Problems setting up Hurricane Electric ipv6 tunnel

jonfr

Active Member

Reaction score: 10
Messages: 235

I am moving to Hurricane Electric IPv6 pop at the moment and I am having issues connecting to IPv6 with them. I do not know if Hurricane Electric has any client for IPv6 connections.

When I follow their guide, I get this error when creating the tunnel manually.

Code:
ifconfig gif0 inet6 2001:470:27:3d0::2 2001:470:27:3d0::1 prefixlen 64
ifconfig: ioctl (SIOCAIFADDR): Invalid argument

That stops me from going any further. After this I am not able to create the tunnel and proper routing table for IPv6.

My current IPv6 config looks like this in rc.conf.

Code:
ipv6_network_interfaces="bge0"
ipv6_activate_all_interfaces="YES"
ifconfig_bge0_ipv6="2001:470:28:3d0::3/64"
#gifconfig_gif0="192.168.1.2 216.66.80.90"
#ipv6_ifconfig_gif0="2001:470:27:3d0::2/64 2001:470:27:3d0::1/64"
#gif_interfaces="gif0"
ipv6_gateway_enable="YES"
radvd_enable="yes"

For the time being, I have commented out what is not working.

I can ping6 my server on the local LAN without any issue.

Code:
ping6 -c 4 2001:470:28:3d0::3
PING 2001:470:28:3d0::3(2001:470:28:3d0::3) 56 data bytes
64 bytes from 2001:470:28:3d0::3: icmp_seq=1 ttl=64 time=0.245 ms
64 bytes from 2001:470:28:3d0::3: icmp_seq=2 ttl=64 time=0.302 ms
64 bytes from 2001:470:28:3d0::3: icmp_seq=3 ttl=64 time=0.302 ms
64 bytes from 2001:470:28:3d0::3: icmp_seq=4 ttl=64 time=0.283 ms

--- 2001:470:28:3d0::3 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 2999ms
rtt min/avg/max/mdev = 0.245/0.283/0.302/0.023 ms

Thanks for the help.
 

junovitch@

Daemon
Developer

Reaction score: 632
Messages: 1,773

According to the handbook at http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-ipv6.html

To apply the IPv6 address that has been assigned for use as the IPv6 tunnel endpoint, add the following line for FreeBSD 9.x and later:
Code:
ifconfig_gif0_ipv6="inet6 MY_ASSIGNED_IPv6_TUNNEL_ENDPOINT_ADDR"
For FreeBSD 8.x, add:
Code:
ipv6_ifconfig_gif0="MY_ASSIGNED_IPv6_TUNNEL_ENDPOINT_ADDR"

It does seem to create it while just specifying a destination address. Whether that works I don't know. The ifconfig() man page describes using a both a source and destination.
 
OP
J

jonfr

Active Member

Reaction score: 10
Messages: 235

This did not work. I get this when I try to ping6 google.com.

Code:
ping6 -c 4 google.com
ping6: UDP connect: No route to host

ifconfig gives me this information.

Code:
ifconfig
bge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8009b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,LINKSTATE>
        ether 00:1a:a0:0e:a2:20
        inet 192.168.1.2 netmask 0xffffff00 broadcast 192.168.1.255
        inet6 fe80::21a:a0ff:fe0e:a220%bge0 prefixlen 64 scopeid 0x1 
        inet6 2001:470:28:3d0::3 prefixlen 64 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
fwe0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8<VLAN_MTU>
        ether 02:00:d1:63:6b:f9
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        ch 1 dma -1
fwip0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
        lladdr 0.0.d1.0.80.63.6b.f9.a.2.ff.fe.0.0.0.0
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
plip0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> metric 0 mtu 1500
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
        inet6 ::1 prefixlen 128 
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0xa 
        inet 127.0.0.1 netmask 0xff000000 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1280
        tunnel inet 192.168.1.2 --> 216.66.80.90
        inet6 fe80::21a:a0ff:fe0e:a220%gif0 prefixlen 64 scopeid 0xb 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        options=1<ACCEPT_REV_ETHIP_VER>

My rc.conf looks like this now. This just the IPv6 section of it.

Code:
ipv6_network_interfaces="bge0"
ipv6_activate_all_interfaces="YES"
ifconfig_bge0_ipv6="2001:470:28:3d0::3/64"
gifconfig_gif0="192.168.1.2 216.66.80.90"
ifconfig_gif0_ipv6="2001:470:27:3d0::2/64 2001:470:27:3d0::1/64"
gif_interfaces="gif0"
ipv6_defaultrouter="2001:470:27:3d0::1/64"
ipv6_gateway_enable="YES"
radvd_enable="yes"

There is a message when the computer boots about that something is missing from the IPv6 settings. I can't read it since it goes past the screen so fast and I do not know where boot-up messages are stored in FreeBSD.
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 12,331
Messages: 38,847

Nothing is needed for the HE tunnel to work. Here are the relevant bits from my rc.conf.

Code:
ifconfig_rl0="DHCP"
cloned_interfaces="vlan1 vlan10"
ifconfig_vlan1="inet 10.0.0.1 netmask 255.255.255.0 vlan 1 vlandev re0"
ifconfig_vlan10="inet 192.168.10.1 netmask 255.255.255.0 vlan 10 vlandev re0"
ifconfig_vlan10_ipv6="inet6 2001:xxxx:xxxx:xxxx::1 prefixlen 64"
rtadvd_enable="YES"

gif_interfaces="gif0"
ifconfig_gif0_ipv6="inet6 2001:xxxx:xxxx:aaaa::2 2001:xxxx:xxxx:aaaa::1 prefixlen 64"
gifconfig_gif0="62.x.x.x 216.y.y.y"

ipv6_defaultrouter="-iface gif0"

Note that you need to use your external IP address in gifconfig_gif0, not your internal address.

/etc/rtadvd.conf
Code:
vlan10:\
        :addr="2001:xxxx:xxxx:xxxx::":prefixlen#64:\
        :rdnss="2001:xxxx:xxxx:xxxx::1":\
        :dnssl="dicelan.home":
 
OP
J

jonfr

Active Member

Reaction score: 10
Messages: 235

This for some reason didn't work. I can ping6 from the LAN, but I cannot ping6 to the internet.

Code:
ping6 -c 4 google.com
PING6(56=40+8+8 bytes) 2001:470:28:3d0::3 --> 2a00:1450:4013:c00::8a

--- google.com ping6 statistics ---
4 packets transmitted, 0 packets received, 100.0% packet loss

ifconfig looks like this now.

Code:
bge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8009b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,LINKSTATE>
        ether 00:1a:a0:0e:a2:20
        inet 192.168.1.2 netmask 0xffffff00 broadcast 192.168.1.255
        inet6 fe80::21a:a0ff:fe0e:a220%bge0 prefixlen 64 scopeid 0x1 
        inet6 2001:nnn:nn:nnn::3 prefixlen 64 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
fwe0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8<VLAN_MTU>
        ether 02:00:d1:63:6b:f9
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        ch 1 dma -1
fwip0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
        lladdr 0.0.d1.0.80.63.6b.f9.a.2.ff.fe.0.0.0.0
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
plip0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> metric 0 mtu 1500
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
        inet6 ::1 prefixlen 128 
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0xa 
        inet 127.0.0.1 netmask 0xff000000 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
vlan1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=3<RXCSUM,TXCSUM>
        ether 00:1a:a0:0e:a2:20
        inet 192.168.3.1 netmask 0xffffff00 broadcast 192.168.3.255
        inet6 fe80::21a:a0ff:fe0e:a220%vlan1 prefixlen 64 scopeid 0xb 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
        vlan: 1 parent interface: bge0
vlan2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=3<RXCSUM,TXCSUM>
        ether 00:1a:a0:0e:a2:20
        inet 192.168.1.4 netmask 0xffffff00 broadcast 192.168.1.255
        inet6 fe80::21a:a0ff:fe0e:a220%vlan2 prefixlen 64 scopeid 0xc 
        inet6 2001:nnn:nnn:nnn::1 prefixlen 64 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
        vlan: 2 parent interface: bge0
gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1280
        tunnel inet 46.y.n.c --> 216.d.n.g
        inet6 fe80::21a:a0ff:fe0e:a220%gif0 prefixlen 64 scopeid 0xd 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        options=1<ACCEPT_REV_ETHIP_VER>

This is how my rc.conf looks now. Just the IPv6 part of it.

Code:
ipv6_network_interfaces="bge0"
ipv6_activate_all_interfaces="YES"
ifconfig_bge0_ipv6="2001:xxx:xx:xxx::3/64"
ipv6_gateway_enable="YES"
radvd_enable="yes"

cloned_interfaces="vlan1 vlan2"
ifconfig_vlan1="inet 192.168.3.1 netmask 255.255.255.0 vlan 1 vlandev bge0"
ifconfig_vlan2="inet 192.168.1.4 netmask 255.255.255.0 vlan 2 vlandev bge0"
ifconfig_vlan2_ipv6="inet6 2001:xxx:xxx:xxx::1 prefixlen 64"

gif_interfaces="gif0"
ifconfig_gif0_ipv6="inet6 2001:xxx:xx:xxx::2 2001:xxx:xx:xxx::1 prefixlen 64"
gifconfig_gif0="46.x.y.x 216.x.y.x"
#rtadvd_enable="YES"

ipv6_defaultrouter="-iface gif0"

I have been using radvd for routing IPv6 packet from my local LAN, not rtadvd.

When the computer boots I see an message that some keyword is missing from IPv6 command in rc.conf. I do not see the warning properly since it goes so fast past my screen.

Using ping6 on my LAN works without an issue.

Code:
ping6 -c 4 2001:470:28:3d0:221:85ff:fe3f:14a1
PING6(56=40+8+8 bytes) 2001:470:28:3d0::3 --> 2001:470:28:3d0:221:85ff:fe3f:14a1
16 bytes from 2001:470:28:3d0:221:85ff:fe3f:14a1, icmp_seq=0 hlim=64 time=0.748 ms
16 bytes from 2001:470:28:3d0:221:85ff:fe3f:14a1, icmp_seq=1 hlim=64 time=0.384 ms
16 bytes from 2001:470:28:3d0:221:85ff:fe3f:14a1, icmp_seq=2 hlim=64 time=0.388 ms
16 bytes from 2001:470:28:3d0:221:85ff:fe3f:14a1, icmp_seq=3 hlim=64 time=0.400 ms

--- 2001:470:28:3d0:221:85ff:fe3f:14a1 ping6 statistics ---
4 packets transmitted, 4 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.384/0.480/0.748/0.155 ms

This is now the configuration example from Hurricane Electric for FreeBSD >= 4.4

Code:
ifconfig gif0 create
ifconfig gif0 tunnel 46.d.n.y 216.c.p.g
ifconfig gif0 inet6 2001:nnn:nn:nn::2 2001:nnn:nn:nnn::1 prefixlen 128
route -n add -inet6 default 2001:nnn:nn:nnn::1
ifconfig gif0 up

Thanks for the help.
 

kpa

Beastie's Twin

Reaction score: 1,847
Messages: 6,318

Are all those xxx:xxx:xxx:xxx on the IPv6 address you've shown from the same /64 prefix or do you have a different /64s for both LAN (I assume that is bge0?) and the gif0 interface?

Also the same question between bge0 and vlan2, those two should also have separate /64 prefixes unless you're bold enough to try bridging with IPv6.
 
OP
J

jonfr

Active Member

Reaction score: 10
Messages: 235

kpa said:
Are all those xxx:xxx:xxx:xxx on the IPv6 address you've shown from the same /64 prefix or do you have a diffrent /64s for both LAN (I assume that is bge0?) and the gif0 interface?

Also the same question between bge0 and vlan2, those two should also have separate /64 prefixes unless you're bold enough to try bridging with IPv6.

Here is the rc.conf as it is now. I can try and move the IPv6 address around if that is the error. But I need to know what needs to be changed to fix the error I am having.

Code:
ipv6_network_interfaces="bge0"
ipv6_activate_all_interfaces="YES"
ifconfig_bge0_ipv6="2001:470:28:3d0::3/64"
ipv6_gateway_enable="YES"
radvd_enable="yes"

cloned_interfaces="vlan1 vlan2"
ifconfig_vlan1="inet 192.168.3.1 netmask 255.255.255.0 vlan 1 vlandev bge0"
ifconfig_vlan2="inet 192.168.1.4 netmask 255.255.255.0 vlan 2 vlandev bge0"
ifconfig_vlan2_ipv6="inet6 2001:470:27:3d0::1 prefixlen 64"

gif_interfaces="gif0"
ifconfig_gif0_ipv6="inet6 2001:470:27:3d0::2 2001:470:27:3d0::1 prefixlen 64"
gifconfig_gif0="46.32.53.73 216.66.80.90"
#rtadvd_enable="YES"

ipv6_defaultrouter="-iface gif0"
 

kpa

Beastie's Twin

Reaction score: 1,847
Messages: 6,318

Well look again at the subnets you got from HE. There should be one that is meant to be used only on the tunnel (gif0) interface and any other subnets are so called routed subnets. I'm assuming that the subnet that is meant for gif0 is 2001:470:27:3d0::/64.

You have to change the address on vlan2 to an address that is not from this same subnet and also does not conflict with the subnet that you are already using on bge0, 2001:470:28:3d0::/64.

If you don't have enough /64 subnets for all of the interfaces you'll have to request a /48 from HE that you can then break down to /64s as you like.
 
OP
J

jonfr

Active Member

Reaction score: 10
Messages: 235

According to what you are saying. This what I should assign to my IPv6.

Routed IPv6 prefixes: gif0
IPv6 tunnel endpoints: vlan2
Client IPv6 address: vlan2_IPv6

I use radvd to route to my LAN. Here is my radvd.conf as it is now.

Code:
interface bge0
{
#        (Send advertisement messages to other hosts)
        AdvSendAdvert on;
#        (Fragmentation is bad(tm))
        AdvLinkMTU 1280;
        MaxRtrAdvInterval 300;
#        (IPv6 subnet prefix we've been assigned by our PoP)
        prefix 2001:470:28:3d0::/64
        {
                AdvOnLink on;
                AdvAutonomous on;

        };
};

I see that FreeBSD complains about multiple interfaces having the same IPv6 subnet. This is my ifconfig as it is now under the current configuration.

Code:
bge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8009b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,LINKSTATE>
        ether 00:1a:a0:0e:a2:20
        inet 192.168.1.2 netmask 0xffffff00 broadcast 192.168.1.255
        inet6 fe80::21a:a0ff:fe0e:a220%bge0 prefixlen 64 scopeid 0x1 
        inet6 2001:470:28:3d0::3 prefixlen 64 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
fwe0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8<VLAN_MTU>
        ether 02:00:d1:63:6b:f9
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        ch 1 dma -1
fwip0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
        lladdr 0.0.d1.0.80.63.6b.f9.a.2.ff.fe.0.0.0.0
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
plip0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> metric 0 mtu 1500
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
        inet6 ::1 prefixlen 128 
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0xa 
        inet 127.0.0.1 netmask 0xff000000 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
vlan1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=3<RXCSUM,TXCSUM>
        ether 00:1a:a0:0e:a2:20
        inet 192.168.3.1 netmask 0xffffff00 broadcast 192.168.3.255
        inet6 fe80::21a:a0ff:fe0e:a220%vlan1 prefixlen 64 scopeid 0xb 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
        vlan: 1 parent interface: bge0
vlan2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=3<RXCSUM,TXCSUM>
        ether 00:1a:a0:0e:a2:20
        inet 192.168.1.4 netmask 0xffffff00 broadcast 192.168.1.255
        inet6 fe80::21a:a0ff:fe0e:a220%vlan2 prefixlen 64 scopeid 0xc 
        inet6 2001:470:27:3d0::1 prefixlen 64 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
        vlan: 2 parent interface: bge0
gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1280
        tunnel inet 46.32.53.73 --> 216.66.80.90
        inet6 fe80::21a:a0ff:fe0e:a220%gif0 prefixlen 64 scopeid 0xd 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        options=1<ACCEPT_REV_ETHIP_VER>

Thanks for the help.
 

kpa

Beastie's Twin

Reaction score: 1,847
Messages: 6,318

jonfr said:
According to what you are saying. This what I should assign to my IPv6.

Routed IPv6 Prefixes -> gif0
IPv6 Tunnel Endpoints -> vlan2
Client IPv6 Address: -> vlan2_IPv6

No.

IPv6 Tunnel endpoints: gif0 and nowhere else.
Routed /64 subnet #1: someinterface#1, not gif0.
Routed /64 subnet #2: someinterface#2, not gif0 and not someinterface#1.
Etc.

Here's how I have my set up for my SixXS tunnel. I have a /64 and and a /48.

Code:
gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1280
	tunnel inet 88.195.aaa.xxx --> 62.78.bbb.yyy
	inet6 fe80::230:18ff:fea9:66cb%gif0 prefixlen 64 scopeid 0x8 
	inet6 2001:14b8:abc:def::2 --> 2001:14b8:abc:def::1 prefixlen 128 
	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
	options=1<ACCEPT_REV_ETHIP_VER>

The prefixlen is 128 but that does not matter with point-to-point interfaces.

Code:
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	options=2008<VLAN_MTU,WOL_MAGIC>
	ether 00:30:18:a9:66:cb
	inet 10.71.14.1 netmask 0xffffff00 broadcast 10.71.14.255
	inet6 fe80::230:18ff:fea9:66cb%rl0 prefixlen 64 scopeid 0x1 
	inet6 2001:14b8:dcba:1::1 prefixlen 64 
	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
	media: Ethernet autoselect (100baseTX <full-duplex>)
	status: active

That's the first /64 subnet on rl0 (LAN interface) out of the 2001:14b8:dcba::/48 I have (dcba replaces the real value to protect the innocent).

If I wanted to use another /64 on let's say rl1 interface I would assign for example 2001:14b8:dcba:2::/64 on it:

Code:
ifconfig_rl1_ipv6="inet6 2001:14b8:dcba:2::1/64"

I also have a routed /64 that is separate from the /48 I'm not using at the moment.
 
OP
J

jonfr

Active Member

Reaction score: 10
Messages: 235

According to your advice I have changed my rc.conf file and now it looks like this.

