Hurricane Electric's IPv6 Tunnel Broker Forums

Advanced search  

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Author Topic: External connections to routed /64 fail since upgrade to OS X Lion  (Read 3104 times)

ivanfilippov

  • Newbie
  • *
  • Posts: 3

Hi everyone!

I have a Mac Mini that, while it was running Snow Leopard, had no problems acting as the IPv6 router for my small network. Since upgrading to Lion a few days ago, I've been unable to both ping its IPv6 interface, and connect to any hosted services on it via IPv6. The mini is still able to ping and use IPv6 services on the internet, and the other computers on the network which get IPv6 addresses from the minis rtadvd service are able to use the IPv6 internet.

I tried to figure this out yesterday and this morning, but had no luck. The best I can come up with is that its a routing issue on the mini. If I tcpdump the gif0 interface, which if the tunnel interface, I can see my external host (2001:470:5:97a::1) is pinging the first address of my routed /64, which is assigned to en0 on the mini, but nothing responds over the tunnel. Below is a snippet of the tcpdump.

Code: [Select]
12:07:13.178945 IP6 2001:470:5:97a::1 > 2001:470:1f05:108::1: ICMP6, echo request, seq 1, length 64
12:07:14.185405 IP6 2001:470:5:97a::1 > 2001:470:1f05:108::1: ICMP6, echo request, seq 2, length 64
12:07:15.193452 IP6 2001:470:5:97a::1 > 2001:470:1f05:108::1: ICMP6, echo request, seq 3, length 64
12:07:16.201447 IP6 2001:470:5:97a::1 > 2001:470:1f05:108::1: ICMP6, echo request, seq 4, length 64
12:07:17.209511 IP6 2001:470:5:97a::1 > 2001:470:1f05:108::1: ICMP6, echo request, seq 5, length 64
12:07:18.217356 IP6 2001:470:5:97a::1 > 2001:470:1f05:108::1: ICMP6, echo request, seq 6, length 64
12:07:19.225472 IP6 2001:470:5:97a::1 > 2001:470:1f05:108::1: ICMP6, echo request, seq 7, length 64
12:07:20.233422 IP6 2001:470:5:97a::1 > 2001:470:1f05:108::1: ICMP6, echo request, seq 8, length 64
12:07:21.246180 IP6 2001:470:5:97a::1 > 2001:470:1f05:108::1: ICMP6, echo request, seq 9, length 64
12:07:22.258692 IP6 2001:470:5:97a::1 > 2001:470:1f05:108::1: ICMP6, echo request, seq 10, length 64

Below are the relevant configs:
Code: [Select]
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
        options=3<RXCSUM,TXCSUM>
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
        inet 127.0.0.1 netmask 0xff000000
        inet6 ::1 prefixlen 128
        inet6 2001:470:1f05:108:: prefixlen 64
gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1280
        tunnel inet 192.168.0.99 --> 72.52.104.74
        inet6 fe80::225:4bff:feb4:2a08%gif0 prefixlen 64 scopeid 0x2
        inet6 2001:470:1f04:108::2 --> 2001:470:1f04:108::1 prefixlen 128
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        options=27<RXCSUM,TXCSUM,VLAN_MTU,TSO4>
        ether 00:25:4b:b4:2a:08
        inet6 fe80::225:4bff:feb4:2a08%en0 prefixlen 64 scopeid 0x4
        inet 192.168.0.99 netmask 0xffffff00 broadcast 192.168.0.255
        inet6 2001:470:1f05:108::1 prefixlen 64
        media: autoselect (1000baseT <full-duplex,flow-control>)
        status: active

And the routing table:
Code: [Select]
Internet6:
Destination                             Gateway                         Flags         Netif Expire
default                                 2001:470:1f04:108::1            UGSc           gif0
::1                                     link#1                          UHL             lo0
2001::4137:9e76:808:2d5:b736:3df8       2001:470:1f04:108::1            UGHW3Ii        gif0   3475
2001::4137:9e76:103f:1abd:b04f:6855     2001:470:1f04:108::1            UGHW3Ii        gif0   3564
2001::4137:9e76:1c7d:d4f5:cd86:c5db     2001:470:1f04:108::1            UGHWIi         gif0
2001::4137:9e76:3815:e2b:475d:ff72      2001:470:1f04:108::1            UGHW3Ii        gif0   3512
2001::5ef5:79fb:30a6:25c7:ba58:36b      2001:470:1f04:108::1            UGHW3Ii        gif0   3548
2001:470:5:79a::1                       2001:470:1f04:108::1            UGHW3Ii        gif0   3279
2001:470:5:97a::1                       2001:470:1f04:108::1            UGHW3Ii        gif0   3494
2001:470:1f04:108::1                    2001:470:1f04:108::2            UHL            gif0
2001:470:1f04:108::1                    link#2                          UHLI           gif0
2001:470:1f04:108::2                    link#2                          UHL             lo0
2001:470:1f05:108::                     link#1                          UHL             lo0
2001:470:1f05:108::/64                  fe80::1%lo0                     UcI             lo0
2001:470:1f05:108::1                    0:25:4b:b4:2a:8                 UHLS            lo0
2001:4860:4860::8844                    2001:470:1f04:108::1            UGHW3Ii        gif0   2010
2001:4860:4860::8888                    2001:470:1f04:108::1            UGHW3Ii        gif0   3105
2607:f8b0:4001:c01::63                  2001:470:1f04:108::1            UGHWIi         gif0
2607:f8b0:4001:c01::68                  2001:470:1f04:108::1            UGHW3Ii        gif0   1615
2607:f8b0:4001:c01::69                  2001:470:1f04:108::1            UGHW3Ii        gif0   3295
2607:f8b0:4001:c01::93                  2001:470:1f04:108::1            UGHW3Ii        gif0   2875
2607:fcd0:100:c21:216:3cff:fe8d:d540    2001:470:1f04:108::1            UGHW3Ii        gif0   3439
fe80::%lo0/64                           fe80::1%lo0                     UcI             lo0
fe80::1%lo0                             link#1                          UHLI            lo0
fe80::%gif0/64                          link#2                          UCI            gif0
fe80::1%gif0                            link#2                          UHLWIi         gif0
fe80::225:4bff:feb4:2a08%gif0           link#2                          UHLI            lo0
fe80::4901:6562:347a:262a%gif0          link#2                          UHLWIi         gif0
fe80::c62c:3ff:fe17:60ab%gif0           link#2                          UHLWIi         gif0
fe80::%en0/64                           link#4                          UCI             en0
fe80::225:4bff:feb4:2a08%en0            0:25:4b:b4:2a:8                 UHLI            lo0
fe80::a20b:baff:fe8e:4e%en0             a0:b:ba:8e:0:4e                 UHLWIi          en0
fe80::c62c:3ff:fe17:60ab%en0            c4:2c:3:17:60:ab                UHLWIi          en0
ff01::%lo0/32                           fe80::1%lo0                     UmCI            lo0
ff01::%gif0/32                          link#2                          UmCI           gif0
ff01::%en0/32                           link#4                          UmCI            en0
ff02::%lo0/32                           fe80::1%lo0                     UmCI            lo0
ff02::%gif0/32                          link#2                          UmCI           gif0
ff02::%en0/32                           link#4                          UmCI            en0

Can anyone see any glaring errors in the configs, or problems in the routing table?

Thank you for your time!  :)
Logged

cholzhauer

  • Hero Member
  • *****
  • Posts: 2706
Re: External connections to routed /64 fail since upgrade to OS X Lion
« Reply #1 on: February 13, 2012, 11:26:51 AM »

Did you have to re-configure the tunnel after you upgraded? 
Logged

ivanfilippov

  • Newbie
  • *
  • Posts: 3
Re: External connections to routed /64 fail since upgrade to OS X Lion
« Reply #2 on: February 13, 2012, 11:30:18 AM »

Did you have to re-configure the tunnel after you upgraded? 

No, I didn't touch the configuration after the upgrade.
Logged

nickbeee

  • tunneld
  • Jr. Member
  • **
  • Posts: 72
  • I do this just for fun.
Re: External connections to routed /64 fail since upgrade to OS X Lion
« Reply #3 on: February 13, 2012, 04:08:45 PM »

Has Lion changed the way the firewall is configured? Can you turn off the firewall temporarily and repeat the tests?

Looks like I will be sticking with 10.6 for a while longer then!
Logged
Nick B.

Tunnelling with [Open|Net|Free]BSD and IOS.
IPv6 courtesy of   HE and   Sixxs.

ivanfilippov

  • Newbie
  • *
  • Posts: 3
Re: External connections to routed /64 fail since upgrade to OS X Lion
« Reply #4 on: February 15, 2012, 08:39:40 AM »

Has Lion changed the way the firewall is configured? Can you turn off the firewall temporarily and repeat the tests?

I have the ip6fw set to allow everything:
Code: [Select]
65535 allow ipv6 from any to any
Logged