Date: Mon, 25 Jun 2007 12:46:49 -0500 From: Eric F Crist <ecrist@secure-computing.net> To: freebsd-net@freebsd.org Subject: IPv6 Woes... Message-ID: <39D6F9D8-3A2C-4AD7-9FA4-0024E304194A@secure-computing.net>
next in thread | raw e-mail | index | archive | help
Hello folks! I've got a few FreeBSD 6.2-STABLE boxes configured for IPv6, with a netblock that I obtained from my ISP. I have a router that doesn't support IPv6 yet, so my ISP and I setup a gif tunnel, which is working great. I have a setup similar to this: ISP <---> ROUTER <---> FBSD FW <----> NETWORK LAN \____IPv6 Tunnel_____/ As things are configured, my LAN server can ping one another via IPv6 just fine. My FBSD firewall can ping my ISP just fine. My LAN cannot ping my IPv6 address on the firewall, or, of course, my ISP. My firewall cannot ping my LAN. My IPs are setup like so: My LAN is addressed 2001:4980:1:111:x/64 where x is the last octet of my current v4 addressing. All of these systems have a default ipv6 route of 2001:4980:1:111::1. My firewall has two NICs, fxp0 and fxp1, setup with ethernet bridging, fxp0 holding all my live IPs. ifconfig of my firewall is as follows: fxp0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500 options=8<VLAN_MTU> inet6 fe80::206:5bff:fe05:3019%fxp0 prefixlen 64 scopeid 0x1 inet xxx.xxx.xxx.xxx netmask 0xfffffff0 broadcast xxx.xxx.xxx.xxx inet xxx.xxx.xxx.xxx netmask 0xffffffff broadcast xxx.xxx.xxx.xxx inet6 2001:4980:1:111::145 prefixlen 64 inet6 2001:4980:1:111::1 prefixlen 128 ether 00:06:5b:05:30:19 media: Ethernet autoselect (100baseTX <full-duplex>) status: active fxp1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500 options=8<VLAN_MTU> inet6 fe80::206:5bff:fe05:301a%fxp1 prefixlen 64 scopeid 0x2 ether 00:06:5b:05:30:1a media: Ethernet autoselect (100baseTX <full-duplex>) status: active lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5 inet 127.0.0.1 netmask 0xff000000 gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1280 tunnel inet xxx.xxx.xxx.xxx --> yyy.yyy.yyy.yyy inet6 fe80::206:5bff:fe05:3019%gif0 prefixlen 64 scopeid 0x6 inet6 2001:4980:1::6 prefixlen 126 Output from a netstat -r -f inet6 shows (truncated for length): Internet6: Destination Gateway Flags Netif Expire :: localhost.secure-c UGRS lo0 => default 2001:4980:1::5 UGS gif0 localhost.secure-c localhost.secure-c UHL lo0 ::ffff:0.0.0.0 localhost.secure-c UGRS lo0 2001:4980:1::4 link#6 UC gif0 2001:4980:1::5 link#6 UHLW gif0 2001:4980:1::6 link#6 UHL lo0 2001:4980:1:111:: link#1 UC fxp0 2001:4980:1:111::1 00:06:5b:05:30:19 UHL lo0 2001:4980:1:111::1 00:06:5b:05:30:19 UHL lo0 I'm think there may possibly be a problem with the bridging code? Any ideas would help. For the record, I have read the FreeBSD Handbook, amongst many, many, many other documentation sources. TIA for the help! ----- Eric F Crist Secure Computing Networks
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?39D6F9D8-3A2C-4AD7-9FA4-0024E304194A>