SixXS::Sunset 2017-06-06

Routing with /64 Subnet
[gb] Shadow Hawkins on Friday, 31 July 2015 08:23:16
I have a Raspberry Pi with just a single ethernet port connected, running Raspbian with aiccu and radvd running. Tunnel is as follows: Your IPv4 AYIYA, currently 80.189.208.76 IPv6 Prefix 2a00:14f0:e000:1a3::1/64 PoP IPv6 2a00:14f0:e000:1a3::1 Your IPv6 2a00:14f0:e000:1a3::2 And the default /64 subnet is: Details Subnet Prefix Tunnel Endpoint Subnet Name State R267357 2a00:14f0:e000:81a3::/64 2a00:14f0:e000:1a3::2 Routed /64 Subnet Enabled My aiccu config is unchanged from the installer, with just the username/password added and the tunnel is up and running. I can ping6 various sites from the Pi. The Ethernet port is connected to a switch (back of a WiFi router/modem box) and from there to a desktop PC running Ubuntu. I've given the Pi's Ethernet port an address of 2a00:14f0:e000:1a3::3 (as ::1 is used by the PoP) and the Ubuntu machine a static IPv6 address 2a00:14f0:e000:1a3::4. When I ping6 from the Pi (successfully) while monitoring the 'sixxs' interface with tcpdump, I can see ICMPv6 messages travelling in both directions: 07:22:43.585389 IP6 2a00:14f0:e000:1a3::2 > 2a00:1450:4009:80a::200e: ICMP6, echo request, seq 5, length 64 07:22:43.604201 IP6 2a00:1450:4009:80a::200e > 2a00:14f0:e000:1a3::2: ICMP6, echo reply, seq 5, length 64 When I ping6 from the Ubuntu machine, I can see outgoing requests, but no replies: 07:23:56.478755 IP6 2a00:14f0:e000:1a3::4 > 2a00:1450:4009:80a::200e: ICMP6, echo request, seq 1, length 64 07:23:57.486951 IP6 2a00:14f0:e000:1a3::4 > 2a00:1450:4009:80a::200e: ICMP6, echo request, seq 2, length 64 Where is the reply?? If the subnet is routed towards the ::2 (as I've read somewhere on the site) then it should be visible. What also confuses me, is that the Pi's routing table is: $ ip -6 route ::/96 dev sit0 proto kernel metric 256 2a00:14f0:e000:1a3::/64 dev sixxs proto kernel metric 256 fe80::/64 dev eth0 proto kernel metric 256 fe80::/64 dev sixxs proto kernel metric 256 default via 2a00:14f0:e000:1a3::1 dev sixxs metric 1024 Doesn't that send everything for my subnet back down the tunnel? It's the default config/settings, so I don't know why the routing table is as it is. I'd be grateful of any guidance :-)
Routing with /64 Subnet
[ch] Jeroen Massar SixXS Staff on Friday, 31 July 2015 09:09:31
I've given the Pi's Ethernet port an address of 2a00:14f0:e000:1a3::3 (as ::1 is used by the PoP)
That is the wrong prefix. That is the one used for the tunnel. Notice the difference: Tunnel 2a00:14f0:e000:01a3::/64 (normally written without the extra 0, thus: 2a00:14f0:e000:1a3::/64) Subnet 2a00:14f0:e000:81a3::/64 Note that you need to add an address out the subnet to eth0 on the Pi. Typically one uses ::1 as a gateway, thus on eth0 on the Pi you need to configure 2a00:14f0:e000:81a3::1/64 Then enable RA using radvd and announcing 2a00:14f0:e000:81a3::/64 and all hosts in the network should automatically have an IPv6 address.
Routing with /64 Subnet [SOLVED]
[gb] Shadow Hawkins on Friday, 31 July 2015 09:28:45
Jeroen Massar wrote:
> I've given the Pi's Ethernet port an address of 2a00:14f0:e000:1a3::3 (as ::1 is used by the PoP) That is the wrong prefix. That is the one used for the tunnel. Notice the difference: Tunnel 2a00:14f0:e000:01a3::/64 (normally written without the extra 0, thus: 2a00:14f0:e000:1a3::/64) Subnet 2a00:14f0:e000:81a3::/64 Note that you need to add an address out the subnet to eth0 on the Pi. Typically one uses ::1 as a gateway, thus on eth0 on the Pi you need to configure 2a00:14f0:e000:81a3::1/64 Then enable RA using radvd and announcing 2a00:14f0:e000:81a3::/64 and all hosts in the network should automatically have an IPv6 address.
One digit! That's all the problem was. I've been looking at this for nearly two weeks! It now works :-) Many thanks for your excellent support.
Routing with /64 Subnet [SOLVED]
[ch] Jeroen Massar SixXS Staff on Friday, 31 July 2015 09:51:57
One digit!
Actually, it is worse, it is literally one single bit: 0x8000 = 1000 0000 0000 0000 That bit splits the /48 we use for tunnels and default subnets into two portions, each a/49. Which also makes it very easy for sixxsd (the software that effectively is the PoP) to determine which tunnel that prefix needs to go to, as there is no lookup: Only 15 bits of tunnel-id, though we limit that to a max of 8192 tunnels per PoP, thus that is a nice static array, no searching and super fast ;) Same trick for the full /48 subnets, only 256 of those per /40 and maybe 6 of those per PoP, thus all without even funny things like prefix trees to make lookups needed let alone any locking.

Please note Posting is only allowed when you are logged in.
Static Sunset Edition of SixXS
©2001-2017 SixXS - IPv6 Deployment & Tunnel Broker