Scenario: Machine A: Firewall, 2 interfaces: eth0 external, tunnel to UnixCore.com eth1 internal: ip -6 addr sh eth1= eth1: <BROADCAST,MULTICAST,UP> qlen 1000 inet6 2001:730:11:17c::1/64 scope global inet6 fe80::2a0:c9ff:fecf:dd5d/64 scope link ip -6 route: 2001:730:11::1:302 dev secnetv6 metric 1024 mtu 1480 advmss 1420 2001:730:11:17c::/64 dev eth1 metric 256 mtu 1500 advmss 1440 fe80::/64 dev eth0 metric 256 mtu 1500 advmss 1440 fe80::/64 dev eth1 metric 256 mtu 1500 advmss 1440 fe80::/64 via :: dev secnetv6 metric 256 mtu 1480 advmss 1420 ff00::/8 dev eth0 metric 256 mtu 1500 advmss 1440 ff00::/8 dev eth1 metric 256 mtu 1500 advmss 1440 ff00::/8 dev secnetv6 metric 256 mtu 1480 advmss 1420 default dev secnetv6 metric 1024 mtu 1480 advmss 1420 Machine B: One of 3 machines which work just fine. 1 Interface: ip -6 addr sh eth0 eth0: <BROADCAST,MULTICAST,UP> qlen 1000 inet6 2001:730:11:17c::3/64 scope global inet6 fe80::204:76ff:fe3b:119c/64 scope link ip -6 route 2001:730:11:17c::/64 dev eth0 metric 256 mtu 1500 advmss 1440 metric10 64 fe80::/64 dev eth0 metric 256 mtu 1500 advmss 1440 metric10 64 ff00::/8 dev eth0 metric 256 mtu 1500 advmss 1440 metric10 1 default via 2001:730:11:17c::1 dev eth0 metric 1 mtu 1500 advmss 1440 metric10 64 Machine C: a 4th machine, single interface: ip -6 addr sh eth0 eth0: <BROADCAST,MULTICAST,UP> qlen 1000 inet6 2001:730:11:17c::5/64 scope global inet6 fe80::250:baff:fe37:a5b3/64 scope link ip -6 route 2001:730:11:17c::/64 dev eth0 metric 256 mtu 1500 advmss 1440 fe80::/64 dev eth0 metric 256 mtu 1500 advmss 1440 ff00::/8 dev eth0 metric 256 mtu 1500 advmss 1440 default via 2001:730:11:17c::1 dev eth0 metric 1 mtu 1500 advmss 1440 Now I have 2 problems at the moment. 1) No-one can ping6 Machine C until it does a ping6 against atleast one of them first. Even when this has been done thought Machine A can not ping6 C. Machine6 will take ipv4 traffic but no ipv6 traffic at all from A. I can ssh from B or the other machines directly to C after the initial ping without a problem. 2) This was working until sometime recently and I'm not sure when but now no-one can get out the tunnel. I can ping the ip6 interfaces on Machine A but I can't ping the remote end of the tunnel. I'm not running radvd or whatever, just static IP's and routes. Any thoughts? Robert :wq! --------------------------------------------------------------------------- Robert L. Harris | GPG Key ID: E344DA3B @ x-hkp://pgp.mit.edu DISCLAIMER: These are MY OPINIONS ALONE. I speak for no-one else. Life is not a destination, it's a journey. Microsoft produces 15 car pileups on the highway. Don't stop traffic to stand and gawk at the tragedy.
Attachment:
signature.asc
Description: Digital signature