On Friday 22 June 2007 15:47:17 Jeroen Massar wrote: > If you want to use example addresses, use 2001:db8::/32 or generate a ULA > prefix using RFC4193 (See also http://www.sixxs.net/tools/grh/ula/).
Ok, i will use 2001:db8::/32 then. When everythin is working i will gernerate a ULA prefix. > The big interesting thing you are not providing is the prefix lengths. I was using /128. In the beneath example i am using 2001:db8::/32. In my other mail as answer to Ed Kapitein i used 2001:1::/64, 2001:2::/64 and 2001:3::/64 as he proposed. The results are the same. > Providing the output of "ip -6 ro sho" and "ip -6 nei sho" on all the > boxes is helpful. The other thing you might want to try to do is: > - ping6 from A to B > - ping6 from B to A > - ping6 from B to C > - ping6 from C to B > - ping6 from A to C > - ping6 from C to A > > then you can pinpoint where it goes wrong. Running a tcpdump on the links > involved while doing these tests helps. Ok here you go: On host A: ip -6 addr show 2: lo: <LOOPBACK,UP> mtu 16436 inet6 ::1/128 scope host valid_lft forever preferred_lft forever 35: [EMAIL PROTECTED]: <BROADCAST,UP> mtu 1472 inet6 2001:db80::11/32 scope global valid_lft forever preferred_lft forever ip -6 route show 2001:db80::13 via 2001:db80::12 dev wldev metric 1024 expires -168sec mtu 1472 advmss 1412 hoplimit 4294967295 2001:db80::/32 dev wldev metric 256 expires -362sec mtu 1472 advmss 1412 hoplimit 4294967295 fe80::/64 dev wldev metric 256 expires -362sec mtu 1472 advmss 1412 hoplimit 4294967295 ff00::/8 dev wldev metric 256 expires -362sec mtu 1472 advmss 1412 hoplimit 4294967295 unreachable default dev lo proto none metric -1 error -101 hoplimit 255 ip -6 nei show 2001:db80::12 dev wldev lladdr 137.226.18.145 router STALE On host B: ip -6 add show 2: lo: <LOOPBACK,UP> mtu 16436 inet6 ::1/128 scope host valid_lft forever preferred_lft forever 25: [EMAIL PROTECTED]: <BROADCAST,UP> mtu 1472 inet6 2001:db80::12/32 scope global valid_lft forever preferred_lft forever ip -6 route show 2001:db80::/32 dev wldev metric 256 expires -404sec mtu 1472 advmss 1412 hoplimit 4294967295 fe80::/64 dev wldev metric 256 expires -404sec mtu 1472 advmss 1412 hoplimit 4294967295 ff00::/8 dev wldev metric 256 expires -404sec mtu 1472 advmss 1412 hoplimit 4294967295 unreachable default dev lo proto none metric -1 error -101 hoplimit 255 ip -6 nei show -> shows nothing On host C: ip -6 addr show 2: lo: <LOOPBACK,UP> mtu 16436 inet6 ::1/128 scope host valid_lft forever preferred_lft forever 24: [EMAIL PROTECTED]: <BROADCAST,UP> mtu 1472 inet6 2001:db80::13/32 scope global valid_lft forever preferred_lft forever ip -6 route show 2001:db80::11 via 2001:db80::12 dev wldev metric 1024 expires -240sec mtu 1472 advmss 1412 hoplimit 4294967295 2001:db80::/32 dev wldev metric 256 expires -440sec mtu 1472 advmss 1412 hoplimit 4294967295 fe80::/64 dev wldev metric 256 expires -440sec mtu 1472 advmss 1412 hoplimit 4294967295 ff00::/8 dev wldev metric 256 expires -440sec mtu 1472 advmss 1412 hoplimit 4294967295 unreachable default dev lo proto none metric -1 error -101 hoplimit 255 ip -6 nei show 2001:db80::12 dev wldev lladdr 137.226.18.145 router STALE Here the results of ping6: ping6 from A to B -> works ping6 from B to A -> works ping6 from B to C -> works ping6 from C to B -> works ping6 from A to C -> Destination unreachable: Address unreachable ping6 from C to A -> Destination unreachable: Address unreachable Like i have also written in another mail, when i run tcpdump on host B (while running ping6 from A to C), i can see, that the ping gets to host B but host B does not request the linklayeraddress from host C. That is what i am thinking is causing the problem. But i do not know why B is not requesting the linklayeraddress. I can get the ping6 from A to C and from C to A work when i manually add the linklayeraddress from A and C into the cache from B with "ip -6 neigh add <IPv6 address> lladdr <link-layer address> dev <device>". > Also remember that there is ICMP Redirects which can instruct the host > to still use the link directly instead of going via another. I have checked that with tcpdum, no ICMP Redirects are send. > Also don't forget to check to check sysctl's and firewall settings. Here the firewall setting (the same on host A,B and C: ip6tables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination With the sysctl settings, perhaps theres something wrong. I did enable forwarding, but do i have to change some other parameters to? Greets, Volker _______________________________________________ Users mailing list Users@ipv6.org https://lists.ipv6.org/mailman/listinfo/users