Communication via ipv6 inside the tunnel does not work

Questions related to general functionality
Post Reply
nightcore
Posts: 1
Joined: 21 Mar 2018, 00:08

Communication via ipv6 inside the tunnel does not work

Post by nightcore »

Hey,
I have a problem with the communication between client and server via ipv6. I'm not quite sure if I have an error in the configuration or if it's a general problem.
I got a /64 IPv6 network from my provider.
For example: 2001:41d0:1:ee21::/64
I would now like to assign the clients an IPv6 address from this network.

My /etc/accel-ppp.conf looks like this:

Code: Select all

[modules]
log_syslog
l2tp
auth_mschap_v2
auth_chap_md5
radius
ippool
ipv6_nd
ipv6_dhcp
ipv6pool

[core]
log-error=/var/log/accel-ppp/core.log
thread-count=4

[ppp]
verbose=1
min-mtu=1280
mtu=1400
mru=1400
ccp=0
ipv4=require
ipv6=allow

[l2tp]
verbose=1
bind=0.0.0.0
hello-interval=30
timeout=10
rtimeout=5
retransmit=4

[radius]
dictionary=/usr/local/share/accel-ppp/radius/dictionary
nas-identifier=IntNet
gw-ip-address=10.8.0.111
server=127.0.0.1,ThatsASecret,auth-port=1812,acct-port=1813,req-limit=0,fail-time=0,weight=1000
acct-interim-interval=500
acct-on=1
verbose=1
interim-verbose=2

[client-ip-range]
0.0.0.0/0

[ip-pool]
attr=Framed-Pool

[ipv6-pool]
2001:41d0:1:ee21::39:4000/112,127

[ipv6-dns]
2001:41d0:3:163::1

[ipv6-dhcp]
verbose=3
pref-lifetime=604800
valid-lifetime=2592000
route-via-gw=1

[cli]
verbose=1
telnet=127.0.0.1:2000
tcp=127.0.0.1:2001

[log]
syslog=accel-pppd,daemon
copy=1
level=3

netstat -rn6 | grep ppp0

Code: Select all

2001:41d0:1:ee21::39:4000/127  ::                         U    256 0     0 ppp0
fe80::/64                      ::                         U    256 3    24 ppp0
ff00::/8                       ::                         U    256 4    83 ppp0

ip -6 r s dev ppp0

Code: Select all

2001:41d0:1:ee21::39:4000/127 proto kernel metric 256  pref medium
fe80::/64 proto kernel metric 256  pref medium

show sessions ifname,username,ip,ip6,ip6-dp

Code: Select all

 ifname | username  |     ip     |              ip6              | ip6-dp
--------+-----------+------------+-------------------------------+--------
 ppp0   | nightcore | 10.8.0.200 | 2001:41d0:1:ee21::39:4000/127 |

A ping via ipv6 to the clients leads to timeout. (ping 2001:41d0:1:ee21::39:4000)

tcpdump -i ppp0 -vv ip6

Code: Select all

tcpdump: listening on ppp0, link-type LINUX_SLL (Linux cooked), capture size 262144 bytes
00:28:50.619813 IP6 (flowlabel 0x0011b, hlim 64, next-header ICMPv6 (58) payload length: 64) 2001:41d0:1:ee21::39:4001 > 2001:41d0:1:ee21::39:4000: [icmp6 sum ok] ICMP6, echo request, seq 14
00:28:51.627823 IP6 (flowlabel 0x0011b, hlim 64, next-header ICMPv6 (58) payload length: 64) 2001:41d0:1:ee21::39:4001 > 2001:41d0:1:ee21::39:4000: [icmp6 sum ok] ICMP6, echo request, seq 15
00:28:52.635818 IP6 (flowlabel 0x0011b, hlim 64, next-header ICMPv6 (58) payload length: 64) 2001:41d0:1:ee21::39:4001 > 2001:41d0:1:ee21::39:4000: [icmp6 sum ok] ICMP6, echo request, seq 16
00:28:53.643797 IP6 (flowlabel 0x0011b, hlim 64, next-header ICMPv6 (58) payload length: 64) 2001:41d0:1:ee21::39:4001 > 2001:41d0:1:ee21::39:4000: [icmp6 sum ok] ICMP6, echo request, seq 17
00:28:54.651848 IP6 (flowlabel 0x0011b, hlim 64, next-header ICMPv6 (58) payload length: 64) 2001:41d0:1:ee21::39:4001 > 2001:41d0:1:ee21::39:4000: [icmp6 sum ok] ICMP6, echo request, seq 18
00:28:55.659801 IP6 (flowlabel 0x0011b, hlim 64, next-header ICMPv6 (58) payload length: 64) 2001:41d0:1:ee21::39:4001 > 2001:41d0:1:ee21::39:4000: [icmp6 sum ok] ICMP6, echo request, seq 19
00:28:56.667808 IP6 (flowlabel 0x0011b, hlim 64, next-header ICMPv6 (58) payload length: 64) 2001:41d0:1:ee21::39:4001 > 2001:41d0:1:ee21::39:4000: [icmp6 sum ok] ICMP6, echo request, seq 20
A ping from the client to the server leads to the same result. The client runs on windows 10. i use L2TP/IPSec. Am I doing something wrong?
themiron
Posts: 4
Joined: 02 Feb 2017, 13:40
Contact:

Re: Communication via ipv6 inside the tunnel does not work

Post by themiron »

windows 10 requires last 64 bit of peer address to be equal negotiated interface ids.
according ::39:4000/127 you're either not using version from the git, or using not whole /64 for pool
Post Reply