Code:
ipv6_network_interfaces="bge0"
ipv6_activate_all_interfaces="YES"
ifconfig_bge0_ipv6="2001:470:28:3d0::3/64"
ipv6_gateway_enable="YES"
radvd_enable="yes"

cloned_interfaces="vlan1 vlan2"
ifconfig_vlan1="inet 192.168.3.1 netmask 255.255.255.0 vlan 1 vlandev bge0"
ifconfig_vlan2="inet 192.168.1.4 netmask 255.255.255.0 vlan 2 vlandev bge0"
ifconfig_vlan2_ipv6="inet6 2001:470:28:3d0::1  prefixlen 64"

gif_interfaces="gif0"
ifconfig_gif0_ipv6="inet6 2001:470:27:3d0::2 2001:470:27:3d0::1 prefixlen 64"
gifconfig_gif0="46.32.53.73 216.66.80.90"
#rtadvd_enable="YES"

ipv6_defaultrouter="-iface gif0"

Now vlan2 is not on the same subnet as gif0. I have not yet rebooted to test this. I wanted to check first if this configuration is correct.
 

kpa

Beastie's Twin

Reaction score: 1,847
Messages: 6,318

You still have to resolve the conflict between bge0 and vlan2. Leave out either one for now and try to get your tunnel working with just one routed subnet.
 
OP
J

jonfr

Active Member

Reaction score: 10
Messages: 235

Is it possible for me to use tun0 rather than gif0 for this? When I was using Sixxs I used tun0 rather than gif0. I used tun0 for the simple reason it worked without any issue at all.

This is still not working and I do not have clue why. I have set-up everything correctly from the looks of it.
 

kpa

Beastie's Twin

Reaction score: 1,847
Messages: 6,318

Does HE offer a tun(4) tunnel? With SixXS the only option that forces the use of a tun(4) tunnel is when you are behind NAT, otherwise SixXS tunnels use a gif(4) tunnel.
 
OP
J

jonfr

Active Member

Reaction score: 10
Messages: 235

I have made some progress with this problem. I was looking at this thread when I did find one of the errors in my rc.conf file.

Current IPv6 part of my rc.conf.

Code:
ipv6_network_interfaces="bge0"
ipv6_activate_all_interfaces="YES"
ifconfig_bge0_ipv6="2001:470:28:3d0::3 prefixlen 64"
ipv6_gateway_enable="YES"
radvd_enable="yes"

cloned_interfaces="vlan1 vlan2"
ifconfig_vlan1="inet 192.168.2.1 netmask 255.255.255.0 vlan 1 vlandev bge0"
ifconfig_vlan2="inet 192.168.1.4 netmask 255.255.255.0 vlan 2 vlandev bge0"
ifconfig_vlan2_ipv6="inet6 2001:470:28:3d0::2 prefixlen 64"

gif_interfaces="gif0"
ifconfig_gif0_ipv6="inet6 2001:470:27:3d0::2 2001:470:27:3d0::1 prefixlen 128"
gifconfig_gif0="46.32.53.73 216.66.80.90"
#rtadvd_enable="YES"
ipv6_defaultrouter="-iface gif0"

Currently ifconfig gives me this information.

Code:
bge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8009b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,LINKSTATE>
        ether 00:1a:a0:0e:a2:20
        inet 192.168.1.2 netmask 0xffffff00 broadcast 192.168.1.255
        inet6 fe80::21a:a0ff:fe0e:a220%bge0 prefixlen 64 scopeid 0x1 
        inet6 2001:470:28:3d0::3 prefixlen 64 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
fwe0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8<VLAN_MTU>
        ether 02:00:d1:63:6b:f9
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        ch 1 dma -1
fwip0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
        lladdr 0.0.d1.0.80.63.6b.f9.a.2.ff.fe.0.0.0.0
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
plip0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> metric 0 mtu 1500
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
        inet6 ::1 prefixlen 128 
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0xa 
        inet 127.0.0.1 netmask 0xff000000 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
vlan1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=3<RXCSUM,TXCSUM>
        ether 00:1a:a0:0e:a2:20
        inet 192.168.2.1 netmask 0xffffff00 broadcast 192.168.2.255
        inet6 fe80::21a:a0ff:fe0e:a220%vlan1 prefixlen 64 scopeid 0xb 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
        vlan: 1 parent interface: bge0
vlan2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=3<RXCSUM,TXCSUM>
        ether 00:1a:a0:0e:a2:20
        inet 192.168.1.4 netmask 0xffffff00 broadcast 192.168.1.255
        inet6 fe80::21a:a0ff:fe0e:a220%vlan2 prefixlen 64 scopeid 0xc 
        inet6 2001:470:28:3d0::2 prefixlen 64 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
        vlan: 2 parent interface: bge0
gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1280
        tunnel inet 46.32.53.73 --> 216.66.80.90
        inet6 fe80::21a:a0ff:fe0e:a220%gif0 prefixlen 64 scopeid 0xd 
        inet6 2001:470:27:3d0::2 --> 2001:470:27:3d0::1 prefixlen 128 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        options=1<ACCEPT_REV_ETHIP_VER>

There is no ping6 over IPv6 with this. Not from my server nor desktop computer.

Code:
ping6 -c 4 freebsd.org
PING6(56=40+8+8 bytes) 2001:470:27:3d0::2 --> 2001:1900:2254:206a::50:0

--- freebsd.org ping6 statistics ---
4 packets transmitted, 0 packets received, 100.0% packet loss

LAN ping6 works without an issue.

Code:
ping6 -c 4 2001:470:28:3d0:221:85ff:fe3f:14a1
PING6(56=40+8+8 bytes) 2001:470:28:3d0::3 --> 2001:470:28:3d0:221:85ff:fe3f:14a1
16 bytes from 2001:470:28:3d0:221:85ff:fe3f:14a1, icmp_seq=0 hlim=64 time=0.749 ms
16 bytes from 2001:470:28:3d0:221:85ff:fe3f:14a1, icmp_seq=1 hlim=64 time=0.385 ms
16 bytes from 2001:470:28:3d0:221:85ff:fe3f:14a1, icmp_seq=2 hlim=64 time=0.375 ms
16 bytes from 2001:470:28:3d0:221:85ff:fe3f:14a1, icmp_seq=3 hlim=64 time=0.379 ms

--- 2001:470:28:3d0:221:85ff:fe3f:14a1 ping6 statistics ---
4 packets transmitted, 4 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.375/0.472/0.749/0.160 ms

I am also getting information about conflict of subnets on vlan2 and bge0. I guess to fix it (it might be part of this issue) I need to get /48 from Hurricane Electric.

Thanks for the help.
 

kpa

Beastie's Twin

Reaction score: 1,847
Messages: 6,318

Remove the IPv6 address from either vlan2 or bge0 and the packets might actually go someplace, now the conflicting addresses are most likely stopping traffic from going anywhere.
 
OP
J

jonfr

Active Member

Reaction score: 10
Messages: 235

I now got a /48 address space to use for my LAN and routing. I am still seeing the message about conflicting address space when FreeBSD is starting.

This is my rc.conf now.

Code:
ipv6_network_interfaces="bge0"
ipv6_activate_all_interfaces="YES"
ifconfig_bge0_ipv6="inet6 2001:470:dd6c::2 prefixlen 64"
ipv6_gateway_enable="YES"
radvd_enable="yes"

cloned_interfaces="vlan1 vlan2"
ifconfig_vlan1="inet 192.168.2.1 netmask 255.255.255.0 vlan 1 vlandev bge0"
ifconfig_vlan2="inet 192.168.3.1 netmask 255.255.255.0 vlan 2 vlandev bge0"
ifconfig_vlan2_ipv6="inet6 2001:470:dd6c::1 prefixlen 64"

gif_interfaces="gif0"
ifconfig_gif0_ipv6="inet6 2001:470:27:3d0::2 2001:470:27:3d0::1 prefixlen 128"
gifconfig_gif0="46.32.53.73 216.66.80.90"
#rtadvd_enable="YES"
ipv6_defaultrouter="-iface gif0"

I can't ping6 out on the Internet.

Code:
ping6 -c 4 google.com
PING6(56=40+8+8 bytes) 2001:470:27:3d0::2 --> 2a00:1450:4013:c01::8a

--- google.com ping6 statistics ---
4 packets transmitted, 0 packets received, 100.0% packet loss

This is what ifconfig gives me now.

Code:
bge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8009b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,LINKSTATE>
        ether 00:1a:a0:0e:a2:20
        inet 192.168.1.2 netmask 0xffffff00 broadcast 192.168.1.255
        inet6 fe80::21a:a0ff:fe0e:a220%bge0 prefixlen 64 scopeid 0x1 
        inet6 2001:470:dd6c::2 prefixlen 64 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
fwe0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8<VLAN_MTU>
        ether 02:00:d1:63:6b:f9
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        ch 1 dma -1
fwip0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
        lladdr 0.0.d1.0.80.63.6b.f9.a.2.ff.fe.0.0.0.0
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
plip0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> metric 0 mtu 1500
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
        inet6 ::1 prefixlen 128 
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0xa 
        inet 127.0.0.1 netmask 0xff000000 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
vlan1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=3<RXCSUM,TXCSUM>
        ether 00:1a:a0:0e:a2:20
        inet 192.168.2.1 netmask 0xffffff00 broadcast 192.168.2.255
        inet6 fe80::21a:a0ff:fe0e:a220%vlan1 prefixlen 64 scopeid 0xb 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
        vlan: 1 parent interface: bge0
vlan2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=3<RXCSUM,TXCSUM>
        ether 00:1a:a0:0e:a2:20
        inet 192.168.3.1 netmask 0xffffff00 broadcast 192.168.3.255
        inet6 fe80::21a:a0ff:fe0e:a220%vlan2 prefixlen 64 scopeid 0xc 
        inet6 2001:470:dd6c::1 prefixlen 64 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
        vlan: 2 parent interface: bge0
gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1280
        tunnel inet 46.32.53.73 --> 216.66.80.90
        inet6 fe80::21a:a0ff:fe0e:a220%gif0 prefixlen 64 scopeid 0xd 
        inet6 2001:470:27:3d0::2 --> 2001:470:27:3d0::1 prefixlen 128 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        options=1<ACCEPT_REV_ETHIP_VER>

Thanks for the help. :)
 
OP
J

jonfr

Active Member

Reaction score: 10
Messages: 235

I am now finally going somewhere with this. Now I get this when I try to use ping6.

Code:
ping6 -c 4 freebsd.org
PING6(56=40+8+8 bytes) 2001:470:28:3d0::1 --> 2001:1900:2254:206a::50:0
ping6: sendmsg: Operation not permitted
ping6: wrote freebsd.org 16 chars, ret=-1
ping6: sendmsg: Operation not permitted
ping6: wrote freebsd.org 16 chars, ret=-1
ping6: sendmsg: Operation not permitted
ping6: wrote freebsd.org 16 chars, ret=-1
ping6: sendmsg: Operation not permitted
ping6: wrote freebsd.org 16 chars, ret=-1

--- freebsd.org ping6 statistics ---
4 packets transmitted, 0 packets received, 100.0% packet loss

I get this from my desktop computer using ping6.

Code:
PING google.com(ea-in-x66.1e100.net) 56 data bytes
From rack.npu.ee icmp_seq=1 Destination unreachable: Address unreachable
From rack.npu.ee icmp_seq=2 Destination unreachable: Address unreachable
From rack.npu.ee icmp_seq=3 Destination unreachable: Address unreachable
From rack.npu.ee icmp_seq=4 Destination unreachable: Address unreachable

--- google.com ping statistics ---
4 packets transmitted, 0 received, +4 errors, 100% packet loss, time 3002ms

This is what ifconfig gives me now.

