Re: Routing with 6to4 *and* a tunnel
On Sat, Jun 25, 2005 at 03:54:58PM -0400, Michael Richardson wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
>
>
> >>>>> "Marc" == Marc Singer <elf@buici.com> writes:
> Marc> I asked about the ping6 because I'm trying to figure out why
> Marc> the ipv6 router works fine and connected workstations don't.
>
> Marc> I'm using a tunnel broker to get an IPv6 tunnel. They're
> Marc> giving me a point-to-point tunnel with a /128 endpoint
> Marc> address. So, I figured that I'd use a 6to4 network for the
> Marc> local machines. This does appear to work, but I'm not sure of
> Marc> the cuplrit.
>
> Marc> Is it possible to use a tunnel to inject ipv6 traffic onto the
> Marc> 6bone and receive replies using 6to4? I understand that The
> Marc> routes will be asymmetric.
>
> I've done it.
> Watch ingress filtering though.
I suspect that the problem is that the 6to4 routers aren't working (in
my hood). I've gotten a tunnel from Hurricane Electric that works
well, so I'm going to use that as a basis for default routing to the
6bone.
What I'm not sure about is source address selection. Really, this is
the point of the exercise for me. It looks like the kernel (for
ping6) isn't choosing the source address with the longest common
prefix. I'm assuming that it matches bits, but perhaps I'm wrong
about that. So far, I've search the net for an hour without anything
other than the standard source address selection policy RFC to go on.
Are you using multiple networks? I'm not talking about multi-homing
which has other issues. I'm wanting to overlay generally routable
ipv6 addresses with a private network available through sit tunnels.
Seems to me that I should be able to depend on the client machines to
select the correct source address instead of having to use NAT (if
that's even possible) or something more extreme with policy routing.
Any insights?
Reply to: