SixXS::Sunset 2017-06-06

IPV6 - OpenWRT -> ipv6 doesnt get connection... to the outside :(
[de] Shadow Hawkins on Tuesday, 02 September 2014 18:39:48
Hello first my Router-info: Router-Model: Netgear WNDR3700-V1 Firmware: "OpenWrt Chaos Calmer r42349" buildtype: custom-compiled (NO LUCI and there Depends...) prefix-Advertisment via: Dnsmasq-DHCPv6 (Stateless) my IPV6 configuration in OpenWRT is (/etc/config/network) #anonymized... config interface 'wan6' option proto 'aiccu' option username '*********' option password '*********' option peeraddr '<POP IPV4 Address>' option ip6addr '<SIXXS Tunnel - Your IPv6>/64' option ip6prefix '<SIXXS Subnet Prefix>/64' option protocol 'tic' option server'tic.sixxs.net' option defaultroute '1' option ifname 'aiccu-wan6' option sourcerouting '1' option tunnelid'<Tunnel ID>' option mtu '<SIXXS Tunnel MTU>' option nat '1' option heartbeat '1' option verbose '0' config interface 'lan' option ifname 'eth0.1' option force_link '1' option type 'bridge' option proto 'static' option ipaddr '192.168.1.1' option netmask '255.255.255.0' option ip6addr '<SIXXS Subnet Prefix>::1/64' option ip6assign '60' #option accept_ra '0' #option send_rs '0' "ip -6 route" is showing the following routes <SIXXS Subnet Prefix>/64 dev br-lan proto static metric 1024 unreachable <SIXXS Subnet Prefix>/64 dev lo proto static metric 2147483647 error -128 fe80::/64 dev eth0 proto kernel metric 256 fe80::/64 dev br-lan proto kernel metric 256 fe80::/64 dev eth1 proto kernel metric 256 fe80::/64 dev br-WLAN proto kernel metric 256 fe80::/64 dev wlan0 proto kernel metric 256 fe80::/64 dev wlan1 proto kernel metric 256 ifconfig shows this: br-lan Link encap:Ethernet HWaddr 02:26:F2:E9:C3:A9 inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::26:f2ff:fee9:c3a9/64 Scope:Link inet6 addr: <SIXXS Subnet Prefix>::1/64 Scope:Global UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:36924 errors:0 dropped:0 overruns:0 frame:0 TX packets:48457 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:2987084 (2.8 MiB) TX bytes:57351350 (54.6 MiB) eth0 Link encap:Ethernet HWaddr 02:26:F2:E9:C3:A9 inet6 addr: fe80::26:f2ff:fee9:c3a9/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:78355 errors:0 dropped:1 overruns:36 frame:0 TX packets:95183 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:8722273 (8.3 MiB) TX bytes:101362868 (96.6 MiB) Interrupt:4 eth0.1 Link encap:Ethernet HWaddr 02:26:F2:E9:C3:A9 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:37101 errors:0 dropped:0 overruns:0 frame:0 TX packets:48377 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:3000489 (2.8 MiB) TX bytes:57342746 (54.6 MiB) eth1 Link encap:Ethernet HWaddr 00:26:F2:E9:C3:AA inet addr:192.168.178.11 Bcast:192.168.178.255 Mask:255.255.255.0 inet6 addr: fe80::226:f2ff:fee9:c3aa/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:87585 errors:0 dropped:0 overruns:0 frame:0 TX packets:66581 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:99988610 (95.3 MiB) TX bytes:7146374 (6.8 MiB) Interrupt:5 logread shows: Tue Sep 2 17:39:29 2014 daemon.info dnsmasq-dhcp[4782]: RTR-ADVERT(br-lan) <SIXXS Subnet Prefix>:: Tue Sep 2 17:39:29 2014 daemon.info dnsmasq-dhcp[4782]: SLAAC-CONFIRM(br-lan) <SIXXS Subnet Prefix>:5604:a6ff:fe94:a361 Medice-PC Tue Sep 2 17:39:30 2014 local7.info syslog: Succesfully retrieved tunnel information for T85182 Tue Sep 2 17:39:30 2014 local7.info syslog: AICCU running as PID 4908 Tue Sep 2 17:39:30 2014 daemon.notice netifd: Interface 'wan6' is now up Tue Sep 2 17:39:30 2014 user.notice firewall: Reloading firewall due to ifup of wan6 (aiccu-wan6) Tue Sep 2 17:39:31 2014 user.notice root: starting ntpclient that is my configuration, that i have setted up but when i run "ping6 sixxs.net" it throws "Operation not permitted" clients cant also get link to the outside world :(
IPV6 - OpenWRT -> ipv6 doesnt get connection... to the outside :(
[ch] Jeroen Massar SixXS Staff on Tuesday, 02 September 2014 18:53:32
option nat '1'
option heartbeat '1'
What are those flags supposed to accomplish?
"ip -6 route" is showing the following routes
You got no 'aiccu' or 'aiccu-wan6' or other tunnel interfaces there.
ifconfig shows this:
Try 'ip link show'; ifconfig is so 1980s. 'ip tunnel show' can also be useful, depending on the type of tunnel that is being used.
Tue Sep 2 17:39:30 2014 local7.info syslog: AICCU running as PID 4908
Tue Sep 2 17:39:30 2014 daemon.notice netifd: Interface 'wan6' is now up
Tue Sep 2 17:39:30 2014 user.notice firewall: Reloading firewall due to ifup of wan6 (aiccu-wan6)
Seems something activates there; why does it not show up in the output of your routes or in the interfaces though?
that is my configuration, that i have setted up but when i run "ping6 sixxs.net" it throws "Operation not permitted"
"operation not permitted" indicates hitting a firewall rule. But as you do not have any routes going anywhere, that would just be another thing to fix.
IPV6 - OpenWRT -> ipv6 doesnt get connection... to the outside :(
[de] Shadow Hawkins on Tuesday, 02 September 2014 18:59:26
root@WNDR3700:~# cat /var/etc/aiccu-wan6.conf username ************ password ************ ipv6_interface aiccu-wan6 server tic.sixxs.net protocol tic tunnel_id T85182 behindnat true <--------------------------- "option nat 1" makebeats true <--------------------------- "option heartbeat 1" defaultroute false daemonize true pidfile /var/run/aiccu-wan6.pid root@WNDR3700:~#
IPV6 - OpenWRT -> ipv6 doesnt get connection... to the outside :(
[ch] Jeroen Massar SixXS Staff on Tuesday, 02 September 2014 19:00:59
behindnat true <--------------------------- "option nat 1"
That is a ~10 year old windows-only option, as it just reminded the user they where behind NAT.
makebeats true <--------------------------- "option heartbeat 1"
That is a default, without it, there is little the tool would do.
IPV6 - OpenWRT -> ipv6 doesnt get connection... to the outside :(
[de] Shadow Hawkins on Tuesday, 02 September 2014 19:07:17
root@WNDR3700:~# cat /var/etc/aiccu-wan6.conf username ************ password ************ ipv6_interface aiccu-wan6 server tic.sixxs.net protocol tic tunnel_id T85182 behindnat true <------------------ "option nat '1'" makebeats true <------------------ "option heartbeat 1" defaultroute false ; maybe here... but is setted: "option defaultroute '1'" daemonize true pidfile /var/run/aiccu-wan6.pid 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000 link/ether 02:26:f2:e9:c3:a9 brd ff:ff:ff:ff:ff:ff 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000 link/ether 00:26:f2:e9:c3:aa brd ff:ff:ff:ff:ff:ff 18: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default link/ether 02:26:f2:e9:c3:a9 brd ff:ff:ff:ff:ff:ff 19: eth0.1@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-lan state UP mode DEFAULT group default link/ether 02:26:f2:e9:c3:a9 brd ff:ff:ff:ff:ff:ff 20: br-WLAN: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default link/ether 00:26:f2:e9:c3:a9 brd ff:ff:ff:ff:ff:ff 21: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master br-WLAN state UP mode DEFAULT group default qlen 1000 link/ether 00:26:f2:e9:c3:a9 brd ff:ff:ff:ff:ff:ff 22: wlan1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master br-WLAN state UP mode DEFAULT group default qlen 1000 link/ether 00:26:f2:e9:c3:ab brd ff:ff:ff:ff:ff:ff
IPV6 - OpenWRT -> ipv6 doesnt get connection... to the outside :(
[ch] Jeroen Massar SixXS Staff on Tuesday, 02 September 2014 19:22:02
As long as there is no tunnel interface you will not have a tunnel and thus no connectivity. Check your logs what goes on.
