Date: Mon, 27 Aug 2012 20:03:51 +0100 From: John Hawkes-Reed <hirez@libeljournal.com> To: freebsd-stable@freebsd.org Subject: Re: IPv6 default route. Can't see the wood for the trees. Message-ID: <503BC497.3060206@libeljournal.com> In-Reply-To: <503BB721.9000108@borderworlds.dk> References: <503BA51E.4030103@libeljournal.com> <503BB721.9000108@borderworlds.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
On 27/08/2012 19:06, Christian Laursen wrote: > On 08/27/12 18:49, John Hawkes-Reed wrote: >> BSD-box (9.1-PRE) is acting as default router/NAT gateway for local LAN. >> IP4 works. >> >> IP6 rig, per the setup on tunnelbroker.net, appears to work on the BSD >> box. >> >> However, while LAN clients (XP, OSX) manage to acquire addresses with >> the right prefix, the autoconfigured default route is a link-local >> address. Some bits of the internet think that's ok. Other bits don't. > > Bits of the internet does not see anything about whether your default > gateway is link-local or not and do not care. > > The default gateway on the box that I'm writing this from is link-local > and IPv6 works quite nicely. Aha. Good. > >> Trying to ping6/traceroute6 out to (say) Google works on the BSD box, >> but not on the clients. >> >> Do I need to be running a routing daemon, or is there some ip6 >> handwaving I'm missing? > > If you are running pf or another firewall, you should have rules that > allow traffic to pass through. Yep. firewall_type="OPEN" - I wondered if 'allow ip from any to any' included ipv6, and it would seem that it does. >> rc.conf: >> >> (I'm not convinced that obfuscating the addresses is worth the confusion) >> >> ipv6_gateway_enable="YES" >> ip6addrctl_verbose="YES" >> rtadvd_enable="YES" >> rtadvd_interfaces="rl0" >> ipv6_cpe_wanif="pcn0" >> ipv6_defaultrouter="2001:470:1f0a:b5a::1" >> gif_interfaces="gif0" >> gifconfig_gif0="192.168.1.100 216.66.80.30" >> ifconfig_gif0_ipv6="inet6 2001:470:1f0a:b5a::2 2001:470:1f0a:b5a::1 >> prefixlen 128" >> ifconfig_pcn0_ipv6="inet6 2001:470:1f0b:b5a::4 prefixlen 64" >> ifconfig_rl0_ipv6="inet6 2001:470:1f0b:b5a::3 prefixlen 64 >> -accept_rtadv" > > It looks like you are trying to use the /64 used for your tunnel on the > inside network. That's probably what causes the problem. > > You should use the "Routed /64" on the inside. If you need more than one > /64, you can request a /48. I think I am. The endpoints are ...:1f0A: and the /64 is ...:1f0B: > I'm not exactly sure what ipv6_cpe_wanif does, but I have never needed > it and I run a setup similar to what you describe. -- JH-R
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?503BC497.3060206>