On 12/13/13 16:59, Martin Brandenburg wrote: > Marc Peters <m...@mpeters.org> wrote: > >> Hi list, >> >> i have a difficult time reaching my default IPv6 default gateway in a >> different subnet. Asking Google brought up some threads from early 2011. >> Most of the solutions where switching the prefixlen to reach the gateway >> but this didn't work out for me. The mentioned route commands didn't >> work out for me, too. The support said, as they don't provide OpenBSD on >> their machines, they don't support it. They told me, to set up one IP >> from my network and add a host route to the gateway. >> >> My network is 2001:4ba0:ffff:00ab::0 /64 >> >> The gateway is 2001:4ba0:ffff:1:beef::1 > > Your provider has a stupid network. There are way more than enough to > allocate an entire /64 just to route your real /64 to as e.g. HE's > tunnelbroker.net does. > >> The provided example for FreeBSD (not verfied): >> >> >> route add -inet6 [ipv6-gateway] -iface [interface] >> ndp -s [ipv6-gateway] [mac-gateway] >> route add -inet6 default [ipv6-gateway] > > This hints at the correct thing to do. Your gateway's public IP address > isn't on your network, but you share a link-local address. > > Run > ifconfig em0 inet6 2001:4ba0:ffff:00ab:: prefixlen 64 > route add -inet6 default [link-local address of gateway] > > The link local address of the gateway looks like > fe80::dead:beef:cafe:babe%em0. You may be able to get it from ndp -a > or tcpdump, but you can ask the provider if all else fails. From the > example above, you have the MAC address. I believe there are also > several converters online, or it's in RFC 4291. This is easier than > messing around with -iface because IPv6's NDP won't recognize that.
The provider won't tell me, already tried that, some sort of ;). ndp -a doesn't show any interfaces beside the one from the server itself: ~ # ndp -a Neighbor Linklayer Address Netif Expire S Flags malkier.mpeters.org 0:25:90:e0:20:c6 em0 permanent R fe80::225:90ff:fee0:20c6%em0 0:25:90:e0:20:c6 em0 permanent R fe80::1%lo0 (incomplete) lo0 permanent R With tpcdump there is only one other link local address sending to multicast addresses. This link local address is strange, though. It is not a converted one from the original mac address, which the provider provides as mac address from the gateway (00:0c:db:51:45:00) nor from the mac address, which shows up after adding the one as link local gateway in ndp: ~ # ndp -a Neighbor Linklayer Address Netif Expire S Flags malkier.mpeters.org 0:25:90:e0:20:c6 em0 permanent R fe80::225:90ff:fee0:20c6%em0 0:25:90:e0:20:c6 em0 permanent R /fe80::d555:905d:9f64:da3d%em0 0:25:90:c7:a7:2 em0 23h57m23s S / fe80::1%lo0 (incomplete) lo0 permanent R I tried both link local addresses, just to be sure (fe80::d555:905d:9f64:da3d%em0 which showed up in the tcpdump and the generated one from the mac provided fe80::20c:dbff:fe51:4500%em0). Neither worked. Later one showed no mac in ndp: ~ # ndp -a Neighbor Linklayer Address Netif Expire S Flags malkier.mpeters.org 0:25:90:e0:20:c6 em0 permanent R fe80::20c:dbff:fe51:4500%em0 (incomplete) em0 1s I 3 fe80::225:90ff:fee0:20c6%em0 0:25:90:e0:20:c6 em0 permanent R fe80::1%lo0 (incomplete) lo0 permanent R What i don't really get, is that's working with the other system, but not with OpenBSD when it is set up in a similar way :( Marc > > Since with IPv6 you get an entire network, it would be beneficial if > your provider didn't have to use one for their router. The usual > solution is to allocate a /64 for their router and your endpoint, and > then route your network to your endpoint. You have the same thing, > except the point-to-point link is using link-local instead of global > addresses. > > - Martin
