|
||||||||||
I have rebooted both my monowall, and my vista machine. The IPv6 addresses were piling up on the Vista box... what is exactly the meaning of those temporary addresses ? Each and every time I do an ipconfig /renew (or /release and /renew), I get (upto a certain amount) a new temporary address. IPv6 is working again, at my side... I can access http://ipv6.google.com again. This is how the config looks like : WAN ipv6 : 2001:470:1f14:158c::2/64 LAN ipv6 : 2001:470:d39d:1::1/64 My Vista box, now has another IPv6 address (I already modified the AAAA record, but I don't know how long it takes to renew... so I added also a second AAAA : ipv6-2.mcmc.be with the new IPv6 of my Vista box... which is : 2001:470:d39d:1:c4a:2d5e:a428:f703 I've added a rule in IPv6 Rules, to allow port 80 to my Vista box... I compared my config against yours, and saw some difference into the WAN/LAN side (which I presumable did wrong before). Kind regards, Michel Egbert Jan van den Bussche schreef: > I can ping both ends of the tunnel now!! Congrets! > > EJ > > >> -----Oorspronkelijk bericht----- >> Van: Michel Servaes [mailto:michel at mcmc dot be] >> Verzonden: dinsdag 14 april 2009 23:15 >> Aan: Egbert Jan van den Bussche >> CC: 'Steve Bertrand'; m0n0wall at lists dot m0n0 dot ch >> Onderwerp: Re: [m0n0wall] how do we check, that ipv6 is >> actually working (OT again) >> >> >> It is ::1f14:: >> Only at the routed part, I read ::1f15:: >> >> What's special about 1f14, since you put as many ?? :) >> >> Egbert Jan van den Bussche schreef: >> >>> Is there typo in here? Is it really ::1f14::???? Or 1f15 >>> >>> EJ >>> >>> >>> >>>> -----Oorspronkelijk bericht----- >>>> Van: Michel Servaes [mailto:michel at mcmc dot be] >>>> Verzonden: dinsdag 14 april 2009 23:12 >>>> Aan: Egbert Jan van den Bussche >>>> CC: 'Steve Bertrand'; m0n0wall at lists dot m0n0 dot ch >>>> Onderwerp: Re: [m0n0wall] how do we check, that ipv6 is >>>> actually working (OT again) >>>> >>>> >>>> Egbert Jan, Steve, >>>> >>>> >>>> I was fiddling a bit more, and now it seems I broke it again >>>> :'( I received following details from the tunnel broker : >>>> >>>> * server IPv4 address : 216.66.84.46 >>>> * server IPv6 address : 2001:470:1f14:158c::1/64 >>>> * client IPv4 address : 84.194.206.201 >>>> * client IPv6 address : 2001:470:1f14:158c::2/64 >>>> >>>> * Routed /48 : 2001:470:d39d::/48 >>>> * Routed /64 : 2001:470:1f15:158c::/64 >>>> >>>> >>>> I am still thinking IPv4... so it might just be that I try to >>>> do NAT'ing >>>> anyway ?? >>>> >>>> >>>> In monowall I have now following setup ; >>>> >>>> WAN >>>> * WAN : ipv6 enabled, tunnel mode >>>> * WAN IPv6 address : 2001:470:1f15:158c::/64 >>>> * Send IPv6 RA >>>> * IPv6 tunnel : 216.66.84.46 >>>> >>>> LAN >>>> * IPv6 mode : static >>>> * IPv6 address : 2001:470:d39d:1::1 /64 >>>> * Send RA router advertisements active >>>> >>>> >>>> Damned ( with a smile ), I had it working for internal to >>>> >> external- I >> >>>> just wanted it reversed as well... >>>> >>>> >>>> >>>> >>>> >>>> Egbert Jan van den Bussche schreef: >>>> >>>> >>>>> Michel, did the tunnel brooker give you a specific >>>>> >> address? I would >> >>>>> expect that they told you to configure >>>>> >>>>> >>>> 2001:470:1f15:158c::1 or 2 on >>>> >>>> >>>>> your WAN interface. I tried pinging those but they do not respond. >>>>> >>>>> On my Monowall: >>>>> traceroute6 to 2001:470:1f15:158c::2 (2001:470:1f15:158c::2) from >>>>> 2a02:968:1000:3::2, 18 hops max, 12 byte packets 1 >>>>> 2a02:968:1000:3::1 12.033 ms 