Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
ipv6 set-up
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
lalebarde
Guru
Guru


Joined: 03 Sep 2006
Posts: 464
Location: France, Haute-Garonne

PostPosted: Wed Mar 27, 2013 3:57 pm    Post subject: ipv6 set-up Reply with quote

Hi all,

I am willing to set-up my PC for using ipv6, since my ISP provides it. I have performed some homeworks about ipv6, but I wonder why I cannot ping6 at my local address (the firewall is full ACCEPT).
Code:
# ping6 fe80::8626:3bff:fe19:f562/64
unknown host
# ping6 fe80::9097:c3ff:fe7c:4204/64
unknown host
# ping6 fe80::9051:5bff:feb4:ab6a/64
unknown host


I need some insight please.

Here is my set-up :
Code:

Internet ----- ADSL modem/router ----- eth0 PC1 qtap0 ----- br0 ----- em0 VPC2
                   FreeBox        |          Gentoo              qemu FreeBSD
                                     |
                                     |-- eth0 PC2 Gentoo


Code:
# dmesg | grep -i ipv6
[    1.143219] IPv6 over IPv4 tunneling driver
[   37.096994] br0: no IPv6 routers present
[   37.240773] eth0: no IPv6 routers present
[   44.492819] qtap0: no IPv6 routers present
[ 4307.330342] br0: no IPv6 routers present
[ 4307.713438] qtap0: no IPv6 routers present
[ 4382.463953] br0: no IPv6 routers present
[ 4454.803635] qtap0: no IPv6 routers present

Code:
# grep -i ipv6 .config
CONFIG_IPV6=y
# CONFIG_IPV6_PRIVACY is not set
# CONFIG_IPV6_ROUTER_PREF is not set
# CONFIG_IPV6_OPTIMISTIC_DAD is not set
# CONFIG_IPV6_MIP6 is not set
CONFIG_IPV6_SIT=y
# CONFIG_IPV6_SIT_6RD is not set
CONFIG_IPV6_NDISC_NODETYPE=y
# CONFIG_IPV6_TUNNEL is not set
# CONFIG_IPV6_MULTIPLE_TABLES is not set
# CONFIG_IPV6_MROUTE is not set
# IPv6: Netfilter Configuration
CONFIG_NF_DEFRAG_IPV6=y
CONFIG_NF_CONNTRACK_IPV6=y
CONFIG_IP6_NF_MATCH_IPV6HEADER=y

Code:
# cat /etc/conf.d/net | nocomment
dns_domain_lo="MAISON"
modules="iproute2"
bridge_br0="qtap0"
brctl_br0="setfd 0"
rc_need_br0="net.qtap0"
config_eth0="192.168.0.10/24"
routes_eth0="default via 192.168.0.1"
dns_servers_eth0="212.27.40.240 212.27.40.241"
config_br0="192.168.99.1/24"
config_qtap0="null"
tuntap_qtap0="tap"
tunctl_qtap0="-u alain"
mac_qtap0="02:5a:4b:3c:2d:1e"
modules="wpa_supplicant"
wpa_supplicant_eth0="-Dwext"
config_wlan0=( "dhcp" )

Code:
# ifconfig
br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.99.1  netmask 255.255.255.0  broadcast 192.168.99.255
        inet6 fe80::9097:c3ff:fe7c:4204  prefixlen 64  scopeid 0x20<link>
        ether 92:51:5b:b4:ab:6a  txqueuelen 0  (Ethernet)
        RX packets 39878  bytes 2444674 (2.3 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 56808  bytes 78151328 (74.5 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.0.10  netmask 255.255.255.0  broadcast 192.168.0.255
        inet6 fe80::8626:3bff:fe19:f562  prefixlen 64  scopeid 0x20<link>
        ether 84:26:3b:19:f5:62  txqueuelen 1000  (Ethernet)
        RX packets 3  bytes 314 (314.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 7  bytes 568 (568.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device interrupt 17 

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 16436
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 0  (Boucle locale)
        RX packets 172221  bytes 9795894 (9.3 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 172221  bytes 9795894 (9.3 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

qtap0: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST>  mtu 1500
        inet6 fe80::9051:5bff:feb4:ab6a  prefixlen 64  scopeid 0x20<link>
        ether 92:51:5b:b4:ab:6a  txqueuelen 500  (Ethernet)
        RX packets 39878  bytes 3002966 (2.8 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 63989  bytes 78623930 (74.9 MiB)
        TX errors 0  dropped 0 overruns 1  carrier 0  collisions 0

sit0: flags=193<UP,RUNNING,NOARP>  mtu 1480
        inet6 ::127.0.0.1  prefixlen 96  scopeid 0x90<compat,host>
        inet6 ::192.168.99.1  prefixlen 96  scopeid 0x80<compat,global>
        inet6 ::192.168.0.10  prefixlen 96  scopeid 0x80<compat,global>
        sit  txqueuelen 0  (IPv6-dans-IPv4)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 5  dropped 0 overruns 0  carrier 0  collisions 0

Code:
# uname -a
Linux JANUS 2.6.37-tuxonice #10 SMP PREEMPT Mon Jan 21 12:41:58 CET 2013 x86_64 Intel(R) Core(TM) i7 CPU 860 @ 2.80GHz GenuineIntel GNU/Linux
Back to top
View user's profile Send private message
kurly
Apprentice
Apprentice


Joined: 02 Apr 2012
Posts: 178

PostPosted: Wed Mar 27, 2013 6:17 pm    Post subject: Reply with quote

The fe80 addresses are "Link Local" and are not your public IPs. It seems that none of your interfaces have an actual public IPv6 IP associated with them.

If you really just want to see a ping go through, try ping6 fe80::8626:3bff:fe19:f562%eth0 (You will not have to append an interface name on a public IP.)
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 32110
Location: 56N 3W

PostPosted: Wed Mar 27, 2013 7:41 pm    Post subject: Reply with quote

lalebarde,

How do you get a public IPv6 address?

Your IPv4 setup is all static, do you need to add IPv6 addresses to it?
Code:
modules="iproute2"

# baselayout 2
# no brackets for baselayout2
config_eth0="212.110.180.12/24
             2001:41c8:123:112::2/64"

routes_eth0="default via 212.110.180.254
             default via 2001:41c8:123:112::1"


Most providers allocate users a /64, which is the square of the entire IPv4 address space.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
lalebarde
Guru
Guru


Joined: 03 Sep 2006
Posts: 464
Location: France, Haute-Garonne

PostPosted: Fri Mar 29, 2013 4:19 pm    Post subject: Reply with quote

Thanks both of you. I progress, but when I connect to ipv6 test servers like http://test-ipv6.com/, it tels me
Quote:
No IPv6 address detected


Code:
# cat /etc/conf.d/net | nocomment
dns_domain_lo="MAISON"
modules="iproute2"
bridge_br0="qtap0"
brctl_br0="setfd 0"
rc_need_br0="net.qtap0"
config_eth0="192.168.0.10/24
             xxxx:xxxx:xxxx:xxxx:862b:2bff:fe99:f465/64
        xxxx:xxxx:xxxx:xxxx::0:10/64" 
routes_eth0="default via 192.168.0.1
             xxxx:xxxx:xxxx:xxxx::1/64"
dns_servers_eth0="212.27.40.240
                  212.27.40.241
        2a01:e00::1
        2a01:e00::2"
config_br0="192.168.99.1/24
            xxxx:xxxx:xxxx:xxxx:9251:5bff:feb4:ab6a/64"
mac_br0="92:51:5b:b4:ab:6a"
config_qtap0="null"
tuntap_qtap0="tap"
tunctl_qtap0="-u alain"
mac_qtap0="02:5a:4b:3c:2d:1e"
modules="wpa_supplicant"
wpa_supplicant_eth0="-Dwext"
config_wlan0=( "dhcp" )


Code:
# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.0.10  netmask 255.255.255.0  broadcast 192.168.0.255
        inet6 fe80::862b:2bff:fe99:f465  prefixlen 64  scopeid 0x20<link>
        inet6 xxxx:xxxx:xxxx:xxxx:862b:2bff:fe99:f465  prefixlen 64  scopeid 0x0<global>
        inet6 xxxx:xxxx:xxxx:xxxx::10  prefixlen 64  scopeid 0x0<global>
        ether 84:2b:2b:99:f4:65  txqueuelen 1000  (Ethernet)
        RX packets 2183  bytes 1326364 (1.2 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 2218  bytes 308806 (301.5 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device interrupt 17 

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 16436
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 0  (Boucle locale)
        RX packets 4011  bytes 255667 (249.6 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 4011  bytes 255667 (249.6 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0


When I switch-off ip6tables, ping6 fe80::862b:2bff:fe99:f465%eth0 works, but not ping6 xxxx:xxxx:xxxx:xxxx:862b:2bff:fe99:f465%eth0

My ISP is well configured onto ipv6.

What do I miss ?
Back to top
View user's profile Send private message
lalebarde
Guru
Guru


Joined: 03 Sep 2006
Posts: 464
Location: France, Haute-Garonne

PostPosted: Fri Mar 29, 2013 5:09 pm    Post subject: Reply with quote

I can see in dmesg that :
Quote:
IPv6 over IPv4 tunneling driver
which may be my problem. How can I desactivate it to use my ISP ipv6 support ?
Back to top
View user's profile Send private message
lalebarde
Guru
Guru


Joined: 03 Sep 2006
Posts: 464
Location: France, Haute-Garonne

PostPosted: Sat Mar 30, 2013 2:17 pm    Post subject: Reply with quote

That was due to CONFIG_IPV6_SIT in the kernel. Here is my new setting :
Code:
# egrep -i "ipv6|ip6" .config
CONFIG_IPV6=y
CONFIG_IPV6_PRIVACY=y
# CONFIG_IPV6_ROUTER_PREF is not set
# CONFIG_IPV6_OPTIMISTIC_DAD is not set
# CONFIG_IPV6_MIP6 is not set
# CONFIG_IPV6_SIT is not set
# CONFIG_IPV6_TUNNEL is not set
# CONFIG_IPV6_MULTIPLE_TABLES is not set
# CONFIG_IPV6_MROUTE is not set
# IPv6: Netfilter Configuration
CONFIG_NF_DEFRAG_IPV6=y
CONFIG_NF_CONNTRACK_IPV6=y
# CONFIG_IP6_NF_QUEUE is not set
CONFIG_IP6_NF_IPTABLES=y
# CONFIG_IP6_NF_MATCH_AH is not set
# CONFIG_IP6_NF_MATCH_EUI64 is not set
# CONFIG_IP6_NF_MATCH_FRAG is not set
CONFIG_IP6_NF_MATCH_OPTS=m
# CONFIG_IP6_NF_MATCH_HL is not set
CONFIG_IP6_NF_MATCH_IPV6HEADER=y
# CONFIG_IP6_NF_MATCH_MH is not set
# CONFIG_IP6_NF_MATCH_RT is not set
# CONFIG_IP6_NF_TARGET_HL is not set
CONFIG_IP6_NF_TARGET_LOG=y
CONFIG_IP6_NF_FILTER=y
CONFIG_IP6_NF_TARGET_REJECT=y
CONFIG_IP6_NF_MANGLE=y
# CONFIG_IP6_NF_RAW is not set
# CONFIG_IP6_NF_SECURITY is not set


External ipv6 test servers like http://ipv6-test.com/ or http://test-ipv6.com/ still see me as only ipv4. I contacted my ISP. They confirmed me my box version is compatible with ipv6 and configured so, but they are still in beta for ipv6 and then they do not provide support for it.

When I switch off the ipchain, I can ping6 ipv6 local address, but not global ones :
Code:
# ping6 xxxx:xxxx:xxxx:xxxx:862b:2bff:fe99:f465%eth0
unknown host
# ping6 fe80::862b:2bff:fe99:f465%eth0
PING fe80::862b:2bff:fe99:f465%eth0(fe80::862b:2bff:fe99:f465) 56 data bytes
64 bytes from fe80::862b:2bff:fe99:f465: icmp_seq=1 ttl=64 time=0.029 ms
64 bytes from fe80::862b:2bff:fe99:f465: icmp_seq=2 ttl=64 time=0.048 ms
^C
--- fe80::862b:2bff:fe99:f465%eth0 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.029/0.038/0.048/0.011 ms


With ipchain, ping6 do not answer. How could I authorise local ping6 while still blocking ping from the web ? I tried the following, but without success :
Code:
ip6tables -I INPUT 1 -p icmp -s xxxx:xxxx:xxxx:xxxx::/64 -j ACCEPT
Back to top
View user's profile Send private message
lalebarde
Guru
Guru


Joined: 03 Sep 2006
Posts: 464
Location: France, Haute-Garonne

PostPosted: Sun Mar 31, 2013 9:35 am    Post subject: Reply with quote

I called again my ISP and they confirmed me my box is well configured with ipv6. The point is that browsers and other software may by default use ipv4. So, they are not a good diagnostic source. I checked my Firefox and Opera settings, they both authorise ipv6. I installed a Firefox pluggin named Sixornot which tells me if a web site works with ipv6 or ipv4. Here I can see that I can connect to them with ipv6.

My problem is that I am still a network newbbie and have sticked to ping. Here is a traceroute result from http://www.traceroute.org/

Code:
1   wblindix.v6.sdv.fr         2001:810:0:2::ff         4.821 ms
2   border-gateway1.v6.sdv.fr         2001:810:0:10::226         0.932 ms
3   border-gateway2.v6.sdv.fr         2001:810:0:10::227         1.622 ms
4   2001:1b48:2:103::16d         2001:1b48:2:103::16d         0.885 ms
5   2001:1b48:2:3::5a         2001:1b48:2:3::5a         8.097 ms
6   2001:1b48:2:3::56         2001:1b48:2:3::56         8.073 ms
7   th2-crs16-1-Te1-8-0-7.routers.proxad.net         2001:1b48:2:1::6         8.568 ms
8   bzn-crs16-1-be2000.intf.routers.proxad.net         2a01:e00:1:6::1         8.536 ms
9   zzzz:yyyy:yyyy:yyyy::2         zzzz:yyyy:yyyy:yyyy::2         8.275 ms
10   zzzz:xxxx:xxxx:xxxx::1         zzzz:xxxx:xxxx:xxxx::1         45.895 ms


It reaches my modem (zzzz:xxxx:xxxx:xxxx::1), but not my PC (zzzz:xxxx:xxxx:xxxx::9).

Still, if someone can enlight me on the way to authorise local ping6 & icmp in ip6tables.....
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum