Ipv6 VPN
Guus Sliepen
guus at tinc-vpn.org
Sun Oct 6 15:24:25 CEST 2013
On Fri, Oct 04, 2013 at 11:00:17AM +0200, Ismael Bouya wrote:
[...]
> my route table on immae.eu :
> 2001:41d0:2:35d7:1::/96 dev vpn6 proto kernel metric 256
> 2001:41d0:2:35d7:1:2::/96 via 2001:41d0:2:35d7:1::2 dev vpn6 metric 1024
> 2001:41d0:2:35d7:1::/80 dev vpn6 metric 1024
> 2001:41d0:2:35d7::/64 dev eth0 proto kernel metric 256
> 2001:41d0:2:35d7::/64 dev eth0 metric 1024
> 2001:41d0:2:35ff:ff:ff:ff:ff dev eth0 metric 1024
> fe80::/64 dev eth0 proto kernel metric 256
> fe80::/64 dev vpn6 proto kernel metric 256
> default via 2001:41d0:2:35ff:ff:ff:ff:ff dev eth0 metric 1024
>
> However, when I try to ping 2001:41d0:2:35d7:1::2 from outsite, I see
> immae.eu desperately trying to find it on eth0 (with tcpdump), and not
> trying vpn6. I even tried to put eth0 address to 2001:41d0:2:35d7::1/128
> and to disable the corresponding routes, but it keeps asking on eth0.
Hm, that's indeed strange. However, the example on the website is a bit
complicated, maybe you could simplify your setup. Does home need its own /64 or
does it need only a /128? Do you plan to add more nodes or not?
> I also put /proc/sys/net/ipv{4,6}/conf/all/forwarding to 1 everywhere,
> but without success.
>
> Did I miss anything?
Make sure you don't have firewall rules blocking the forwarding of IPv6
packets. Also, what does the routing table look like on home?
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20131006/5badf14c/attachment.sig>
More information about the tinc
mailing list