|
interface sixxs - died
![[ch]](/s/countries/ch.gif) Shadow Hawkins on Wednesday, 28 January 2009 09:55:04
Hello
I upgrade in the last days my router from dd-wrt to opendrt but after this it seems the aiccu isn't working anymore...
the tunnel is working, the aiccu test seems to be ok but after a ping6 the sixxs interface died.. I missing the scope link on sixxs... how I can add it?
Has anyone an idea where the problem can be?
ifconfig
br-lan Link encap:Ethernet HWaddr 00:04:5F:01:60:AA
inet addr:192.168.1.4 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: 2001:41e0:ff00:89::1/64 Scope:Global
inet6 addr: fe80::204:5fff:fe01:60aa/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:63 errors:0 dropped:0 overruns:0 frame:0
TX packets:50 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:4285 (4.1 KiB) TX bytes:6307 (6.1 KiB)
eth0 Link encap:Ethernet HWaddr 00:04:5F:01:60:AA
inet6 addr: fe80::204:5fff:fe01:60aa/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:88 errors:0 dropped:0 overruns:0 frame:0
TX packets:54 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:6667 (6.5 KiB) TX bytes:6743 (6.5 KiB)
Interrupt:10 Base address:0xe800
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
sixxs Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet6 addr: 2001:41e0:ff00:89::2/64 Scope:Global
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
I tried
ping6 ipv6.google.com
PING ipv6.google.com (2001:4860:0:1001::68): 56 data bytes
ping6: sendto: Network is unreachable
and ... now the sixxs is died...
br-lan Link encap:Ethernet HWaddr 00:04:5F:01:60:AA
inet addr:192.168.1.4 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: 2001:41e0:ff00:89::1/64 Scope:Global
inet6 addr: fe80::204:5fff:fe01:60aa/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:347 errors:0 dropped:0 overruns:0 frame:0
TX packets:229 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:21725 (21.2 KiB) TX bytes:27914 (27.2 KiB)
eth0 Link encap:Ethernet HWaddr 00:04:5F:01:60:AA
inet6 addr: fe80::204:5fff:fe01:60aa/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:423 errors:0 dropped:0 overruns:0 frame:0
TX packets:233 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:31253 (30.5 KiB) TX bytes:28368 (27.7 KiB)
Interrupt:10 Base address:0xe800
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
ip -6 route show
2001:41e0:ff00:89::/64 dev br-lan proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
2001:41e0:ff00:89::/64 dev sixxs proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
2001:41e0:ff00:89::/64 dev br-lan metric 1024 mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev eth0 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev br-lan proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev sixxs proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
default dev sixxs metric 1024 mtu 1500 advmss 1440 hoplimit 4294967295
default via 2001:41e0:ff00:89::1 dev sixxs metric 1024 mtu 1500 advmss 1440 hoplimit 4294967295
interface sixxs - died
br-lan Link encap:Ethernet HWaddr 00:04:5F:01:60:AA inet addr:192.168.1.4 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: 2001:41e0:ff00:89::1/64 Scope:Global
That prefix is a tunnel prefix and thus does not belong there.
2001:41e0:ff00:89::/64 dev br-lan proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295 2001:41e0:ff00:89::/64 dev sixxs proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295 2001:41e0:ff00:89::/64 dev br-lan metric 1024 mtu 1500 advmss 1440 hoplimit 4294967295
You should only have that prefix once, and then on the tunnel interface.
default dev sixxs metric 1024 mtu 1500 advmss 1440 hoplimit 4294967295 default via 2001:41e0:ff00:89::1 dev sixxs metric 1024 mtu 1500 advmss 1440 hoplimit 4294967295
Two default routes, one without a gateway, that won't work either.
interface sixxs - died
Shadow Hawkins on Wednesday, 28 January 2009 13:10:35
Hi
hier my start script.. I didn't understand that prefix..
