Howto 2 ipv6 nets, one through ipv4 tun vpn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

in office we have a /48 ipv6 from our provider and we have our own /48 from RIPE. The provider ipv6 is in place and running well. Now we want to add ipv6 access in parallel using our own ipv6 range for our notebooks if outside office where there is no ipv6 possibility. This one is terminated in a bgp VM outside our office network.

We have setup an tun openvpn on notebooks where a /64 is sended through, all is good. Problem is that when notebooks are in the office, we can't reach them through their VPN ipv6 IP, packets are coming in but no answer. What we want to do is that all trafic coming in from tun interface goes out from this too.

What we did where $tmpif is our tun interface:

$fwtables add rule ip6 filter input iifname "$tmpif" meta mark set 201 counter
$fwtables add rule ip6 filter forward iifname "$tmpif" accept
$fwtables add rule ip6 filter output oifname "$tmpif" meta mark == $mymark accept $fwtables add rule ip6 nat postrouting oifname "$tmpif" counter masquerade random,persistent

ip -6 rule add fwmark 201 table isp1
ip -6 r add default via <ipv6 of other VPN end> dev $tmpif table isp1

Additionnaly, with this setup, we can't access <ipv6 of other VPN end> getting permission denied when trying to ping.

What is wrong with our setup ?

Thanks for any hint

--
Daniel



[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux