he.net IPv6 tunnel

David Benfell benfell at parts-unknown.org
Thu Aug 7 05:20:55 UTC 2014


On Thu, Aug 07, 2014 at 12:35:50AM -0400, John R. Levine wrote:
> 
> Numbering the aliases is obsolete.  Now we glom them into one big string 
> like this:
> 
> NMASK="netmask 0xffffff00"
> ifconfig_bce0_aliases="inet6 fe80::2 prefixlen 64"
> ifconfig_bce0_aliases="$ifconfig_bce0_aliases inet $NETNUM.100 $NMASK"
> ifconfig_bce0_aliases="$ifconfig_bce0_aliases inet $NETNUM.101 $NMASK" 
> ifconfig_bce0_aliases="$ifconfig_bce0_aliases inet $NETNUM.102 $NMASK"
> 
With a change in the variable name. That's actually a good thing. And
now I see it in the man page in the discussion of IPv4 address
configuration.
> 
> > # all the other addresses
> > ifconfig_em0_ipv6="inet6 ${V6NETNUM}::2 prefixlen 64"
> > #ifconfig_em0_alias11="inet6 ${V6NETNUM}::3 prefixlen 64"
> > #ifconfig_em0_alias12="inet6 ${V6NETNUM}::4 prefixlen 64"
> 
> If you don't want to route the v6 addresses on your LAN, put them on the 
> loopback lo0 rather than a real interface.

I think I do want them on a real interface. They need to be
addressable from the outside world. Am I misunderstanding aliasing?

I just don't have a LAN relative to the server. It has only a cable
modem between it and the Big Bad Internet (TM), so I think of it as
being on a WAN. There is a wireless router at 50.250.218.173. Nothing
behind it now has IPv6 access, so it would actually be really cool to
offer that.

Can I use the configuration bits you had for bce0 on my em0? And if I
do, is there a way to set it up so I'm only being nice to that
wireless router rather than the whole Big Bad Internet?

Back to the original problem, however. I still have lost my tunnel.
Here is the revised configuration from rc.conf:

ifconfig_em0="inet 50.250.218.161 netmask 255.255.255.240"
ifconfig_em0_aliases="inet 50.250.218.162 netmask 255.255.255.255"
ifconfig_em0_aliases="${ifconfig_em0_aliases} inet 50.250.218.163
netmask 255.255.255.255"
ifconfig_em0_aliases="${ifconfig_em0_aliases} inet 50.250.218.164
netmask 255.255.255.255"
ifconfig_em0_aliases="${ifconfig_em0_aliases} inet 50.250.218.165
netmask 255.255.255.255"
ifconfig_em0_aliases="${ifconfig_em0_aliases} inet 50.250.218.166
netmask 255.255.255.255"
ifconfig_em0_aliases="${ifconfig_em0_aliases} inet 50.250.218.167
netmask 255.255.255.255"
ifconfig_em0_aliases="${ifconfig_em0_aliases} inet 50.250.218.168
netmask 255.255.255.255"
ifconfig_em0_aliases="${ifconfig_em0_aliases} inet 50.250.218.169
netmask 255.255.255.255"
ifconfig_em0_aliases="${ifconfig_em0_aliases} inet 50.250.218.170
netmask 255.255.255.255"
ifconfig_em0_aliases="${ifconfig_em0_aliases} inet 50.250.218.171
netmask 255.255.255.255"
ifconfig_em0_aliases="${ifconfig_em0_aliases} inet 50.250.218.172
netmask 255.255.255.255"
defaultrouter="50.250.218.174"
#ipv6_enable="YES" (apparently deprecated)
ipv6_activate_all_interfaces="YES"
# IPv6-over-IPv4 tunnel supplied by he.net; ID 258129
V6TUNNUM="2001:470:66:119"
V6NETNUM="2001:470:67:119"
V4TUNSERVER="64.62.134.130"
V4TUNCLIENT="50.250.218.161"
V6TUNSERVER="${V6TUNNUM}::1"
V6TUNCLIENT="${V6TUNNUM}::2"
ipv6_network_interfaces="em0"
#gif_interfaces="gif0" (apparently deprecated)
cloned_interfaces="gif0"
gifconfig_gif0="${V4TUNCLIENT} ${V4TUNSERVER}"
ipv6_ifconfig_gif0="inet6 ${V6TUNCLIENT} ${V6TUNSERVER} prefixlen 128"
ipv6_defaultrouter="${V6TUNSERVER}"
# I don't have a LAN, but this would route on my LAN
#ipv6_gateway_enable="YES"
#rtadvd_enable="YES"
#rtadvd_interfaces="em0"                # Interfaces rtadvd sends RA
packets.
# all the other addresses
ifconfig_em0_ipv6="inet6 ${V6NETNUM}::2 prefixlen 64"
ifconfig_em0_aliases="${ifconfig_em0_aliases} inet6 ${V6NETNUM}::3
prefixlen 64"
ifconfig_em0_aliases="${ifconfig_em0_aliases} inet6 ${V6NETNUM}::4
prefixlen 64"
ifconfig_em0_aliases="${ifconfig_em0_aliases} inet6 ${V6NETNUM}::5
prefixlen 64"
ifconfig_em0_aliases="${ifconfig_em0_aliases} inet6 ${V6NETNUM}::6
prefixlen 64"
ifconfig_em0_aliases="${ifconfig_em0_aliases} inet6 ${V6NETNUM}::7
prefixlen 64"
ifconfig_em0_aliases="${ifconfig_em0_aliases} inet6 ${V6NETNUM}::8
prefixlen 64"
ifconfig_em0_aliases="${ifconfig_em0_aliases} inet6 ${V6NETNUM}::9
prefixlen 64"
ifconfig_em0_aliases="${ifconfig_em0_aliases} inet6 ${V6NETNUM}::10
prefixlen 64"
ifconfig_em0_aliases="${ifconfig_em0_aliases} inet6 ${V6NETNUM}::11
prefixlen 64"
ifconfig_em0_aliases="${ifconfig_em0_aliases} inet6 ${V6NETNUM}::12
prefixlen 64"
ifconfig_em0_aliases="${ifconfig_em0_aliases} inet6 ${V6NETNUM}::13
prefixlen 64"
ifconfig_em0_aliases="${ifconfig_em0_aliases} inet6 ${V6NETNUM}::14
prefixlen 64"

It works except for the tunnel:

em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu
1500
        options=4019b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,VLAN_HWTSO>
        ether 44:39:c4:3a:d7:ea
        inet 50.250.218.161 netmask 0xfffffff0 broadcast
50.250.218.175 
        inet6 fe80::4639:c4ff:fe3a:d7ea%em0 prefixlen 64 scopeid 0x1 
        inet6 2001:470:67:119::2 prefixlen 64 
        inet 50.250.218.162 netmask 0xffffffff broadcast
50.250.218.162 
        inet 50.250.218.163 netmask 0xffffffff broadcast
50.250.218.163 
        inet 50.250.218.164 netmask 0xffffffff broadcast
50.250.218.164 
        inet 50.250.218.165 netmask 0xffffffff broadcast
50.250.218.165 
        inet 50.250.218.166 netmask 0xffffffff broadcast
50.250.218.166 
        inet 50.250.218.167 netmask 0xffffffff broadcast
50.250.218.167 
        inet 50.250.218.168 netmask 0xffffffff broadcast
50.250.218.168 
        inet 50.250.218.169 netmask 0xffffffff broadcast
50.250.218.169 
        inet 50.250.218.170 netmask 0xffffffff broadcast
50.250.218.170 
        inet 50.250.218.171 netmask 0xffffffff broadcast
50.250.218.171 
        inet 50.250.218.172 netmask 0xffffffff broadcast
50.250.218.172 
        inet6 2001:470:67:119::3 prefixlen 64 
        inet6 2001:470:67:119::4 prefixlen 64 
        inet6 2001:470:67:119::5 prefixlen 64 
        inet6 2001:470:67:119::6 prefixlen 64 
        inet6 2001:470:67:119::7 prefixlen 64 
        inet6 2001:470:67:119::8 prefixlen 64 
        inet6 2001:470:67:119::9 prefixlen 64 
        inet6 2001:470:67:119::10 prefixlen 64 
        inet6 2001:470:67:119::11 prefixlen 64 
        inet6 2001:470:67:119::12 prefixlen 64 
        inet6 2001:470:67:119::13 prefixlen 64 
        inet6 2001:470:67:119::14 prefixlen 64 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        media: Ethernet autoselect (1000baseT <full-duplex>)
        status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
        inet6 ::1 prefixlen 128 
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2 
        inet 127.0.0.1 netmask 0xff000000 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
gif0: flags=8011<UP,POINTOPOINT,MULTICAST> metric 0 mtu 1280
        inet6 fe80::4639:c4ff:fe3a:d7ea%gif0 prefixlen 64 scopeid 0x3 
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>

No endpoints are listed for gif0 and while I can ping my original IPv6
address and its aliases....

home# for i in $(gseq 2 14)
do ping6 -c 3 "2001:470:67:119::${i}"
done
PING6(56=40+8+8 bytes) 2001:470:67:119::2 --> 2001:470:67:119::2
16 bytes from 2001:470:67:119::2, icmp_seq=0 hlim=64 time=0.048 ms
16 bytes from 2001:470:67:119::2, icmp_seq=1 hlim=64 time=0.044 ms
16 bytes from 2001:470:67:119::2, icmp_seq=2 hlim=64 time=0.049 ms

--- 2001:470:67:119::2 ping6 statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.044/0.047/0.049/0.002 ms
PING6(56=40+8+8 bytes) 2001:470:67:119::3 --> 2001:470:67:119::3
16 bytes from 2001:470:67:119::3, icmp_seq=0 hlim=64 time=0.046 ms
16 bytes from 2001:470:67:119::3, icmp_seq=1 hlim=64 time=0.046 ms
16 bytes from 2001:470:67:119::3, icmp_seq=2 hlim=64 time=0.048 ms

--- 2001:470:67:119::3 ping6 statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.046/0.047/0.048/0.001 ms
PING6(56=40+8+8 bytes) 2001:470:67:119::4 --> 2001:470:67:119::4
16 bytes from 2001:470:67:119::4, icmp_seq=0 hlim=64 time=0.053 ms
16 bytes from 2001:470:67:119::4, icmp_seq=1 hlim=64 time=0.059 ms
16 bytes from 2001:470:67:119::4, icmp_seq=2 hlim=64 time=0.070 ms

--- 2001:470:67:119::4 ping6 statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.053/0.061/0.070/0.007 ms
PING6(56=40+8+8 bytes) 2001:470:67:119::5 --> 2001:470:67:119::5
16 bytes from 2001:470:67:119::5, icmp_seq=0 hlim=64 time=0.069 ms
16 bytes from 2001:470:67:119::5, icmp_seq=1 hlim=64 time=0.068 ms
16 bytes from 2001:470:67:119::5, icmp_seq=2 hlim=64 time=0.075 ms

--- 2001:470:67:119::5 ping6 statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.068/0.071/0.075/0.003 ms
PING6(56=40+8+8 bytes) 2001:470:67:119::6 --> 2001:470:67:119::6
16 bytes from 2001:470:67:119::6, icmp_seq=0 hlim=64 time=0.073 ms
16 bytes from 2001:470:67:119::6, icmp_seq=1 hlim=64 time=0.092 ms
16 bytes from 2001:470:67:119::6, icmp_seq=2 hlim=64 time=0.078 ms

--- 2001:470:67:119::6 ping6 statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.073/0.081/0.092/0.008 ms
PING6(56=40+8+8 bytes) 2001:470:67:119::7 --> 2001:470:67:119::7
16 bytes from 2001:470:67:119::7, icmp_seq=0 hlim=64 time=0.088 ms
16 bytes from 2001:470:67:119::7, icmp_seq=1 hlim=64 time=0.068 ms
16 bytes from 2001:470:67:119::7, icmp_seq=2 hlim=64 time=0.064 ms

--- 2001:470:67:119::7 ping6 statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.064/0.073/0.088/0.010 ms
PING6(56=40+8+8 bytes) 2001:470:67:119::8 --> 2001:470:67:119::8
16 bytes from 2001:470:67:119::8, icmp_seq=0 hlim=64 time=0.072 ms
16 bytes from 2001:470:67:119::8, icmp_seq=1 hlim=64 time=0.062 ms
16 bytes from 2001:470:67:119::8, icmp_seq=2 hlim=64 time=0.064 ms

--- 2001:470:67:119::8 ping6 statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.062/0.066/0.072/0.004 ms
PING6(56=40+8+8 bytes) 2001:470:67:119::9 --> 2001:470:67:119::9
16 bytes from 2001:470:67:119::9, icmp_seq=0 hlim=64 time=0.070 ms
16 bytes from 2001:470:67:119::9, icmp_seq=1 hlim=64 time=0.053 ms
16 bytes from 2001:470:67:119::9, icmp_seq=2 hlim=64 time=0.058 ms

--- 2001:470:67:119::9 ping6 statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.053/0.060/0.070/0.007 ms
PING6(56=40+8+8 bytes) 2001:470:67:119::10 --> 2001:470:67:119::10
16 bytes from 2001:470:67:119::10, icmp_seq=0 hlim=64 time=0.057 ms
16 bytes from 2001:470:67:119::10, icmp_seq=1 hlim=64 time=0.070 ms
16 bytes from 2001:470:67:119::10, icmp_seq=2 hlim=64 time=0.041 ms

--- 2001:470:67:119::10 ping6 statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.041/0.056/0.070/0.012 ms
PING6(56=40+8+8 bytes) 2001:470:67:119::11 --> 2001:470:67:119::11
16 bytes from 2001:470:67:119::11, icmp_seq=0 hlim=64 time=0.042 ms
16 bytes from 2001:470:67:119::11, icmp_seq=1 hlim=64 time=0.044 ms
16 bytes from 2001:470:67:119::11, icmp_seq=2 hlim=64 time=0.049 ms

--- 2001:470:67:119::11 ping6 statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.042/0.045/0.049/0.003 ms
PING6(56=40+8+8 bytes) 2001:470:67:119::12 --> 2001:470:67:119::12
16 bytes from 2001:470:67:119::12, icmp_seq=0 hlim=64 time=0.054 ms
16 bytes from 2001:470:67:119::12, icmp_seq=1 hlim=64 time=0.062 ms
16 bytes from 2001:470:67:119::12, icmp_seq=2 hlim=64 time=0.051 ms

--- 2001:470:67:119::12 ping6 statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.051/0.056/0.062/0.005 ms
PING6(56=40+8+8 bytes) 2001:470:67:119::13 --> 2001:470:67:119::13
16 bytes from 2001:470:67:119::13, icmp_seq=0 hlim=64 time=0.058 ms
16 bytes from 2001:470:67:119::13, icmp_seq=1 hlim=64 time=0.057 ms
16 bytes from 2001:470:67:119::13, icmp_seq=2 hlim=64 time=0.059 ms

--- 2001:470:67:119::13 ping6 statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.057/0.058/0.059/0.001 ms
PING6(56=40+8+8 bytes) 2001:470:67:119::14 --> 2001:470:67:119::14
16 bytes from 2001:470:67:119::14, icmp_seq=0 hlim=64 time=0.066 ms
16 bytes from 2001:470:67:119::14, icmp_seq=1 hlim=64 time=0.076 ms
16 bytes from 2001:470:67:119::14, icmp_seq=2 hlim=64 time=0.068 ms

--- 2001:470:67:119::14 ping6 statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.066/0.070/0.076/0.004 ms

I cannot ping the tunnel endpoints:

home# for i in $(gseq 1 2) 
do ping6 -c 3 "2001:470:66:119::${i}"
done
ping6: UDP connect: No route to host
ping6: UDP connect: No route to host

There's no IPv6 default route, which I suppose makes sense given that
gif0 seems not to be up:

home# netstat -rn
Routing tables

Internet:
Destination        Gateway            Flags    Netif Expire
default            50.250.218.174     UGS       em0
50.250.218.160/28  link#1             U         em0
50.250.218.161     link#1             UHS       lo0
50.250.218.162     link#1             UHS       lo0
50.250.218.162/32  link#1             U         em0
50.250.218.163     link#1             UHS       lo0
50.250.218.163/32  link#1             U         em0
50.250.218.164     link#1             UHS       lo0
50.250.218.164/32  link#1             U         em0
50.250.218.165     link#1             UHS       lo0
50.250.218.165/32  link#1             U         em0
50.250.218.166     link#1             UHS       lo0
50.250.218.166/32  link#1             U         em0
50.250.218.167     link#1             UHS       lo0
50.250.218.167/32  link#1             U         em0
50.250.218.168     link#1             UHS       lo0
50.250.218.168/32  link#1             U         em0
50.250.218.169     link#1             UHS       lo0
50.250.218.169/32  link#1             U         em0
50.250.218.170     link#1             UHS       lo0
50.250.218.170/32  link#1             U         em0
50.250.218.171     link#1             UHS       lo0
50.250.218.171/32  link#1             U         em0
50.250.218.172     link#1             UHS       lo0
50.250.218.172/32  link#1             U         em0
127.0.0.1          link#2             UH        lo0

Internet6:
Destination                       Gateway                       Flags
Netif Expire
::/96                             ::1                           UGRS
lo0
::1                               link#2                        UH
lo0
::ffff:0.0.0.0/96                 ::1                           UGRS
lo0
2001:470:67:119::/64              link#1                        U
em0
2001:470:67:119::2                link#1                        UHS
lo0
2001:470:67:119::3                link#1                        UHS
lo0
2001:470:67:119::4                link#1                        UHS
lo0
2001:470:67:119::5                link#1                        UHS
lo0
2001:470:67:119::6                link#1                        UHS
lo0
2001:470:67:119::7                link#1                        UHS
lo0
2001:470:67:119::8                link#1                        UHS
lo0
2001:470:67:119::9                link#1                        UHS
lo0
2001:470:67:119::10               link#1                        UHS
lo0
2001:470:67:119::11               link#1                        UHS
lo0
2001:470:67:119::12               link#1                        UHS
lo0
2001:470:67:119::13               link#1                        UHS
lo0
2001:470:67:119::14               link#1                        UHS
lo0
fe80::/10                         ::1                           UGRS
lo0
fe80::/64                         link#1                        U
em0
fe80::4639:c4ff:fe3a:d7ea         link#1                        UHS
lo0
fe80::/64                         link#2                        U
lo0
fe80::1                           link#2                        UHS
lo0
fe80::/64                         link#3                        U
gif0
fe80::4639:c4ff:fe3a:d7ea         link#3                        UHS
lo0
ff01::/32                         fe80::4639:c4ff:fe3a:d7ea     U
em0
ff01::/32                         ::1                           U
lo0
ff01::/32                         fe80::4639:c4ff:fe3a:d7ea     U
gif0
ff02::/16                         ::1                           UGRS
lo0
ff02::/32                         fe80::4639:c4ff:fe3a:d7ea     U
em0
ff02::/32                         ::1                           U
lo0
ff02::/32                         fe80::4639:c4ff:fe3a:d7ea     U
gif0

What did I miss?

Thanks!
-- 
David Benfell <benfell at parts-unknown.org>
See https://parts-unknown.org/node/2 if you don't understand the
attachment.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20140806/932ba945/attachment.sig>


More information about the freebsd-questions mailing list