Code:
bge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8009b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,LINKSTATE>
        ether 00:1a:a0:0e:a2:20
        inet 192.168.1.2 netmask 0xffffff00 broadcast 192.168.1.255
        inet6 fe80::21a:a0ff:fe0e:a220%bge0 prefixlen 64 scopeid 0x1 
        inet6 2001:470:dd6c::1 prefixlen 64 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
fwe0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8<VLAN_MTU>
        ether 02:00:d1:63:6b:f9
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        ch 1 dma -1
fwip0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
        lladdr 0.0.d1.0.80.63.6b.f9.a.2.ff.fe.0.0.0.0
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
plip0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> metric 0 mtu 1500
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
        inet6 ::1 prefixlen 128 
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0xa 
        inet 127.0.0.1 netmask 0xff000000 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
vlan1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=3<RXCSUM,TXCSUM>
        ether 00:1a:a0:0e:a2:20
        inet 192.168.2.1 netmask 0xffffff00 broadcast 192.168.2.255
        inet6 fe80::21a:a0ff:fe0e:a220%vlan1 prefixlen 64 scopeid 0xb 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
        vlan: 1 parent interface: bge0
vlan2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=3<RXCSUM,TXCSUM>
        ether 00:1a:a0:0e:a2:20
        inet 192.168.1.4 netmask 0xffffff00 broadcast 192.168.1.255
        inet6 fe80::21a:a0ff:fe0e:a220%vlan2 prefixlen 64 scopeid 0xc 
        inet6 2001:470:28:3d0::1 prefixlen 64 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
        vlan: 2 parent interface: bge0
gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1280
        tunnel inet 46.32.53.73 --> 216.66.80.90
        inet6 fe80::21a:a0ff:fe0e:a220%gif0 prefixlen 64 scopeid 0xd 
        inet6 2001:470:27:3d0::2 --> 2001:470:27:3d0::1 prefixlen 128 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        options=1<ACCEPT_REV_ETHIP_VER>

Here is my rc.conf as it is now. I am not sure what the error is this time around.

Code:
ipv6_network_interfaces="bge0"
ipv6_activate_all_interfaces="YES"
ifconfig_bge0_ipv6="inet6 2001:470:dd6c::1 prefixlen 64"
ipv6_gateway_enable="YES"
radvd_enable="yes"

cloned_interfaces="vlan1 vlan2"
ifconfig_vlan1="inet 192.168.2.1 netmask 255.255.255.0 vlan 1 vlandev bge0"
ifconfig_vlan2="inet 192.168.1.4 netmask 255.255.255.0 vlan 2 vlandev bge0"
ifconfig_vlan2_ipv6="inet6 2001:470:28:3d0::1 prefixlen 64"

gif_interfaces="gif0"
ifconfig_gif0_ipv6="inet6 2001:470:27:3d0::2 2001:470:27:3d0::1 prefixlen 128"
gifconfig_gif0="46.32.53.73 216.66.80.90"
#rtadvd_enable="YES"
ipv6_defaultrouter="-iface vlan2"

If I use -iface gif0 I don't get any data from IPv6 ping6. The IPv6 address
Code:
2001:470:28:3d0::1
is Routed /64: according to the tunnelbroker.net website.

I am going to take an better look at this tomorrow. Time for a break from this problem.

Thanks for the help. :)
 
OP
J

jonfr

Active Member

Reaction score: 10
Messages: 235

I changed my setup in the following way. This change did not work, but suggest to me that routing is not working as it should.

Here is my current routing table.

Code:
[CMD]netstat -r[/CMD]
Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use  Netif Expire
default            192.168.1.1        UGS         0     5553   bge0
localhost          link#10            UH          0      718    lo0
192.168.1.0        link#1             U           0     1285   bge0
192.168.1.2        link#1             UHS         0       36    lo0

Internet6:
Destination        Gateway            Flags      Netif Expire
::                 localhost          UGRS        lo0 =>
default            gif0               US         gif0
localhost          link#10            UH          lo0
::ffff:0.0.0.0     localhost          UGRS        lo0
jonfr500-1.tunnel. link#11            UH         gif0
jonfr500-1-pt.tunn link#11            UHS         lo0
2001:470:28:3d0::  link#1             U          bge0
2001:470:28:3d0::3 link#1             UHS         lo0
fe80::             localhost          UGRS        lo0
fe80::%bge0        link#1             U          bge0
fe80::21a:a0ff:fe0 link#1             UHS         lo0
fe80::%lo0         link#10            U           lo0
fe80::1%lo0        link#10            UHS         lo0
fe80::%gif0        link#11            U          gif0
fe80::21a:a0ff:fe0 link#11            UHS         lo0
ff01::%bge0        fe80::21a:a0ff:fe0 U          bge0
ff01::%lo0         localhost          U           lo0
ff01::%gif0        fe80::21a:a0ff:fe0 U          gif0
ff02::             localhost          UGRS        lo0
ff02::%bge0        fe80::21a:a0ff:fe0 U          bge0
ff02::%lo0         localhost          U           lo0
ff02::%gif0        fe80::21a:a0ff:fe0 U          gif0

Here is my current ifconfig.

Code:
bge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8009b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,LINKSTATE>
        ether 00:1a:a0:0e:a2:20
        inet 192.168.1.2 netmask 0xffffff00 broadcast 192.168.1.255
        inet6 fe80::21a:a0ff:fe0e:a220%bge0 prefixlen 64 scopeid 0x1 
        inet6 2001:470:28:3d0::3 prefixlen 64 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
fwe0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8<VLAN_MTU>
        ether 02:00:d1:63:6b:f9
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        ch 1 dma -1
fwip0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
        lladdr 0.0.d1.0.80.63.6b.f9.a.2.ff.fe.0.0.0.0
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
plip0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> metric 0 mtu 1500
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
        inet6 ::1 prefixlen 128 
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0xa 
        inet 127.0.0.1 netmask 0xff000000 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1280
        tunnel inet 46.32.53.73 --> 216.66.80.90
        inet6 fe80::21a:a0ff:fe0e:a220%gif0 prefixlen 64 scopeid 0xb 
        inet6 2001:470:27:3d0::2 --> 2001:470:27:3d0::1 prefixlen 128 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        options=1<ACCEPT_REV_ETHIP_VER>

This is my current rc.conf.

Code:
ipv6_network_interfaces="bge0"
ipv6_activate_all_interfaces="YES"
ifconfig_bge0_ipv6="inet6 2001:470:28:3d0::3 prefixlen 64"
ipv6_gateway_enable="YES"
radvd_enable="yes"

#cloned_interfaces="vlan1 vlan2"
#ifconfig_vlan1="inet 192.168.2.1 netmask 255.255.255.0 vlan 1 vlandev bge0"
#ifconfig_vlan2="inet 192.168.1.4 netmask 255.255.255.0 vlan 2 vlandev bge0"
#ifconfig_vlan2_ipv6="inet6 2001:470:28:3d0::1 prefixlen 64"

gif_interfaces="gif0"
ifconfig_gif0_ipv6="inet6 2001:470:27:3d0::2 2001:470:27:3d0::1 prefixlen 128"
gifconfig_gif0="46.32.53.73 216.66.80.90"
#rtadvd_enable="YES"
ipv6_defaultrouter="-iface gif0"

Thanks for the help. :)
 
OP
J

jonfr

Active Member

Reaction score: 10
Messages: 235

I have tested everything that I can think of. But nothing works and I can't figure out what is not working in my configuration.

This what happens when I use ping6.

Code:
ping6 -c 4 google.com
PING6(56=40+8+8 bytes) 2001:470:27:3d0::2 --> 2a00:1450:4013:c01::71

--- google.com ping6 statistics ---
4 packets transmitted, 0 packets received, 100.0% packet loss

Here is my ifconfig.

Code:
bge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8009b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,LINKSTATE>
        ether 00:1a:a0:0e:a2:20
        inet 192.168.1.2 netmask 0xffffff00 broadcast 192.168.1.255
        inet6 fe80::21a:a0ff:fe0e:a220%bge0 prefixlen 64 scopeid 0x1 
        inet6 2001:470:dd6c::1 prefixlen 64 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
fwe0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8<VLAN_MTU>
        ether 02:00:d1:63:6b:f9
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        ch 1 dma -1
fwip0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
        lladdr 0.0.d1.0.80.63.6b.f9.a.2.ff.fe.0.0.0.0
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
plip0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> metric 0 mtu 1500
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
        inet6 ::1 prefixlen 128 
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0xa 
        inet 127.0.0.1 netmask 0xff000000 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
vlan1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=3<RXCSUM,TXCSUM>
        ether 00:1a:a0:0e:a2:20
        inet 192.168.4.1 netmask 0xffffff00 broadcast 192.168.4.255
        inet6 fe80::21a:a0ff:fe0e:a220%vlan1 prefixlen 64 scopeid 0xb 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
        vlan: 1 parent interface: bge0
vlan2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=3<RXCSUM,TXCSUM>
        ether 00:1a:a0:0e:a2:20
        inet 192.168.5.1 netmask 0xffffff00 broadcast 192.168.5.255
        inet6 fe80::21a:a0ff:fe0e:a220%vlan2 prefixlen 64 scopeid 0xc 
        inet6 2001:470:28:3d0::1 prefixlen 64 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
        vlan: 2 parent interface: bge0
gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1280
        tunnel inet 46.32.53.73 --> 216.66.80.90
        inet6 fe80::21a:a0ff:fe0e:a220%gif0 prefixlen 64 scopeid 0xd 
        inet6 2001:470:27:3d0::2 --> 2001:470:27:3d0::1 prefixlen 128 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        options=1<ACCEPT_REV_ETHIP_VER>

Here is my current rc.conf.

Code:
ipv6_network_interfaces="bge0"
ipv6_activate_all_interfaces="YES"
ifconfig_bge0_ipv6="inet6 2001:470:dd6c::1 prefixlen 64"
ipv6_gateway_enable="YES"
radvd_enable="yes"

cloned_interfaces="vlan1 vlan2"
ifconfig_vlan1="inet 192.168.4.1 netmask 255.255.255.0 vlan 1 vlandev bge0"
ifconfig_vlan2="inet 192.168.5.1 netmask 255.255.255.0 vlan 2 vlandev bge0"
ifconfig_vlan2_ipv6="inet6 2001:470:28:3d0::1 prefixlen 64"

gif_interfaces="gif0"
ifconfig_gif0_ipv6="inet6 2001:470:27:3d0::2 2001:470:27:3d0::1 prefixlen 128"
gifconfig_gif0="46.32.53.73 216.66.80.90"
rtadvd_enable="YES"
ipv6_defaultrouter="-iface gif0"

Here are the routing tables as they are currently.

Code:
Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use  Netif Expire
default            192.168.1.1        UGS         0       81   bge0
localhost          link#10            UH          0       22    lo0
192.168.1.0        link#1             U           0      317   bge0
192.168.1.2        link#1             UHS         0        0    lo0
192.168.4.0        link#11            U           0        0  vlan1
192.168.4.1        link#11            UHS         0        0    lo0
192.168.5.0        link#12            U           0        0  vlan2
192.168.5.1        link#12            UHS         0        0    lo0

Internet6:
Destination        Gateway            Flags      Netif Expire
::                 localhost          UGRS        lo0 =>
default            gif0               US         gif0
localhost          link#10            UH          lo0
::ffff:0.0.0.0     localhost          UGRS        lo0
jonfr500-1.tunnel. link#13            UH         gif0
jonfr500-1-pt.tunn link#13            UHS         lo0
2001:470:28:3d0::  link#12            U         vlan2
2001:470:28:3d0::1 link#12            UHS         lo0
gw.npu.ee          link#1             U          bge0
rack.npu.ee        link#1             UHS         lo0
fe80::             localhost          UGRS        lo0
fe80::%bge0        link#1             U          bge0
fe80::21a:a0ff:fe0 link#1             UHS         lo0
fe80::%lo0         link#10            U           lo0
fe80::1%lo0        link#10            UHS         lo0
fe80::%vlan1       link#11            U         vlan1
fe80::21a:a0ff:fe0 link#11            UHS         lo0
fe80::%vlan2       link#12            U         vlan2
fe80::21a:a0ff:fe0 link#12            UHS         lo0
fe80::%gif0        link#13            U          gif0
fe80::21a:a0ff:fe0 link#13            UHS         lo0
ff01::%bge0        fe80::21a:a0ff:fe0 U          bge0
ff01::%lo0         localhost          U           lo0
ff01::%vlan1       fe80::21a:a0ff:fe0 U         vlan1
ff01::%vlan2       fe80::21a:a0ff:fe0 U         vlan2
ff01::%gif0        fe80::21a:a0ff:fe0 U          gif0
ff02::             localhost          UGRS        lo0
ff02::%bge0        fe80::21a:a0ff:fe0 U          bge0
ff02::%lo0         localhost          U           lo0
ff02::%vlan1       fe80::21a:a0ff:fe0 U         vlan1
ff02::%vlan2       fe80::21a:a0ff:fe0 U         vlan2
ff02::%gif0        fe80::21a:a0ff:fe0 U          gif0

I have rtadvd and radvd enabled. I have not yet tested to see if that is the issue I am dealing with.