# Flush & default
ip6tables -F INPUT
ip6tables -F OUTPUT
ip6tables -F FORWARD
ip6tables -F
# Set the default policy to accept
ip6tables -P INPUT ACCEPT
ip6tables -P OUTPUT ACCEPT
ip6tables -P FORWARD ACCEPT
echo "1" >/proc/sys/net/ipv6/conf/all/forwarding
# Allow anything on the local link
ip6tables -A INPUT -i lo -j ACCEPT
ip6tables -A OUTPUT -o lo -j ACCEPT
# Allow Link-Local addresses
ip6tables -A INPUT -s fe80::/10 -j ACCEPT
ip6tables -A OUTPUT -s fe80::/10 -j ACCEPT
# Allow multicast
ip6tables -A INPUT -s ff00::/8 -j ACCEPT
ip6tables -A OUTPUT -s ff00::/8 -j ACCEPT
# Allow ICMP
ip6tables -A INPUT -p icmpv6 -j ACCEPT
ip6tables -A OUTPUT -p icmpv6 -j ACCEPT
ip6tables -A FORWARD -p icmpv6 -j ACCEPT
./usr/sbin/ntpclient -s -h de.pool.ntp.org
./usr/sbin/radvd -C /etc/radvd.conf
sleep 15
sleep 15
ip -6 addr add 2001:41e0:ff00:89::1/64 dev br-lan
ip -6 route add 2001:41e0:ff00:89::1/64 dev br-lan
sleep 15
./usr/sbin/aiccu start /etc/aiccu.conf
sleep 15
ip -6 addr add 2001:41e0:ff00:89::2/64 dev sixxs
ip link set sixxs up
ip route add ::/0 dev sixxs
ip -6 ro add default via 2001:41e0:ff00:89::1 dev sixxs
let me know
thanks
Erich
interface sixxs - died
ip -6 addr add 2001:41e0:ff00:89::1/64 dev br-lan ip -6 route add 2001:41e0:ff00:89::1/64 dev br-lan
What is that doing there? That is a tunnel prefix, it belongs on a tunnel. Next to that ::1 is the PoP side of the tunnel, thus it does not even belong on your side of the box. Additionally the above two wouldn't make sense in anyway possible.
sleep 15 ./usr/sbin/aiccu start /etc/aiccu.conf sleep 15 ip -6 addr add 2001:41e0:ff00:89::2/64 dev sixxs ip link set sixxs up ip route add ::/0 dev sixxs ip -6 ro add default via 2001:41e0:ff00:89::1 dev sixxs
All these last 'ip' steps are already taken by AICCU, thus why are you adding them there?
interface sixxs - died
Shadow Hawkins on Wednesday, 28 January 2009 15:01:49
Sorry.. please explain it better... with example..
a lot of confusion...
look on http://www.sixxs.net/wiki/Aiccu/Installing_on_OpenWRT
I did the same...
Subnet Configuration
"
Most tunnels will grant a /48 subnet. This would give you enough addresses for many eternities. A /64 subnet is smaller but will still last for several eternities, it's also easier. So instead of <Subnet-Prefix>::/48 we will use <Subnet-Prefix>::/64.
Routing
To route packets into the LAN correctly we need to modify the startup of the aiccu to add more routing info for the LAN. Although like in IPv4 the gateway can be anything, for simplicity we assume the postfix 1.
In the directory /etc/init.d/ modify the aiccu file with vi, add the following after the line aiccu start:
ip -6 addr add <Subnet-Prefix>::1/64 dev br-lan
ip -6 route add <Subnet-Prefix>::1/64 dev br-lan
One problem that can be hard to figure out is that the default stage the aiccu starts is too soon and default routes get messed up. So modify the line below the copyright to read "
let me know
thnaks
Erich
interface sixxs - died
What they mean with "<Subnet-Prefix>" there is *NOT* the tunnel prefix that you are using. That is clearly stated also in the text that you pasted.
interface sixxs - died
Shadow Hawkins on Wednesday, 28 January 2009 18:00:58
I tried:
ip -6 addr add 2001:41e0:ff46:1::1/64 dev br-lan
ip -6 route add 2001:41e0:ff46:1::1/64 dev br-lan
my subnet 48 is 2001:41e0:ff46::/48 but I'm using a 64.. 2001:41e0:ff46:1::/64
but the sixxs is not coming up..
the new script is:
# Flush & default
ip6tables -F INPUT
ip6tables -F OUTPUT
ip6tables -F FORWARD
ip6tables -F
# Set the default policy to accept
ip6tables -P INPUT ACCEPT
ip6tables -P OUTPUT ACCEPT
ip6tables -P FORWARD ACCEPT
echo "1" >/proc/sys/net/ipv6/conf/all/forwarding
# Allow anything on the local link
ip6tables -A INPUT -i lo -j ACCEPT
ip6tables -A OUTPUT -o lo -j ACCEPT
# Allow Link-Local addresses
ip6tables -A INPUT -s fe80::/10 -j ACCEPT
ip6tables -A OUTPUT -s fe80::/10 -j ACCEPT
# Allow multicast
ip6tables -A INPUT -s ff00::/8 -j ACCEPT
ip6tables -A OUTPUT -s ff00::/8 -j ACCEPT
# Allow ICMP
ip6tables -A INPUT -p icmpv6 -j ACCEPT
ip6tables -A OUTPUT -p icmpv6 -j ACCEPT
ip6tables -A FORWARD -p icmpv6 -j ACCEPT
./usr/sbin/ntpclient -s -h de.pool.ntp.org
./usr/sbin/radvd -C /etc/radvd.conf
sleep 15
ip -6 addr add 2001:41e0:ff46:1::1/64 dev br-lan
ip -6 route add 2001:41e0:ff46:1::1/64 dev br-lan
./usr/sbin/aiccu start /etc/aiccu.conf
the interface name on aiccu is sixxs
interface sixxs - died
ip -6 addr add 2001:41e0:ff46:1::1/64 dev br-lan ip -6 route add 2001:41e0:ff46:1::1/64 dev br-lan
The 'ip -6 addr add ...' already adds a route for that /64, no need to do the second command which will just be redundant.
my subnet 48 is 2001:41e0:ff46::/48 but I'm using a 64.. 2001:41e0:ff46:1::/64
That is fine.
but the sixxs is not coming up..
Why not solve that first then?
One step at a time.
the new script is:
Running a script doesn't help if the old and wrong configuration is still in place. It also doesn't show at all what the result is and if the result is even remote from correct.
Starting RADVD before you have added the address for the local network doesn't help btw, it has to start after that. Next to that it might be smart to have working connectivity before you treat the rest of your network to a blackhole treatment.
Please actually read the Reporting Problems Checklist and provide ALL the requested things there. And yes, when you change something provide them again.
interface sixxs - died
Shadow Hawkins on Wednesday, 28 January 2009 17:13:00
sleep 15
./usr/sbin/aiccu start /etc/aiccu.conf sleep 15 ip -6 addr add 2001:41e0:ff00:89::2/64 dev sixxs ip link set sixxs up ip route add ::/0 dev sixxs ip -6 ro add default via 2001:41e0:ff00:89::1 dev sixxs
All these last 'ip' steps are already taken by AICCU, thus why are you adding them there?
I did the "ip" steps because the tunnel sixxs is not coming up..
please help me. it's almost two weeks that I'm trying to bring the tunnel up..
this is why I have a lot of confusion..
interface sixxs - died
I did the "ip" steps because the tunnel sixxs is not coming up..
That is because you are configuring it wrong. AICCU doesn't fix those things. It just sets the tunnel up, nothing else.
please help me. it's almost two weeks that I'm trying to bring the tunnel up.. this is why I have a lot of confusion..
Because you are doing it wrong.
