I've got IPv6 addresses from SIXXS. My host is connected with SIXXS network over a AICCU tunnel ("sixxs" interface). My host address is 2001:::2, the host on the end has address 2001:::1. On my host IPv6 is fully accessible.
I have problem with configuring IPv6 network on VMs. I use VirtualBox, the VM (Ubuntu) uses tap1 (on the host bridged by br0)
#!/bin/sh
PATH=/sbin:/usr/bin:/bin:/usr/bin:/usr/sbin
# create a tap
tunctl -t tap1
ip link set up dev tap1
# create the bridge
brctl addbr br0
brctl addif br0 tap1
# set the IP address and routing
ip link set up dev br0
ip -6 route del 2001:6a0:200:172::/64 dev sixxs
ip -6 route add 2001:6a0:200:172::1 dev sixxs
ip -6 addr add 2001:6a0:200:172::2/64 dev br0
ip -6 route add 2001:6a0:200:172::2/64 dev br0
Host: routing table:
2001:6a0:200:172::1 dev sixxs metric 1024
2001:6a0:200:172::/64 dev br0 proto kernel metric 256
2001:6a0:200:172::/64 dev br0 metric 1024
2000::/3 dev sixxs metric 1024
fe80::/64 dev eth0 proto kernel metric 256
fe80::/64 dev sixxs proto kernel metric 256
fe80::/64 dev br0 proto kernel metric 256
fe80::/64 dev tap1 proto kernel metric 256
default via 2001:6a0:200:172::1 dev sixxs metric 1024
Guest: interface eth1 (it is connected with tap1):
auto eth1
iface eth1 inet6 static
address 2001:6a0:200:172::3
netmask 64
gateway 2001:6a0:200:172::2
Guest: routing table
2001:6a0:200:172::/64 dev eth1 proto kernel metric 256
fe80::/64 dev eth0 proto kernel metric 256
fe80::/64 dev eth1 proto kernel metric 256
default via 2001:6a0:200:172::2 dev eth1 metric 1024
The guest pings to the host, the host pings to the guest, the host pings to 2001:6a0:200:172::1, but the guest doesn't ping to 2001:6a0:200:172::1. The guest tries to ping, on the host (by tcdump) I can capture its packets, but the host doesn't send them to 2001:6a0:200:172::1. What have I missed in configuration?
Best Answer
Check the output of the command
This should show a value of 1 for all the networks you want to forward. You should be able to enable forwarding with the command:
I would seriously consider setting up an iptables firewall so you don't open your systems entirely to the IPv6 Internet. Unlike IPv4 you don't have a NAT device preventing inbound connections. The Shorewall firewall has an IPv6 version which should give you a simple to setup firewall. The example two-interface setup should be a good starting point and can be set to enable forwarding for you.
My article on Setting up IPv6 on an OpenWRT (Linux) Router may give you some pointers. Configure you hosts as the router.
EDIT: I reviewed SixXS documentation and verified that on the tunnel only the ::1 (P0P and ::2 (your endpoint) addresses are valid. You should have been provided a 'default routed /64' which you can use on your network. Assign an address to your bridge. (Traditionally the ::1 address is the router.) You may want to configure a
radvd
daemon to announce routes on the internal network. If you useradvd
your virtual box image should auto configure with an address and route.If you want to route other local devices, then add
eth1
or eth0` as appropriate to the bridge.