From owner-freebsd-net@FreeBSD.ORG Tue Dec 16 21:02:22 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 62F13106564A for ; Tue, 16 Dec 2008 21:02:22 +0000 (UTC) (envelope-from freebsd-net@m.gmane.org) Received: from ciao.gmane.org (main.gmane.org [80.91.229.2]) by mx1.freebsd.org (Postfix) with ESMTP id E1C9C8FC1B for ; Tue, 16 Dec 2008 21:02:21 +0000 (UTC) (envelope-from freebsd-net@m.gmane.org) Received: from list by ciao.gmane.org with local (Exim 4.43) id 1LCh3b-0001Eu-QS for freebsd-net@freebsd.org; Tue, 16 Dec 2008 21:02:19 +0000 Received: from 93-138-45-143.adsl.net.t-com.hr ([93.138.45.143]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 16 Dec 2008 21:02:19 +0000 Received: from ivoras by 93-138-45-143.adsl.net.t-com.hr with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 16 Dec 2008 21:02:19 +0000 X-Injected-Via-Gmane: http://gmane.org/ To: freebsd-net@freebsd.org From: Ivan Voras Date: Tue, 16 Dec 2008 22:01:59 +0100 Lines: 59 Message-ID: Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig4E5E09E75FB1BC0B7B050693" X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: 93-138-45-143.adsl.net.t-com.hr User-Agent: Thunderbird 2.0.0.18 (Windows/20081105) X-Enigmail-Version: 0.95.7 Sender: news Subject: 6to4 in 6.3-R? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Dec 2008 21:02:22 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig4E5E09E75FB1BC0B7B050693 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Hi, I'm toying around with IPv6 and one thing I'd like to try is to set up an stf tunnel. The other types, like freenet6 and what sixxs uses work without problems, but on a 7-stable machine. I've followed various documents (like http://www.kfu.com/~nsayer/6to4/ but most are very similar) and it apparently boils down to the following in /etc/rc.conf: ipv6_enable=3D"YES" ipv6_defaultrouter=3D"2002:c058:6301::" stf_interface_ipv4addr=3D"my.permanent.ipv4.addr" The interface comes up ok: stf0: flags=3D1 mtu 1280 inet6 2002:a135:xxyy::1 prefixlen 16 but attempts to ping outside result in errors: > ping6 www.freebsd.org PING6(56=3D40+8+8 bytes) 2002:a135:xxyy::1 --> 2001:4f8:fff6::21 ping6: sendmsg: Permission denied ping6: wrote www.freebsd.org 16 chars, ret=3D-1 ping6: sendmsg: Permission denied ping6: wrote www.freebsd.org 16 chars, ret=3D-1 ^C --- www.freebsd.org ping6 statistics --- 2 packets transmitted, 0 packets received, 100.0% packet loss It can ping6 itself. I have ipfw here but a very early rule says "allow ipv6 from any to any". It's triggered, judging by the packet counts, but apparently only in one direction (in the above example, only 2 packets would be accounted for). I think it's either broken (I can't try spf on the 7-stable machine) or, more likely, I'm missing something since I'm new to ipv6. Any ideas? --------------enig4E5E09E75FB1BC0B7B050693 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAklIF00ACgkQldnAQVacBcheewCgrEvAz241JxhX9o0aTx4U3Chy xoUAn35ovZPavKH0bOb0BBeKGnPQQWfY =390d -----END PGP SIGNATURE----- --------------enig4E5E09E75FB1BC0B7B050693--