I would suggest that you start with a clean slate. Note also that when you are using Openwrt (and I hope it is Kamikaze) that everything is done by simply installing the image, ssh/telnet in and then 'opkg update' and 'opkg install aiccu', edit the config file with user/pass/tunnelid and start it, that is it.
For the rest see "Reporting Problems" section.
interface sixxs - died
Shadow Hawkins on Wednesday, 28 January 2009 18:04:48
this is my logread:
Jan 28 17:03:28 OpenWrt daemon.info radvd[933]: version 1.2 started
Jan 28 17:03:28 OpenWrt daemon.warn radvd[935]: sendmsg: Invalid argument
Jan 28 17:03:28 OpenWrt user.info kernel: br-lan: port 1(eth0) entering disabled
state
Jan 28 17:03:28 OpenWrt user.info kernel: br-lan: topology change detected, prop
agating
Jan 28 17:03:28 OpenWrt user.info kernel: br-lan: port 1(eth0) entering forwardi
ng state
Jan 28 17:03:29 OpenWrt user.notice root: adding lan (br-lan) to firewall zone l
an
Jan 28 17:03:29 OpenWrt user.notice root: starting ntpclient
Jan 28 17:03:29 OpenWrt user.info : 39839 61409.232 24883.0 116.8 601888.6
2883.9 0
Jan 28 17:03:44 OpenWrt local7.info syslog: Succesfully retrieved tunnel informa
tion for T17163
Jan 28 17:03:44 OpenWrt local7.info syslog: AICCU running as PID 1008
Jan 28 17:03:44 OpenWrt user.info kernel: sixxs: Disabled Privacy Extensions
Jan 28 17:03:45 OpenWrt daemon.warn radvd[935]: sendmsg: Invalid argument
Jan 28 17:04:01 OpenWrt daemon.warn radvd[935]: sendmsg: Invalid argument
interface sixxs - died
Jan 28 17:04:01 OpenWrt daemon.warn radvd[935]: sendmsg: Invalid argument
You have a 2.4 kernel with a radvd which is compiled against 2.6 kernel headers. That won't work. OpenWRT ticket.
interface sixxs - died
Shadow Hawkins on Wednesday, 28 January 2009 18:17:40
thanks
interface sixxs - died
Shadow Hawkins on Thursday, 29 January 2009 12:56:38
Hi Jeroen
It didn't work! the radvd is down but the aiccu is not working..
could be the openwrt snapshot x86 version...
Did you work in Rüschlikon? IBM? Great Building!!
I have been working for SwissRe (Zürich, Adliswil, Rüschlikon) for 7 years
please help me if you can..
thanks
Erich
interface sixxs - died
Shadow Hawkins on Monday, 02 February 2009 08:56:55
Hello
I did it! the tunnel works and radvd works!
it works! on debian!
now I need your help to configure the DHCPv6-Servers,
I don't have a dns server and I have to set up it in the dhcp6s.conf
interface eth0 {
server-preference 255;
renew-time 60;
rebind-time 90;
prefer-life-time 130;
valid-life-time 200;
allow rapid-commit;
option dns_servers 2001:db8:0:f101::1 sub.domain.example;
link AAA {
range 2001:db8:0:f101::1000 to 2001:db8:0:f101::ffff/64;
prefix 2001:db8:0:f101::/64;
};
};
any idea?
thanks
Erich
interface sixxs - died
Shadow Hawkins on Wednesday, 28 January 2009 13:12:54
and this is my radvd:
interface br-lan
{
AdvSendAdvert on;
MinRtrAdvInterval 3;
MaxRtrAdvInterval 10;
AdvLinkMTU 1280;
AdvHomeAgentFlag off;
prefix 2001:41e0:ff46:1::/64
{
AdvOnLink on;
AdvAutonomous on;
AdvValidLifetime 86400;
AdvPreferredLifetime 86400;
AdvRouterAddr on;
};
};
|
on Wednesday, 28 January 2009 12:38:09
Posting is only allowed when you are