From owner-freebsd-questions@FreeBSD.ORG Sat Jun 23 13:33:51 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id D620016A400 for ; Sat, 23 Jun 2007 13:33:51 +0000 (UTC) (envelope-from ecrist@secure-computing.net) Received: from snipe.secure-computing.net (snipe.secure-computing.net [209.240.66.149]) by mx1.freebsd.org (Postfix) with ESMTP id A3AC513C468 for ; Sat, 23 Jun 2007 13:33:51 +0000 (UTC) (envelope-from ecrist@secure-computing.net) Received: from [192.168.1.2] (unknown [209.240.66.157]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: ecrist@secure-computing.net) by snipe.secure-computing.net (Postfix) with ESMTP id 9B0A41702D for ; Sat, 23 Jun 2007 08:33:16 -0500 (CDT) Mime-Version: 1.0 (Apple Message framework v752.3) In-Reply-To: <0C387583-1CFD-494C-B4DD-A38663CE64F4@secure-computing.net> References: <0C387583-1CFD-494C-B4DD-A38663CE64F4@secure-computing.net> Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <95D2D853-732B-45B4-86C7-E2B726118746@secure-computing.net> Content-Transfer-Encoding: 7bit From: Eric F Crist Date: Sat, 23 Jun 2007 08:33:47 -0500 To: FreeBSD List Mailing X-Mailer: Apple Mail (2.752.3) Subject: Re: IPv6 Setup... X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 23 Jun 2007 13:33:51 -0000 On Jun 22, 2007, at 9:23 PMJun 22, 2007, Eric F Crist wrote: > Hello all, > > I've been toying with getting IPv6 installed and running for a > while, and I've got only one hurdle remaining. > > I have 5 servers on my quaint little network, and my primary > firewall is configured with an IPv6 address, we'll say > 1000:2000:1::6 and is connected to my ISP through a gif tunnel > (router doesn't support IPv6 yet, on my end) to 1000:2000:1::5. I > can ping6 all day long across this tunnel, and I can even connect > through this firewall to other sites using the IPv6 addresses. > > I've been given 2001:4900:1:0111::/64 for my use. I've configured / > etc/rc.conf on my first two machines with ipv6_enable="YES" and > given them 2001:4980:1:0111::1 and 2001:4980:1:0111::2. Each > machine can ping6 itself, but they cannot ping6 eachother. I know > the copper is good, and my ipv6 is running along side my ipv4 > addresses and such. In addition, there are no firewalls in between. > > Is there something I'm missing? > > Also, what the heck is rtadvd_enable="YES" actually doing for me? > I understand it's broadcasting some routing stuff so my other hosts > can auto-configure their IPv6 addresses, but anything else? > > Thanks a lot all! > ----- > Eric F Crist > Secure Computing Networks > Alright, sorry to reply to my own post, but the situation is a little different than I thought. As it turns out, all of my systems can ping eachother, save my gateway/firewall machine. This machine is configured with 2 NICs, with ethernet bridging. My configuration is as follows: INET -- ROUTER -- FBSD GATEWAY -- LAN While the FBSD GATEWAY has an IP assigned to it's internal interface (available from both sides), and it's bridging IPv6 correctly, I'm thinking this may be my IPv6 problem. The gateway has a gif tunnel to my ISP for IPv6 routing, as my cheap router doesn't support the new IP protocol. The gateway can ping across the tunnel using IPv6 perfectly fine. It can also ping it's own IPv6 addresses, regardless of the interface. What I CANNOT do, is ping to the IPv6 box from any machine on my LAN. I can ping IPv4 just fine. Please help! Eric Crist ----- Eric F Crist Secure Computing Networks