Hi Omer, On Saturday 08 November 2008 11:13:34 Omer Zak wrote: > Hello Noam, > Thanks for your answer. I still need more help. > > On Sat, 2008-11-08 at 10:09 +0200, Noam Rathaus wrote: > > I have been able to do it using: > > apt-get install tspc > > I installed it, too. > > > verify tun works: > > ifconfig tun > > I do not have tun, but I have sit0 and sit1. > Should tun exist as well? > If yes, how do I find why wasn't it set up as well?
I have no idea who made it, my guess is it either came from tspc or openvpn With openvpn I used, but in this case, I didn't do it, so I guess its either a leftover or was done when I installed: openvpn --mktun --dev tun > > According to lsmod, the following modules are loaded: > - tun Here as well > - sit Not here > - tunnel4 (used by sit) Nope > - ipv6 (used by sit) Yep > > Am I missing anything? > > > and ping: > > ipv6.google.com > > PING ipv6.google.com(2001:4860:0:1001::68) 56 data bytes > > 64 bytes from 2001:4860:0:1001::68: icmp_seq=1 ttl=52 time=305 ms > > 64 bytes from 2001:4860:0:1001::68: icmp_seq=3 ttl=52 time=494 ms > > 64 bytes from 2001:4860:0:1001::68: icmp_seq=4 ttl=52 time=505 ms > > ^C > > --- ipv6.google.com ping statistics --- > > 5 packets transmitted, 3 received, 40% packet loss, time 4013ms > > rtt min/avg/max/mdev = 305.720/435.197/505.567/91.669 ms > > When I try to ping6 ipv6.google.com, I get no response. According to > wireshark, ICMPv6 echo requests are sent, but there are no echo replies. > I tried all 4 values of -I parameter of ping6: > sit0,sit1 - no response. > sit,tun - unknown iface. > You shouldn't see any ICMPv6 traffic! TSPC tunnels everything via IPv4/IPv4UDP, so no ICMPv6 should be visible. > I tried to ping6 both ipv6.google.com and 2001:4860:0:1001::68 (with -I > both sit0 and sit1) - no response. > > > So I see two options: > > 1) Your firewall is blocking > > 2) Your NAT hinders it > > How to check for those possibilities? My guess is that something isn't properly configured, as wireshark didn't show any traffic on the TSPC port. > > > Try to play with tunnel_mode=v6anyv4 > > and if_tunnel_v6v4=sit1, if_tunnel_v6udpv4=tun > > My /etc/tsp/tspc.conf already has those settings. > > > You can use ethereal (wireshark) to see the data being sent on port 3653 > > - as well as the channel being built. > > According to wireshark, the channel does get set up. > I suspect something is strange in the output of route -6. How should it > look like? > My route -6 output looks like this (certain information was censored by > replacing it by asterisks): > 2001:5c0:8fff:ffff:8000:0:****:****/128 :: > U 256 0 0 sit1 > 2001:5c0:8fff:ffff:8000:1:****:****/128 > 2001:5c0:8fff:ffff:8000:1:****:**** UC 0 8 0 sit1 > 2000::/3 :: > U 1 0 0 sit1 > fe80::/64 :: > U 256 0 0 eth0 > fe80::/64 :: > U 256 0 0 eth1 > fe80::/64 :: > U 256 0 0 sit1 > > ::1/128 :: > > U 0 78 1 lo > 2001:5c0:8fff:ffff:8000:0:****:****/128 :: > U 0 0 1 lo > fe80::/128 :: > U 0 0 2 lo > fe80::/128 :: > U 0 0 2 lo > fe80::/128 :: > U 0 0 2 lo > fe80::****:****/128 :: > U 0 0 1 lo > fe80::****:****/128 :: > U 0 0 1 lo > fe80::****:****/128 :: > U 0 0 1 lo > fe80::211:2fff:****:****/128 :: > U 0 7 1 lo > fe80::2c0:cff:****:****/128 :: > U 0 0 1 lo > ff00::/8 :: > U 256 0 0 eth0 > ff00::/8 :: > U 256 0 0 eth1 > ff00::/8 :: > U 256 0 0 sit1 > > Thanks, > > --- Omer [EMAIL PROTECTED]:~# route -6 Kernel IPv6 routing table Destination Next Hop Flag Met Ref Use If 2001:5c0:8fff:ffff::eb/128 :: U 256 0 0 tun 2000::/3 :: U 1 0 0 tun fe80::/64 :: U 256 0 0 eth0 fe80::/64 :: U 256 0 0 tun ::/0 :: !n -1 1 2 lo ::1/128 :: Un 0 1 4 lo 2001:5c0:8fff:ffff::eb/128 :: Un 0 1 1 lo fe80::211:11ff:fe55:bf01/128 :: Un 0 1 0 lo ff00::/8 :: U 256 0 0 eth0 ff00::/8 :: U 256 0 0 tun ::/0 :: !n -1 1 2 lo -- Noam Rathaus CTO [EMAIL PROTECTED] http://www.beyondsecurity.com "Know that you are safe." Beyond Security Finalist for the "Red Herring 100 Global" Awards 2007 ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
