Welcome to Hurricane Electric's Tunnelbroker.net forums!
Started by dawkco, April 03, 2010, 04:22:28 PM
Quote from: dawkco on April 03, 2010, 06:31:27 PMjimb,Thanks, but the tunnel route was already set up correctly and that works OK.The Problem is that the Routed /64 addresses can't reach the tunnel. The Routed /64 addresses are on a different subnet than the tunnel endpoint and I need a way to route from the Routed /64 addresses to the tunnel (without adding a hardware router!).BTW, I'm not running Windows Firewall, so that's not an issue.Anybody else?!
Quote from: jimb on April 03, 2010, 07:23:20 PMThat WILL route the routed /64 to and through the tunnel.... The WS2008 box needs to be set up as a router. To do that, it needs to have whatever it might need done to it to tell it to forward IPv6 (e.g. act as a router). Not sure how to do THAT. It also needs the firewall set up to allow the traffic, but since you have that turned off (inadvisable since it will make your hosts wide open to the internet) that probably doesn't matter (even though you spoke of the Windows firewall allow rule in your last message)....If not, check logs and such, and look into whatever you need to do to tell windows to be a router, if anything is required (the equivalent net.ipv4.ip_forward = 1 on linux). The route commands I gave you will take care of the routing side of things though. ...-JimEDIT: You also may want to make sure the ipv6 privacy stuff is turned off on at least the WS2008 router machine, since you probably don't want it changing IPv6 addresses automatically. (netsh int ipv6 set privacy disabled)
Quote from: jimb on April 04, 2010, 05:34:35 AMYour non-working pings are probably do to the router functionality thing I mentioned earlier. It's what cholz was talking about too. Googling around a bit, I think you have to turn on routing and remote access and enable routing.These technet sections are probably worth looking at:...
Quote from: cholzhauer on April 04, 2010, 06:30:20 AMIs this Server 2008 R2 or just Server 2008?Back when I was with Sixxs, I tried using a Server 2008 machine to host my tunnel. Long story short, it didn't work, and I'm trying to remember why. It was caused by Server 2008; I can't remember if it was a bug in the Sixxs program or if it was in Server 2008.If you can wait, tomorrow when I get to work I can poke around in netsh and let you know what I find.
Quote from: jimb on April 04, 2010, 02:23:59 PMI think the routing service is needed just for Windows to route packets from one interface to another. Perhaps it does this by sending it off to a service. ...On linux, IP routing is built into the proto stack in the kernel, but needs to be enabled for security reasons by essentially flipping a bit.I'm not sure why you would have added some of those routes.The only default routes you need is the default pointing to the other side of the tunnel on the box which the tunnel lives on (your IPv6 router), and then default routes on the other boxes pointing to the tunnel box.If you are in a VM environment, might be easier to load up linux or BSD or something and make that your IPv6 router. :P