ipv6 network fail (newbie alert)

Eric Vyncke (evyncke) evyncke at cisco.com
Wed Mar 6 08:40:32 CET 2013 

At first sight, it seems OK (except that I usually uses RADVD so the default route is a link-local and not a global)

Can you do: "ip -6 neigh show" & "ip6tables -L" on client/gateway?

> -----Original Message-----
> From: ipv6-ops-bounces+evyncke=cisco.com at lists.cluenet.de [mailto:ipv6-ops-
> bounces+evyncke=cisco.com at lists.cluenet.de] On Behalf Of Nick Edwards
> Sent: mercredi 6 mars 2013 08:16
> To: ipv6-ops at lists.cluenet.de
> Subject: ipv6 network fail (newbie alert)
> 
> Hi,
> Firstly, I'll admit I'm not expert with ipv6, but have been around in the
> ipv4 world for years. I have for a while been running a private
> ipv6 LAN at home using  fd0d:......./64  that worked  fine in my linux based
> LAN.
> 
> So I set up a tunnel with HE, from the PC that connects which I'll call GW
> I can ping  the other end of tunnel and get out to the world using that
> machine directly.
> 
> But now I have removed the private range on the 3 PC's, substituting it for
> the routed /64 range HE gives us (yes, the routed, not the tunnel's /64)
> 
> The LAN does not respond on ipv6 address on any machine, no box on the LAN
> can reach any other box on the LAN using ipv6 nor access the internet via
> ipv6 (but do still work using NAT and  ipv4 if I down all
> ipv6) this is with the tunnel up or down.
> 
> I am using static manually entered IP's as these are servers, so radvd and
> dhcp6 etc are not in use.
> 
> I'll show the config for GW and one other PC (all PC's use linux)
> XXX1 will be the tunnel and XXX2  the routed /64 subnets
> 
> 
> GW:
>   (sysctl.conf)   net.ipv6.conf.all.forwarding=1
> 
> he-ipv6   Link encap:IPv6-in-IPv4
>           inet6 addr: 2001:470:XXX1:524::2/64 Scope:Global
>           inet6 addr: fe80::a0a:91/128 Scope:Link
> 
> 
> eth0
>           inet6 addr: 2001:470:XXX2:524::5/64 Scope:Global
>           inet6 addr: fe80::211:50ff:fe08:2ad9/64 Scope:Link
> 
> route table
> 2001:470:XXX1:524::/64 via :: dev he-ipv6  proto kernel  metric 256 mtu 1480
> advmss 1420 hoplimit 0
> 2001:470:XXX2:524::/64 dev eth0  proto kernel  metric 256  mtu 1500 advmss
> 1440 hoplimit 0
> fe80::/64 via :: dev he-ipv6  proto kernel  metric 256  mtu 1480 advmss 1420
> hoplimit 0
> fe80::/64 dev eth0  proto kernel  metric 256  mtu 1500 advmss 1440 hoplimit
> 0 default dev he-ipv6  metric 1024  mtu 1480 advmss 1420 hoplimit 0
> 
> 
> 
> On the second box
> 
> eth0
>           inet6 addr: fe80::214:c2ff:fe0b:dccf/64 Scope:Link
>           inet6 addr: 2001:470:XXX2:524::6/64 Scope:Global
> 
> and routing
> 2001:470:XXX2:524::/64 dev eth0  proto kernel  metric 256
> fe80::/64 dev eth0  proto kernel  metric 256
> ff00::/8 dev eth0  metric 256
> default via 2001:470:XXX2:524::5 dev eth0  metric 1024
> 
> 
> This is loaded from rc.ipv6 as:
> 
> /usr/sbin/ip addr add 2001:470:XXX2:524::6/64 dev eth0 /usr/sbin/ip -6 route
> add default via 2001:470:XXX2:524::5 dev eth0
> 
> 
> I have also tried swapping the GW pc around to another box.
> PC's to world _or_ GW with ipv6 all result in:  Destination
> unreachable: Address unreachable
> Machines ping6'ing themselves do respond.
> 
> I know this should work because I've set ipv6 on VPS's and upped them and
> set routes the same way
> 
> Also interesting if its kernel fault being as to why the routed range wont
> work locally either when the private range does. I have another box on
> network setup same as second box with a diff IP of course, and suffers same
> fate, all boxes have been rebooted after each change to make sure there is
> no possible residue left over.
> 
> Appreciate someone batting me with a clue stick, I'm sure the problem is
> very obvious, just not to me.
> 
> Thanks
> Niki

More information about the ipv6-ops mailing list