Re: ipv6 routing and neighbour discovery

Hello,

Arno Schuring a écrit :

I've just spent a good afternoon setting up a 6to4 tunnel so I can
finally start enjoying the wonders of the wider world :)

desktop|eth0 <---> ethi|server|ethe <---> WAN

Where is the 6to4 tunnel interface ?

with the following addresses (manually) assigned:

eth0: <6to4>::2/16
ethi: <6to4>::35/16
ethe: <6to4>::1/16

The prefix and lengths are wrong. First, the /16 prefix length must be only on the 6to4 interface : 2002::/16 represents the whole 6to4 world. Prefix length on an ethernet network is usually /64.
Second, you must have a different prefix on each network, as in IPv4. Here ethi and ethe have the same prefix, which is wrong and leads to confusion such as : is <6to4>:<whatever> reachable on ethi or ethe ?

2000::/3 is the current IPv6 global space (may grow bigger)
2002::/16 is the whole 6to4 address space
2002:5571:f9d3::/48 is your whole 6to4 prefix, from which you allocate a /64 prefix for each LAN segment.

From the server, I can ping all three addresses without a problem.

Well, you must be lucky. :-) It could have happened that you can not even reach the desktop if the server had thought that it was reachable on ethe instead of ethi.

Your neighbor discovery (ND) problems come from the wrong prefix allocation. E.g. the desktop thinks that <6to4>::1 is on the network directly attached to eth0 but it is not. Also note that unlike ARP ND does not use link-layer broadcasts but specific link-layer multicasts derived from the queried IPv6 address, so unlike in IPv4 a host may not reply to ND queries for any of its local addresses received on any of its interfaces.
.

Relevant Pages

  • Re: Secure vs Insecure IP6 address
    ... Also, I don't think "domain" is actually a proper term in the IPv6 context, Could you be referring to how IPv6 has an address space large enough such that every person on Earth currently could have their own /48 _prefix_ so as to assign individual addresses to each of their devices as they see fit? ... by using the MAC address of the network card as well. ... Number 1 requires physical access to the network to install the rogue router, and burglar alarms aside, that is more likely to be noticed the smaller and smaller the network is. ...
    (comp.unix.bsd.openbsd.misc)
  • Currently, 29% of Cambodians own mobile phones, a figure that is expected to rise to 46% by 2012, pr
    ... MOBILE phone service operator Hello, ... has announced the launch of the new prefix number 081 ... future development of the network," Foo said. ... Customers using the new prefix will still receive the same benefits as ...
    (soc.culture.cambodia)
  • Re: 05511 numbers
    ... I was trying to find the cost to phone this prefix. ... Bit difficult to answer that question if we don't know what network ... The act of using separate DSL circuits for voice and data ...
    (uk.telecom)
  • Re: Subnet Mask performance issues?
    ... could decrease network performance ... Igor Pinchevskiy ... If you have the same number of hosts in a network, ... use either a /24 prefix or a /8 prefix, performance has to be the same. ...
    (comp.dcom.sys.cisco)