IPv6 router is not forwarding packets
Hello,
I tried to configure a stretch based IPv6 router.
My setup is:
ISP router -> Stretch router (home) -> Endpoint (mohot)
I can ssh from the mohot to home (ssh 2a02:8070:898f:e4f8:d263:b4ff:fe00:325c)
and I can ssh from the home to the internet (using IPv6), but I cannot ssh
from the mohot (endpoint) to the internet:
rd@mohot:~$ ssh -vvv 2a03:4000:6:52b6::
OpenSSH_7.7p1 Debian-3, OpenSSL 1.0.2o 27 Mar 2018
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolve_canonicalize: hostname 2a03:4000:6:52b6:: is address
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to 2a03:4000:6:52b6:: [2a03:4000:6:52b6::] port 22.
IPv6 forwarding is enabled on the home (stretch router):
# cat /proc/sys/net/ipv6/conf/all/forwarding
1
#
For me it seems that home is dropping the request, if that is the case, is
there a good way to find out why that happens?
Any hint is welcome...
Here is the interface config and routing configuration:
ISP Router:
-----------
My upstream connection gives me a dynamic IPv6 prefix: 2a02:8070:898f:e400::/56
and has an IPv6 address 2a02:8070:8900::30a0:caa7:42e0:93d2
Stretch Router:
---------------
The stretch router has an upstream interface
root@home:/etc# ip addr show dev eth0.1
4: eth0.1@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state
UP group default qlen 1000
link/ether d0:63:b4:00:32:5c brd ff:ff:ff:ff:ff:ff
inet 192.168.0.30/24 brd 192.168.0.255 scope global eth0.1
valid_lft forever preferred_lft forever
inet6 2a02:8070:898f:e400:d263:b4ff:fe00:325c/64 scope global mngtmpaddr
dynamic
valid_lft 6968sec preferred_lft 3368sec
inet6 fe80::d263:b4ff:fe00:325c/64 scope link
valid_lft forever preferred_lft forever
and a downstream interface
root@home:/etc# ip addr show dev eth0.7
10: eth0.7@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
state UP group default qlen 1000
link/ether d0:63:b4:00:32:5c brd ff:ff:ff:ff:ff:ff
inet 192.168.7.1/24 brd 192.168.7.255 scope global eth0.7
valid_lft forever preferred_lft forever
inet6 2a02:8070:898f:e4f8:d263:b4ff:fe00:325c/62 scope global
valid_lft forever preferred_lft forever
inet6 fe80::d263:b4ff:fe00:325c/64 scope link
valid_lft forever preferred_lft forever
root@home:/etc#
for prefix delegation, I followed the Debian wiki
https://wiki.debian.org/IPv6PrefixDelegation
And routing information:
root@home:/etc# ip -6 r
2a02:8070:898f:e400::/64 dev eth0.1 proto kernel metric 256 expires 6974sec
pref medium
2a02:8070:898f:e4f8::/62 dev eth0.7 proto kernel metric 256 pref medium
fe80::/64 dev eth0 proto kernel metric 256 pref medium
fe80::/64 dev eth0.1 proto kernel metric 256 pref medium
fe80::/64 dev eth0.2 proto kernel metric 256 pref medium
fe80::/64 dev eth0.3 proto kernel metric 256 pref medium
fe80::/64 dev eth0.4 proto kernel metric 256 pref medium
fe80::/64 dev eth0.5 proto kernel metric 256 pref medium
fe80::/64 dev eth0.6 proto kernel metric 256 pref medium
fe80::/64 dev eth0.7 proto kernel metric 256 pref medium
default via fe80::e228:6dff:fe43:5776 dev eth0.1 proto ra metric 1024 expires
1574sec hoplimit 255 pref medium
root@home:/etc#
IPv6 forwarding is enabled:
root@home:/etc# cat /proc/sys/net/ipv6/conf/all/forwarding
1
root@home:/etc# cat /proc/sys/net/ipv6/conf/eth0.7/forwarding
1
root@home:/etc#
Endpoint:
---------
rd@mohot:~$ ip addr show dev eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP
group default qlen 1000
link/ether d0:63:b4:00:4d:d1 brd ff:ff:ff:ff:ff:ff
inet 192.168.7.31/24 brd 192.168.7.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 2a02:8070:898f:e400:d263:b4ff:fe00:4dd1/64 scope global dynamic
mngtmpaddr
valid_lft 7030sec preferred_lft 3430sec
inet6 2a02:8070:898f:e4f8:d263:b4ff:fe00:4dd1/64 scope global dynamic
mngtmpaddr
valid_lft 14215sec preferred_lft 14215sec
inet6 fe80::d263:b4ff:fe00:4dd1/64 scope link
valid_lft forever preferred_lft forever
rd@mohot:~$
Many thanks
Rainer
--
Rainer Dorsch
http://bokomoko.de/
Reply to: