[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Linux odd IPv6 Routing


Scenario:

Machine A:  Firewall, 2 interfaces:
  eth0 external, tunnel to UnixCore.com
  eth1 internal: ip -6 addr sh eth1=
    eth1: <BROADCAST,MULTICAST,UP> qlen 1000
    inet6 2001:730:11:17c::1/64 scope global
    inet6 fe80::2a0:c9ff:fecf:dd5d/64 scope link
  ip -6 route:
    2001:730:11::1:302 dev secnetv6  metric 1024  mtu 1480 advmss 1420
    2001:730:11:17c::/64 dev eth1  metric 256  mtu 1500 advmss 1440
    fe80::/64 dev eth0  metric 256  mtu 1500 advmss 1440
    fe80::/64 dev eth1  metric 256  mtu 1500 advmss 1440
    fe80::/64 via :: dev secnetv6  metric 256  mtu 1480 advmss 1420
    ff00::/8 dev eth0  metric 256  mtu 1500 advmss 1440
    ff00::/8 dev eth1  metric 256  mtu 1500 advmss 1440
    ff00::/8 dev secnetv6  metric 256  mtu 1480 advmss 1420
    default dev secnetv6  metric 1024  mtu 1480 advmss 1420

Machine B: One of 3 machines which work just fine.  1 Interface:
  ip -6 addr sh eth0
    eth0: <BROADCAST,MULTICAST,UP> qlen 1000
    inet6 2001:730:11:17c::3/64 scope global
    inet6 fe80::204:76ff:fe3b:119c/64 scope link
  ip -6 route
    2001:730:11:17c::/64 dev eth0  metric 256  mtu 1500 advmss 1440 metric10 64
    fe80::/64 dev eth0  metric 256  mtu 1500 advmss 1440 metric10 64
    ff00::/8 dev eth0  metric 256  mtu 1500 advmss 1440 metric10 1
    default via 2001:730:11:17c::1 dev eth0  metric 1  mtu 1500 advmss 1440 metric10 64

Machine C: a 4th machine, single interface:
  ip -6 addr sh eth0
    eth0: <BROADCAST,MULTICAST,UP> qlen 1000
    inet6 2001:730:11:17c::5/64 scope global 
    inet6 fe80::250:baff:fe37:a5b3/64 scope link 
  ip -6 route
    2001:730:11:17c::/64 dev eth0  metric 256  mtu 1500 advmss 1440
    fe80::/64 dev eth0  metric 256  mtu 1500 advmss 1440
    ff00::/8 dev eth0  metric 256  mtu 1500 advmss 1440
    default via 2001:730:11:17c::1 dev eth0  metric 1  mtu 1500 advmss 1440

Now I have 2 problems at the moment.

1)  No-one can ping6 Machine C until it does a ping6 against atleast one
    of them first.  Even when this has been done thought Machine A can
    not ping6 C.  Machine6 will take ipv4 traffic but no ipv6 traffic at
    all from A.  I can ssh from B or the other machines directly to C
    after the initial ping without a problem.

2)  This was working until sometime recently and I'm not sure when but
    now no-one can get out the tunnel.  I can ping the ip6 interfaces on
    Machine A but I can't ping the remote end of the tunnel.

I'm not running radvd or whatever, just static IP's and routes.

Any thoughts?
  Robert

:wq!
---------------------------------------------------------------------------
Robert L. Harris                     | GPG Key ID: E344DA3B
                                         @ x-hkp://pgp.mit.edu
DISCLAIMER:
      These are MY OPINIONS ALONE.  I speak for no-one else.

Life is not a destination, it's a journey.
  Microsoft produces 15 car pileups on the highway.
    Don't stop traffic to stand and gawk at the tragedy.

Attachment: signature.asc
Description: Digital signature

Reply to: