Ping over IPv6 IP6IP6 tunnels not working

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello,
I am using 2 Raspberry Pis and trying to establish tunnels: 2 for IPv4 and 2 for IPv6. I used separate ones, so in sum 4 tunnels. 

I have done the following changes/calls:

$ cat /etc/network/interfaces.d/eth2
auto eth2

iface eth2 inet static
   address 192.168.180.2
   netmask 255.255.255.0
   up ip addr add 192.168.180.4/24 dev eth2

iface eth2 inet6 static
    address 5001:192:168:180::2
    netmask 4
    up ip addr add 5001:192:168:180::4/4 dev eth2
$

I get and see these IP addresses.


$ cat /etc/iproute2/rt_tables
#
# reserved values
#
255     local
254     main
253     default
102     mytunneltable2
101     mytunneltable1
0       unspec
#
# local
#
#1      inr.ruhep
$


$ cat install_ipip_tunnel_with_own_routing_tables.sh
#!/bin/sh

sysctl -w net.ipv4.conf.all.forwarding=1
sysctl -w net.ipv6.conf.all.forwarding=1

ip tunnel del mytunnel1
ip tunnel add mytunnel1 mode ipip ttl 64 local 192.168.180.2 remote 192.168.180.1 dev eth2 
ip addr add 10.0.0.2/30 dev mytunnel1
ip link set mytunnel1 up

ip tunnel del mytunnel2
ip tunnel add mytunnel2 mode ipip ttl 64 local 192.168.180.4 remote 192.168.180.3 dev eth2 
ip addr add 10.0.0.4/30 dev mytunnel2
ip link set mytunnel2 up

# Setup tunnel 3 for IPv6
ifconfig mytunnel1ipv6 down
ifconfig mytunnel1ipv6 up
ip tunnel del mytunnel1ipv6
ip -6 tunnel add mytunnel1ipv6 mode ip6ip6 ttl 64 local 5001:192:168:180::2 remote 5001:192:168:180::1 dev eth2 
ip link set dev mytunnel1ipv6 up
ip -6 addr flush dev mytunnel1ipv6
ip -6 route flush dev mytunnel1ipv6 table mytunneltable1
ip -6 addr add 4001:192:168:180::2 dev mytunnel1ipv6
ip -6 route add 2001::/4 dev mytunnel1ipv6 table mytunneltable1

# Setup tunnel 4 for IPv6
ip tunnel del mytunnel2ipv6
ip -6 tunnel add mytunnel2ipv6 mode ip6ip6 ttl 64 local 5001:192:168:180::4 remote 5001:192:168:180::3 dev eth2 
ip link set dev mytunnel2ipv6 up
ip -6 addr flush dev mytunnel2ipv6
ip -6 route flush dev mytunnel2ipv6 table mytunneltable2
ip -6 addr add 3001:192:168:180::4 dev mytunnel2ipv6
ip -6 route add 2001::/4 dev mytunnel2ipv6 table mytunneltable2

$


$ ip -6 route
3001:192:168:180::4 dev mytunnel2ipv6 proto kernel metric 256 pref medium
4001:192:168:180::2 dev mytunnel1ipv6 proto kernel metric 256 pref medium
5000::/4 dev eth2 proto kernel metric 256 pref medium
fe80::/64 dev eth2 proto kernel metric 256 pref medium
fe80::/64 dev mytunnel1 proto kernel metric 256 pref medium
fe80::/64 dev mytunnel2 proto kernel metric 256 pref medium
fe80::/64 dev eth1 proto kernel metric 1024 pref medium
$ ip -6 route list table mytunneltable1
2000::/4 dev mytunnel1ipv6 metric 1024 pref medium
$ ip -6 route list table mytunneltable2
2000::/4 dev mytunnel2ipv6 metric 1024 pref medium
$


When trying to execute pings, I get an error message:

$ sudo ping -6 -I mytunnel1ipv6 2001:4860:4860::8888
ping: connect: Network is unreachable
$ sudo ping -6 -I mytunnel2ipv6 2001:4860:4860::8888
ping: connect: Network is unreachable
$

But the tunnels seems to be existing:

$ ip -6 tunnel show
ip6tnl0: ipv6/ipv6 remote :: local :: encaplimit 0 hoplimit inherit tclass 0x00 flowlabel 0x00000 (flowinfo 0x00000000) mytunnel1ipv6: ipv6/ipv6 remote 5001:192:168:180::1 local 5001:192:168:180::2 dev eth2 encaplimit 4 hoplimit 64 tclass 0x00 flowlabel 0x00000 (flowinfo 0x00000000) mytunnel2ipv6: ipv6/ipv6 remote 5001:192:168:180::3 local 5001:192:168:180::4 dev eth2 encaplimit 4 hoplimit 64 tclass 0x00 flowlabel 0x00000 (flowinfo 0x00000000) 
$

I can also ping the "outer" (real) addresses:

$ ping -6 5001:192:168:180::1 -c 1
PING 5001:192:168:180::1(5001:192:168:180::1) 56 data bytes
64 bytes from 5001:192:168:180::1: icmp_seq=1 ttl=64 time=1.70 ms

--- 5001:192:168:180::1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 1.700/1.700/1.700/0.000 ms
$ ping -6 5001:192:168:180::3 -c 1
PING 5001:192:168:180::3(5001:192:168:180::3) 56 data bytes
64 bytes from 5001:192:168:180::3: icmp_seq=1 ttl=64 time=1.68 ms

--- 5001:192:168:180::3 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 1.678/1.678/1.678/0.000 ms
$
I know the 2001::/4 in "route add" is not useable for all Internet IPv6 addresses, but at least for these test pings that shall be enough? 

Someone an idea, what could be wrong/missing?

Many thanks!

Best regards,

Martin
[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux