I'm running OpenVPN on Debian Lenny and Tunnelblick on OSX. my goal is to have a fully routed VPN that supports IPv6. the OpenVPN server has a functional 6to4 device, so now my goal is to get the clients to route their IPv6 traffic over the VPN.
after OpenVPN starts, it runs these commands to configure its tap0 device for IPv6:
ifconfig $dev up
ifconfig $dev add 2001:470:e910:1000::1/64
so far, I've been manually performing the OSX side of things. I've gotten to here:
ifconfig tap0 inet6 2001:470:e910:1000::2
route add -inet6 default 2001:470:e910:1000::1
route add -inet6 2000:: -prefixlen 3 2001:470:e910:1000::1
with these commands, I can ping client.tap0, server.tap0 and server.6to4, but cannot get any traffic beyond the 6to4 device. without BOTH routes, no traffic gets to the server at all. I havent done much routing or IPv6, so I'm stumped.
Best Answer
Make sure you have IPv6 forwarding enabled (
net.ipv6.conf.*.forwardingsysctls) and you aren't accidentally firewalling the traffic away.Also, have you considered IPv6 Stateless Autoconfiguration instead of manually configuring the clients? Basically, you need to install
radvdon the server and have it advertise your prefix (subnet) and the gateway on the tap0 device.