Hi together,
i now tinker for several hours on IPv6. No results so far.
But one step after the other: I've a TP-Link TL-WDR4300 v1 with OpenWrt
Barrier Breaker 14.07 / LuCI Trunk (0.12+svn-r10530).
The package "aiccu" is installed:
---
root@OpenWrt:~# opkg list aiccu
aiccu - 20070115-11
---
I've tried the configuration from SixXS
(https://www.sixxs.net/wiki/Aiccu/Installing_on_OpenWRT#Barrier_Breaker)
as well as the configuration from the english openwrt wiki
(http://wiki.openwrt.org/doc/uci/aiccu). After some tries i've come up
with the following config in /etc/config/network:
---
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
config interface 'lan'
option ifname 'eth0.1'
option force_link '1'
option type 'bridge'
option proto 'static'
option ip6assign '64'
option ipaddr '10.42.0.1'
option netmask '255.255.0.0'
option gateway '10.42.0.254'
option broadcast '10.42.255.255'
config interface 'wan'
option ifname 'eth0.2'
option _orig_ifname 'eth0.2'
option _orig_bridge 'false'
option proto 'pppoe'
option username 'snip'
option password 'snap'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '0t 2 3 4 5'
config switch_vlan
option device 'switch0'
option vlan '2'
option ports '0t 1'
config interface 'wan6'
option proto 'aiccu'
option username 'SIXXS-USER/TUN-NAME'
option password 'snip'
option ip6prefix 'tunnel-prefix::/64'
option verbose 'true'
---
after a /etc/init.d/network reload the br-lan interface says, it has a
valid IPv6:
---
root@OpenWrt:~# ip a
<<-- CUT -->>
6: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
state UP group default
link/ether ab:46:27:14:32:12 brd ff:ff:ff:ff:ff:ff
inet 10.42.0.1/16 brd 10.42.255.255 scope global br-lan
valid_lft forever preferred_lft forever
inet6 sixxs-ipv6::2/64 scope global deprecated dynamic
valid_lft 4483sec preferred_lft 0sec
inet6 fe80::some:link:local:7f41/64 scope link
valid_lft forever preferred_lft forever
<<-- CUT -->>
---
unfortunately if i try to ping the outside (google.de for example) the
only thing i get from ping6 is:
---
root@OpenWrt:~# ping6 google.de
PING google.de (2a00:1450:4001:807::101f): 56 data bytes
ping6: sendto: Operation not permitted
---
so i thought, it's maybe a firewall problem. But i can't realy see one:
---
root@OpenWrt:~# cat /etc/config/firewall
config rule
option target 'ACCEPT'
option src 'wan'
option family 'ipv6'
option dest '*'
config rule
option target 'ACCEPT'
option src 'wan'
option proto 'tcp'
option dest_port '443'
option name 'Allow SSH on Router'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fe80::/10'
option src_port '547'
option dest_ip 'fe80::/10'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config defaults
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option network 'lan'
config zone
option name 'wan'
option output 'ACCEPT'
option masq '1'
option mtu_fix '1'
option forward 'ACCEPT'
option input 'REJECT'
option network 'wan wan6'
config include
option path '/etc/firewall.user'
config redirect
option target 'DNAT'
option src 'wan'
option dest 'lan'
option proto 'tcp'
option src_dport '443'
option dest_ip '10.42.0.1'
option dest_port '443'
option name 'SSH2Router'
config redirect
option target 'DNAT'
option src 'wan'
option dest 'lan'
option proto 'tcp udp'
option src_dport '2000-3000'
option dest_ip '10.42.1.24'
option dest_port '2000-3000'
option name 'torrents'
config redirect
option target 'DNAT'
option src 'wan'
option dest 'lan'
option proto 'tcp udp'
option src_dport '48127'
option dest_ip '10.42.1.24'
option dest_port '48127'
option name 'cubietruck-ssh'
config redirect
option target 'DNAT'
option src 'wan'
option dest 'lan'
option proto 'tcp udp'
option src_dport '6600'
option dest_ip '10.42.2.65'
option dest_port '6600'
option name 'MPDdb'
config forwarding
option dest 'wan'
option src 'lan'
---
now i'm a little bit stuck. I don't realy know how to trace down this
problem anymore. I'd appreciate if somebody can help.
I'm also available on #IRC @ freenode.net also known as "sqozz" if
somebody wants to help me directly :)
Greetings and thanks in advance,
sqozz!
_______________________________________________
openwrt-users mailing list
[email protected]
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-users