IPV6 - OpenWRT -> ipv6 doesnt get connection... to the outside :(
[de] Shadow Hawkins on Tuesday, 02 September 2014 20:59:04
found the solution: for the missing interface -> "kmod-sit-*" worse missing :( so i had to recompile the Firmware image and upload it to my box :( aiccu-wan6 Link encap:IPv6-in-IPv4 inet6 addr: fe80::c0a8:101/64 Scope:Link inet6 addr: <SIXXS SUBNET Prefix>::2/64 Scope:Global inet6 addr: fe80::c0a8:b20b/64 Scope:Link inet6 addr: fe80::c0a8:301/64 Scope:Link UP POINTOPOINT RUNNING NOARP MTU:1280 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:2 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:152 (152.0 B) so now i can go on with the config / setup :)
IPV6 - OpenWRT -> ipv6 doesnt get connection... to the outside :(
[ch] Jeroen Massar SixXS Staff on Tuesday, 02 September 2014 21:01:31
I wonder why you then had:
Tue Sep 2 17:39:30 2014 daemon.notice netifd: Interface 'wan6' is now up
Tue Sep 2 17:39:30 2014 user.notice firewall: Reloading firewall due to ifup of wan6 (aiccu-wan6)
Apparently that is then not based on the actual interface, but on the script just triggering something...
IPV6 - OpenWRT -> ipv6 doesnt get connection... to the outside :(
[de] Shadow Hawkins on Tuesday, 02 September 2014 21:21:05
default from :: dev aiccu-wan6 proto static metric 1024 default from 2001:4dd0:ff00:d11::/64 dev aiccu-wan6 proto static metric 1024 default from <SIXXS SUBNET PREFIX>::/64 dev aiccu-wan6 proto static metric 1024 2001:4dd0:ff00:d11::/64 dev aiccu-wan6 proto kernel metric 256 <SIXXS SUBNET PREFIX>::/64 dev br-lan proto static metric 1024 unreachable <SIXXS SUBNET PREFIX>::/64 dev lo proto static metric 2147483647 error -128 ... ping6 says also ... Operation not permitted
IPV6 - OpenWRT -> ipv6 doesnt get connection... to the outside :(
[ch] Jeroen Massar SixXS Staff on Tuesday, 02 September 2014 21:39:03
default from :: dev aiccu-wan6 proto static metric 1024
default from 2001:4dd0:ff00:d11::/64 dev aiccu-wan6 proto static metric 1024
default from <SIXXS SUBNET PREFIX>::/64 dev aiccu-wan6 proto static metric 1024
Three default routes with the same metric, that will work great! :) You might want to fix that. The "2001:4dd0:ff00:d11::/64" address can not work btw, that is a subnet anycast address (the lowest address, aka <prefix>::).
ping6 says also ... Operation not permitted
Check your firewall rules.
IPV6 - OpenWRT -> ipv6 doesnt get connection... to the outside :(
[de] Shadow Hawkins on Tuesday, 02 September 2014 21:29:02
Guido Lipke wrote:
logread shows: Tue Sep 2 17:39:29 2014 daemon.info dnsmasq-dhcp[4782]: RTR-ADVERT(br-lan) <SIXXS Subnet Prefix>:: Tue Sep 2 17:39:29 2014 daemon.info dnsmasq-dhcp[4782]: SLAAC-CONFIRM(br-lan) <SIXXS Subnet Prefix>:5604:a6ff:fe94:a361 Medice-PC Tue Sep 2 17:39:30 2014 local7.info syslog: Succesfully retrieved tunnel information for T85182 Tue Sep 2 17:39:30 2014 local7.info syslog: AICCU running as PID 4908 Tue Sep 2 17:39:30 2014 daemon.notice netifd: Interface 'wan6' is now up Tue Sep 2 17:39:30 2014 user.notice firewall: Reloading firewall due to ifup of wan6 (aiccu-wan6) Tue Sep 2 17:39:31 2014 user.notice root: starting ntpclient
1st start of Aiccu is to early, time is not in sync. the openwrt script doesn't check check for the time edit feeds/packages/ipv6/aiccu/files/aiccu.sh ... [ "$nat" == 1 ] && echo "behindnat true" >> "$CFGFILE" [ "$heartbeat"== 1 ] && echo "makebeats true" >> "$CFGFILE" [ "$verbose" == 1 ] && echo "verbose true" >> "$CFGFILE" echo "defaultroute false" >> "$CFGFILE" echo "daemonize true" >> "$CFGFILE" echo "pidfile $PIDFILE" >> "$CFGFILE" /usr/sbin/ntpd -q -N -p serverip sleep 10 aiccu start "$CFGFILE" [ "$?" -ne 0 ] && { proto_notify_error "$cfg" "AICCU_FAILED_SEE_LOG" proto_block_restart "$cfg" return } .... the problem is that time get wrong restored on a reboot more than 2 min diff use a ipv4 address not a domain name dns is not working on that point. rebuild the image or edit the file under running system /lib/netifd/proto/aiccu.sh the openwrt init startup need a way to define that dns and time is needed for things
IPV6 - OpenWRT -> ipv6 doesnt get connection... to the outside :(
[ch] Jeroen Massar SixXS Staff on Tuesday, 02 September 2014 21:40:57
1st start of Aiccu is to early, time is not in sync.
If the time was not synced tunnel details would not have been fetched.
/usr/sbin/ntpd -q -N -p serverip
Instead of ntpd, do a single-shot 'ntpdate', which sets the time directly, after that indeed do start ntpd to maintain the time.
IPV6 - OpenWRT -> ipv6 doesnt get connection... to the outside :(
[de] Shadow Hawkins on Tuesday, 02 September 2014 22:28:15
yes we should that disscuse in a ticke in the trac of openwrt :| the time is in sync in my case... what are withe routes? :/
IPV6 - OpenWRT -> ipv6 doesnt get connection... to the outside :(
[de] Shadow Hawkins on Tuesday, 02 September 2014 22:31:55
i mean this "time probleam should be disscuse in a ticket in the Trac of OpenWRT :( what says the routes that i had posted above? echo "username $username" > "$CFGFILE" echo "password $password" >> "$CFGFILE" echo "ipv6_interface $link" >> "$CFGFILE" [ -n "$server" ] && echo "server $server" >> "$CFGFILE" [ -n "$protocol" ] && echo "protocol $protocol" >> "$CFGFILE" [ -n "$tunnelid" ] && echo "tunnel_id $tunnelid" >> "$CFGFILE" [ -n "$requiretls" ] && echo "requiretls $requiretls" >> "$CFGFILE" [ "$nat" == 1 ] && echo "behindnat true" >> "$CFGFILE" [ "$heartbeat" == 1 ] && echo "makebeats true" >> "$CFGFILE" [ "$verbose" == 1 ] && echo "verbose true" >> "$CFGFILE" [ "$defaultroute" == 1 ] && echo "defaultroute true" >> "$CFGFILE" [ "$deamonize" == 1 ] && echo "daemonize true" >> "$CFGFILE" echo "pidfile $PIDFILE" >> "$CFGFILE" [ "$synctime" == 1 ] && { /usr/sbin/ntpd -q -N -p "$ntpserver" sleep $ntpsleeptime } it should be flexible enough to sync the time (xD)

Please note Posting is only allowed when you are logged in.
Static Sunset Edition of SixXS
©2001-2017 SixXS - IPv6 Deployment & Tunnel Broker