[Wolves] IPv6 tunnel - was "It's the end of the internet as we know it"

Adam Sweet adam at adamsweet.org
Tue Feb 8 00:03:26 UTC 2011 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 05/02/11 16:27, Ron Wellsted wrote:
> On 04/02/11 21:31, Adam Sweet wrote:

>> The tunnel comes up but I can't ping6 anything and I'm not sure how to
>> address my local subnet. So yes please :)
> 
> What tunnel type do you have?  If you are having problems with protocol
> 41, it sounds like you are using a 6in4 static or heartbeat.  The AYIYA
> tunnels are the easiest to get setup (certainly with ADSL/NAT).

Yes I'm using a static 6in4 tunnel. I'm on a static IP so it seemed to
be the right choice.

> Do you have a sixxs interface listed with ifconfig? it should have a
> Global address starting with 2a01: and probably ending with a :2.  Try
> ping6 that address (it sould respond within 50-70 microseconds.

Yes, I have a sixxs interface and pinging its address works fine.

> If that
> worked OK, try changing the last :2 to :1 (the other end of the tunnel),
> mine responds in about 30 milliseconds.

Destination unreachable :( This is where I got stuck.

The protocol 41 stuff was the only place where I could see possibility
for a firewall problem since my machine is statically addressed behind a
NAT with ports forwarded. My router insists that to use the machine in
DMZ mode (and thus allow protocol 41) I have to make the machine use
DHCP and thus begins quite a large ball-ache :)

The machine in question runs a number of IP address specific services
(no internal DNS yet at Chez Sweet) and my router's DHCP reservation
functionality seems not to remember DHCP reservations (or to be able to
change them post-configuration half the time!), but I guess I could
reconfigure these services and the machines that use them unless there
are any other options.

Moving the machine's IP into the DHCP range means either changing its IP
and reconfiguring a bunch of machines, or moving the DHCP range to
incorporate its IP and moving a bunch of other statically addressed
machines out of the new DHCP range :-/ I guess I'm turning into Aq, I
want everything to work the way *I* want it to and I don't want to have
to change anything that I already have.

Not sure if the router's DMZ mode depends on using its DHCP server
otherwise I'd bring forward the dnsmasq or BIND/DHCPD plans but I have
more important things to do over the next few weeks :)

The protocol 41 thing might be a red herring based on my own uninformed
googling though so I thought I should rule out other options before I
start reconfiguring half my network.

> Once you have had the tunnel active for 1 week, you should have
> sufficient credit with sixxs to be able to request a subnet.

<snip>

All of the and eth0 inet6 addressing and radvd stuff made sense.

Do you think I'd be best moving my addresses around and putting the
machine in DMZ mode on my router or changing my tunnel type?

Thanks for your help Ron.

Regards,

Adam Sweet

- -- 

http://blog.adamsweet.org/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk1Qh1cACgkQRi1ZcmvD37fwuACglPSvbF/kx5U2jnDchy45hVyQ
aCMAn0caHT/etUqu7++Q84evDwpvx3Od
=NWrl
-----END PGP SIGNATURE-----

More information about the Wolves mailing list