• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Main Menu

Problem: route IPv6

Started by vbserver, March 31, 2011, 12:30:09 AM

Previous topic - Next topic

vbserver

Hello there,

i have a problem with routing IPv6. There are 3 Machines:

192.168.5.33 (OpenVPN Server, Subnet 10.8.0.0/24, eth0-IP 2001:470:26:228::100, tap0-IPv6: 2001:470:26:228::54)
192.168.5.34 (IPv6 Router w. RADVD, IPv6 Subnet: 2001:470:26:228::/64, eth0-IPv6 2001:470:26:228::3)
10.8.0.2 (OpenVPN Client, tap0-IP: 2001:470:26:228::56)

My client can ping to 2001:470:26:228::54. But i can't use IPv6-Internet.. If i install openVPN Server on the IPv6-Router-Box, i can surf through the web with IPv6. I think i need on 192.168.5.33 a rule for routing IPv6-Traffic incoming from tap0 to eth0, right?

Traceroute with 192.168.5.33 as server:
  1    21 ms    19 ms    22 ms  hurricane.gw-openvpn.ipv6.vb-server.ch [2001:470:26:228::54]
  2     *        *        *     Zeit├╝berschreitung der Anforderung.
  3     *        *        *     Zeit├╝berschreitung der Anforderung.


192.168.5.34 as server:

Routenverfolgung zu ipv6.l.google.com [2a00:1450:8002::63] ├╝ber maximal 30 Absch
nitte:

  1    17 ms    17 ms    17 ms  hurricane.gw-openvpn.ipv6.vb-server.ch [2001:470:26:228::54]
  2    36 ms    35 ms    37 ms  vbserver-2.tunnel.tserv23.zrh1.ipv6.he.net [2001:470:25:228::1]
  3    36 ms    31 ms    28 ms  gige-g2-20.core1.zrh1.he.net [2001:470:0:11d::1]
  4    41 ms    33 ms    42 ms  10gigabitethernet3-2.core1.fra1.he.net [2001:470:0:10d::1]
  5    33 ms    37 ms    35 ms  de-cix20.net.google.com [2001:7f8::3b41:0:2]
  6    62 ms    57 ms    43 ms  2001:4860::1:0:10
  7    43 ms    41 ms    42 ms  2001:4860::1:0:8
  8    47 ms    47 ms    51 ms  2001:4860::8:0:2ac4
  9    51 ms    49 ms    47 ms  2001:4860::2:0:87d
10    56 ms    51 ms    73 ms  2001:4860:0:1::25
11    48 ms    53 ms    47 ms  2a00:1450:8002::63

Ablaufverfolgung beendet.



Anybody an idea? Would be very great :)

Greetings & thx,
patrick

cholzhauer

Let's see your routing tables on both the server and host that doesn't work

vbserver

#2
Hi & thx for your answer.

If i run OpenVPN and IPv6 on the same machine, there is no problem. So i will post you the routing table of the OpenVPN Machine:


2001:470:b4eb:1::/64 dev eth0  metric 256  expires 85592sec
2001:470:b4eb:2::/64 dev tap0  metric 256
fe80::/64 dev eth0  metric 256
fe80::/64 dev tap0  metric 256
ff00::/8 dev eth0  metric 256
ff00::/8 dev tap0  metric 256
default via 2001:470:b4eb:1::1 dev eth0  metric 1024
unreachable default dev lo  metric -1  error -101


And here of the IPv6 Server

2001:470:b4eb:1::/64 dev eth0  metric 256
fe80::/64 dev eth0  metric 256
fe80::/64 dev he-ipv6  metric 256
fe80::/64 dev tap0  metric 256
ff00::/8 dev eth0  metric 256
ff00::/8 dev he-ipv6  metric 256
ff00::/8 dev tap0  metric 256
default dev he-ipv6  metric 1024
unreachable default dev lo  metric -1  error -101
.

I have 2 subnets:
2001:470:b4eb:1::/64: LAN Subnet, RADVD on Machine #2
2001:470:b4eb:2::/64: OpeNVPN Subnet, RADVD on Machine #1 (VPN Machine)

So traffic should go this way:

Machine #1                      Machine #2
[2001:470:b4eb:2::1] ==> [2001:470:b4eb:1::1] ==> [Hurricane]

Any ideas?
Greetings and thank you ;)
patrick

alexrichards

#3
you don't appear to have a route to 2001:470:b4eb:2::/64 from the IPv6 machine so will be routing traffic to that subnet out your default "he-ipv6" interface.
Enta.net ADSL on a very long line :(