Hurricane Electric's IPv6 Tunnel Broker Forums

Advanced search  

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Author Topic: Can't get tunnel working with OpenBSD 4.9  (Read 3597 times)

dbach

  • Newbie
  • *
  • Posts: 1
Can't get tunnel working with OpenBSD 4.9
« on: July 26, 2011, 07:01:54 PM »

Hello All:
I pasted the following in on my OpenBSD test box as root user:

ifconfig gif0 tunnel 192.168.0.242 216.66.38.58
ifconfig gif0 inet6 alias 2001:470:1c:661::2 2001:470:1c:661::1 prefixlen 128
route -n add -inet6 default 2001:470:1c:661::1

Also tried my external IP in place of the RFC1918 IP. 

Can ping6 ::1 no problem.

Then tried the following:
# ping6 ipv6.google.com 
PING6(56=40+8+8 bytes) 2001:470:1c:661::2 --> 2001:4860:800f::69

Box wouldn't progress past this point

ifconfig shows:
gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1280
        priority: 0
        groups: gif egress
        physical address inet 192.168.0.242 --> 216.66.38.58
        inet6 fe80::24f:4eff:fe0f:5061%gif0 ->  prefixlen 64 scopeid 0x5
        inet6 2001:470:1c:661::2 -> 2001:470:1c:661::1 prefixlen 128

Also tried pfctl -d

inet6 output from sysctl:
net.inet6.ip6.forwarding=0
net.inet6.ip6.redirect=1
net.inet6.ip6.hlim=64
net.inet6.ip6.mrtproto=103
net.inet6.ip6.maxfragpackets=200
net.inet6.ip6.accept_rtadv=0
net.inet6.ip6.keepfaith=0
net.inet6.ip6.log_interval=5
net.inet6.ip6.hdrnestlimit=10
net.inet6.ip6.dad_count=1
net.inet6.ip6.auto_flowlabel=1
net.inet6.ip6.defmcasthlim=1
net.inet6.ip6.kame_version=OpenBSD-current
net.inet6.ip6.use_deprecated=1
net.inet6.ip6.rr_prune=5
net.inet6.ip6.v6only=1
net.inet6.ip6.maxfrags=200
net.inet6.ip6.mforwarding=0
net.inet6.ip6.multipath=0
net.inet6.ip6.multicast_mtudisc=0
net.inet6.ip6.neighborgcthresh=2048
net.inet6.ip6.maxifprefixes=16
net.inet6.ip6.maxifdefrouters=16
net.inet6.ip6.maxdynroutes=4096
net.inet6.ip6.dad_pending=0
net.inet6.icmp6.rediraccept=1
net.inet6.icmp6.redirtimeout=600
net.inet6.icmp6.nd6_prune=1
net.inet6.icmp6.nd6_delay=5
net.inet6.icmp6.nd6_umaxtries=3
net.inet6.icmp6.nd6_mmaxtries=3
net.inet6.icmp6.nd6_useloopback=1
net.inet6.icmp6.nodeinfo=1
net.inet6.icmp6.errppslimit=100
net.inet6.icmp6.nd6_maxnudhint=0
net.inet6.icmp6.mtudisc_hiwat=1280
net.inet6.icmp6.mtudisc_lowat=256
net.inet6.icmp6.nd6_debug=0
net.inet6.divert.recvspace=65636
net.inet6.divert.sendspace=65636

Not sure where to go from here to get this tunnel working

Thanks for any help or suggestions.

Darryl



ping6 ipv6.google.com 
PING6(56=40+8+8 bytes) 2001:470:1c:661::2 --> 2001:4860:800f::69
Logged

cholzhauer

  • Hero Member
  • *****
  • Posts: 2706
Re: Can't get tunnel working with OpenBSD 4.9
« Reply #1 on: July 27, 2011, 05:08:46 AM »

Did you assign an IPv6 address out of your routed /64 to eth0?
Logged

brad

  • Jr. Member
  • **
  • Posts: 82
Re: Can't get tunnel working with OpenBSD 4.9
« Reply #2 on: August 03, 2011, 08:05:56 PM »

Did you assign an IPv6 address out of your routed /64 to eth0?

No such interface as eth0 on OpenBSD and there isn't a requirement for having an
address assigned to a physical interface.
Logged

brad

  • Jr. Member
  • **
  • Posts: 82
Re: Can't get tunnel working with OpenBSD 4.9
« Reply #3 on: August 03, 2011, 08:19:25 PM »

Hello All:
I pasted the following in on my OpenBSD test box as root user:

ifconfig gif0 tunnel 192.168.0.242 216.66.38.58
ifconfig gif0 inet6 alias 2001:470:1c:661::2 2001:470:1c:661::1 prefixlen 128
route -n add -inet6 default 2001:470:1c:661::1

Also tried my external IP in place of the RFC1918 IP. 

You definitely would need the external IP for the source address for the gif(4)
tunnel.

Try putting this in your /etc/hostname.gif0..

Code: [Select]
up mtu 1480
tunnel [your external IP]
dest 216.66.38.58
inet6 2001:470:1c:661::2
inet6 [another IPv6 address]
inet6 [another IPv6 address]
!/sbin/route -qn add -inet6 default 2001:470:1c:661::1

You can add additional addresses from either the /64 or a /48 to the gif(4)
interface as well.

Turn up the interface once that has been put into the file.. sh /etc/netstart gif0.

If you are running PF ensure to allow protocol 41 traffic..

Code: [Select]
pass in on $ext_if inet proto ipv6 from $v6_tunnel_endpoint to $your_fw
pass out on $ext_if inet proto ipv6 from $your_fw to $v6_tunnel_endpoint

as well as in/out v6 traffic from your gif(4) interface at a minimum.
Logged