IPv6 routing(?)

To: netbsd-users%netbsd.org@localhost
Subject: IPv6 routing(?)
From: Jan Danielsson <jan.m.danielsson%gmail.com@localhost>
Date: Thu, 17 Nov 2016 22:28:32 +0100

Hello,

  Thanks to help from the list, I got past some initial IPv6
configuration issues; the router gets its address and prefixlength from
the ISP and a host on the LAN gets a subnet address from the router.
However, one issue remains, and I've been banging my head against it for
too long and I need some more assistance.

   This is a proper global /48 network.

   As before, I'm reducing the network to this for simplicity:

   host1              router
   (re0)   <--->  (wm0)    (re0)  <----> ISP
                  "lan"     wan

   The re0 interface is assigned a 2001:XXXX:YYYY:0:... address (from
the ISP) with a prefixlen of 64 (there's a static route in their router
which is /48, but it seems routers are typically assigned /64 chunks).

   The router's wm0 is manually assigned a /80 subnet, with the address
2001:XXXX:YYYY:0:4::1.  (I had initially misunderstood the role of the
link-local address; per the suggestion of Martin Husemann I set a
hardcoded address on wm0 and that's when the address assignment of host1
started working).

   What works:
   - From the router, I can ping6/traceroute6 any address on the public
Internet.  (I.e. "ping6 netbsd.org" or "traceroute6 google.com" works fine).
   - The router can ping6 the host1's IPv6 address.
   - host1 can ping6 both the lan and wan addresses of the router.

   What doesn't work:
   - From host1, I can not ping addresses on the public Internet.  (i.e.
ping6 netbsd.org) does not work.  traceroute6 google.com will only get a
reply for the first entry (2001:XXXX:YYYY:0:4::1 (the router's lan
interface)) and then won't progress any further.

   Typical cause for issues similar to this is that forwarding is not
enabled -- but it is (double and triple-checked).  Plus, and correct me
if I'm wrong here, I can ping the router's wan address from host1 which
wouldn't work if IPv6 forwarding had been disabled.

   To my untrained eye, the routing tables on both host1 and the router
look fine; host1's default entry is to the router's link-local address
of the lan interface (analogous to the router's default route pointing
to fe80::1, autoconfigured and in accordance with the instructions from
the ISP).

   The 2001:XXXX:YYYY:0:4::/80 subnet on the router routes to link#2 (wm0).

   If I run "tcpdump -nttt -i re0" on the router and then try to ping6
netbsd.org, I can see the echo requests (from the host1 address to
netbsd.org's IPv6 address), but no replies.  (Running the same ping6
command on the router will cause both requests and replies to be seen in
tcpdump).

   Any tips on what I should be looking closer at?

   /Jan

Follow-Ups:
- Re: IPv6 routing(?)
  - From: Robert Elz
- Re: IPv6 routing(?)
  - From: Andy Ruhl

Prev by Date: Re: Tracking down TCP & UDP listeners
Next by Date: Re: IPv6 routing(?)
Previous by Thread: Tracking down TCP & UDP listeners
Next by Thread: Re: IPv6 routing(?)
Indexes:

Home | Main Index | Thread Index | Old Index