FreeBSD IPv6 Routing

angelvg

angelvg

Hello friends

I am trying to routing between an IPv6 network with (/52) prefixlen to another IPv6 network with (/64) prefixlen

But it does not work and I do not know what I'm doing wrong or what I'm missing...

* The FreeBSD server does not have a firewall
* The Windows client has the IPv6, prefixlen and gateway manual, has no active firewall

Diagram:
Internet}------em0-[FreeBSD]-re0------[Switch]------[Windows]


The FreeBSD server

freebsd-version


Code: 
11.2-RELEASE-p4


/etc/rc.conf
Code: 
hostname="test.domain.com"
sshd_enable="YES"
dumpdev="AUTO"
zfs_enable="YES"

# IPv6 Internet
ifconfig_em0_ipv6="inet6 2800:e7:a8:6000::9 prefixlen 52"
ipv6_defaultrouter="2800:e7:a8:6000::1"

# IPv6 LAN
ifconfig_re0_ipv6="inet6 2800:e7:a8:6200::1 prefixlen 64"

ipv6_gateway_enable="YES"

The Windows Client

Code: 
IP: 2800:e7:a8:6200::2 /64
Gateway: 2800:e7:a8:6200::1


The tests:

The FreeBSD server

Ping to google IPv6

ping6 -c 4 2607:f8b0:4008:810::200e


Code: 
PING6(56=40+8+8 bytes) 2800:e7:a8:6000::9 --> 2607:f8b0:4008:810::200e
16 bytes from 2607:f8b0:4008:810::200e, icmp_seq=0 hlim=53 time=78.041 ms
16 bytes from 2607:f8b0:4008:810::200e, icmp_seq=1 hlim=53 time=77.893 ms
16 bytes from 2607:f8b0:4008:810::200e, icmp_seq=2 hlim=53 time=77.891 ms
16 bytes from 2607:f8b0:4008:810::200e, icmp_seq=3 hlim=53 time=77.917 ms

--- 2607:f8b0:4008:810::200e ping6 statistics ---
4 packets transmitted, 4 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 77.891/77.935/78.041/0.062 ms

Ping to Windows Client


ping6 -c 4 2800:e7:a8:6200::2


Code: 
PING6(56=40+8+8 bytes) 2800:e7:a8:6200::1 --> 2800:e7:a8:6200::2
16 bytes from 2800:e7:a8:6200::2, icmp_seq=0 hlim=64 time=0.556 ms
16 bytes from 2800:e7:a8:6200::2, icmp_seq=1 hlim=64 time=0.501 ms
16 bytes from 2800:e7:a8:6200::2, icmp_seq=2 hlim=64 time=0.515 ms
16 bytes from 2800:e7:a8:6200::2, icmp_seq=3 hlim=64 time=0.498 ms

--- 2800:e7:a8:6200::2 ping6 statistics ---
4 packets transmitted, 4 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.498/0.518/0.556/0.023 ms

The routing


netstat -r


Code: 
Internet:
Destination        Gateway            Flags     Netif Expire
default            static-181-143-98- UGS         em0
localhost          link#3             UH          lo0
181.143.98.152/29  link#1             U           em0
samdom.telemedelli link#1             UHS         lo0

Internet6:
Destination        Gateway            Flags     Netif Expire
::/96              localhost          UGRS        lo0
default            2800:e7:a8:6000::1 UGS         em0
localhost          link#3             UH          lo0
::ffff:0.0.0.0/96  localhost          UGRS        lo0
2800:e7:a8:6000::/ link#1             U           em0
2800:e7:a8:6000::9 link#1             UHS         lo0
2800:e7:a8:6200::/ link#2             U           re0
2800:e7:a8:6200::1 link#2             UHS         lo0
fe80::/10          localhost          UGRS        lo0
fe80::%em0/64      link#1             U           em0
fe80::21c:c0ff:fe9 link#1             UHS         lo0
fe80::%re0/64      link#2             U           re0
fe80::214:6cff:fec link#2             UHS         lo0
fe80::%lo0/64      link#3             U           lo0
fe80::1%lo0        link#3             UHS         lo0
ff02::/16          localhost          UGRS        lo0


ifconfig


Code: 
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC>
        ether 00:1c:c0:95:37:db
        hwaddr 00:1c:c0:95:37:db
        inet 181.143.98.154 netmask 0xfffffff8 broadcast 181.143.98.159 
        inet6 fe80::21c:c0ff:fe95:37db%em0 prefixlen 64 scopeid 0x1 
        inet6 2800:e7:a8:6000::9 prefixlen 52 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        media: Ethernet autoselect (1000baseT <full-duplex>)
        status: active
re0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE>
        ether 00:14:6c:cb:d6:8e
        hwaddr 00:14:6c:cb:d6:8e
        inet6 2800:e7:a8:6200::1 prefixlen 64 
        inet6 fe80::214:6cff:fecb:d68e%re0 prefixlen 64 scopeid 0x2 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        media: Ethernet autoselect (1000baseT <full-duplex>)
        status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
        inet6 ::1 prefixlen 128 
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 
        inet 127.0.0.1 netmask 0xff000000 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        groups: lo

The Windows Client (sorry is in Spanish)

ping to the FreeBSD Server

ping -6 2800:e7:a8:6200::1


Code: 
Haciendo ping a 2800:e7:a8:6200::1 con 32 bytes de datos:
Respuesta desde 2800:e7:a8:6200::1: tiempo<1m
Respuesta desde 2800:e7:a8:6200::1: tiempo<1m
Respuesta desde 2800:e7:a8:6200::1: tiempo<1m
Respuesta desde 2800:e7:a8:6200::1: tiempo<1m

Estadísticas de ping para 2800:e7:a8:6200::1:
    Paquetes: enviados = 4, recibidos = 4, perdidos = 0
    (0% perdidos),
Tiempos aproximados de ida y vuelta en milisegundos:
    Mínimo = 0ms, Máximo = 0ms, Media = 0ms


Ping to google IPv6


ping -6 2607:f8b0:4008:810::200e


Code: 
Haciendo ping a 2607:f8b0:4008:810::200e con 32 bytes de datos:
Tiempo de espera agotado para esta solicitud.
Tiempo de espera agotado para esta solicitud.
Tiempo de espera agotado para esta solicitud.
Tiempo de espera agotado para esta solicitud.

Estadísticas de ping para 2607:f8b0:4008:810::200e:
    Paquetes: enviados = 4, recibidos = 0, perdidos = 4
    (100% perdidos),


Thank your for the attention and any help!
 
2800:e7:a8:6000::9/52

Start Range: 2800:e7:a8:6000:0:0:0:0
End Range: 2800:e7:a8:6fff:ffff:ffff:ffff:ffff
No. of host: 75557863725914323419136


2800:e7:a8:6200::1/64

Start Range: 2800:e7:a8:6200:0:0:0:0
End Range: 2800:e7:a8:6200:ffff:ffff:ffff:ffff
No. of host: 18446744073709551616

Do you see the problem?
The networks are overlaping.
 
VladiBG

Than you for you help...

I try some changes:

FreeBSD

/etc/rc.conf
Code: 
[...]
ifconfig_em0_ipv6="inet6 2800:00e7:00a8:6000:0000:0000:0000:0002 prefixlen 64"
ipv6_defaultrouter="2800:00e7:00a8:6000:0000:0000:0000:0001"

ifconfig_re0_ipv6="inet6 2800:00e7:00a8:6100:0000:0000:0000:0001 prefixlen 64"

ipv6_gateway_enable="YES"


ping6 -c 4 2800:00e7:00a8:6000:0000:0000:0000:0001

Code: 
PING6(56=40+8+8 bytes) 2800:e7:a8:6000::2 --> 2800:e7:a8:6000::1
16 bytes from 2800:e7:a8:6000::1, icmp_seq=0 hlim=63 time=0.885 ms
16 bytes from 2800:e7:a8:6000::1, icmp_seq=1 hlim=63 time=1.134 ms
16 bytes from 2800:e7:a8:6000::1, icmp_seq=2 hlim=63 time=0.819 ms
16 bytes from 2800:e7:a8:6000::1, icmp_seq=3 hlim=63 time=0.862 ms

--- 2800:00e7:00a8:6000:0000:0000:0000:0001 ping6 statistics ---
4 packets transmitted, 4 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.819/0.925/1.134/0.123 ms


ping6 -c 4 2800:00e7:00a8:6100:0000:0000:0000:0003

Code: 
PING6(56=40+8+8 bytes) 2800:e7:a8:6100::1 --> 2800:e7:a8:6100::3
16 bytes from 2800:e7:a8:6100::3, icmp_seq=0 hlim=128 time=0.353 ms
16 bytes from 2800:e7:a8:6100::3, icmp_seq=1 hlim=128 time=0.180 ms
16 bytes from 2800:e7:a8:6100::3, icmp_seq=2 hlim=128 time=0.150 ms
16 bytes from 2800:e7:a8:6100::3, icmp_seq=3 hlim=128 time=0.180 ms

Windows

Code: 
IPv6: 2800:00e7:00a8:6100:0000:0000:0000:0003
PREFIXLEN: 64
GW: 2800:00e7:00a8:6100:0000:0000:0000:0001


ping -6 2800:00e7:00a8:6100:0000:0000:0000:0001

Code: 
4 receive... OK


ping -6 2607:f8b0:4008:810::200e

Code: 
100% lost

The I.S.P. assigned us a group like this:
2800:00e7:00a8:6000:0000:0000:0000:0001/52 <- This is the Gateway

What am I doing wrong?
 
VladiBG

Thank you, but...

I know how to make NAT for IPv4 with PF
The manual from the second link i know how to work, in this example only make NAT for IPv4 with PF, the rest is for firewalling rules

My FreeBSD have a valid IPv6 (I'm writing from him), no need "a tunnel provider...", an no have PF at this time, only need to make routing from IPv6 to IPv6...

But not work!

The new parameters I think they are fine.

Thank you for you time
 
hostname="test.domain.com"
sshd_enable="YES"
dumpdev="AUTO"
zfs_enable="YES"

# IPv6 Internet
ipv6_cpe_wanif="em0"
ifconfig_em0_ipv6="inet6 2800:e7:a8:6000::9 prefixlen 52"
ipv6_defaultrouter="2800:e7:a8:6000::1"

# IPv6 LAN
ifconfig_re0_ipv6="inet6 -accept_rtadv"

ipv6_gateway_enable="YES"
rtadvd_enable="YES"
rtadvd_interfaces="re0"
 
VladiBG

No need IPv6 on LAN interface?
Routing advertisement is the second step, no needed now...

Please remember my diagram:

Internet}------em0-[FreeBSD]-re0------[Switch]------[Windows]

Now my configuration:

Code: 
ifconfig_em0="inet 181.143.98.154 netmask 255.255.255.248"
defaultrouter="181.143.98.153"

# IPv6 Internet

ipv6_cpe_wanif="em0"

ifconfig_em0_ipv6="inet6 2800:00e7:00a8:6000:0000:0000:0000:0002 prefixlen 64"
ipv6_defaultrouter="2800:00e7:00a8:6000:0000:0000:0000:0001"

# IPv6 LAN
ifconfig_re0_ipv6="inet6 2800:00e7:00a8:6100:0000:0000:0000:0001 prefixlen 64"

ipv6_gateway_enable="YES"

Please note

INTERNET
2800:e7:a8:6000::/64

LAN
2800:e7:a8:6100::/64

Now the INTERNET and the LAN is in different network, right?

But not working...
 
You must log in or register to reply here.
Back
Top