11.339 ms 11.826 ms (My WAN port >>>>> tunnel >>>>> address) >>>>> 2 gateway-bit-vlan-45.hobby.nl 12.387 ms 13.297 ms 12.584 ms >>>>> 3 815.xe-1-0-0.jun1.kelvin.network.bit.nl 12.650 ms >>>>> >>>>> >>>> 12.612 ms 11.879 ms >>>> >>>> >>>>> 4 linx.he.net 20.282 ms 20.906 ms 20.184 ms >>>>> 5 10gigabitethernet1-1.core1.ams1.he.net 21.084 ms >>>>> >>>>> >>>> 25.753 ms 25.129 ms >>>> >>>> >>>>> 6 1g-bge0.tserv11.ams1.ipv6.he.net 24.043 ms 23.408 ms >>>>> >>>>> >>>> 23.378 ms >>>> >>>> >>>>> 7 * * * >>>>> >>>>> This stops earlier than I expected. There seems no route >>>>> >> to Michels >> >>>>> tunnelnetwork... >>>>> >>>>> EJ >>>>> >>>>> >>>>> >>>>> >>>>>> -----Oorspronkelijk bericht----- >>>>>> Van: Steve Bertrand [mailto:steve at ibctech dot ca] >>>>>> Verzonden: dinsdag 14 april 2009 22:39 >>>>>> Aan: Michel Servaes >>>>>> CC: m0n0wall at lists dot m0n0 dot ch >> M0n0wall Mailing List >>>>>> Onderwerp: Re: [m0n0wall] how do we check, that ipv6 is >>>>>> actually working (OT again) >>>>>> >>>>>> >>>>>> Michel Servaes wrote: >>>>>> >>>>>> >>>>>> >>>>>>> Routed /48: 2001:470:d39d::/48 >>>>>>> Routed /64: 2001:470:1f15:158c::/64 >>>>>>> >>>>>>> >>>>>>> This is the config, I got from tunnelbroker.net >>>>>>> But I have not configured the routed /48 part on my side at >>>>>>> >>>>>>> >>>>>>> >>>>>> all. (the >>>>>> >>>>>> >>>>>> >>>>>>> /48 part was optional at tunnelbroker.net) >>>>>>> >>>>>>> >>>>>>> >>>>>> Ok. This tells me that you have the m0n0wall NAT'ing IPv6 then. >>>>>> >>>>>> Does the m0n0 have the capability to route IPv6 between the LAN >>>>>> interface and the tunnel interface? >>>>>> >>>>>> If your WAN (tunnel) interface is: >>>>>> >>>>>> 2001:470:1f15:158c::/64 >>>>>> >>>>>> Then as a test, assign: >>>>>> >>>>>> 2001:470:d39d:1::1/64 to the LAN interface, and configure a PC >>>>>> within: >>>>>> >>>>>> 2001:470:d39d:1::/64 >>>>>> >>>>>> I don't have any m0n0walls in use right now, so unfortunately I >>>>>> can't provide any assistance with it's configuration. >>>>>> >>>>>> >>>>>> >>>>>> >>>>>>> I'll try to setup Sixxs again, since they have a Windows >>>>>>> >>>>>>> >>>>>>> >>>>>> Client too - >>>>>> >>>>>> >>>>>> >>>>>>> that way I can try in between the office, and my home. At >>>>>>> >>>>>>> >>>>>>> >>>>>> the office I >>>>>> >>>>>> >>>>>> >>>>>>> don't have a monowall yet (have to wait 60 days, before I start >>>>>>> working there :) - and am not going to do experiments at >>>>>>> >>>>>>> >>>>>>> >>>>>> my current >>>>>> >>>>>> >>>>>> >>>>>>> job) >>>>>>> >>>>>>> >>>>>>> >>>>>> Ahhh, I see... >>>>>> >>>>>> >>>>>> >>>>>> >>>>>>> Thank you for your testing though... but since I'm >>>>>>> >>>>>>> >>>>>>> >>>>>> completely new to >>>>>> >>>>>> >>>>>> >>>>>>> ipv6, I don't want to take your time too much ;) >>>>>>> >>>>>>> >>>>>>> >>>>>> Not a problem at all... if you were taking too much of >>>>>> >> my time, you >> >>>>>> would know this by a lack of response ;) >>>>>> >>>>>> Steve >>>>>> >>>>>> >>>>>> >>>>>> >> --------------------------------------------------------------------- >> >>>> >>>> >>>>>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch >>>>>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>> >>>>> >>>>> >> --------------------------------------------------------------------- >> >>>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch >>>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch >>>> >>>> >>>> >>>> >>> >>> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch >> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch >> >> >> > > |