IPV6 help.

W

WibbleWobble

Hello,

Need some help setting up my router with IPV6. My ISP has started to hand out V6 IP's but not sure if they're available in my area yet. I started setting up my router from a few guides and it looks like I'm getting an IP but my windows machine can't get anything via DHCP.

My config files:

rc.conf

Code: 
gateway_enable="YES"

sshd_enable="YES"
ifconfig_re0="DHCP"
ifconfig_vr0="192.168.1.1 netmask 255.255.255.0"
pf_enable="YES"
pflog_enable="YES"
hald_enable="YES"
dbus_enable="YES"

sendmail_enable="NONE"
hostname="Router"
sshd_enable="YES"
# Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable

dumpdev="AUTO"


#ipv6_network_interfaces="re0"

ifconfig_vr0_ipv6="inet6 fe80::1"
ifconfig_re0_ipv6="inet6 accept_rtadv"
ipv6_gateway_enable="YES"
ipv6_default_interface="vr0"
dhcp6c_enable="YES"
dhcp6c_interfaces="re0"
rtadvd_enable="YES"
rtadvd_interfaces="vr0"

dhcpv6.conf

Code: 
interface re0 {
        send    ia-na 1;
        send    ia-pd 1;
        send    rapid-commit;
};

id-assoc pd 1 {
        prefix ::/64 3600;
        prefix-interface vr0 {
                sla-len 0;
                sla-id 0;
        };
};
id-assoc na 1 {


sysctl.conf


Code: 
net.inet6.ip6.accept_rtadv=1

pf.conf

Code: 
#------------------------------------------------------------------------
# macros
#------------------------------------------------------------------------
# interfaces
ext_if  = "re0"
int_if  = "vr0"


#protocol
icmp_types = "{ echoreq, unreach }"
icmp6_types = "{ unreach, toobig, timex, paramprob, echoreq, echorep, neighbradv, neighbrsol, routeradv, routersol}"

#hosts
Xbox360 = "192.168.1.105"


#ports

Xlive_udp = "{ 3074, 3075, 80, 53, 443, 88, 1863, 1200, 1024:65535 }"
Xlive_tcp = "{ 3074, 3075, 80, 53, 443, 88, 1863, 1200, 1024:65535 }"
ipv6_port = "{ 546, 547 }"




#nets
lan_net = "{ 192.168.1.0/24 }"
priv_nets = "{ 127.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8 }"



# config
#------------------------------------------------------------------------
# options
#------------------------------------------------------------------------
# config
set block-policy drop
set loginterface $ext_if
set skip on lo0
set optimization conservative

# scrub
#scrub all reassemble tcp no-df
#scrub in all fragment reassemble
scrub in all

#------------------------------------------------------------------------
# redirection (and nat, too!)
#------------------------------------------------------------------------
# network address translation
nat on egress from $int_if:network to any tag EGRESS -> ($ext_if:0) port 1024:65535
nat on $ext_if from $Xbox360 to any -> ($ext_if:0) static-port
nat on $ext_if from $lan_net to any -> ($ext_if)
rdr on $ext_if inet proto udp from any to ($ext_if) port $Xlive_udp tag XBOX360 -> $Xbox360
rdr on $ext_if inet proto tcp from any to ($ext_if) port $Xlive_tcp tag XBOX360 -> $Xbox360
#nat on $ext_if from $air_if:network to any -> (ext_if) static-port
no nat on $int_if proto tcp from $int_if to $lan_net


#------------------------------------------------------------------------
# firewall policy
#------------------------------------------------------------------------
# restrictive default rules
block log all
pass out keep state
block drop in log on $ext_if from $priv_nets to any
block drop out log on $ext_if from any to $priv_nets


# anti spoofing
antispoof for { $int_if, $ext_if }


pass in log on $ext_if inet proto udp from any to $Xbox360 port $Xlive_udp keep state tagged XBOX360
pass in log on $ext_if inet proto tcp from any to $Xbox360 port $Xlive_tcp keep state tagged XBOX360
pass out log on $int_if inet proto udp from any to $Xbox360 port $Xlive_udp keep state tagged XBOX360
pass out log on $int_if inet proto tcp from any to $Xbox360 port $Xlive_tcp keep state tagged XBOX360
pass in log on $int_if inet proto udp  from $Xbox360 to any port $Xlive_udp keep state
pass in log on $int_if inet proto tcp  from $Xbox360 to any port $Xlive_tcp keep state
block in quick on $int_if inet proto igmp all
pass quick on { $ext_if $int_if } inet proto tcp from any port 67:68 to any port 67:68 keep state flags S/SA
pass quick on { $int_if $ext_if } inet proto udp from any port 67:68 to any port 67:68 keep state


#######IPV6######

pass in on $ext_if proto icmp6 all
pass in on $ext_if inet6 proto tcp from any to any port $ipv6_port flags S/SA keep state
pass in on $ext_if inet6 proto udp from any to any port $ipv6_port
pass in on $int_if inet6 proto tcp from any to any port $ipv6_port flags S/SA keep state
pass in on $int_if inet6 proto udp from any to any port $ipv6_port
pass in inet6 proto ipv6-icmp all icmp6-type { 1, 2, 3, 4, 128, 129, 135, 136 }
pass in log on $ext_if proto ipv6
pass in log on $int_if proto ipv6
pass proto icmp6 all
pass out log on $ext_if inet6 proto tcp from $ext_if to any
pass out log on $ext_if inet6 proto udp from $ext_if to any
pass out on $ext_if inet6 from $ext_if to any



pass inet proto icmp all icmp-type $icmp_types keep state

pass in  on $int_if from $int_if:network to any keep state
pass out on $int_if from any to $int_if:network keep state

pass out on $ext_if proto tcp all modulate state flags S/SA
pass out on $ext_if proto { udp,icmp } all keep state

pass in  from $lan_net to $lan_net keep state
pass out from $lan_net to $lan_net keep state
pass out from any to any keep state

ifconfig

Code: 
re0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE>
        ether c8:60:00:df:fb:f1
        inet6 fe80::ca60:ff:fedf:fbf1%re0 prefixlen 64 scopeid 0x1
        inet6 2001:1970:4000:8e:692f:6c0e:3cf1:a65b prefixlen 128
        inet 72.39.x.x netmask 0xfffff000 broadcast 72.x.x.255
        nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
        media: Ethernet autoselect (1000baseT <full-duplex>)
        status: active
vr0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=82808<VLAN_MTU,WOL_UCAST,WOL_MAGIC,LINKSTATE>
        ether 00:50:ba:68:e2:cf
        inet6 fe80::250:baff:fe68:e2cf%vr0 prefixlen 64 scopeid 0x2
        inet6 fe80::1%vr0 prefixlen 64 scopeid 0x2
        inet6 2001:1970:53c0:3f00:250:baff:fe68:e2cf prefixlen 56
        inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
        inet 127.0.0.1 netmask 0xff000000
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        groups: lo
pflog0: flags=100<PROMISC> metric 0 mtu 33184
        groups: pflog


IPV6 is a little confusing to me. Any ideas ?

Thank you.
 
Can get V6 IP on my Window machine now but can't ping or access the web.

Code: 
Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : C8-60-00-B2-69-B5
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::ed03:3df9:547a:8c8e%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : fe80::250:baff:fe68:e2cf%11
                                       192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 63463424
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-52-00-65-C8-60-00-B2-69-B5
   DNS Servers . . . . . . . . . . . : 192.168.1.1
                                       8.8.8.8
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Reusable ISATAP Interface {25F8366D-7283-4E70-9554-62D41CCE72F7}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 2:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:34e5:77c4:3c82:32ae:b7d8:dfad(Preferred)
   Link-local IPv6 Address . . . . . : fe80::3c82:32ae:b7d8:dfad%13(Preferred)
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 234881024
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-52-00-65-C8-60-00-B2-69-B5
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
What subnet did you get from your ISP? /64?

You will need two subnets which is /63 or lower. One for your router and another for computers behind the router. IPv6 doesn't work with NAT.
 
I didn't get any from my ISP. They just started handing out V6 IP's. I thought I would try and see if it would get an IP on it's own. Sorry I'm not to familiar with IPV6. It's all new to me.
 
I am now getting IP's from my ISP. Not sure what sub-net they are. When I plug in my windows PC direct to my modem without going thru my router I get an IP of: 2001:1970:4000:8e:4534:91ba:74ac:7c7f
and a default gateway of 2001:1970:4000:8e:692f:6c0e:3cf1:a65b. When I go thru my FreeBSD router it seems like I'm getting an IP but I can't ping or browse the net. My ifconfig output is the same as it is in the first post here.

Any ideas ?

It was my rc.conf
I can't seem to ping but can access IPV6 sites.

# ping6 ipv6.google.com
ping6: UDP connect: No route to host
 
You must log in or register to reply here.
Back
Top