Date: Sun, 23 Aug 2015 16:37:56 +0100 From: Matthew Seaman <matthew@FreeBSD.org> To: freebsd-net@freebsd.org Subject: Re: Routing IPv6 over tun0 (PPPoE) issue Message-ID: <55D9E8D4.1050700@FreeBSD.org> In-Reply-To: <20150823150408.GE13503@in-addr.com> References: <20150823150408.GE13503@in-addr.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --L5mkpI2m91wKkft7VHfXbmJSnd9csOWrT Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 23/08/2015 16:04, Gary Palmer wrote: > However if I configure other IPs on other interfaces from the netblock = that > has been delegated to me and either source the traffic from those IPs o= r > try the traceroute from another computer using IPs in that netblock, I > don't even see the traffic leaving tun0 with tcpdump, let alone get any= > replies. I have a similar setup. Looks to me as if there's a problem with your routing internally. My routing table looks like this (excluding the ff01::, ff02:: and ff03:: routes and anything that's a host specific route): % netstat -rn -f inet6 | grep -vE '(UH|ff0)' Routing tables Internet6: Destination Gateway Flags Netif Expire ::/96 ::1 UGRS lo0 default fe80::203:97ff:fe19:8000%tun0 UGS tun0 ::ffff:0.0.0.0/96 ::1 UGRS lo0 2001:8b0:151:1::/64 link#1 U em0 <<<---** fe80::/10 ::1 UGRS lo0 fe80::%em0/64 link#1 U em0 fe80::%re0/64 link#2 U re0 fe80::%lo0/64 link#3 U lo0 fe80::%tun0/64 link#5 U tun0 Here em0 is the interface onto my internal network, and any addresses from my assigned IPv6 netblock are configured on that interface or the network directly attached to it. You should have a route equivalent to the one marked with the arrow. Note that tun0 uses link-local addresses for the IPv6 tunnelling, not addresses from my assigned range. Depending on how your ISP has configured things you may need a "real" IPv6 address on your tun0 interface, but this should be from a distinct subnet to the block you're using internally. Hmmm.... you do have 'gateway_enable=3D"YES"' and 'ipv6_gateway_enable=3D"YES"' in your /etc/rc.conf ? Cheers, Matthew --L5mkpI2m91wKkft7VHfXbmJSnd9csOWrT Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2 iQJ8BAEBCgBmBQJV2ejUXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2NTNBNjhCOTEzQTRFNkNGM0UxRTEzMjZC QjIzQUY1MThFMUE0MDEzAAoJELsjr1GOGkAT9aQQAJAL3zDc8KXv40CbuDb6AxtH Al7/6HwLxVbshiWJr1q0HbsDHW9PHsfxAL2J8ER9qVdZmc5dm/EG80GKMNb8v+IG ecilWPN+fP4H/FurC/Nxsz1ihSo+Zo8Hf9zn8GHOuJrnP1s9lx7NSixhDt/2/8Gg T3W3JJhrJXovYfD4+cs3DVlEOT8xnDsHZRt4rdOXWpK6IXJF86HxINDORnx01AcM yyyEwcsNOrfog3+hA+6QHGELe9oqaPEJeTl0ZEWsq9CKkj5HQNzsnd1KcnaJjfku UpSR9G7QPOv0e8htRgtXHzsr0oyRaYCkhmwmrC5n7oe0UTrWMxqLdMmdLiHyVzsQ i9dplUDvv5xAcqPIeccVQfS08aOELDji8ldt9zOgiT0jE/omUg247RJ9N9w6ODHb uVZgq1IrZnwfKbXtsYnrtMoMKvvO8yZzy25sAEbqRjpBrzjGd5554qbudrrr2n9U GlfGAmuEnHsEP6WU+50wr7f3YAY+1/+8aLvAaI04eTFN0dOPsy8Fom4iacE96QEn Mlgyi2laxnC0F2nv7tIBxDf0bs3zC74KyuZHsFCTmmxSLl8Sn7rnmKikznjLitxp x5nhXV8fEikVkPW7I+BJjYO0FKrkjY0NQZHWOkKs4gaTEnKzIxaAJMjtHwszMN7/ EBI6nmYzxdXdJBp+VgIB =gsIB -----END PGP SIGNATURE----- --L5mkpI2m91wKkft7VHfXbmJSnd9csOWrT--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?55D9E8D4.1050700>