network and not doing anything with it at work, etc.  So then I got side tracked with the certification thing ;)  Got my sage level that afternoon, and chated with him a bit but then never got back to it - well last night I did, so put this together real quick today.

Its clearly prob the complete WRONG way to do it, or missing something, or extra somethings, etc.  But it works!  But Im really disappointed in the windows ipv6 stuff and no support for handing out dns with setup like this??  But now that my interest is peaked will get setup dhcpv6, etc. and caching nameserver that uses ipv6, etc.  So anywhere hope this helps the next guy - and Please Please if someone has better way, or point out what I missed or shouldn't do or should, etc. Please POST!!! This is prob a hack at best - but it does work, have ran through it a few times.  And I changed the actual info so be careful, maybe I typo'd something??

So Im going to setup dns on my tunnelbox, prob bind and looks like http://klub.com.pl/dhcpv6/ will work on w7 box as well (says vista) If this is the case you can do everything with just w7 boxes on your network and a router that atleast supports forwarding protocol 41. (ie the router has to support getting the ipv6 through your ipv4 nat) But for now you can try this out, these are the commands I used that worked perfectly.

grab your tunnel info from HE

So mine is - changed a bit for privacy and to make a bit easier to read.
IPv6 Tunnel Endpoints
Server IPv4 address: 209.51.181.2
Server IPv6 address: 2001:470:111A:b85::1/64
Client IPv4 address: 24.14.xx.xx
Client IPv6 address: 2001:470:111A:b85::2/64 <-- tunnel endpoint on your w7 box
Available DNS Resolvers
Anycasted IPv6 Caching Nameserver: 2001:470:20::2
Anycasted IPv4 Caching Nameserver: 74.82.42.42
Routed IPv6 Prefixes and rDNS Delegations
Routed /48: Allocate /48
Routed /64: 2001:470:111B:b85::/64 <--- Routed network

So from that will need to create the tunnel boxes routed network IP address to assign to its local interface vs the linklocal address. So from that routed network are first client address would be
2001:470:111B:b85::1 <---- See the 1 added to the routed network.

Also you need to know the IPv4 address of your tunnel endpoint box, in my case 192.168.1.40 -- and you need to make sure your router forwards protocol 41 to this IP.. In my case a pfsense router, under advanced settings, network
IPv6 over IPv4 Tunneling - Enable IPv4 NAT encapsulation of IPv6 packets, IP 192.168.1.40

Also grab the w7 config items on bottom of page - keep in mind I changed a few items for privacy concerns. But you will be using some of these commands.
netsh interface teredo set state disabled
netsh interface ipv6 add v6v4tunnel IP6Tunnel 24.14.xx.xx 209.51.181.2
netsh interface ipv6 add address IP6Tunnel 2001:470:111A:b85::2
netsh interface ipv6 add route ::/0 IP6Tunnel 2001:470:111A:b85::1

commands
---
#ok first thing clear out everything you might have done so, so from elevated prompt (run cmd as admin)
netsh int ipv6 delete interface IP6Tunnel
netsh int ipv6 reset
reboot
#make sure you don't have any ipv6 routes that you might have played with etc
route print
#do you see any ipv6 routes you might have entered with playing? Mine was clear
#So from elevated prompt (run cmd as admin)
#Lets drop into the netsh interface prompt so dont have to type those, etc.
netsh
interface
#just so sure teredo is disabled
teredo set state disabled
ipv6
# you should now see netsh interface ipv6> prompt
#So from the tunnelbrokers site for your tunnel on bottom of tunnel page you see your config options.
#first line is good - remember your behind a NAT so change the public IP they use to your private ipv4 of your tunnelbox, in mycase 192.168.1.40

add v6v4tunnel IP6Tunnel 192.168.1.40 209.51.181.2
add address IP6Tunnel 2001:470:111A:b85::2
set interface IP6Tunnel forwarding=enabled

#now my local interface has been renamed to LAN, your prob default of "local connection" -- use what yours is called

set interface "Lan" forwarding=enabled advertise=enabled

#now here is where you add the first address of your routed network to your local interface - again mine is called LAN

add address "Lan" 2001:470:111B:b85::1

#now adding this address should auto add your route - in my route table I see this
# 11 266 2001:470:111B:b85::/64 On-link
#now here is where you set default route use the tunnel and next hop is server side of your tunnel
#So if you try and add the route you will get already exist - we just want to publish it.. So

set route 2001:470:111B:b85::/64 "Lan" publish=yes

#now just set default

add route ::/0 IP6Tunnel 2001:470:111A:b85::1 publish=yes
---

So now you should be able to fire up another w7 box and it will use your tunnel box to get to the internet.. I would suggest you set on your tunnelbox static HE provided ipv6 dns - so 2001:470:20::2

Go to http://test-ipv6.com/# and you should be 10/10 on both ipv4 and ipv6 and all ready for ipv6 day ;)

I have tested this a few times and works great - is it the only way, doubt it, is it the best way? Again doubt it, I might have sage level, but some of this have not really played much with ipv6 other than getting my sage level ;) but this is the way I got it to work after looking and looking for a simple writeup on allowing other windows machine behind a nat use the tunnel. Now hopefully I didn't typo anything while hiding my actual ipv6 segment. Remember if your putting in the exact numbers you see here for your ipv6 stuff its not going to work - these were mine and changed to make easy to see tunnel network vs routed network.

Now on your other clients you should see their ipv6 showing their on your routed network

IPv6 Address. . . . . . . . . . . : 2001:470:111B:b85:748f:b64e:848:1943(Preferred)
Temporary IPv6 Address. . . . . . : 2001:470:111B:b85:e44b:2cae:31db:64cd(Preferred)
Link-local IPv6 Address . . . . . : fe80::748f:b64e:848:1943%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.222(Preferred)

So you should see ::/0 route to your tunnelboxes local link
11 266 ::/0 fe80::fc2c:187c:aed5:a694

tunnelbox ip addresses
IPv6 Address. . . . . . . . . . . : 2001:470:111B:b85::1(Preferred)
IPv6 Address. . . . . . . . . . . : 2001:470:111B:b85:fc2c:187c:aed5:a694(Preferred)
Temporary IPv6 Address. . . . . . : 2001:470:111B:b85:347c:f1b9:ef2a:7815(Preferred)
Link-local IPv6 Address . . . . . : fe80::fc2c:187c:aed5:a694%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.40(Preferred)

So now just set your client box to use your HE dns.. Then go to the ipv6 test site and you should see

Your IPv6 address on the public internet appears to be 2001:470:111B:b85:e44b:2cae:31db:64cd
Your IPv6 service appears to be: he.net or tunnelbroker.net

And
10/10 for your IPv6 stability and readiness, when publishers are forced to go IPv6 only

Hope that helps!!!

KelvinTucker

Thanks, excellent advice!

As a note to anyone who wants to try this with a WHS (Windows Home Server) there are two small changes needed:

1) Install IPv6 as a Network Service
Start -> Control Panel -> Network Connections -> Local Area Connection -> Properties -> Install -> Protocol -> TCP/IP v6

2) Alter 1 of Johnpoz's lines:
old = teredo set state disabled
new = netsh interface ipv6 set teredo disable

Seems to be working OK and coordinates handing out v6 addresses to all of my Win7 machines that have been active.

jschweitzer

thanks a lot to JohnPoz and/or Budman over at Neowin  ;D

i finally got it working!  i was missing some step, but i cant remember for the life of me what it was.

Laptop2 finally got the default gateway (fe80 of laptop1) and is able to get to IPv6 sites!

Thanks a million!

cholzhauer

ha well if you remember what that step was, please post back

deadman3000

#14
I have followed this guide to the letter (Using my own tunnel address and internal IP of course) and I just cannot get it to work. My clients never see the tunnel box and AFAIK using Wireshark I don't seen to be advertising.

My tunnel box shows the following.

Windows IP Configuration

  Host Name . . . . . . . . . . . . : xxxl
  Primary Dns Suffix  . . . . . . . :
  Node Type . . . . . . . . . . . . : Hybrid
  IP Routing Enabled. . . . . . . . : No
  WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter lan:

  Connection-specific DNS Suffix  . :
  Description . . . . . . . . . . . : Marvell Yukon 88E8056 PCI-E Gigabit Ether
net Controller
  Physical Address. . . . . . . . . : xx-xx-xx-xx-xx-xx
  DHCP Enabled. . . . . . . . . . . : No
  Autoconfiguration Enabled . . . . : Yes
  IPv6 Address. . . . . . . . . . . : 2001:470:1f08:6b7::1(Preferred)
  IPv6 Address. . . . . . . . . . . : 2001:470:1f08:6b7:119f:f97d:a156:4b7f(Pre
ferred)
  Temporary IPv6 Address. . . . . . : 2001:470:1f08:6b7:68d5:2b4f:d61b:89e9(Pre
ferred)
  Link-local IPv6 Address . . . . . : fe80::119f:f97d:a156:4b7f%10(Preferred)
  IPv4 Address. . . . . . . . . . . : 192.168.0.2(Preferred)
  Subnet Mask . . . . . . . . . . . : 255.255.255.0
  Default Gateway . . . . . . . . . : 192.168.0.1
  DHCPv6 IAID . . . . . . . . . . . : 194045626
  DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-25-1E-7B-00-1A-91-1C-BA-B6

  DNS Servers . . . . . . . . . . . : 2001:470:20::2
                                      8.8.8.8
                                      8.8.4.4
  NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter IP6Tunnel:

  Connection-specific DNS Suffix  . :
  Description . . . . . . . . . . . : Microsoft Direct Point-to-point Adapater
  Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
  DHCP Enabled. . . . . . . . . . . : No
  Autoconfiguration Enabled . . . . : Yes
  IPv6 Address. . . . . . . . . . . : 2001:470:1f08:6b7::2(Preferred)
  Link-local IPv6 Address . . . . . : fe80::f5d8:b99f:31dd:3325%25(Preferred)
  Default Gateway . . . . . . . . . : 2001:470:1f08:6b7::1
  DNS Servers . . . . . . . . . . . : 2001:470:20::2
                                      8.8.8.8
                                      8.8.4.4
  NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{41051813-E158-4EC4-B9CF-5EF4424D67F1}:

  Media State . . . . . . . . . . . : Media disconnected
  Connection-specific DNS Suffix  . :
  Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
  Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
  DHCP Enabled. . . . . . . . . . . : No
  Autoconfiguration Enabled . . . . : Yes

My client system shows.

Host Name . . . . . . . . . . . . : Laptop
Primary Dns Suffix  . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

eless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix  . :
Description . . . . . . . . . . . : Broadcom 802.11n Network Adapter
Physical Address. . . . . . . . . : xx-xx-xx-xx-xx-xx
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:470:1f08:6b7:6e94:77d8:8062:1be7(Pre
red)
Temporary IPv6 Address. . . . . . : 2001:470:1f08:6b7:8929:c2d7:fe48:7b1(Pref
ed)
Link-local IPv6 Address . . . . . : fe80::6d94:77d8:8062:1be7%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.5(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : fe80::119f:f97d:a156:4b7f%11
                                   192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 224177228
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-11-9B-C3-88-AE-1D-8C-78-4E

DNS Servers . . . . . . . . . . . : 8.8.8.8
                                   8.8.4.4
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{A9706ADC-A94D-4F3E-9D1E-1892E3B5AB09}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix  . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

x's and a few characters changed for privacy.

BTW I am using a DLink DIR-655 router. Is there any special setting or ports I need to forward? Any idea what I am missing?