Date: Mon, 24 Aug 2015 14:45:18 +0100 From: Gary Palmer <gpalmer@freebsd.org> To: Matthew Seaman <matthew@FreeBSD.org>, freebsd-net@freebsd.org Subject: Re: Routing IPv6 over tun0 (PPPoE) issue Message-ID: <20150824134518.GG13503@in-addr.com> In-Reply-To: <20150823164828.GF13503@in-addr.com> References: <20150823150408.GE13503@in-addr.com> <55D9E8D4.1050700@FreeBSD.org> <20150823164828.GF13503@in-addr.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Aug 23, 2015 at 05:48:28PM +0100, Gary Palmer wrote: > On Sun, Aug 23, 2015 at 04:37:56PM +0100, Matthew Seaman wrote: > > On 23/08/2015 16:04, Gary Palmer wrote: > > > However if I configure other IPs on other interfaces from the netblock that > > > has been delegated to me and either source the traffic from those IPs or > > > try the traceroute from another computer using IPs in that netblock, I > > > don't even see the traffic leaving tun0 with tcpdump, let alone get any > > > replies. > > > > I have a similar setup. Looks to me as if there's a problem with your > > routing internally. > > > > My routing table looks like this (excluding the ff01::, ff02:: and > > ff03:: routes and anything that's a host specific route): > > > > % netstat -rn -f inet6 | grep -vE '(UH|ff0)' > > Routing tables > > > > Internet6: > > Destination Gateway Flags Netif Expire > > ::/96 ::1 UGRS lo0 > > default fe80::203:97ff:fe19:8000%tun0 UGS tun0 > > ::ffff:0.0.0.0/96 ::1 UGRS lo0 > > 2001:8b0:151:1::/64 link#1 U em0 <<<---** > > fe80::/10 ::1 UGRS lo0 > > fe80::%em0/64 link#1 U em0 > > fe80::%re0/64 link#2 U re0 > > fe80::%lo0/64 link#3 U lo0 > > fe80::%tun0/64 link#5 U tun0 > > > > Here em0 is the interface onto my internal network, and any addresses > > from my assigned IPv6 netblock are configured on that interface or the > > network directly attached to it. You should have a route equivalent to > > the one marked with the arrow. > > > > Note that tun0 uses link-local addresses for the IPv6 tunnelling, not > > addresses from my assigned range. Depending on how your ISP has > > configured things you may need a "real" IPv6 address on your tun0 > > interface, but this should be from a distinct subnet to the block you're > > using internally. > > Hi Matthew, > > Thanks for the reply. I may have messed up manually masking the > network data so let me do it by sed this time so I don't mess up. > > aaaa:bbbb:cccc:dddd is the /64 prefix used for the connection > xxxx:yyyy:zzzz is the /48 used for internal IPs > > The tunnelbroker IPs are also configured but I've removed them as they > shouldn't be relevant. I've checked gif0 and none of the traffic is > going out that interface either. > > tun0 shows: > > tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1492 > options=80000<LINKSTATE> > inet6 fe80::200:24ff:fec9:5bbc%tun0 prefixlen 64 scopeid 0xa > inet a.b.c.d --> e.f.g.h netmask 0xffffffff > inet6 aaaa:bbbb:cccc:dddd:200:24ff:fec9:5bbc prefixlen 64 autoconf > nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL> > Opened by PID 1038 > > vr0 shows: > > vr0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 > options=8280b<RXCSUM,TXCSUM,VLAN_MTU,WOL_UCAST,WOL_MAGIC,LINKSTATE> > ether 00:00:24:c9:5b:bc > inet i.j.k.l netmask 0xffffff00 broadcast i.j.k.m > inet6 fe80::200:24ff:fec9:5bbc%vr0 prefixlen 64 scopeid 0x1 > inet6 xxxx:yyyy:zzzz:1::1 prefixlen 64 > nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> > media: Ethernet autoselect (100baseTX <full-duplex>) > status: active > > IPv6 routing table: > > Routing tables > > Internet6: > Destination Gateway Flags Netif Expire > ::/96 ::1 UGRS lo0 => > default fe80::230:88ff:fe16:ec4f%tun0 UG tun0 > ::1 link#9 UH lo0 > ::ffff:0.0.0.0/96 ::1 UGRS lo0 > xxxx:yyyy:zzzz:1::/64 link#1 U vr0 > xxxx:yyyy:zzzz:1::1 link#1 UHS lo0 > xxxx:yyyy:zzzz:2::/64 link#3 U vr2 > xxxx:yyyy:zzzz:2::1 link#3 UHS lo0 > aaaa:bbbb:cccc:dddd::/64 link#10 U tun0 > aaaa:bbbb:cccc:dddd:200:24ff:fec9:5bbc link#10 UHS lo0 > > traceroute from tun0 IP (first 4 hops only shown) > > traceroute6 to wfe0.ysv.freebsd.org (2001:1900:2254:206a::50:0) from aaaa:bbbb:cccc:dddd:200:24ff:fec9:5bbc, 4 hops max, 12 byte packets > 1 aaaa:bbbb::3:0:0:2 29.318 ms 29.860 ms 28.065 ms > 2 aaaa:bbbb:0:301:: 28.724 ms 29.064 ms 29.421 ms > 3 aaaa:bbbb:0:4::1 29.881 ms 29.189 ms 28.254 ms > 4 aaaa:bbbb:0:3::1 35.764 ms 36.488 ms 36.054 ms > > traceroute from vr0 IP using 'traceroute6 -s' > > traceroute6 to wfe0.ysv.freebsd.org (2001:1900:2254:206a::50:0) from xxxx:yyyy:zzzz:1::1, 4 hops max, 12 byte packets > 1 * * * > 2 * * * > > > > Hmmm.... you do have 'gateway_enable="YES"' and > > 'ipv6_gateway_enable="YES"' in your /etc/rc.conf ? > > gateway_enable="YES" > ipv6_gateway_enable="YES" > > Yes. v4 continues to work fine. OK, I guess I must have missed something in earlier testing. The packet *was* going out tun0, just not getting a reply. Turns out that the ISP doesn't set up the route for the /48 unless you do an IPv6 DHCP reqeust. Only then does traffic work when using IPs other than the ones on the PPP interface Sorry for the noise Thanks, Gary
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150824134518.GG13503>