[ previous ] [ next ] [ threads ]
 
 From:  Michel Servaes <michel at mcmc dot be>
 To:  Egbert Jan van den Bussche <egbert at vandenbussche dot nl>
 Cc:  'Steve Bertrand' <steve at ibctech dot ca>, m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] how do we check, that ipv6 is actually working (OT again)
 Date:  Tue, 14 Apr 2009 22:18:27 +0200 
Egbert Jan,


I have IPv6 working from all my computers, that is, when hitting 
sixy.ch, I see my IPv6 address in the corner... I can access all the 
sites that are IPv6 - did a cross check on IPv4 machines at the office....
Now I just wanted to see if I could open up port 80 to one of my 
computers behind the monowall. And that anyone that has IPv6 can connect 
to my machine.

But somewhere I must of missed some config...

The reason I need to tunnel (IMHO), is that my ISP isn't offering IPv6.


The monowall is running on a Compaq Deskpro EN (pentium3 - 600MHz - 
512MB RAM) - with a CF card in the IDE bus.

Egbert Jan van den Bussche schreef:
> Hi Michel,
>
> I have a v6 tunnel to Hobbynet and an official subnet. I Live in NL.
> Hobbynet runs a tunnelserver for members. I am one of the volonteers that
> run Hobbynet.
>
> Why trying to get that tunnel to your PC? Let it end on the WAN of you
> Monowall (1.3beta15 or 16 on a Soekris I presume?). Enable v6 and
> advertising on the  LAN side and give the LAN side the first address in you
> assigned subnet.That would be 2001:470:d39d:1::1. The give you a /48 but you
> use /64 on your LANs. In this way you could give 2001:470:d39d:2::1 to OPT1.
>
> Your PC (XP/Vista/Linux) will pick up the router advertisements en configure
> itself! Yest this is IPv6! You will see that your interface gets an stange
> address formed from the MAC address of the NIC.
>
>
> I started off with SixXS too but Monowall seems not to respond to their
> fancy pinging. I did wrote some pages in their Wiki but I deregistered
> there.
>
> You should be able to use the ping/traceroute in the diagnostics of MonoWall
> in both directions (to LAN and to WAN). You should be able to ping6
> www.hobby.nl. If you do this from a commandline (PC or Linux), add a -n
> option. That will prevent translating the address to a hostname. 
>
> Have fun. Ans as Steve said, you will remember the v6 addresses soon without
> problems ;-)
>
> Egbert Jan (NL)
>
>   
>> -----Oorspronkelijk bericht-----
>> Van: Michel Servaes [mailto:michel at mcmc dot be] 
>> Verzonden: dinsdag 14 april 2009 21:51
>> Aan: Steve Bertrand
>> CC: m0n0wall at lists dot m0n0 dot ch >> M0n0wall Mailing List
>> Onderwerp: Re: [m0n0wall] how do we check, that ipv6 is 
>> actually working (OT again)
>>
>>
>>       	Routed /48:  	 2001:470:d39d::/48
>> 	Routed /64: 	2001:470:1f15:158c::/64
>>
>>
>> This is the config, I got from tunnelbroker.net
>> But I have not configured the routed /48 part on my side at all. (the 
>> /48 part was optional at tunnelbroker.net)
>>
>> It seems I have missed a digit, somewhere during copy/pasting - (the 
>> part where you were assuming x::1)
>>
>>
>> I'll try to setup Sixxs again, since they have a Windows Client too - 
>> that way I can try in between the office, and my home.
>> At the office I don't have a monowall yet (have to wait 60 
>> days, before 
>> I start working there :)  - and am not going to do experiments at my 
>> current job)
>>
>> Thank you for your testing though... but since I'm completely new to 
>> ipv6, I don't want to take your time too much ;)
>>
>> Steve Bertrand schreef:
>>     
>>> Michel Servaes wrote:
>>>   
>>>       
>>>> 2001:470:1f15:158c:d7d:bd6:5ff3:6988 is the IP of my 
>>>>         
>> computer, behind 
>>     
>>>> monowall.
>>>>     
>>>>         
>>> I can not ping that.
>>>
>>>   
>>>       
>>>> 2001:470:1f14:158c::2/64 is the assigned client IPv6 address
>>>>     
>>>>         
>>> I can ping that.
>>>
>>>   
>>>       
>>>> , in being the server 2001:470:1f14:158c::1/64
>>>>     
>>>>         
>>> I can ping that.
>>>
>>>   
>>>       
>>>>  2001:470:1f15:158c:: to the LAN side of monowall.
>>>>     
>>>>         
>>> I can not ping that (assuming that the m0n0 is x::1)
>>>
>>>   
>>>       
>>>> Ugh, I hate those new addresses... IPv4 was easy to 
>>>>         
>> remember. This is 
>>     
>>>> akward :-)
>>>>     
>>>>         
>>> The numbering scheme will come naturally after some time ;)
>>>
>>>   
>>>       
>>>> Thanks again, for testing - this helps me getting it running, and 
>>>> understanding it
>>>>     
>>>>         
>>> No problem.
>>>
>>> It appears as though the m0n0wall is not allowing IPv6 traffic to 
>>> cross from the WAN side to the LAN side.
>>>
>>> How was your tunnel space allocated? I'm not familiar with how the 
>>> tunnel providers are assigning/routing space.
>>>
>>> Do they route you 2001:470:1f15::/48 over the 
>>>       
>> 2001:470:1f14:158c::/64 
>>     
>>> tunnel?
>>>
>>> Steve
>>>   
>>>       
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>
>>
>>     
>
>