[ale] Anyone here use 6to4?

Michael B. Trausch mike at trausch.us
Thu May 1 14:12:39 EDT 2008


I was toying around with IPv6 using a tunnel from go6 for a little
while, but I am finding the tunnel connection to them to be a bit too
unreliable.  This causes me some issues.  I can work around it by
bouncing the tunnel every fifteen minutes or so, but after that it seems
to just go dead.

So, I thought maybe I should set up my system to create a 6to4 IPv6
setup, which is supposedly more reliably routed because it doesn't go
through a single endpoint any more---AIUI, it instead goes through a
(the closest) public 6to4 server by way of encapsulation in IPv4, which
then hits another 6to4 user or someone on the native IPv6 Internet.

I seem to be getting stuck, though.  I set up my server to pass protocol
41 so that the packets would get through that, and then I set up the
6to4 interface by computing my IPv6 prefix (2002:4c11:2f98) and
assigning the address.  From what I am reading (or the way that I am
reading it?) it seems that once you do that, you just need to create the
6to4 interface, give it an address within your prefix, and then set a
default route to the magic 6to4 anycast address 2002:c058:6301:: (which,
according to RFC 3068, will set your route to the nearest 6to4 relay
router).

So, I have set up things such that:

mbt at allspice:~$ cat /proc/sys/net/ipv6/conf/6to4/forwarding
1
mbt at allspice:~$ /sbin/route -6
Kernel IPv6 routing table
Destination                    Next Hop                   Flag Met Ref
Use If
::/96                          ::                         Un   256 0
 1 6to4
2002::/16                      ::                         U    256 0
 0 6to4
fe80::/64                      ::                         U    256 0
 0 inet0
fe80::/64                      ::                         U    256 0
 0 lan0
fe80::/64                      ::                         U    256 0
 0 lan1
fe80::/64                      ::                         U    256 0
 0 lanbr0
fe80::/64                      ::                         U    256 0
 0 6to4
::/0                           2002:c058:6301::           UG   1026 0
  3 6to4
::/0                           ::                         !n   -1  1
34156 lo
::1/128                        ::                         Un   0   1
22749 lo
::76.17.47.152/128             ::                         Un   0   1
 0 lo
2002::/128                     ::                         Un   0   2
 0 lo
2002:4c11:2f98::1/128          ::                         Un   0   1
 8 lo
fe80::/128                     ::                         Un   0   2
 0 lo
fe80::/128                     ::                         Un   0   2
 0 lo
fe80::/128                     ::                         Un   0   2
 0 lo
fe80::/128                     ::                         Un   0   2
 0 lo
fe80::202:2aff:fecb:4198/128   ::                         Un   0   1
3516 lo
fe80::202:2aff:fecb:4198/128   ::                         Un   0   1
 0 lo
fe80::204:75ff:fee2:f76b/128   ::                         Un   0   1
 0 lo
fe80::213:d3ff:fe15:32c9/128   ::                         Un   0   1
 0 lo
ff00::/8                       ::                         U    256 0
 0 inet0
ff00::/8                       ::                         U    256 0
 0 lan0
ff00::/8                       ::                         U    256 0
 0 lan1
ff00::/8                       ::                         U    256 0
 0 lanbr0
ff00::/8                       ::                         U    256 0
 0 6to4
::/0                           ::                         !n   -1  1
34156 lo
mbt at allspice:~$ /sbin/ifconfig 6to4
6to4      Link encap:IPv6-in-IPv4
          inet6 addr: 2002:4c11:2f98::1/16 Scope:Global
          inet6 addr: ::76.17.47.152/128 Scope:Compat
          UP RUNNING NOARP  MTU:1480  Metric:1
          RX packets:5 errors:0 dropped:0 overruns:0 frame:0
          TX packets:50 errors:144 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:617 (617.0 B)  TX bytes:6070 (5.9 KB)

mbt at allspice:~$ ping6 2002:c058:6301::
PING 2002:c058:6301::(2002:c058:6301::) 56 data bytes
64 bytes from 2002:c058:6301::: icmp_seq=1 ttl=64 time=45.5 ms
64 bytes from 2002:c058:6301::: icmp_seq=2 ttl=64 time=56.1 ms
64 bytes from 2002:c058:6301::: icmp_seq=3 ttl=64 time=44.2 ms
64 bytes from 2002:c058:6301::: icmp_seq=4 ttl=64 time=44.2 ms

--- 2002:c058:6301:: ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 2999ms
rtt min/avg/max/mdev = 44.224/47.542/56.199/5.032 ms
mbt at allspice:~$ host -t AAAA go6.net
go6.net has IPv6 address 2001:5c0:0:1::6
mbt at allspice:~$ ping6 -c 4 2001:5c0:0:1::6
PING 2001:5c0:0:1::6(2001:5c0:0:1::6) 56 data bytes
From 2002:4c11:2f98::1 icmp_seq=1 Destination unreachable: Address
unreachable
From 2002:4c11:2f98::1 icmp_seq=2 Destination unreachable: Address
unreachable
From 2002:4c11:2f98::1 icmp_seq=3 Destination unreachable: Address
unreachable
From 2002:4c11:2f98::1 icmp_seq=4 Destination unreachable: Address
unreachable

--- 2001:5c0:0:1::6 ping statistics ---
4 packets transmitted, 0 received, +4 errors, 100% packet loss, time 3000ms

mbt at allspice:~$

And this is where I am stuck.  I can't figure out why 2001:5c0:0:1::6 is
unreachable, because 2002:c058:6301:: is (and is responding), and the
default gateway is set through 2002:c058:6301::.  Now, this of course
means that either I have something configured incorrectly (which I would
say is probably the likely case), or the advertised closest relay router
is not a router at all, and something is horribly wrong that is no fault
of mine (this time).  Certainly, I hope for the former.

Anybody see what I did wrong?  I have been scratching my head on this
one for more than a few hours now, and I am not finding anything that is
giving me what I am apparently missing.

	--- Mike

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
Url : http://mail.ale.org/pipermail/ale/attachments/20080501/281843fc/attachment.bin 


More information about the Ale mailing list