We now have 2013 and I thought it is long overdue to activate IPv6 on my server. But unfortunately, I ran in some problems. To be honest I only have litte experience with IPv6 So I hope you can help me with my "small" problem.
A small remark: The following addresses are obfuscated, it is not what I've used in my configs ;)
I am running a Debian squeeze (Debian 2.6.32-46) and I got a /64 IPv6 block from my provider: 2a01:4f8:a0:aaaa::/64
So I changed the /etc/network/interfaces file as follows (which is also the way my provider recommends it):
# Loopback device:
auto lo
iface lo inet loopback
# device: eth0
auto eth0
iface eth0 inet static
address 85.10.xxx.zz
broadcast 85.10.xxx.yy
netmask 255.255.255.224
gateway 85.10.xxx.1
iface eth0 inet6 static
# Main IPv6 Address of the server
address 2a01:4f8:a0:aaaa::2
netmask 64
gateway fe80::1
auto eth0:1
iface eth0:1 inet static
address 85.10.xxxx.uu
netmask 255.255.255.224
# default route to access subnet
up route add -net 85.10.xxx.0 netmask 255.255.255.224 gw 85.10.xxx.1 eth0
After a reboot (I am lazy and don't wanted to add everyhthing using route
or ip
) my eth0 interface looks like this:
eth0 < first line removed >
inet addr:85.10.xxx.zz Bcast:85.10.xxx.yy Mask:255.255.255.224
inet6 addr: 2a01:4f8:a0:aaaa::2/64 Scope:Global
inet6 addr: fe80::bbbb:cccc:dddd:eeee/64 Scope:Link <--- from MAC address
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:24133 errors:0 dropped:0 overruns:0 frame:0
TX packets:21712 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3464246 (3.3 MiB) TX bytes:5776451 (5.5 MiB)
Interrupt:25 Base address:0x2000
and the routes ip -6 route
look like this:
2a01:4f8:a0:aaaa::/64 dev eth0 metric 1024 mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev eth0 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev vboxnet0 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
default via fe80::1 dev eth0 metric 1024 mtu 1500 advmss 1440 hoplimit 4294967295
Now, my problem is that my IPv6 isn't working properly. If I try to ping an IPv6 address e.g. ping6 ipv6.google.com. I get: "Destination unreachable: Address unreachable"
Which looks like this in tcpdump -i eth0 ip6
:
00:29:05.386500 IP6 2a01:4f8:a0:aaaa::2 > ff02::1:ff00:1: ICMP6, neighbor solicitation, who has fe80::1, length 32
00:29:05.390869 IP6 2a01:4f8:a0:bbbb::1 > 2a01:4f8:a0:aaaa::2: ICMP6, neighbor advertisement, tgt is fe80::1, length 32
2a01:4f8:a0:bbbb::1 is btw. listed as my gateway (at my provider's online admin console).
I think, the reason for all this is the missing NDP entry / the missing MAC address of fe80::1. Because ip -6 neigh
gives me:
fe80::1 dev eth0 router FAILED
I think so because if I do: ping6 -I eth0 fe80::1
I get a proper echo reply and the desired mac address for my fe80::1 address as well as a perfectly working IPv6 stack:
$ip -6 neigh
fe80::1 dev eth0 lladdr ll:mm:nn:oo:pp:qq router REACHABLE
Here is also again the dump from tcpdump -i eth0 ip6
:
00:30:37.555702 IP6 fe80::bbbb:cccc:dddd:eeee > fe80::1: ICMP6, echo request, seq 1, length 64
00:30:37.560219 IP6 fe80::1 > fe80::bbbb:cccc:dddd:eeee: ICMP6, echo reply, seq 1, length 64
(again: fe80::bbbb:cccc:dddd:eeee is my link-local address, derived from the MAC address)
From this point on, I can use IPv6: I can ping6 websites, I can connect to services using IPv6 or even connect to my server via ssh using IPv6.
So, what am I doing wrong here? I've spend a lot of time trying to find out how to "fix" this. I bet it can be solved using two commands. This is by the way the first time I am dealing with IPv6 on a server. So please forgive me for my inexperience. Btw. I also tried to alter some sysctl net.ipv6.* flags, but without success. If it is necessary for the solution, I can also post my configuration here.
Every hint is more than welcome!
Thank you very much in advance!
Answer
I gave the whole problem another try today, a couple of weeks later. And what can I say, I fixed it. Can someone please explain me why adding a ipv6 loopback fixed my problem? Here is what I've added to my /etc/network/interfaces file:
iface lo inet6 loopback
I have no ideas why I've forgot to add it in the first place!^^ Thank you all for your responses!
No comments:
Post a Comment