On Thu, 22 Jan 2004, Andreas Jellinghaus wrote: > Hi Ville, > > > Btw: did you have any IPsec policies loaded when you performed your test? > > I don't have IPsec loaded, so that might perhaps be the reason for the > > different results. > > I removed them for the new test. > > now I can ping using the link local ips, even over the tunnel. Good :) > but not over the tunnel with the global ips. > As I don't have global ip6 on that tunnel, I assigned > 4000::1/64 and 4000::2/64. Is that ok, or should I use > some other range? No, the addresses should be fine since they aren't from any reserved address range. Besides, they work ok for me. > > ipv6tunnel add ip6sec0 remote ll_gwaddr local ll_laddr dev wlan0 > > ip link set ip6sec0 up > > ip -6 a dev ip6sec0 > > what should that be? ls? Yes, sorry ;) > ip6sec0 working fine, but ip6sec1 not at all: > Jan 22 15:28:31 localhost kernel: ip6sec1: Tunnel not configured to > transmit traffic! > > ip link ls on laptop: > 14: ip6sec0@wlan0: <POINTOPOINT,NOARP,UP> mtu 1460 qdisc noqueue > link/tunnel6 fe:80:00:00:00:00:00:00:02:02:dd:ff:fe:32:65:25 peer > fe:80:00:00:00:00:00:00:02:09:5b:ff:fe:2f:ea:7e > 15: ip6sec1@wlan0: <NOARP,UP> mtu 1460 qdisc noqueue > link/tunnel6 40:00:00:00:00:00:00:00:00:00:00:00:00:00:00:01 brd > 40:00:00:00:00:00:00:00:00:00:00:00:00:00:00:02 > > the POINTOPOINT flag missing? why? Yes, I'm wondering about that too. The function ip6_tnl_set_cap() in ip6_tunnel.c determines if the device is capable of transmitting (or receiving) data based on the tunnel endpoint addresses. Would you put some checks into that function and see what it is doing on your machines? Unfortunately I'm not able to recreate this problem. Regards, Ville -- Ville Nuorvala Research Assistant, Institute of Digital Communications, Helsinki University of Technology email: vnuorval@tcs.hut.fi, phone: +358 (0)9 451 5257 - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
