Subj : Re: Networking Questions To : Avon From : N1uro Date : Fri Jun 18 2021 02:35 pm -=> Avon wrote to All <=- [snip] Av> My intended IPv6 address on this box is 2001:470:c:123::200 and you Av> will see it uses 192.168.1.131 as the local LAN IP. I see you're getting your IPv6 block from HE.net as I do. Since you're configuring your bbs' IPv6 as a static, you also need to define a default block route so the frames know how/where to route to/from. I do all mine via a bash script. My primary network interface is a Realtek wifi (ra0) and I have to do at least 2 things: - define the IP in the interface: ip -6 address add 2001:470:8a1e::3/48 dev ra0 - define a default IPv6 route: ip -6 route add default via 2001:470:8a1e::1 dev ra0 - define an IPv6 IP for your router's ethernet device since your lan will NOT require a 6-to-4 tunnel Since I also broker IPv6 IPs for packet radio and they're not on my lan but 6-to-4 tunnels I have to also add routes through my primary IPv6 router as well: ip -6 route add 2001:470:8a1e::/48 dev ra0 ip -6 route add 2001:470:8a1e::5 via 2001:470:8a1e::1 dev ra0 ip -6 route add 2001:470:8a1e::6 via 2001:470:8a1e::1 dev ra0 ip -6 route add 2001:470:8a1e::7 via 2001:470:8a1e::1 dev ra0 ip -6 route add 2001:470:8a1e::8 via 2001:470:8a1e::1 dev ra0 ip -6 route add 2001:470:8a1e::13 via 2001:470:8a1e::1 dev ra0 ip -6 route add 2001:470:8a1e::14 via 2001:470:8a1e::1 dev ra0 ip -6 route add 2001:470:8a1e::15 via 2001:470:8a1e::1 dev ra0 ip -6 route add 2001:470:8a1e::16 via 2001:470:8a1e::1 dev ra0 ip -6 route add 2001:470:8a1e::17 via 2001:470:8a1e::1 dev ra0 ip -6 route add 2001:470:8a1e::2 via 2001:470:8a1e::1 dev ra0 ip -6 route add 2001:470:8a1e::20 via 2001:470:8a1e::1 dev ra0 ip -6 route add 2001:470:8a1e::21 via 2001:470:8a1e::1 dev ra0 Keep in mind also, you *must* build a parallel firewall for your IPv6 as you have for your IPv4 since it's treated separately. Instead of using "iptables" use "ip6tables". The rest is pretty much the same. Ex: ip6tables -P INPUT DROP ip6tables -A INPUT -p icmp -j ACCEPT ip6tables -A INPUT -p icmpv6 -j ACCEPT So looking at the above, the lan block route will use NDP (neighbor discovery protocol) for devices on my lan while the rest that are packet nodes will get forced to the primary gateway which also has 6-to-4 tunnels and routes per each packet node. For packet, I'm using amprnet's IPv4 IPs to bind to since packet requires the use of ARP for IP routing and IPv6 has eliminated ARP in favor of NDP, so the 6-to-4 tunnels encapsulated under the 44net IPv4 IPs works slick as it uses IP protocol 41 for it's transport. As for your polling via bink, DNS resolution will give both IPv4 AND IPv6, with IPv6 taking the priority route. If you poll me and watch your interface you should see the connection establish via IPv6. What I see from you here so far: n1uro@n1uro:~$ fping6 2001:470:d:123::200 2001:470:d:123::200 is alive n1uro@n1uro:~$ host agency.bbs.nz agency.bbs.nz has address 219.89.83.33 agency.bbs.nz has IPv6 address 2001:470:d:123::200 using UDP: n1uro@n1uro:~$ traceroute6 !$ traceroute6 2001:470:d:123::200 traceroute to 2001:470:d:123::200 (2001:470:d:123::200), 30 hops max, 80 byte packets 1 gw-ipv6.n1uro.com (2001:470:8a1e::1) 5.823 ms 6.267 ms 6.249 ms 2 tunnel326296.tunnel.tserv4.nyc4.ipv6.he.net (2001:470:1f06:295::1) 34.577 ms 35.318 ms 32.164 ms 3 ve422.core1.nyc4.he.net (2001:470:0:5d::1) 38.265 ms 36.364 ms 38.595 ms 4 100ge9-1.core2.chi1.he.net (2001:470:0:298::1) 55.759 ms 56.304 ms 100ge2-1.core2.chi1.he.net (2001:470:0:4b8::1) 55.073 ms 5 100ge15-2.core1.chi1.he.net (2001:470:0:483::1) 57.875 ms 57.234 ms 56.855 ms 6 100ge5-2.core1.oma1.he.net (2001:470:0:43f::2) 68.091 ms 57.648 ms 60.818 ms 7 100ge10-2.core1.den1.he.net (2001:470:0:42e::1) 67.923 ms 123.434 ms 67.198 ms 8 100ge4-2.core1.cys1.he.net (2001:470:0:4b4::2) 67.511 ms 67.478 ms 66.712 ms 9 100ge2-2.core1.slc1.he.net (2001:470:0:4b6::1) 73.698 ms 87.282 ms 86.522 ms 10 e0-54.core2.las1.he.net (2001:470:0:4e4::2) 89.503 ms 91.497 ms 90.600 ms 11 e0-34.core2.lax2.he.net (2001:470:0:4ba::1) 100.460 ms 98.834 ms 98.444 ms 12 100ge10-2.core1.lax2.he.net (2001:470:0:1b6::1) 97.306 ms 95.469 ms 96.159 ms 13 100ge2-2.core1.lax1.he.net (2001:470:0:72::1) 97.748 ms 137.828 ms 148.936 ms 14 tserv1.lax1.he.net (2001:470:0:9d::2) 120.893 ms 96.913 ms 93.755 ms 15 tunnel398066-pt.tunnel.tserv15.lax1.ipv6.he.net (2001:470:c:123::2) 279.889 ms 281.073 ms 280.690 ms 16 * * * 17 * * * 18 * * * 19 * * * 20 * * * 21 *^C (this tells me of a possible firewall issue) Using ICMP: n1uro@n1uro:~$ sudo traceroute6 -I 2001:470:d:123::200 traceroute to 2001:470:d:123::200 (2001:470:d:123::200), 30 hops max, 80 byte packets 1 gw-ipv6.n1uro.com (2001:470:8a1e::1) 1.835 ms 2.437 ms 2.419 ms 2 tunnel326296.tunnel.tserv4.nyc4.ipv6.he.net (2001:470:1f06:295::1) 27.775 ms 33.021 ms 34.525 ms 3 ve422.core1.nyc4.he.net (2001:470:0:5d::1) 34.141 ms 37.018 ms 36.000 ms 4 100ge2-1.core2.chi1.he.net (2001:470:0:4b8::1) 47.897 ms 52.759 ms 49.733 ms 5 100ge15-2.core1.chi1.he.net (2001:470:0:483::1) 53.101 ms 48.599 ms 51.356 ms 6 100ge5-2.core1.oma1.he.net (2001:470:0:43f::2) 61.340 ms 62.032 ms 62.984 ms 7 100ge10-2.core1.den1.he.net (2001:470:0:42e::1) 86.350 ms 66.550 ms 66.964 ms 8 100ge4-2.core1.cys1.he.net (2001:470:0:4b4::2) 70.579 ms 68.719 ms 67.331 ms 9 100ge2-2.core1.slc1.he.net (2001:470:0:4b6::1) 73.821 ms 74.111 ms 73.349 ms 10 e0-54.core2.las1.he.net (2001:470:0:4e4::2) 82.124 ms 87.489 ms 87.210 ms 11 e0-34.core2.lax2.he.net (2001:470:0:4ba::1) 92.430 ms 91.158 ms 99.455 ms 12 100ge10-2.core1.lax2.he.net (2001:470:0:1b6::1) 92.434 ms 87.474 ms 89.101 ms 13 100ge2-2.core1.lax1.he.net (2001:470:0:72::1) 91.201 ms 88.182 ms 93.716 ms 14 tserv1.lax1.he.net (2001:470:0:9d::2) 94.006 ms 93.264 ms 98.099 ms 15 tunnel398066-pt.tunnel.tserv15.lax1.ipv6.he.net (2001:470:c:123::2) 364.078 ms 354.166 ms 348.063 ms 16 2001:470:d:123::200 (2001:470:d:123::200) 338.341 ms 334.199 ms 326.155 ms No reverse dns? :) Otherwise a traceroute using ICMP works. Hope this helps ya out! .... Joseph to Mary: "What do you mean, 'It's a GIRL?'" --- MultiMail/Linux v0.52 * Origin: Carnage - risen from the dead now on SBBS (21:4/107) .