Dan Langille <d...@langille.org> wrote in <14e3a97c-4fcb-4a2c-b22f-3d0849cec...@langille.org>:
da> IPv6 Tunnel Endpoints da> Server IPv4 Address: 209.51.x.y da> Server IPv6 Address: 2001:470:xx06:9ea::1/64 da> Client IPv4 Address: 96.245.100.201 da> Client IPv6 Address: 2001:470:xx06:9ea::2/64 da> da> Routed /64: 2001:470:xx07:9ea::/64 da> da> My /etc/rc.conf includes da> da> cloned_interfaces="gif0” da> ifconfig_gif0="tunnel 96.245.100.201 209.51.x.y mtu 1480” da> ifconfig_gif0_ipv6="inet6 2001:470:xx06:9ea::2 2001:470:xx06:9ea::1 prefixlen 128" da> ifconfig_em0_ipv6="inet6 2001:470:xx07:9ea:1::1” da> ipv6_defaultrouter="2001:470:xx06:9ea::1" da> ipv6_gateway_enable=“YES" da> rtadvd_enable=“YES” The following line is enough for ifconfig_gif0_ipv6. A /128 configuration works but ugly: -ifconfig_gif0_ipv6="inet6 2001:470:xx06:9ea::2 2001:470:xx06:9ea::1 prefixlen 128" +ifconfig_gif0_ipv6="inet6 2001:470:xx06:9ea::2/64" Or, you do not need to configure a client side global address in subnet of the inter-router link if you use his endpoint as the default router. Reducing the number of global addresses on a box is healthy for packet filtering rule management: -ifconfig_gif0_ipv6="inet6 2001:470:xx06:9ea::2 2001:470:xx06:9ea::1 prefixlen 128" +ifconfig_gif0_ipv6="inet6 auto_linklocal" -ipv6_defaultrouter="2001:470:xx06:9ea::1" +ipv6_defaultrouter="-interface gif0" And if your box works as a router for subnet 2001:470:xx07:9ea::/64, please add subnet-router anycast address. This is mandatory in RFC: +ifconfig_em0_ipv6_alias0="inet6 2001:470:xx07:9ea::/64 anycast" I think HE's endpoint is properly configured. You can ping6 to 2001:470:xx06:9ea:: from 2001:470:xx07:9ea:1::1. -- Hiroki
pgpSRoPOtmS9Z.pgp
Description: PGP signature