I can ping6 inside my LAN without any issue at all.

This is my rtadvd.conf. Based on an configuration file earlier in this thread.

Code:
vlan2:\
        :addr="2001:470:28:3d0::":prefixlen#64:\
        :rdnss="2001:470:28:3d0::2":\
        :dnssl="ipv6.net303.net":

This is my radvd.conf.

Code:
interface bge0
{
#        (Send advertisement messages to other hosts)
        AdvSendAdvert on;
#        (Fragmentation is bad(tm))
        AdvLinkMTU 1280;
        MaxRtrAdvInterval 300;
#        (IPv6 subnet prefix we've been assigned by our PoP)
        prefix 2001:470:dd6c::/64
        {
                AdvOnLink on;
                AdvAutonomous on;

        };
};

I am not using any firewall on FreeBSD-9.1 since it is already firewalled over IPv4 and it is just used for minor local service on my LAN.
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 12,331
Messages: 38,847

I just noticed something we've been overlooking. The gif(4) tunnel must have access to the Internet directly. The 46.32.53.73 address must be defined on one of the local interfaces. As far as I know you can't NAT this.

Your current configuration looks like you're trying to run this from behind a firewall, on a host with only a RFC1918 address. My configuration works because it's running on my firewall host that's directly connected to the Internet.
 

kpa

Beastie's Twin

Reaction score: 1,847
Messages: 6,318

No, there's no way to NAT that. I don't think you can even use the "DMZ" functionality on the modem/router that provides the Internet connectivity because the "DMZ" (in quotes because the functionality commonly found in ADSL modems has nothing to do with a real DMZ) only forwards TCP/UDP ports but not other IP protocols. You'll have to find a way to move your FreeBSD router to a public IPv4 address somehow to get this working.
 
OP
J

jonfr

Active Member

Reaction score: 10
Messages: 235

Hurricane Electric has said this about firewalls. I am running my server behind a firewall, since I have a WAN box (Planet WNRT-627) that acts as a gateway to the Internet. I would rather not have to change this setp.

NOTE: When behind a firewall appliance that passes protocol 41, use the IPv4 address you get from your appliance's DHCP service instead of the IPv4 endpoint you provided to our broker.

I have changed my IPv6 settings in accordance with this guide on FreeBSD documentation.

Now my rc.conf looks like this.

Code:
ipv6_network_interfaces="bge0"
ipv6_activate_all_interfaces="YES"
ifconfig_bge0_ipv6="inet6 2001:470:dd6c::1 prefixlen 64"
ipv6_gateway_enable="YES"
radvd_enable="yes"

cloned_interfaces="vlan1 vlan2"
ifconfig_vlan1="inet 192.168.4.1 netmask 255.255.255.0 vlan 1 vlandev bge0"
ifconfig_vlan2="inet 192.168.5.1 netmask 255.255.255.0 vlan 2 vlandev bge0"
ifconfig_vlan2_ipv6="inet6 2001:470:27:3d0::2 prefixlen 64"

gif_interfaces="gif0"
ifconfig_gif0_ipv6="inet6 2001:470:27:3d0::2 2001:470:27:3d0::1 prefixlen 128"
gifconfig_gif0="46.32.53.73 216.66.80.90"
rtadvd_enable="YES"
ipv6_defaultrouter="inet6 2001:470:27:3d0::1 prefixlen 64"

Do I have to use rtadvd? Since I am using radvd for my LAN.

Thanks for the help.
 
OP
J

jonfr

Active Member

Reaction score: 10
Messages: 235

Good news! I got it to work.

ping6

Code:
ping6 -c 4 google.com
PING6(56=40+8+8 bytes) 2001:470:27:3d0::2 --> 2a00:1450:4013:c00::66
16 bytes from 2a00:1450:4013:c00::66, icmp_seq=0 hlim=56 time=60.021 ms
16 bytes from 2a00:1450:4013:c00::66, icmp_seq=1 hlim=56 time=58.740 ms
16 bytes from 2a00:1450:4013:c00::66, icmp_seq=2 hlim=56 time=56.567 ms
16 bytes from 2a00:1450:4013:c00::66, icmp_seq=3 hlim=56 time=55.326 ms

--- google.com ping6 statistics ---
4 packets transmitted, 4 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 55.326/57.663/60.021/1.829 ms

For anyone in the future. This my rc.conf.

Code:
cloned_interfaces="vlan1 vlan2"
ifconfig_vlan1="inet 192.168.4.1 netmask 255.255.255.0 vlan 1 vlandev bge0"
ifconfig_vlan2="inet 192.168.5.1 netmask 255.255.255.0 vlan 2 vlandev bge0"
ifconfig_vlan2_ipv6="inet6 2001:470:28:3d0::2 prefixlen 64"

gif_interfaces="gif0"
ifconfig_gif0_ipv6="inet6 2001:470:27:3d0::2 2001:470:27:3d0::1 prefixlen 128"
gifconfig_gif0="192.168.1.2 216.66.80.90"
rtadvd_enable="YES"
ipv6_defaultrouter="-iface gif0"

Important! ifconfig_vlan2_ipv6 is Routed /64 on the tunnelbroker.net website.

Here is my rtadvd.conf.

Code:
vlan2:\
        :addr="2001:470:28:3d0::":prefixlen#64:\
        :rdnss="2001:470:28:3d0::1":\
        :dnssl="ipv6.net303.net":

Here is my radvd.conf. I have a /48 subnet active for my LAN. I might not need it as such, but this avoids conflicts problems that I have been having.

Code:
interface bge0
{
#        (Send advertisement messages to other hosts)
        AdvSendAdvert on;
#        (Fragmentation is bad(tm))
        AdvLinkMTU 1280;
        MaxRtrAdvInterval 300;
#        (IPv6 subnet prefix we've been assigned by our PoP)
        prefix 2001:470:dd6c::/64
        {
                AdvOnLink on;
                AdvAutonomous on;

        };
};

I want to thank everyone for the help! :)
 
Top