Client missing Default Gateway, unable to ping ipv6 addresses past the router

[DexterPark]

Hello All
I have setup an HE.net tunnel which allows me to ping places like IPv6.google.com from the router but my client PC is not able to ping anything past the router. Attached is my config's for the client & router please note that I tried taking the ACL's off the router and the same thing happens. My client can ping the 2001:470:B:BBB::2 & the 2001:470:A:AAA::2 addresses of the router but not HE.net's side address of 2001:470:A:AAA::1 or anything beyond that. I also noticed that the client did not pick up a gateway via Router Discovery:

http://pastebin.com/1zhPDq65

[cholzhauer]

Are you using your /48?

[DexterPark]

Uh-Oh! No, did I miss something important with that?  :(

[cholzhauer]

No you don't have to use it but if you do, you would need to route it  appropriately

[DexterPark]

SO does anybody have some Idea's? I am still trying to grasp the tunnel addressing concept. What I don't understand is which block am I using for what if I have 2001:470:A:AAA::2/64 on my routers Fa0/0 tunnel interface going to the IPv6 Internet am I suppose to use 2001:470:B:BBB::2/64 on the FA0/1 LAN interface AND the Clients behind it pull from the 2001:470:B:BBB::0/64 range? I am confused on that point. Any help would be appreciated, thanks!

[broquea]

Everything appears correct, however your Windows machine has Teredo enabled. disable that, and check the Cisco and see if fe80::20e:d7ff:fe80:2d41 matches the MAC (and link-local) for f0/1. Just having the IPv6 address on f0/1 should enable RA, however maybe Cisco is dumb and wants 2001:470:B:BBB::1/64

[DexterPark]

Finally got it!!!

I am now on the IPv6 Internet, took a little time to find out everything along with some trial and error (Don't put your ACL on the Tunnel interface) but I got it!!
Here is my config for a working IPv6 Cisco gateway router:

!
ip name-server 2620:0:CCC::2
ip name-server 2620:0:CCD::2
ipv6 unicast-routing
no ipv6 source-route
ipv6 dhcp pool HQ_DHCP_CLIENT_POOL
dns-server 2001:4860:4860::8888
domain-name EXAMPLE.com
!
interface Tunnel0
description Hurricane Electric IPv6 Tunnel Broker
no ip address
ipv6 address 2001:470:A:AAA::2/64
ipv6 enable
no ipv6 redirects
ipv6 verify unicast reverse-path
tunnel source FastEthernet0/0
tunnel destination 209.51.161.58
tunnel mode ipv6ip
!
interface FastEthernet0/0
ip address dhcp
ipv6 traffic-filter internet_inbound_ipv6 in
ipv6 traffic-filter internet_outbound_ipv6 out
!
interface FastEthernet0/1
no ip address
ipv6 address 2001:470:B:BBB::2/64
ipv6 enable
ipv6 nd prefix 2001:470:B:BBB::/64 <-- I was missing this one for sure, pulled open wireshark and noticed that it was answering Solicits with it's Link-local Address!
ipv6 nd other-config-flag
ipv6 dhcp server HQ_DHCP_CLIENT_POOL
!
no ip forward-protocol nd
!
ipv6 route 2001:470:B:BBB::/64 FastEthernet0/1
ipv6 route ::/0 Tunnel0

[DexterPark]

Of course, now that I'm on the IPv6 internet Naively it's very limited to the sites I can browse... I have Google and a few other sites like Wikipedia. Does anyone have any suggestions as to what I can do on an internet that has 340,000,000,000,000,000,000,000,000,000,000,000,000 addresses and like 4 websites?? :) 

[broquea]

sixy.ch