From owner-freebsd-questions Sun Jun 23 10:45:47 2002 Delivered-To: freebsd-questions@freebsd.org Received: from thor.birkenwald.de (thor.birkenwald.de [195.143.230.218]) by hub.freebsd.org (Postfix) with ESMTP id 9A06037B410 for ; Sun, 23 Jun 2002 10:45:25 -0700 (PDT) Received: by thor.birkenwald.de (Postfix, from userid 1000) id 9829C1A9E3; Sun, 23 Jun 2002 19:45:19 +0200 (CEST) Date: Sun, 23 Jun 2002 19:45:19 +0200 From: Bernhard Schmidt To: johann@broadpark.no Cc: questions@freebsd.org Subject: Re: IPv6 on ADSL -- conflicts with onlamp.com article (IPv6, Meet FreeBSD) Message-ID: <20020623174519.GA21630@thor.birkenwald.de> References: <1024829192.3d15a70850446@mail.broadpark.no> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1024829192.3d15a70850446@mail.broadpark.no> User-Agent: Mutt/1.3.99i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, Jun 23, 2002 at 12:46:32PM +0200, johann@broadpark.no wrote: Hi Johann, > firewall_enable="YES" > firewall_type="OPEN" > ipv6_firewall_enable="YES" > ipv6_firewall_type="OPEN" > > Yet, I get: > IPv6 packet filtering initialized, logging limited to 100 packets/entry > IP packet filtering initialized, divert enabled, rule-based forwarding > disabled, default to deny, logging limited to 100 packets/entry by default This note comes from the kernel booting message (you can have a look at dmesg). At this stage no root partition is mounted and therefor no rc.conf is read. It's just a note that your kernel has been configured with the firewall code enabled and the default would be deny. Then / is mounted and during startup a catch-all accept rule should be added to your firewall rules. Should be, it looks like it isn't. > Note the `default to deny' -- where does that come from. After I added all > these settings not even my NFS will work. What says "ipfw list" and "ip6fw list"? > In O'Reilly's IPv6 article > (http://www.onlamp.com/lpt/a//bsd/2002/02/22/ipv6.html) in the `Configuring > Your Gateway Machine' section it describes the rtadvd configuration. On my > g/w I have two interfaces; lnc0 (10.0.0.2, and this address *has* to be > 10.0.0.2 for it to properly connect to my Cisco ADSL modem) and ep0 > (192.168.187.2, connected to my w/s). Excactly what interfaces am I going > to add to /etc/rtadvd.conf? ep0. You should read rtadvd(8) to see what rtadvd is doing. It provides autoconfiguration to your _workstations_ (in a very wide manner like a dhcp server) and has to be attached to your internal interface. > [3] > I have registered with Freenet6, and as far as I understand, tspc connects > to it. Both ping6 and traceroute6 doesn't work, but I believe this is > because of the rtadvd. Now, *what* is my IPv6 address? Freenet6 hasn't told > me. dmesg hasn't told me. Who will? As far as I know as soon as you start tspc it should print your prefix out into the configuration file or on standard output. But I don't really know it, it has been a long while when I played with freenet6. But freenet6 is located in Canada and I think it might be better for you to look for a closer tunnel broker. I'd suggest http://www.ipng.nl for example, perhaps there is even some in Norway. > [4] > Once I find out what my address is, how will I set up my subnet so it may > work as my IPv4 one does? Will it be an internal subnet or an external > subnet? ?? Internal subnet? External subnet? Don't know what you are talking about. Normally it should be enough to assign a /64 to your interface, enable ipv6 forwarding with sysctl and startup rtadvd on this interface. On your clients you should set "net.inet6.ip6.accept_rtadv" to 1 with sysctl and reboot. If everything works, these clients should have an automagically configured address on their lan interface and a default route pointing to your router. -- bye bye Bernhard To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message