IPv6 Woes...
- From: Eric F Crist <ecrist@xxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 25 Jun 2007 12:46:49 -0500
Hello folks!
I've got a few FreeBSD 6.2-STABLE boxes configured for IPv6, with a netblock that I obtained from my ISP. I have a router that doesn't support IPv6 yet, so my ISP and I setup a gif tunnel, which is working great. I have a setup similar to this:
ISP <---> ROUTER <---> FBSD FW <----> NETWORK LAN
\____IPv6 Tunnel_____/
As things are configured, my LAN server can ping one another via IPv6 just fine. My FBSD firewall can ping my ISP just fine. My LAN cannot ping my IPv6 address on the firewall, or, of course, my ISP. My firewall cannot ping my LAN.
My IPs are setup like so:
My LAN is addressed 2001:4980:1:111:x/64 where x is the last octet of my current v4 addressing. All of these systems have a default ipv6 route of 2001:4980:1:111::1.
My firewall has two NICs, fxp0 and fxp1, setup with ethernet bridging, fxp0 holding all my live IPs. ifconfig of my firewall is as follows:
fxp0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
options=8<VLAN_MTU>
inet6 fe80::206:5bff:fe05:3019%fxp0 prefixlen 64 scopeid 0x1
inet xxx.xxx.xxx.xxx netmask 0xfffffff0 broadcast xxx.xxx.xxx.xxx
inet xxx.xxx.xxx.xxx netmask 0xffffffff broadcast xxx.xxx.xxx.xxx
inet6 2001:4980:1:111::145 prefixlen 64
inet6 2001:4980:1:111::1 prefixlen 128
ether 00:06:5b:05:30:19
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
fxp1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
options=8<VLAN_MTU>
inet6 fe80::206:5bff:fe05:301a%fxp1 prefixlen 64 scopeid 0x2
ether 00:06:5b:05:30:1a
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5
inet 127.0.0.1 netmask 0xff000000
gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1280
tunnel inet xxx.xxx.xxx.xxx --> yyy.yyy.yyy.yyy
inet6 fe80::206:5bff:fe05:3019%gif0 prefixlen 64 scopeid 0x6
inet6 2001:4980:1::6 prefixlen 126
Output from a netstat -r -f inet6 shows (truncated for length):
Internet6:
Destination Gateway Flags Netif Expire
:: localhost.secure-c UGRS lo0 =>
default 2001:4980:1::5 UGS gif0
localhost.secure-c localhost.secure-c UHL lo0
::ffff:0.0.0.0 localhost.secure-c UGRS lo0
2001:4980:1::4 link#6 UC gif0
2001:4980:1::5 link#6 UHLW gif0
2001:4980:1::6 link#6 UHL lo0
2001:4980:1:111:: link#1 UC fxp0
2001:4980:1:111::1 00:06:5b:05:30:19 UHL lo0
2001:4980:1:111::1 00:06:5b:05:30:19 UHL lo0
I'm think there may possibly be a problem with the bridging code? Any ideas would help. For the record, I have read the FreeBSD Handbook, amongst many, many, many other documentation sources.
TIA for the help!
-----
Eric F Crist
Secure Computing Networks
_______________________________________________
freebsd-net@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@xxxxxxxxxxx"
- Follow-Ups:
- Re: IPv6 Woes...
- From: Bruce M. Simpson
- Re: IPv6 Woes...
- Prev by Date: Re: [6.x] problem with AIO, non-blocking sockets on freebSD and IE7 on windows.
- Next by Date: Re: Weird "ignoring syn" problem
- Previous by thread: Questions about PF_KEY interface
- Next by thread: Re: IPv6 Woes...
- Index(es):
Relevant Pages
|
