‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On April 6, 2018 11:58 AM, <colony.th...@protonmail.ch> wrote:
> > > ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ > > On April 6, 2018 11:44 AM, Tom Eastep teas...@shorewall.net wrote: > > > > After shorewall6 clear, ping6 just hangs. > > > > > > ping6 google.com > > > ================ > > > > > > PING google.com(sea15s01-in-x0e.1e100.net (2607:f8b0:400a:806::200e)) 56 > > > data bytes > > > > > > ^C > > > > > > --- google.com ping statistics --- > > > > > > 20 packets transmitted, 0 received, 100% packet loss, time 19000ms > > > > You routing is all screwed up. You are trying to use the same /64 on > > > > three different networks. When you get a tunnel from HE, you get two /64 > > > > networks: one on the sit device, and one to use in your local network(s). > > > > You can subdivide the second /64 between multiple networks, but then the > > > > prefix length for those networks must be > 64 and you cannot use > > > > stateless autoconfiguration. > > > > -Tom > > > > Tom Eastep \ Q: What do you get when you cross a mobster with > > > > Shoreline, \ an international standard? > > > > Washington, USA \ A: Someone who makes you an offer you can't > > > > http://shorewall.org \ understand > > Understand, but I do have 2001:470:a:c3::2 set on the tunnel interface, and > for the LAN I've set 2001:470:b:c3::/64 like they say. > > ip -6 route > =========== > > unreachable ::/96 dev lo metric 1024 error -113 > > unreachable ::ffff:0.0.0.0/96 dev lo metric 1024 error -113 > > 2001:470:a:c3::/64 dev he-ipv6 proto kernel metric 256 > > 2001:470:b:c3::/64 dev eth1 proto kernel metric 256 > > 2001:470:b:c3::/64 dev eth2 proto kernel metric 256 > > unreachable 2002:a00::/24 dev lo metric 1024 error -113 > > unreachable 2002:7f00::/24 dev lo metric 1024 error -113 > > unreachable 2002:a9fe::/32 dev lo metric 1024 error -113 > > unreachable 2002:ac10::/28 dev lo metric 1024 error -113 > > unreachable 2002:c0a8::/32 dev lo metric 1024 error -113 > > unreachable 2002:e000::/19 dev lo metric 1024 error -113 > > unreachable 3ffe:ffff::/32 dev lo metric 1024 error -113 > > fe80::/64 dev eth1 proto kernel metric 256 > > fe80::/64 dev eth2 proto kernel metric 256 > > fe80::/64 dev eth0 proto kernel metric 256 > > fe80::/64 dev he-ipv6 proto kernel metric 256 > > default dev he-ipv6 metric 1024 > > True I don't have a gateway set on eth1, but that -is- the LAN gateway. > > To set up the tunnel I'm using the systemd service copied almost > word-for-word from the Arch doc: > > [Unit] > > Description=he.net IPv6 tunnel > > After=network.target > > [Service] > > Type=oneshot > > RemainAfterExit=yes > > ExecStart=/usr/sbin/ip tunnel add he-ipv6 mode sit remote 216.218.226.238 > local 50.47.100.167 ttl 255 > > ExecStart=/usr/sbin/ip link set he-ipv6 up mtu 1480 > > ExecStart=/usr/sbin/ip addr add 2001:470:a:c3::2/64 dev he-ipv6 > > ExecStart=/usr/sbin/ip -6 route add ::/0 dev he-ipv6 > > ExecStop=/usr/sbin/ip -6 route del ::/0 dev he-ipv6 > > ExecStop=/usr/sbin/ip link set he-ipv6 down > > ExecStop=/usr/sbin/ip tunnel del he-ipv6 > > [Install] > > WantedBy=multi-user.target I must be being dense here. Can someone please explain what Ton is telling me here? ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
