IPv6 routing help?

[Steve Bertrand]

Ivan Voras wrote:
> Steve Bertrand wrote:
>> Ivan Voras wrote:
>>
>>> As far as I understand ipv6 (very little), this basically says the
>>> router told the client it can't send packets to outside addresses with
>>> source addresses that are link-local. Is this correct?
>> I don't know much about 6to4. All of my IPv6 is native, but what you are
>> saying appears correct.
>>
>> It is almost like a translation at the router should be happening, but
>> it is not.
> 
> Yes.
> 
>>> However, adding an ipv6 address to the client, in this case
>>> 2002:xxyy:xxyy::10/64 doesn't help and breaks even pinging the router's
>>> external address. It looks to me like I'm missing something important in
>>> the relation between the link-local and the global addresses, but what?
>> In this case, you are implementing the same IP prefix on both sides of
>> the router, which won't work.
> 
> I don't follow you - is something significantly different than ipv4?

Err, no. IPv4 and IPv6 are systematically the same.

You stated in the original post that you have, on the router, as its
'outside' address:

2002:xxyy:xxyy::1

Then, in a subsequent post, you stated that you assigned:

2002:xxyy:xxyy::10 to the client, which I expect is attached to the
*inside* interface on the router.

Therefore, you would have 2002:xxyy:xxyy::/64 networks on BOTH the
inside, and outside interfaces.

I think what you need to do is configure a separate global /64 prefix on
the INSIDE interface of your router (and the network clients), that is
different from the /64 on the outside, as opposed to using link-local
addressing.

However, I have no idea if this needs to be globally routable or not. As
I've said, I know pretty much nothing of 6to4.

Some tunnel brokers can provide you with both a global unique address
for the 'WAN' side of your router, and then route you a /48 that can be
used inside of your network.

Steve