You are not logged in.

Pages: 1

#1 2018-01-25 15:19:45

rowra
Member
Registered: 2015-08-30
Posts: 24

Arch ROUTER IPV6

I've managed to build and configure an Arch router (based on many articles inclkuding the Arch Wiki: Router etc.). Everything is working fine with IPV4 but I can't get IPV6 to work. Here's what I've done:

sysctl forwarding should be ok:

[root@homesever iptables]# sysctl net.ipv6.conf.ppp0.forwarding
net.ipv6.conf.ppp0.forwarding = 1
[root@homesever iptables]# sysctl net.ipv6.conf.default.forwarding
net.ipv6.conf.default.forwarding = 1

I have radvd installed and here's the /etc/radvd.conf:

[root@homesever iptables]# cat /etc/radvd.conf 
interface enp3s0 {
  AdvSendAdvert on;
  MinRtrAdvInterval 3;
  MaxRtrAdvInterval 10;
  prefix 2001:DB8::/64 {
    AdvOnLink on;
    AdvAutonomous on;
    AdvRouterAddr on;
  };
};

iptables and ip6tables:

[root@homesever iptables]# iptables-save 
# Generated by iptables-save v1.6.1 on Thu Jan 25 16:47:17 2018
*filter
:INPUT ACCEPT [1723:285193]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1734:552562]
-A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i enp3s0 -o ppp0 -j ACCEPT
COMMIT
# Completed on Thu Jan 25 16:47:17 2018
# Generated by iptables-save v1.6.1 on Thu Jan 25 16:47:17 2018
*nat
:PREROUTING ACCEPT [87:9630]
:INPUT ACCEPT [69:8478]
:OUTPUT ACCEPT [89:6861]
:POSTROUTING ACCEPT [2:402]
-A PREROUTING -d WANIP -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.0.0.1
-A POSTROUTING -o ppp0 -j MASQUERADE
COMMIT
# Completed on Thu Jan 25 16:47:17 2018
# Generated by iptables-save v1.6.1 on Thu Jan 25 16:47:17 2018
*mangle
:PREROUTING ACCEPT [2701:592928]
:INPUT ACCEPT [1729:285694]
:FORWARD ACCEPT [970:304234]
:OUTPUT ACCEPT [1743:554149]
:POSTROUTING ACCEPT [2723:860231]
-A FORWARD -o ppp0 -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
COMMIT
# Completed on Thu Jan 25 16:47:17 2018
[root@homesever iptables]# ip6tables-save
# Generated by ip6tables-save v1.6.1 on Thu Jan 25 16:47:30 2018
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [10:4814]
:OUTPUT ACCEPT [0:0]
-A INPUT -p ipv6-icmp -j ACCEPT
-A INPUT -p ipv6-icmp -j ACCEPT
-A FORWARD -p ipv6-icmp -j ACCEPT
-A FORWARD -p ipv6-icmp -j ACCEPT
-A OUTPUT -p ipv6-icmp -j ACCEPT
-A OUTPUT -p ipv6-icmp -j ACCEPT
COMMIT
# Completed on Thu Jan 25 16:47:30 2018

Also, added (uncmmented) in nectl's wan's pppoe config:
PPPoEIP6=yes

Now, what's working is that clients actually see the router and get an address, for example a macbook has this:

Router: fe80::21b:21ff:fe51:3786
IPv6 Address                                   Prefix length
2001:db8::103c:a658:8cba:ae5d      64
2001:db8::5c27:3e34:d6be:929f       64

Yet, whenever I try any IPV6 test sites, it says I have ONLY ipv4 address.

On the router machine itself, IPV6 address is seen and recognised by the same sites.


The router machine's ifconfig output:

[root@homesever iptables]# ifconfig
bash: $'ifconfig\305': command not found
[root@homesever iptables]# ifconfig
eno1: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet6 fe80::92b1:1cff:fe72:c298  prefixlen 64  scopeid 0x20<link>
        ether 90:b1:1c:72:c2:98  txqueuelen 1000  (Ethernet)
        RX packets 192331  bytes 42766955 (40.7 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 341586  bytes 432684326 (412.6 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device interrupt 20  memory 0xf7e00000-f7e20000  

enp1s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::21b:21ff:fe52:490a  prefixlen 64  scopeid 0x20<link>
        ether 00:1b:21:52:49:0a  txqueuelen 1000  (Ethernet)
        RX packets 3417246  bytes 3931435277 (3.6 GiB)
        RX errors 0  dropped 505  overruns 0  frame 0
        TX packets 2315058  bytes 2235662742 (2.0 GiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device interrupt 16  memory 0xf7dc0000-f7de0000  

enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.0.0.1  netmask 255.255.255.0  broadcast 10.0.0.255
        inet6 fe80::21b:21ff:fe51:3786  prefixlen 64  scopeid 0x20<link>
        ether 00:1b:21:51:37:86  txqueuelen 1000  (Ethernet)
        RX packets 999303  bytes 929893987 (886.8 MiB)
        RX errors 0  dropped 126  overruns 0  frame 0
        TX packets 2065977  bytes 2572518418 (2.3 GiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device interrupt 18  memory 0xf7cc0000-f7ce0000  

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 54077  bytes 14493980 (13.8 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 54077  bytes 14493980 (13.8 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

ppp0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1492
        inet 85.238.71.163  netmask 255.255.255.255  destination 10.0.0.1
        inet6 fe80::5484:7418:f660:de8  prefixlen 10  scopeid 0x20<link>
        inet6 2a01:36c:118:266a:5484:7418:f660:de8  prefixlen 64  scopeid 0x0<global>
        ppp  txqueuelen 3  (Point-to-Point Protocol)
        RX packets 235689  bytes 244151283 (232.8 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 150560  bytes 47126657 (44.9 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

router's ip addr output:

[root@homesever iptables]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eno1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000
    link/ether 90:b1:1c:72:c2:98 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::92b1:1cff:fe72:c298/64 scope link 
       valid_lft forever preferred_lft forever
3: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 00:1b:21:52:49:0a brd ff:ff:ff:ff:ff:ff
    inet6 fe80::21b:21ff:fe52:490a/64 scope link 
       valid_lft forever preferred_lft forever
4: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 00:1b:21:51:37:86 brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.1/24 brd 10.0.0.255 scope global enp3s0
       valid_lft forever preferred_lft forever
    inet6 fe80::21b:21ff:fe51:3786/64 scope link 
       valid_lft forever preferred_lft forever
11: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1492 qdisc fq_codel state UNKNOWN group default qlen 3
    link/ppp 
    inet 85.238.71.163 peer 10.0.0.1/32 scope global ppp0
       valid_lft forever preferred_lft forever
    inet6 2a01:36c:118:266a:5484:7418:f660:de8/64 scope global dynamic mngtmpaddr 
       valid_lft 86363sec preferred_lft 14363sec
    inet6 fe80::5484:7418:f660:de8/10 scope link 
       valid_lft forever preferred_lft forever

Any idea why IPV6 works on the router machine, but not the clients? What do I do wrong?

Last edited by rowra (2018-01-25 15:48:30)

Offline

Pages: 1

Board footer

Powered by FluxBB