|
6RD with routers on which you cannot specify the endpoint address: make endpoint address adjustable?
![[nl]](/s/countries/nl.gif) Shadow Hawkins on Wednesday, 18 May 2016 21:13:31
Hi there,
Until recently I had an AYIYA tunnel that went straight to my desktop at home. I decided that I want to make use of it on all my systems in the network, so this evening I experimented with reconfiguring my Linksys (an E4200, I think) to use 6RD. If I go to the router's web page, I get the following options to configure:
http://80386.nl/pub/20160518-6rd.png
Where I guess my router is different from the others is that you cannot configure an IPv6 endpoint address; only a prefix and a length. This means that my router just picks an address for itself (based on the prefix and the DUID, 2001:07b8:02ff:04bb:cad7:19ff:fe54:7f49 in my case). There is no way to override this to be any different.
This means that my tunnel doesn't want to go up in both directions. From my systems at home, I can send IPv6 traffic to the internet, but the POP doesn't want to route it back home. This can be observed when I run tcpdump on a server somewhere in a datacenter and ping it from home:
22:53:08.711490 IP6 2001:7b8:2ff:4bb:f046:5f1e:b452:2620 > 2a01:4f8:202:1044::: ICMP6, echo request, seq 0, length 16
22:53:08.711498 IP6 2a01:4f8:202:1044:: > 2001:7b8:2ff:4bb:f046:5f1e:b452:2620: ICMP6, echo reply, seq 0, length 16
22:53:08.723944 IP6 2001:7b8:2ff:4bb::1 > 2a01:4f8:202:1044::: ICMP6, destination unreachable, unreachable route 2001:7b8:2ff:4bb:f046:5f1e:b452:2620, length 64
In other words, the server responds to the ICMP request, but instead of being sent back, the SixXS POP just discards it, sending back an error to my server.
As a final experiment, I changed my laptop's IPv6 address to be that of the endpoint, so to persuade the POP that the tunnel is up. This seems to make things work, but is of course highly impractical. My question is, would it be possible to extend the admin page to allow you to override the endpoint address? That way I could fill in the address generated by my Linksys router, so that I don't need to keep my laptop running to have IPv6.
Thanks,
Ed
6RD with routers on which you cannot specify the endpoint address: make endpoint address adjustable?
2001:07b8:02ff:04bb:cad7:19ff:fe54:7f49
That is not a valid address in the tunnel prefix. You only can use <prefix>::2.
2a01:4f8:202:1044::
All-zeros is an subnet anycast address (unless that system is really funnily configured), avoid them like the plague as they do not do what you likely want them to do.
In other words, the server responds to the ICMP request, but instead of being sent back, the SixXS POP just discards it, sending back an error to my server.
Because that address is not valid.
Actually, I am a bit surprised that you can send the packet in the first place, as that should not be allowed, must be a little bug in sixxsd that we'll have to address.
As a final experiment, I changed my laptop's IPv6 address to be that of the endpoint, so to persuade the POP that the tunnel is up. This seems to make things work, but is of course highly impractical.
You seem to be trying to split the tunnel /64 that cannot work.
My question is, would it be possible to extend the admin page to allow you to override the endpoint address?
Only <prefix>::1 (PoP) and <prefix>::2 (user endpoint) can be used in the tunnel space, nothing else.
That way I could fill in the address generated by my Linksys router, so that I don't need to keep my laptop running to have IPv6.
The UI you snapshotted in the image does not seem to allow any configuration of a routed subnet, thus it is completely useless to configure that thing the way it is (unless there are other knobs for that elsewhere).
6rd builds upon standard proto-41 tunnels, thus if it can do 6rd it can also just do a normal static tunnel.
I can only suggest getting a real box instead of a broken device like that.
Likely that little linksys is just running some form of OpenWRT or friends, thus upgrading it to a non-restricted firmware might be another alternative path.
6rd is intended for ISP deployment, not for tunneling which is likely why this is that broken.
6RD with routers on which you cannot specify the endpoint address: make endpoint address adjustable?
Shadow Hawkins on Wednesday, 18 May 2016 21:38:38
d'oh! Silly me.
It turns out I had just misconfigured my router. I misread the tunnel information page that 2001:7b8:2ff:4bb::1/64 was the actual range I had to announce in my internal network. Further down the page, I saw that I had a subnet as well. Using that subnet instead seems to make things work for me out of the box.
|
![[ch]](/s/countries/ch.gif)
on Wednesday, 18 May 2016 21:28:34
Posting is only allowed when you are