[ previous ] [ next ] [ threads ]
 
 From:  "Egbert Jan van den Bussche" <egbert at vandenbussche dot nl>
 To:  "'Michel Servaes'" <michel at mcmc dot be>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] how do we check, that ipv6 is actually working (OT again)
 Date:  Tue, 14 Apr 2009 23:35:20 +0200
OK. Could you open the rule a bit more ti allow ICMPv6 (or * for just now)

EJ

> -----Oorspronkelijk bericht-----
> Van: Michel Servaes [mailto:michel at mcmc dot be] 
> Verzonden: dinsdag 14 april 2009 23:33
> Aan: Egbert Jan van den Bussche
> CC: 'Steve Bertrand'; m0n0wall at lists dot m0n0 dot ch
> Onderwerp: Re: [m0n0wall] how do we check, that ipv6 is 
> actually working (OT again)
> 
> 
> I have rebooted both my monowall, and my vista machine.
> The IPv6 addresses were piling up on the Vista box... what is exactly 
> the meaning of those temporary addresses ?
> 
> Each and every time I do an ipconfig /renew (or /release and 
> /renew), I 
> get (upto a certain amount) a new temporary address.
> 
> IPv6 is working again, at my side... I can access 
> http://ipv6.google.com 
> again.
> 
> This is how the config looks like :
> 
> WAN ipv6 : 2001:470:1f14:158c::2/64
> LAN ipv6 : 2001:470:d39d:1::1/64
> 
> My Vista box, now has another IPv6 address (I already 
> modified the AAAA 
> record, but I don't know how long it takes to renew... so I 
> added also a 
> second AAAA : ipv6-2.mcmc.be with the new IPv6 of my Vista 
> box... which is :
> 
> 2001:470:d39d:1:c4a:2d5e:a428:f703
> 
> I've added a rule in IPv6 Rules, to allow port 80 to my Vista box...
> 
> 
> 
> 
> I compared my config against yours, and saw some difference into the 
> WAN/LAN side (which I presumable did wrong before).
> 
> Kind regards,
> Michel
> 
> 
> 
> 
> 
> Egbert Jan van den Bussche schreef:
> > I can ping both ends of the tunnel now!! Congrets!
> >
> > EJ
> >
> >   
> >> -----Oorspronkelijk bericht-----
> >> Van: Michel Servaes [mailto:michel at mcmc dot be]
> >> Verzonden: dinsdag 14 april 2009 23:15
> >> Aan: Egbert Jan van den Bussche
> >> CC: 'Steve Bertrand'; m0n0wall at lists dot m0n0 dot ch
> >> Onderwerp: Re: [m0n0wall] how do we check, that ipv6 is 
> >> actually working (OT again)
> >>
> >>
> >> It is ::1f14::
> >> Only at the routed part, I read ::1f15::
> >>
> >> What's special about 1f14, since you put as many ?? :)
> >>
> >> Egbert Jan van den Bussche schreef:
> >>     
> >>> Is there typo in here? Is it really ::1f14::???? Or 1f15
> >>>
> >>> EJ
> >>>
> >>>   
> >>>       
> >>>> -----Oorspronkelijk bericht-----
> >>>> Van: Michel Servaes [mailto:michel at mcmc dot be]
> >>>> Verzonden: dinsdag 14 april 2009 23:12
> >>>> Aan: Egbert Jan van den Bussche
> >>>> CC: 'Steve Bertrand'; m0n0wall at lists dot m0n0 dot ch
> >>>> Onderwerp: Re: [m0n0wall] how do we check, that ipv6 is
> >>>> actually working (OT again)
> >>>>
> >>>>
> >>>> Egbert Jan, Steve,
> >>>>
> >>>>
> >>>> I was fiddling a bit more, and now it seems I broke it 
> again :'( I 
> >>>> received following details from the tunnel broker :
> >>>>
> >>>> * server IPv4 address : 216.66.84.46
> >>>> * server IPv6 address : 2001:470:1f14:158c::1/64
> >>>> * client IPv4 address : 84.194.206.201
> >>>> * client IPv6 address : 2001:470:1f14:158c::2/64
> >>>>
> >>>> * Routed /48 : 2001:470:d39d::/48
> >>>> * Routed /64 : 2001:470:1f15:158c::/64
> >>>>
> >>>>
> >>>> I am still thinking IPv4... so it might just be that I try to do 
> >>>> NAT'ing anyway ??
> >>>>
> >>>>
> >>>> In monowall I have now following setup ;
> >>>>
> >>>> WAN
> >>>> * WAN : ipv6 enabled, tunnel mode
> >>>> * WAN IPv6 address : 2001:470:1f15:158c::/64
> >>>> * Send IPv6 RA
> >>>> * IPv6 tunnel : 216.66.84.46
> >>>>
> >>>> LAN
> >>>> * IPv6 mode : static
> >>>> * IPv6 address : 2001:470:d39d:1::1 /64
> >>>> * Send RA router advertisements active
> >>>>
> >>>>
> >>>> Damned ( with a smile ), I had it working for internal to 
> >>>>         
> >> external- I
> >>     
> >>>> just wanted it reversed as well...
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>> Egbert Jan van den Bussche schreef:
> >>>>     
> >>>>         
> >>>>> Michel, did the tunnel brooker give you a specific 
> >>>>>           
> >> address? I would
> >>     
> >>>>> expect that they told you to configure 
> >>>>>       
> >>>>>           
> >>>> 2001:470:1f15:158c::1 or 2 on
> >>>>     
> >>>>         
> >>>>> your WAN interface. I tried pinging those but they do 
> not respond.
> >>>>>
> >>>>> On my Monowall:
> >>>>> traceroute6 to 2001:470:1f15:158c::2 
> (2001:470:1f15:158c::2) from
> >>>>> 2a02:968:1000:3::2, 18 hops max, 12 byte packets  1  
> >>>>> 2a02:968:1000:3::1  12.033 ms  11.339 ms  11.826 ms (My 
> WAN port 
> >>>>> tunnel
> >>>>> address)
> >>>>>  2  gateway-bit-vlan-45.hobby.nl  12.387 ms  13.297 ms  
> 12.584 ms
> >>>>>  3  815.xe-1-0-0.jun1.kelvin.network.bit.nl  12.650 ms  
> >>>>>       
> >>>>>           
> >>>> 12.612 ms  11.879 ms
> >>>>     
> >>>>         
> >>>>>  4  linx.he.net  20.282 ms  20.906 ms  20.184 ms
> >>>>>  5  10gigabitethernet1-1.core1.ams1.he.net  21.084 ms
> >>>>>       
> >>>>>           
> >>>> 25.753 ms  25.129 ms
> >>>>     
> >>>>         
> >>>>>  6  1g-bge0.tserv11.ams1.ipv6.he.net  24.043 ms  23.408 ms
> >>>>>       
> >>>>>           
> >>>> 23.378 ms
> >>>>     
> >>>>         
> >>>>>  7  * * *
> >>>>>
> >>>>> This stops earlier than I expected. There seems no route 
> >>>>>           
> >> to Michels
> >>     
> >>>>> tunnelnetwork...
> >>>>>
> >>>>> EJ
> >>>>>
> >>>>>   
> >>>>>       
> >>>>>           
> >>>>>> -----Oorspronkelijk bericht-----
> >>>>>> Van: Steve Bertrand [mailto:steve at ibctech dot ca]
> >>>>>> Verzonden: dinsdag 14 april 2009 22:39
> >>>>>> Aan: Michel Servaes
> >>>>>> CC: m0n0wall at lists dot m0n0 dot ch >> M0n0wall Mailing List
> >>>>>> Onderwerp: Re: [m0n0wall] how do we check, that ipv6 is
> >>>>>> actually working (OT again)
> >>>>>>
> >>>>>>
> >>>>>> Michel Servaes wrote:
> >>>>>>     
> >>>>>>         
> >>>>>>             
> >>>>>>>          Routed /48:       2001:470:d39d::/48
> >>>>>>>     Routed /64:     2001:470:1f15:158c::/64
> >>>>>>>
> >>>>>>>
> >>>>>>> This is the config, I got from tunnelbroker.net
> >>>>>>> But I have not configured the routed /48 part on my side at
> >>>>>>>       
> >>>>>>>           
> >>>>>>>               
> >>>>>> all. (the
> >>>>>>     
> >>>>>>         
> >>>>>>             
> >>>>>>> /48 part was optional at tunnelbroker.net)
> >>>>>>>       
> >>>>>>>           
> >>>>>>>               
> >>>>>> Ok. This tells me that you have the m0n0wall NAT'ing IPv6 then.
> >>>>>>
> >>>>>> Does the m0n0 have the capability to route IPv6 
> between the LAN 
> >>>>>> interface and the tunnel interface?
> >>>>>>
> >>>>>> If your WAN (tunnel) interface is:
> >>>>>>
> >>>>>> 2001:470:1f15:158c::/64
> >>>>>>
> >>>>>> Then as a test, assign:
> >>>>>>
> >>>>>> 2001:470:d39d:1::1/64 to the LAN interface, and configure a PC
> >>>>>> within:
> >>>>>>
> >>>>>> 2001:470:d39d:1::/64
> >>>>>>
> >>>>>> I don't have any m0n0walls in use right now, so 
> unfortunately I 
> >>>>>> can't provide any assistance with it's configuration.
> >>>>>>
> >>>>>>     
> >>>>>>         
> >>>>>>             
> >>>>>>> I'll try to setup Sixxs again, since they have a Windows
> >>>>>>>       
> >>>>>>>           
> >>>>>>>               
> >>>>>> Client too -
> >>>>>>     
> >>>>>>         
> >>>>>>             
> >>>>>>> that way I can try in between the office, and my home. At
> >>>>>>>       
> >>>>>>>           
> >>>>>>>               
> >>>>>> the office I
> >>>>>>     
> >>>>>>         
> >>>>>>             
> >>>>>>> don't have a monowall yet (have to wait 60 days, 
> before I start 
> >>>>>>> working there :)  - and am not going to do experiments at
> >>>>>>>       
> >>>>>>>           
> >>>>>>>               
> >>>>>> my current
> >>>>>>     
> >>>>>>         
> >>>>>>             
> >>>>>>> job)
> >>>>>>>       
> >>>>>>>           
> >>>>>>>               
> >>>>>> Ahhh, I see...
> >>>>>>
> >>>>>>     
> >>>>>>         
> >>>>>>             
> >>>>>>> Thank you for your testing though... but since I'm
> >>>>>>>       
> >>>>>>>           
> >>>>>>>               
> >>>>>> completely new to
> >>>>>>     
> >>>>>>         
> >>>>>>             
> >>>>>>> ipv6, I don't want to take your time too much ;)
> >>>>>>>       
> >>>>>>>           
> >>>>>>>               
> >>>>>> Not a problem at all... if you were taking too much of 
> >>>>>>             
> >> my time, you 
> >>     
> >>>>>> would know this by a lack of response ;)
> >>>>>>
> >>>>>> Steve
> >>>>>>
> >>>>>>
> >>>>>>         
> >>>>>>             
> >> 
> ---------------------------------------------------------------------
> >>     
> >>>>     
> >>>>         
> >>>>>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> >>>>>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> >>>>>>
> >>>>>>
> >>>>>>     
> >>>>>>         
> >>>>>>             
> >>>>>   
> >>>>>       
> >>>>>           
> >> 
> ---------------------------------------------------------------------
> >>     
> >>>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> >>>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> >>>>
> >>>>
> >>>>     
> >>>>         
> >>>   
> >>>       
> >> 
> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> >> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> >>
> >>
> >>     
> >
> >   
>