Linode Forum
Linode Community Forums
 FAQFAQ    SearchSearch    MembersMembers      Register Register 
 LoginLogin [ Anonymous ] 
Post new topic  Reply to topic
Author Message
PostPosted: Sun Apr 15, 2012 10:44 pm 
Offline
Senior Newbie

Joined: Mon May 10, 2010 11:29 pm
Posts: 15
Hi,

I have added an IPV6 address to my Ubuntu 10.04 linode.

For some reason, the autoconfigure doesn't seem to be working:

Code:
eth0      Link encap:Ethernet  HWaddr f2:3c:91:96:68:a5  
          inet addr:109.74.203.220  Bcast:109.74.203.255  Mask:255.255.255.0
          inet6 addr: fe80::f03c:91ff:fe96:68a5/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2262622 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1636599 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:344687175 (344.6 MB)  TX bytes:2219432293 (2.2 GB)
          Interrupt:44


My /etc/network/interfaces is:

Code:
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback
pre-up iptables-restore < /etc/iptables.up.rules

# The primary network interface
auto eth0
iface eth0 inet dhcp


Do I need to modify the interfaces file to get the autoconfiguration working? I have a Fedora Linode too - the IPV6 address was added with no problem.

Thanks,

Dan


Top
   
 Post subject:
PostPosted: Sun Apr 15, 2012 10:57 pm 
Offline
Sysop

Joined: Sat Nov 27, 2010 3:32 am
Posts: 180
Website: https://blog.timheckman.net/
Location: San Francisco, CA
Do you have any type of firewall helper (ufw for example)?

What does "sysctl -a | grep net.ipv6.conf.eth0" show?

-Tim


Top
   
 Post subject:
PostPosted: Sun Apr 15, 2012 11:04 pm 
Offline
Senior Newbie

Joined: Mon May 10, 2010 11:29 pm
Posts: 15
Nope, no firewall helper, just the iptables.up.rules file that is mentioned in interfaces. It would be ip6tables for IPV6, right? In any case the firewall shouldn't stop the IP address being assigned, right?

Output from sysctl:

Code:
dan@block-shape:~$ sudo sysctl -a | grep net.ipv6.conf.eth0
error: "Invalid argument" reading key "fs.binfmt_misc.register"
error: permission denied on key 'net.ipv4.route.flush'
net.ipv6.conf.eth0.forwarding = 0
net.ipv6.conf.eth0.hop_limit = 64
net.ipv6.conf.eth0.mtu = 1500
net.ipv6.conf.eth0.accept_ra = 1
net.ipv6.conf.eth0.accept_redirects = 1
net.ipv6.conf.eth0.autoconf = 1
net.ipv6.conf.eth0.dad_transmits = 1
net.ipv6.conf.eth0.router_solicitations = 3
net.ipv6.conf.eth0.router_solicitation_interval = 4
net.ipv6.conf.eth0.router_solicitation_delay = 1
net.ipv6.conf.eth0.force_mld_version = 0
net.ipv6.conf.eth0.use_tempaddr = 0
net.ipv6.conf.eth0.temp_valid_lft = 604800
net.ipv6.conf.eth0.temp_prefered_lft = 86400
net.ipv6.conf.eth0.regen_max_retry = 5
net.ipv6.conf.eth0.max_desync_factor = 600
net.ipv6.conf.eth0.max_addresses = 16
net.ipv6.conf.eth0.accept_ra_defrtr = 1
net.ipv6.conf.eth0.accept_ra_pinfo = 1
net.ipv6.conf.eth0.proxy_ndp = 0
net.ipv6.conf.eth0.accept_source_route = 0
net.ipv6.conf.eth0.disable_ipv6 = 0
net.ipv6.conf.eth0.accept_dad = 1
net.ipv6.conf.eth0.force_tllao = 0
error: permission denied on key 'net.ipv6.route.flush'


Thanks.


Top
   
 Post subject:
PostPosted: Sun Apr 15, 2012 11:09 pm 
Offline
Junior Member

Joined: Sat Mar 07, 2009 1:21 pm
Posts: 25
Question #1: Did you reboot your Linode after you added the IPv6 address?


Top
   
 Post subject:
PostPosted: Sun Apr 15, 2012 11:13 pm 
Offline
Sysop

Joined: Sat Nov 27, 2010 3:32 am
Posts: 180
Website: https://blog.timheckman.net/
Location: San Francisco, CA
fuzzman442 wrote:
Question #1: Did you reboot your Linode after you added the IPv6 address?


Enabling IPv6 within the Linode Manager forces a reboot.


Top
   
 Post subject:
PostPosted: Sun Apr 15, 2012 11:15 pm 
Offline
Senior Newbie

Joined: Mon May 10, 2010 11:29 pm
Posts: 15
theckman wrote:
fuzzman442 wrote:
Question #1: Did you reboot your Linode after you added the IPv6 address?


Enabling IPv6 within the Linode Manager forces a reboot.


Exactly. I have also restarted networking.


Top
   
 Post subject:
PostPosted: Sun Apr 15, 2012 11:19 pm 
Offline
Sysop

Joined: Sat Nov 27, 2010 3:32 am
Posts: 180
Website: https://blog.timheckman.net/
Location: San Francisco, CA
Well, with sysctl it looks like you should be good. Just to cover the bases what does this show:

ip6tables-save

-Tim


Top
   
 Post subject:
PostPosted: Sun Apr 15, 2012 11:23 pm 
Offline
Senior Newbie

Joined: Mon May 10, 2010 11:29 pm
Posts: 15
As far as I'm aware, it should be the default config. This is what I get:

Code:
dan@block-shape:~$ sudo ip6tables-save 
[sudo] password for dan:
# Generated by ip6tables-save v1.4.4 on Mon Apr 16 04:20:40 2012
*security
:INPUT ACCEPT [8:832]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [8:832]
COMMIT
# Completed on Mon Apr 16 04:20:40 2012
# Generated by ip6tables-save v1.4.4 on Mon Apr 16 04:20:40 2012
*raw
:PREROUTING ACCEPT [30940:3217060]
:OUTPUT ACCEPT [63:4612]
COMMIT
# Completed on Mon Apr 16 04:20:40 2012
# Generated by ip6tables-save v1.4.4 on Mon Apr 16 04:20:40 2012
*mangle
:PREROUTING ACCEPT [30940:3217060]
:INPUT ACCEPT [30937:3216872]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [63:4612]
:POSTROUTING ACCEPT [8:832]
COMMIT
# Completed on Mon Apr 16 04:20:40 2012
# Generated by ip6tables-save v1.4.4 on Mon Apr 16 04:20:40 2012
*filter
:INPUT DROP [30929:3216040]
:FORWARD DROP [0:0]
:OUTPUT DROP [55:3780]
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
COMMIT
# Completed on Mon Apr 16 04:20:40 2012


Top
   
 Post subject:
PostPosted: Sun Apr 15, 2012 11:29 pm 
Offline
Senior Newbie

Joined: Mon May 10, 2010 11:29 pm
Posts: 15
I just noticed this in syslog:

Code:
Apr 16 03:35:06 block-shape kernel: eth0: no IPv6 routers present


Is this something I can fix?


Top
   
 Post subject:
PostPosted: Mon Apr 16, 2012 12:00 am 
Offline
Sysop

Joined: Sat Nov 27, 2010 3:32 am
Posts: 180
Website: https://blog.timheckman.net/
Location: San Francisco, CA
I've never seen that error before. Which datacenter are you in?


Top
   
 Post subject:
PostPosted: Mon Apr 16, 2012 8:26 am 
Offline
Senior Newbie

Joined: Mon May 10, 2010 11:29 pm
Posts: 15
London


Top
   
 Post subject:
PostPosted: Mon Apr 16, 2012 8:37 am 
Offline
Linode Staff
User avatar

Joined: Sat Jun 21, 2003 2:21 pm
Posts: 160
Location: Absecon, NJ
danscott wrote:
Code:
*filter
:INPUT DROP [30929:3216040]
:FORWARD DROP [0:0]
:OUTPUT DROP [55:3780]
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o lo -j ACCEPT

You're dropping everything in the filter table so you never see the router advertisements. The quick fix is to allow all IPv6 traffic by changing the policy to ACCEPT. You can also set up rules to allow only the traffic you need, but that's more complicated.

-James


Top
   
 Post subject:
PostPosted: Mon Apr 16, 2012 9:16 am 
Offline
Senior Newbie

Joined: Mon May 10, 2010 11:29 pm
Posts: 15
OK, I think I've got it now, thanks.

Code:
-A INPUT -j ACCEPT
for ip6tables worked and I got the IPV6 address.

Do you know which rules I need specifically?

I added these:

Code:
-A INPUT -p ipv6-icmp -m icmp6 --icmpv6-type 134 -j ACCEPT 
-A INPUT -p ipv6-icmp -m icmp6 --icmpv6-type 133 -j ACCEPT
-A INPUT -p ipv6-icmp -m icmp6 --icmpv6-type 136 -j ACCEPT
-A INPUT -p ipv6-icmp -m icmp6 --icmpv6-type 135 -j ACCEPT
-A INPUT -p ipv6-icmp -m icmp6 --icmpv6-type 128 -j ACCEPT
-A INPUT -p ipv6-icmp -m icmp6 --icmpv6-type 129 -j ACCEPT


and removed the 'accept all' rule, but I lost my address again.


Top
   
 Post subject:
PostPosted: Wed Apr 25, 2012 1:16 am 
Offline
Senior Member
User avatar

Joined: Wed Jan 24, 2007 12:04 am
Posts: 90
Website: http://www.smiffysplace.com
Location: Rural South Australia
If it's any help, I just got things working on mine by borrowing the ICMP6 rules from here:

www.cert.org/downloads/IPv6/ip6tables_rules.txt


Top
   
Display posts from previous:  Sort by  
Post new topic  Reply to topic


Who is online

Users browsing this forum: No registered users and 3 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
RSS

Powered by phpBB® Forum Software © phpBB Group