• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

Routing IPv6 to other PCs in network

Started by lucabert, March 06, 2012, 03:16:30 AM

Previous topic - Next topic

lucabert

Hi, all!

Finally it seems, that I got my Tunnel, using my Server, running...
Now I can reach any IPv6-Host from my PC through my Server.

Well, next step: configure all to allow my wife to use IPv6, too...
I had radvd already configured for my subnet by HE, I just changed the subnet.
Here my radvd.conf:

interface eth0
{
  AdvSendAdvert on;
  prefix 2001:1608:10:47:1100::/72
  {
    AdvOnLink on;
    AdvAutonomous on;
    AdvRouterAddr on;
  };
};

I started the program and I waited until the PC of my wife get the IP.
Nothing... It get the network, but not the IP...

Well, I stopped radvd and I tried to assign manually an IPv6 to eth0 of the PC of my wife, adding then a default route.
I can't reach MY PC, at the other end of the Switch...

What does now have my PC?!?

Please, give me a suggestion, I think I'm really idiot... :(

Thanks
Luca Bertoncello

cholzhauer

OK, a couple of things here.

1) Is the subnet you're using your routed /64?
2) What operating systems are involved?
3) Is there a firewall somewhere blocking traffic?

lucabert

Quote from: cholzhauer on March 06, 2012, 05:06:11 AM
1) Is the subnet you're using your routed /64?
I have just 2 /64 on my Server. Then I must use something smaller... a /72.
Quote
2) What operating systems are involved?
Linux. Ubuntu Hardy 8.04
Quote
3) Is there a firewall somewhere blocking traffic?
Not from internal network...

Thanks
Luca Bertoncello

cholzhauer

1) Nope you HAVE to use /64 with RA..if you're not, that's why it's breaking  (and you are, sorry, I didn't see that first)  If you need more than one subnet, go request a /48 and break /64's off of that

lucabert

Quote from: cholzhauer on March 06, 2012, 05:36:16 AM
1) Nope you HAVE to use /64 with RA..if you're not, that's why it's breaking  (and you are, sorry, I didn't see that first)  If you need more than one subnet, go request a /48 and break /64's off of that

Well, then I can assign a static address to the PC of my wife. There's no problem...

But the problem is: it does not work...

So: I got my tunnel working on my PC.
On my PC I have the IPv6 2001:1608:10:47:1100::1/72 on eth0.
On the PC of my wife I assigned the IPv6 2001:1608:10:47:1100::2/72 to eth0 and a default route via 2001:1608:10:47:1100::1.
Well, I can't ping my PC from the PC of my wife and viceversa...
Why?

Here the routes of my PC:
2001:1608:10:47:1100::/72 dev eth0  metric 256  expires 21334184sec mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev eth0  metric 256  expires 21313120sec mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev eth1  metric 256  expires 21313120sec mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev tap0  metric 256  expires 21313149sec mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev vmnet1  metric 256  expires 21316694sec mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev vmnet8  metric 256  expires 21316694sec mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 via :: dev ipv6tun  metric 256  expires 21334184sec mtu 1472 advmss 1412 hoplimit 4294967295
ff00::/8 dev eth0  metric 256  expires 21313120sec mtu 1500 advmss 1440 hoplimit 4294967295
ff00::/8 dev eth1  metric 256  expires 21313120sec mtu 1500 advmss 1440 hoplimit 4294967295
ff00::/8 dev tap0  metric 256  expires 21313149sec mtu 1500 advmss 1440 hoplimit 4294967295
ff00::/8 dev vmnet1  metric 256  expires 21316694sec mtu 1500 advmss 1440 hoplimit 4294967295
ff00::/8 dev vmnet8  metric 256  expires 21316694sec mtu 1500 advmss 1440 hoplimit 4294967295
ff00::/8 dev ipv6tun  metric 256  expires 21334184sec mtu 1472 advmss 1412 hoplimit 4294967295
default dev ipv6tun  metric 1024  expires 21334184sec mtu 1472 advmss 1412 hoplimit 4294967295


and the routes on the PC of my wife:
2001:1608:10:47:1100::/72 dev eth0  metric 256  expires 21334201sec mtu 1400 advmss 1340 hoplimit 4294967295
fe80::/64 dev eth0  metric 256  expires 21312915sec mtu 1400 advmss 1340 hoplimit 4294967295
ff00::/8 dev eth0  metric 256  expires 21312915sec mtu 1400 advmss 1340 hoplimit 4294967295
default via 2001:1608:10:47:1100::1 dev eth0  metric 1024  expires 21334220sec mtu 1400 advmss 1340 hoplimit 4294967295


Thanks for any help!
Luca Bertoncello

cholzhauer

Is 2001:1608:10:47:1100::1 the address of the HE side of the tunnel?  If so, that makes 2001:1608:10:47:1100::2 the address on your side of the tunnel?

If so, you're using the wrong range.  Do me a favor, log into your account and look at your tunnel details page.  You'll see a bunch of lines, one says "ROUTED /64"  Paste that here, we NEED to use that one

lucabert

Quote from: cholzhauer on March 06, 2012, 05:51:36 AM
Is 2001:1608:10:47:1100::1 the address of the HE side of the tunnel?  If so, that makes 2001:1608:10:47:1100::2 the address on your side of the tunnel?
Maybe I didn't said evident at the start of this post: I don't use a HE-tunnel, but I'm trying to use a subnet that I have on my server (and was given from my provider) to create a tunnel.
Unfortunately the tunnel from HE runs very unstable in the past...
Quote
If so, you're using the wrong range.  Do me a favor, log into your account and look at your tunnel details page.  You'll see a bunch of lines, one says "ROUTED /64"  Paste that here, we NEED to use that one
I don't have a /64. See before...

Thanks
Luca Bertoncello

cholzhauer

Oh, my fault, I guess I do remember reading that.

OK, so let's try this again.

If you have 2001:1608:10:47:1100::1/72 on eth0 and 2001:1608:10:47:1100::2/72 on your wife's computer, 2001:1608:10:47:1100::1/72 should be the default gateway.  On your router, you'll to route incomming 2001:1608:10:47:1100::/72 at 2001:1608:10:47:1100::1/72

lucabert

Quote from: cholzhauer on March 06, 2012, 06:09:38 AM
If you have 2001:1608:10:47:1100::1/72 on eth0 and 2001:1608:10:47:1100::2/72 on your wife's computer, 2001:1608:10:47:1100::1/72 should be the default gateway.  On your router, you'll to route incomming 2001:1608:10:47:1100::/72 at 2001:1608:10:47:1100::1/72
Well, it was my error... I forgot to change a rule in my ip6table firewall... Now I can reach my wife's PC from mine... And, of course, from my wife's PC she can reach any other IPv6-Host.

So, now it seems to run... I'll test again the tunnel and, if always works, I'll post a little HowTo how it's possible to create such a tunnel if the provider does not route correctly and you must use proxy_ndp.

Thanks again!
Luca Bertoncello