Print

[johanbar]

Hi Guys

I've been trying to route my client PC's off my server through the IP6 tunnel.

My DHCP6 hands out fd::/64 to my clients and I've set the ethernet port vWan as the router (which the tunnel and clients are connected to).

I've been reading https://forums.he.net/index.php?topic=3067.0 this post but he removes the default gateway on the Tunnel and all falls over, not sure how this setup is working?

My Tunnel works great:
netsh interface ipv6 add v6v4tunnel interface=IP6Tunnel localaddress=10.1.1.1 remoteaddress=216.66.87.134

netsh interface ipv6 add address IP6Tunnel 2001:470:1f22:60::2
netsh interface ipv6 set interface IP6Tunnel forwarding=enabled
netsh interface ipv6 add route prefix=::/0 interface=IP6Tunnel nexthop=2001:470:1f22:60::1  publish=yes store=persistent

Tunnel on the server works fine.

To get clients routed through vWan If added as per post:
netsh interface ipv6 set interface vWan routerdiscovery=enabled
netsh interface ipv6 set interface vWan forwarding=enabled

I have no idea how to route incoming connections from the fd::/64 network through the tunnel to use fd::1 as the router?
DHCP6 clients see fd::1 as dns and default route (dns works fine)

Lan/Wan is:

Ethernet adapter vWan:

   Connection-specific DNS Suffix  . : domain
   IPv6 Address. . . . . . . . . . : fd::1
   IPv6 Address. . . . . . . . . . : fd::de         (for some reason DHCP6 assigned another)
   Link-local IPv6 Address . .  : fe80::b4c1:ba9c:dddd:28a8%5
   IPv4 Address. . . . . . . . . .  : 10.1.1.1
   Subnet Mask . . . . . . . . . .. : 255.0.0.0
   IPv4 Address. . . . . . . . . . . : 192.168.88.2
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . .  . : 10.1.1.100

Tunnel adapter IP6Tunnel:

   Connection-specific DNS Suffix  . : domain
   IPv6 Address. . . . . . . . . . . : fd::c7            (also assigned by the DHCP6)
   IPv6 Address. . . . . . . . . . . : 2001:470:1f22:60::2
   Link-local IPv6 Address . . . . . : fe80::9852:9aa8:4e2:5bb5%8
   Default Gateway . . . . . . . . . : 2001:470:1f22:60::1


Do someone know how to route the fd::/64 clients through the tunnel please?
Thanks allot
Johan

[broquea]

Why are you trying to use fd:: instead of the routed /64 or /48? Is your router acting as a nat66 gateway appliance as well, or did you just pick rando space in hopes it would route through the tunnel? We're only going to allow traffic sourced from the correct ranges/allocations through the tunnel.

[johanbar]

Hi

Thank you so much for replying.

My understanding was that fd:: is a private network range and hence a logical choice.  Should I change the network to be 2001:470:1f22:60::/64 and assign IPs to the clients i.e. 2001:470:1f22:60::3/64, 2001:470:1f22:60::4/64 instead?

I'm a bit out of my depth here.

Thanks again.

[broquea]

I mean, if you've got a working nat66 set up, then fd:: shouldn't be an issue. If you don't, maybe start with the routed space, then graduate to trying out nat66.

[johanbar]

Thanks

Got it working.  This post https://forums.he.net/index.php?topic=3067.0 helped.  Thanks garrickstrom

Thanks again for replying.