Oct 062010
 

I’m not sure why I can’t get to the internet from my systems inside my LAN. The gateway can.

Interesting: On the client box, I can’t see any IPv6 traffic leaving the except icmp. The following demonstrates:

Setting up a 

$ ifconfig
em0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=219b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_MAGIC>
        ether 00:1b:21:51:ab:2d
        inet 10.55.0.44 netmask 0xffffff00 broadcast 10.55.0.255
        inet6 fe80::21b:21ff:fe51:ab2d%em0 prefixlen 64 scopeid 0x1
        inet6 2001:470:1f07:b80:21b:21ff:fe51:ab2d prefixlen 64 autoconf
        nd6 options=3<PERFORMNUD,ACCEPT_RTADV>
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
re0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=389b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_UCAST,WOL_MCAST,WOL_MAGIC>
        ether e0:cb:4e:42:f0:ff
        media: Ethernet autoselect (10baseT/UTP <half-duplex>)
        status: no carrier
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=3<RXCSUM,TXCSUM>
        inet 127.0.0.1 netmask 0xff000000
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
        nd6 options=3<PERFORMNUD,ACCEPT_RTADV>

 $ netstat -nr -f inet6
Routing tables

Internet6:
Destination                       Gateway                       Flags      Netif Expire
::/96                             ::1                           UGRS        lo0 =>
default                           2001:470:1f07:b80::1          UGS         em0
::1                               ::1                           UH          lo0
::ffff:0.0.0.0/96                 ::1                           UGRS        lo0
2001:470:1f07:b80::/64            link#1                        U           em0
2001:470:1f07:b80:21b:21ff:fe51:ab2d link#1                        UHS         lo0
fe80::/10                         ::1                           UGRS        lo0
fe80::%em0/64                     link#1                        U           em0
fe80::21b:21ff:fe51:ab2d%em0      link#1                        UHS         lo0
fe80::%lo0/64                     link#3                        U           lo0
fe80::1%lo0                       link#3                        UHS         lo0
ff01:1::/32                       fe80::21b:21ff:fe51:ab2d%em0  U           em0
ff01:3::/32                       ::1                           U           lo0
ff02::/16                         ::1                           UGRS        lo0
ff02::%em0/32                     fe80::21b:21ff:fe51:ab2d%em0  U           em0
ff02::%lo0/32                     ::1                           U           lo0




FreeBSD 8.1-STABLE

$ ping6 www.freebsd.org
PING6(56=40+8+8 bytes) 2001:470:1f07:b80:21b:21ff:fe51:ab2d --> 2001:4f8:fff6::21
16 bytes from 2001:4f8:fff6::21, icmp_seq=0 hlim=55 time=93.120 ms
16 bytes from 2001:4f8:fff6::21, icmp_seq=1 hlim=55 time=95.246 ms
16 bytes from 2001:4f8:fff6::21, icmp_seq=2 hlim=55 time=91.177 ms
^C
--- www.freebsd.org ping6 statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 91.177/93.181/95.246/1.662 ms



$ sudo tcpdump -ni em0 proto ipv6-icmp or ipv6
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on em0, link-type EN10MB (Ethernet), capture size 96 bytes
00:08:06.248569 IP6 2001:470:1f07:b80:21b:21ff:fe51:ab2d > 2001:4f8:fff6::21: ICMP6, echo request, seq 0, length 16
00:08:06.339562 IP6 2001:4f8:fff6::21 > 2001:470:1f07:b80:21b:21ff:fe51:ab2d: ICMP6, echo reply, seq 0, length 16
00:08:07.249549 IP6 2001:470:1f07:b80:21b:21ff:fe51:ab2d > 2001:4f8:fff6::21: ICMP6, echo request, seq 1, length 16
00:08:07.342011 IP6 2001:4f8:fff6::21 > 2001:470:1f07:b80:21b:21ff:fe51:ab2d: ICMP6, echo reply, seq 1, length 16



so pings get out...


$ sudo pfctl -sa
pfctl: /dev/pf: No such file or directory


No rules


ping the gateway:

$ ping6 2001:470:1f07:b80::1
PING6(56=40+8+8 bytes) 2001:470:1f07:b80:21b:21ff:fe51:ab2d --> 2001:470:1f07:b80::1
16 bytes from 2001:470:1f07:b80::1, icmp_seq=0 hlim=64 time=0.575 ms
16 bytes from 2001:470:1f07:b80::1, icmp_seq=1 hlim=64 time=0.460 ms
16 bytes from 2001:470:1f07:b80::1, icmp_seq=2 hlim=64 time=0.487 ms
^C
--- 2001:470:1f07:b80::1 ping6 statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.460/0.507/0.575/0.049 ms

$ host www.freebsd.org
www.freebsd.org has address 69.147.83.33
www.freebsd.org has IPv6 address 2001:4f8:fff6::21
www.freebsd.org mail is handled by 0 .


$ fetch -6 http://www.freebsd.org/

nothing shows on tcpdump

Website Pin Facebook Twitter Myspace Friendfeed Technorati del.icio.us Digg Google StumbleUpon Premium Responsive

  One Response to “IPv6 woes”

  1. It seems I was missing an important rule:

    pass in on $int_if inet6 proto tcp flags S/SA keep state

    where $int_if is the NIC to the internal LAN on the router