Linode Forum
Linode Community Forums 		 FAQFAQ    SearchSearch    MembersMembers      Register Register 
 LoginLogin [ Anonymous ] 
Post new topic  Reply to topic

Board index » Linux Community Forums » Linux Networking
  Print view Previous topic | Next topic 
Author Message
kg4peq
PostPosted: Wed Sep 05, 2012 2:16 am 
Offline
Senior Newbie

Joined: Wed Aug 19, 2009 10:21 pm
Posts: 13
I have been using the IPv6 tunnel service from Hurricane Electric and tonight I decided to switch to native Linode IPv6. The HE tunnel has worked beautifully, but I cannot get the Linode configuration to come up.

I am running Centos 5.8.

According to the Linode site, my IP's are:
74.207.230.94/255.255.255.0 ( atlanta.wx4akq.org )
2600:3c02::f03c:91ff:fe96:a6f7/64

Default gateways:
74.207.230.1
fe80::1

I have-- as best I can tell-- removed all traces of the HE.net tunnel from the system. Part of this was changing /etc/sysconfig/network to reflect "IPV6_DEFAULTDEV=eth0" instead of "=sit0" as configured during the HE.net tunnel setup.

When my Linode boots, eth0 finds the link address, but is not populating with the IPv6 address:

Code:
eth0      Link encap:Ethernet  HWaddr F2:3C:91:96:A6:F7  
          inet addr:74.207.230.94  Bcast:74.207.230.255  Mask:255.255.255.0
          inet6 addr: fe80::f03c:91ff:fe96:a6f7/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:5612 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4310 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:714964 (698.2 KiB)  TX bytes:696392 (680.0 KiB)
          Interrupt:48


I can manually add the address using the "ip" command:

Code:
ip -6 addr add 2600:3c02::f03c:91ff:fe96:a6f7/64 dev eth0


...and then "ifconfig eth0" shows the address, as expected:

Code:
eth0      Link encap:Ethernet  HWaddr F2:3C:91:96:A6:F7  
          inet addr:74.207.230.94  Bcast:74.207.230.255  Mask:255.255.255.0
          inet6 addr: 2600:3c02::f03c:91ff:fe96:a6f7/64 Scope:Global
          inet6 addr: fe80::f03c:91ff:fe96:a6f7/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:5765 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4462 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:733888 (716.6 KiB)  TX bytes:722654 (705.7 KiB)
          Interrupt:48


...however, I still cannot pass any traffic out to the Internet over IPv6:

Code:
ping6 ipv6.google.com
connect: Network is unreachable


At various points in playing with the system, bringing interfaces up and back down and tinkering with configuration files and routing I have gotten it working *briefly* but upon cycling the interface down and back up, or rebooting the Linode, it stops working again, and even repeating the steps which previously worked do not appear to fix it, so I think it's more of a fluke that it ever worked at all.

I'm sure there's something still lurking in the system relating to the HE.net tunnels that needs to be removed, but I have no idea where to begin looking. Any suggestions?
Top
   
Reply with quote  
XReaper
PostPosted: Wed Sep 05, 2012 2:25 am 
Offline
Senior Member
User avatar

Joined: Sat Apr 07, 2012 3:40 am
Posts: 56
Website: http://for-no-reason.net
Location: Australia
Your system should be configured for SLAAC (Autoconfiguration), which doesn't need any configuration for ipv6 to work. Perhaps you changed something when you had the tunnel set up? Also, you can use iproute2 to show addresses, no need for ifconfig (ip -6 addr, and ip -4 addr etc)

Can you post the output of 'ip -6 route show'

Thanks
Top
   
Reply with quote  
kg4peq
PostPosted: Wed Sep 05, 2012 2:27 am 
Offline
Senior Newbie

Joined: Wed Aug 19, 2009 10:21 pm
Posts: 13
Code:
[root@atlanta ~]# ip -6 route show
unreachable ::/96 dev lo  metric 1024  error -101
unreachable ::ffff:0.0.0.0/96 dev lo  metric 1024  error -101
unreachable 2002:a00::/24 dev lo  metric 1024  error -101
unreachable 2002:7f00::/24 dev lo  metric 1024  error -101
unreachable 2002:a9fe::/32 dev lo  metric 1024  error -101
unreachable 2002:ac10::/28 dev lo  metric 1024  error -101
unreachable 2002:c0a8::/32 dev lo  metric 1024  error -101
unreachable 2002:e000::/19 dev lo  metric 1024  error -101
2600:3c02::/64 dev eth0  proto kernel  metric 256 
unreachable 3ffe:ffff::/32 dev lo  metric 1024  error -101
fe80::/64 dev eth0  proto kernel  metric 256


Top
   
Reply with quote  
mnordhoff
PostPosted: Wed Sep 05, 2012 2:28 am 
Offline
Senior Member

Joined: Sat May 03, 2008 4:01 pm
Posts: 567
Website: http://www.mattnordhoff.com/
This probably isn't it, but please also paste the output of "ip6tables-save".

_________________
Matt Nordhoff (aka Peng on IRC)
Top
   
Reply with quote  
kg4peq
PostPosted: Wed Sep 05, 2012 2:33 am 
Offline
Senior Newbie

Joined: Wed Aug 19, 2009 10:21 pm
Posts: 13
mnordhoff wrote:
This probably isn't it, but please also paste the output of "ip6tables-save".


It's not that, as I have ip6tables disabled at the moment while trying to get all this sorted out.

I did just do:

Quote:
ip -6 route add default via fe80::1 dev eth0


and traffic is now flowing. Here is the updated 'ip -6 route show':

Code:
[root@atlanta ~]# ip -6 route show
unreachable ::/96 dev lo  metric 1024  error -101
unreachable ::ffff:0.0.0.0/96 dev lo  metric 1024  error -101
unreachable 2002:a00::/24 dev lo  metric 1024  error -101
unreachable 2002:7f00::/24 dev lo  metric 1024  error -101
unreachable 2002:a9fe::/32 dev lo  metric 1024  error -101
unreachable 2002:ac10::/28 dev lo  metric 1024  error -101
unreachable 2002:c0a8::/32 dev lo  metric 1024  error -101
unreachable 2002:e000::/19 dev lo  metric 1024  error -101
2600:3c02::/64 dev eth0  proto kernel  metric 256 
unreachable 3ffe:ffff::/32 dev lo  metric 1024  error -101
fe80::/64 dev eth0  proto kernel  metric 256 
default via fe80::1 dev eth0  metric 1024


So it looks like in addition to never getting the IP address, it also wasn't getting a default route. Traffic is now flowing in and out of IPv6... so short of throwing those two commands in rc.local, where do we go from here to check to see why those aren't configuring automatically?

Thanks for your help, by the way. :)
Top
   
Reply with quote  
dwfreed
PostPosted: Wed Sep 05, 2012 2:35 am 
Offline
Senior Member

Joined: Mon Aug 29, 2011 2:34 am
Posts: 77
Post the output of the following, so we can help you fix this permanently:

Code:
cat /etc/sysconfig/network-scripts/ifcfg-*
sysctl -a | grep 'net.ipv6.conf'
cat /etc/sysctl.conf


Also, define "disabled"; default policy ACCEPT on all chains, and no rules?
Top
   
Reply with quote  
mnordhoff
PostPosted: Wed Sep 05, 2012 2:40 am 
Offline
Senior Member

Joined: Sat May 03, 2008 4:01 pm
Posts: 567
Website: http://www.mattnordhoff.com/
kg4peq wrote:
It's not that, as I have ip6tables disabled at the moment while trying to get all this sorted out.

Humor me. iptables rules sometimes sneak in when you aren't watching.

On a different subject, what's with all of those 6to4 and other routes on lo?

_________________
Matt Nordhoff (aka Peng on IRC)
Top
   
Reply with quote  
kg4peq
PostPosted: Wed Sep 05, 2012 2:42 am 
Offline
Senior Newbie

Joined: Wed Aug 19, 2009 10:21 pm
Posts: 13
dwfreed wrote:
Post the output of the following, so we can help you fix this permanently:

Code:
cat /etc/sysconfig/network-scripts/ifcfg-*
sysctl -a | grep 'net.ipv6.conf'
cat /etc/sysctl.conf


Code:
[root@atlanta ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
# Realtek Semiconductor Co., Ltd. RTL-8029(AS)
DEVICE="eth0"
BOOTPROTO="dhcp"
ONBOOT="yes"
IPV6_INIT="yes"
TYPE="Ethernet"


Code:
[root@atlanta ~]# cat /etc/sysconfig/network-scripts/ifcfg-lo
DEVICE=lo
IPADDR=127.0.0.1
NETMASK=255.0.0.0
NETWORK=127.0.0.0
# If you're having problems with gated making 127.0.0.0/8 a martian,
# you can change this to something else (255.255.255.255, for example)
BROADCAST=127.255.255.255
ONBOOT=yes
NAME=loopback


Code:
[root@atlanta ~]# sysctl -a | grep 'net.ipv6.conf'
net.ipv6.conf.all.accept_dad = 1
net.ipv6.conf.all.accept_ra = 1
net.ipv6.conf.all.accept_ra_defrtr = 1
net.ipv6.conf.all.accept_ra_pinfo = 1
net.ipv6.conf.all.accept_redirects = 1
net.ipv6.conf.all.accept_source_route = 0
net.ipv6.conf.all.autoconf = 1
net.ipv6.conf.all.dad_transmits = 1
net.ipv6.conf.all.disable_ipv6 = 0
net.ipv6.conf.all.force_mld_version = 0
net.ipv6.conf.all.force_tllao = 0
net.ipv6.conf.all.forwarding = 0
net.ipv6.conf.all.hop_limit = 64
net.ipv6.conf.all.max_addresses = 16
net.ipv6.conf.all.max_desync_factor = 600
net.ipv6.conf.all.mtu = 1280
net.ipv6.conf.all.proxy_ndp = 0
net.ipv6.conf.all.regen_max_retry = 3
net.ipv6.conf.all.router_solicitation_delay = 1
net.ipv6.conf.all.router_solicitation_interval = 4
net.ipv6.conf.all.router_solicitations = 3
net.ipv6.conf.all.temp_prefered_lft = 86400
net.ipv6.conf.all.temp_valid_lft = 604800
net.ipv6.conf.all.use_tempaddr = 0
net.ipv6.conf.default.accept_dad = 1
net.ipv6.conf.default.accept_ra = 1
net.ipv6.conf.default.accept_ra_defrtr = 1
net.ipv6.conf.default.accept_ra_pinfo = 1
net.ipv6.conf.default.accept_redirects = 1
net.ipv6.conf.default.accept_source_route = 0
net.ipv6.conf.default.autoconf = 1
net.ipv6.conf.default.dad_transmits = 1
net.ipv6.conf.default.disable_ipv6 = 0
net.ipv6.conf.default.force_mld_version = 0
net.ipv6.conf.default.force_tllao = 0
net.ipv6.conf.default.forwarding = 0
net.ipv6.conf.default.hop_limit = 64
net.ipv6.conf.default.max_addresses = 16
net.ipv6.conf.default.max_desync_factor = 600
net.ipv6.conf.default.mtu = 1280
net.ipv6.conf.default.proxy_ndp = 0
net.ipv6.conf.default.regen_max_retry = 3
net.ipv6.conf.default.router_solicitation_delay = 1
net.ipv6.conf.default.router_solicitation_interval = 4
net.ipv6.conf.default.router_solicitations = 3
net.ipv6.conf.default.temp_prefered_lft = 86400
net.ipv6.conf.default.temp_valid_lft = 604800
net.ipv6.conf.default.use_tempaddr = 0
net.ipv6.conf.dummy0.accept_dad = -1
net.ipv6.conf.dummy0.accept_ra = 1
net.ipv6.conf.dummy0.accept_ra_defrtr = 1
net.ipv6.conf.dummy0.accept_ra_pinfo = 1
net.ipv6.conf.dummy0.accept_redirects = 1
net.ipv6.conf.dummy0.accept_source_route = 0
net.ipv6.conf.dummy0.autoconf = 1
net.ipv6.conf.dummy0.dad_transmits = 1
net.ipv6.conf.dummy0.disable_ipv6 = 0
net.ipv6.conf.dummy0.force_mld_version = 0
net.ipv6.conf.dummy0.force_tllao = 0
net.ipv6.conf.dummy0.forwarding = 0
net.ipv6.conf.dummy0.hop_limit = 64
net.ipv6.conf.dummy0.max_addresses = 16
net.ipv6.conf.dummy0.max_desync_factor = 600
net.ipv6.conf.dummy0.mtu = 1500
net.ipv6.conf.dummy0.proxy_ndp = 0
net.ipv6.conf.dummy0.regen_max_retry = 3
net.ipv6.conf.dummy0.router_solicitation_delay = 1
net.ipv6.conf.dummy0.router_solicitation_interval = 4
net.ipv6.conf.dummy0.router_solicitations = 3
net.ipv6.conf.dummy0.temp_prefered_lft = 86400
net.ipv6.conf.dummy0.temp_valid_lft = 604800
net.ipv6.conf.dummy0.use_tempaddr = 0
net.ipv6.conf.eth0.accept_dad = 1
net.ipv6.conf.eth0.accept_ra = 1
net.ipv6.conf.eth0.accept_ra_defrtr = 1
net.ipv6.conf.eth0.accept_ra_pinfo = 1
net.ipv6.conf.eth0.accept_redirects = 1
net.ipv6.conf.eth0.accept_source_route = 0
net.ipv6.conf.eth0.autoconf = 1
net.ipv6.conf.eth0.dad_transmits = 1
net.ipv6.conf.eth0.disable_ipv6 = 0
net.ipv6.conf.eth0.force_mld_version = 0
net.ipv6.conf.eth0.force_tllao = 0
net.ipv6.conf.eth0.forwarding = 0
net.ipv6.conf.eth0.hop_limit = 64
net.ipv6.conf.eth0.max_addresses = 16
net.ipv6.conf.eth0.max_desync_factor = 600
net.ipv6.conf.eth0.mtu = 1500
net.ipv6.conf.eth0.proxy_ndp = 0
net.ipv6.conf.eth0.regen_max_retry = 3
net.ipv6.conf.eth0.router_solicitation_delay = 1
net.ipv6.conf.eth0.router_solicitation_interval = 4
net.ipv6.conf.eth0.router_solicitations = 3
net.ipv6.conf.eth0.temp_prefered_lft = 86400
net.ipv6.conf.eth0.temp_valid_lft = 604800
net.ipv6.conf.eth0.use_tempaddr = 0
net.ipv6.conf.gre0.accept_dad = -1
net.ipv6.conf.gre0.accept_ra = 1
net.ipv6.conf.gre0.accept_ra_defrtr = 1
net.ipv6.conf.gre0.accept_ra_pinfo = 1
net.ipv6.conf.gre0.accept_redirects = 1
net.ipv6.conf.gre0.accept_source_route = 0
net.ipv6.conf.gre0.autoconf = 1
net.ipv6.conf.gre0.dad_transmits = 1
net.ipv6.conf.gre0.disable_ipv6 = 0
net.ipv6.conf.gre0.force_mld_version = 0
net.ipv6.conf.gre0.force_tllao = 0
net.ipv6.conf.gre0.forwarding = 0
net.ipv6.conf.gre0.hop_limit = 64
net.ipv6.conf.gre0.max_addresses = 16
net.ipv6.conf.gre0.max_desync_factor = 600
net.ipv6.conf.gre0.mtu = 1476
net.ipv6.conf.gre0.proxy_ndp = 0
net.ipv6.conf.gre0.regen_max_retry = 3
net.ipv6.conf.gre0.router_solicitation_delay = 1
net.ipv6.conf.gre0.router_solicitation_interval = 4
net.ipv6.conf.gre0.router_solicitations = 3
net.ipv6.conf.gre0.temp_prefered_lft = 86400
net.ipv6.conf.gre0.temp_valid_lft = 604800
net.ipv6.conf.gre0.use_tempaddr = 0
net.ipv6.conf.ip6tnl0.accept_dad = -1
net.ipv6.conf.ip6tnl0.accept_ra = 1
net.ipv6.conf.ip6tnl0.accept_ra_defrtr = 1
net.ipv6.conf.ip6tnl0.accept_ra_pinfo = 1
net.ipv6.conf.ip6tnl0.accept_redirects = 1
net.ipv6.conf.ip6tnl0.accept_source_route = 0
net.ipv6.conf.ip6tnl0.autoconf = 1
net.ipv6.conf.ip6tnl0.dad_transmits = 1
net.ipv6.conf.ip6tnl0.disable_ipv6 = 0
net.ipv6.conf.ip6tnl0.force_mld_version = 0
net.ipv6.conf.ip6tnl0.force_tllao = 0
net.ipv6.conf.ip6tnl0.forwarding = 0
net.ipv6.conf.ip6tnl0.hop_limit = 64
net.ipv6.conf.ip6tnl0.max_addresses = 16
net.ipv6.conf.ip6tnl0.max_desync_factor = 600
net.ipv6.conf.ip6tnl0.mtu = 1452
net.ipv6.conf.ip6tnl0.proxy_ndp = 0
net.ipv6.conf.ip6tnl0.regen_max_retry = 3
net.ipv6.conf.ip6tnl0.router_solicitation_delay = 1
net.ipv6.conf.ip6tnl0.router_solicitation_interval = 4
net.ipv6.conf.ip6tnl0.router_solicitations = 3
net.ipv6.conf.ip6tnl0.temp_prefered_lft = 86400
net.ipv6.conf.ip6tnl0.temp_valid_lft = 604800
net.ipv6.conf.ip6tnl0.use_tempaddr = -1
net.ipv6.conf.lo.accept_dad = -1
net.ipv6.conf.lo.accept_ra = 1
net.ipv6.conf.lo.accept_ra_defrtr = 1
net.ipv6.conf.lo.accept_ra_pinfo = 1
net.ipv6.conf.lo.accept_redirects = 1
net.ipv6.conf.lo.accept_source_route = 0
net.ipv6.conf.lo.autoconf = 1
net.ipv6.conf.lo.dad_transmits = 1
net.ipv6.conf.lo.disable_ipv6 = 0
net.ipv6.conf.lo.force_mld_version = 0
net.ipv6.conf.lo.force_tllao = 0
net.ipv6.conf.lo.forwarding = 0
net.ipv6.conf.lo.hop_limit = 64
net.ipv6.conf.lo.max_addresses = 16
net.ipv6.conf.lo.max_desync_factor = 600
net.ipv6.conf.lo.mtu = 16436
net.ipv6.conf.lo.proxy_ndp = 0
net.ipv6.conf.lo.regen_max_retry = 3
net.ipv6.conf.lo.router_solicitation_delay = 1
net.ipv6.conf.lo.router_solicitation_interval = 4
net.ipv6.conf.lo.router_solicitations = 3
net.ipv6.conf.lo.temp_prefered_lft = 86400
net.ipv6.conf.lo.temp_valid_lft = 604800
net.ipv6.conf.lo.use_tempaddr = -1
net.ipv6.conf.sit0.accept_dad = -1
net.ipv6.conf.sit0.accept_ra = 1
net.ipv6.conf.sit0.accept_ra_defrtr = 1
net.ipv6.conf.sit0.accept_ra_pinfo = 1
net.ipv6.conf.sit0.accept_redirects = 1
net.ipv6.conf.sit0.accept_source_route = 0
net.ipv6.conf.sit0.autoconf = 1
net.ipv6.conf.sit0.dad_transmits = 1
net.ipv6.conf.sit0.disable_ipv6 = 0
net.ipv6.conf.sit0.force_mld_version = 0
net.ipv6.conf.sit0.force_tllao = 0
net.ipv6.conf.sit0.forwarding = 0
net.ipv6.conf.sit0.hop_limit = 64
net.ipv6.conf.sit0.max_addresses = 16
net.ipv6.conf.sit0.max_desync_factor = 600
net.ipv6.conf.sit0.mtu = 1480
net.ipv6.conf.sit0.proxy_ndp = 0
net.ipv6.conf.sit0.regen_max_retry = 3
net.ipv6.conf.sit0.router_solicitation_delay = 1
net.ipv6.conf.sit0.router_solicitation_interval = 4
net.ipv6.conf.sit0.router_solicitations = 3
net.ipv6.conf.sit0.temp_prefered_lft = 86400
net.ipv6.conf.sit0.temp_valid_lft = 604800
net.ipv6.conf.sit0.use_tempaddr = -1
net.ipv6.conf.teql0.accept_dad = -1
net.ipv6.conf.teql0.accept_ra = 1
net.ipv6.conf.teql0.accept_ra_defrtr = 1
net.ipv6.conf.teql0.accept_ra_pinfo = 1
net.ipv6.conf.teql0.accept_redirects = 1
net.ipv6.conf.teql0.accept_source_route = 0
net.ipv6.conf.teql0.autoconf = 1
net.ipv6.conf.teql0.dad_transmits = 1
net.ipv6.conf.teql0.disable_ipv6 = 0
net.ipv6.conf.teql0.force_mld_version = 0
net.ipv6.conf.teql0.force_tllao = 0
net.ipv6.conf.teql0.forwarding = 0
net.ipv6.conf.teql0.hop_limit = 64
net.ipv6.conf.teql0.max_addresses = 16
net.ipv6.conf.teql0.max_desync_factor = 600
net.ipv6.conf.teql0.mtu = 1500
net.ipv6.conf.teql0.proxy_ndp = 0
net.ipv6.conf.teql0.regen_max_retry = 3
net.ipv6.conf.teql0.router_solicitation_delay = 1
net.ipv6.conf.teql0.router_solicitation_interval = 4
net.ipv6.conf.teql0.router_solicitations = 3
net.ipv6.conf.teql0.temp_prefered_lft = 86400
net.ipv6.conf.teql0.temp_valid_lft = 604800
net.ipv6.conf.teql0.use_tempaddr = 0
net.ipv6.conf.tun0.accept_dad = -1
net.ipv6.conf.tun0.accept_ra = 1
net.ipv6.conf.tun0.accept_ra_defrtr = 1
net.ipv6.conf.tun0.accept_ra_pinfo = 1
net.ipv6.conf.tun0.accept_redirects = 1
net.ipv6.conf.tun0.accept_source_route = 0
net.ipv6.conf.tun0.autoconf = 1
net.ipv6.conf.tun0.dad_transmits = 1
net.ipv6.conf.tun0.disable_ipv6 = 0
net.ipv6.conf.tun0.force_mld_version = 0
net.ipv6.conf.tun0.force_tllao = 0
net.ipv6.conf.tun0.forwarding = 0
net.ipv6.conf.tun0.hop_limit = 64
net.ipv6.conf.tun0.max_addresses = 16
net.ipv6.conf.tun0.max_desync_factor = 600
net.ipv6.conf.tun0.mtu = 1500
net.ipv6.conf.tun0.proxy_ndp = 0
net.ipv6.conf.tun0.regen_max_retry = 3
net.ipv6.conf.tun0.router_solicitation_delay = 1
net.ipv6.conf.tun0.router_solicitation_interval = 4
net.ipv6.conf.tun0.router_solicitations = 3
net.ipv6.conf.tun0.temp_prefered_lft = 86400
net.ipv6.conf.tun0.temp_valid_lft = 604800
net.ipv6.conf.tun0.use_tempaddr = -1
net.ipv6.conf.tunl0.accept_dad = -1
net.ipv6.conf.tunl0.accept_ra = 1
net.ipv6.conf.tunl0.accept_ra_defrtr = 1
net.ipv6.conf.tunl0.accept_ra_pinfo = 1
net.ipv6.conf.tunl0.accept_redirects = 1
net.ipv6.conf.tunl0.accept_source_route = 0
net.ipv6.conf.tunl0.autoconf = 1
net.ipv6.conf.tunl0.dad_transmits = 1
net.ipv6.conf.tunl0.disable_ipv6 = 0
net.ipv6.conf.tunl0.force_mld_version = 0
net.ipv6.conf.tunl0.force_tllao = 0
net.ipv6.conf.tunl0.forwarding = 0
net.ipv6.conf.tunl0.hop_limit = 64
net.ipv6.conf.tunl0.max_addresses = 16
net.ipv6.conf.tunl0.max_desync_factor = 600
net.ipv6.conf.tunl0.mtu = 1480
net.ipv6.conf.tunl0.proxy_ndp = 0
net.ipv6.conf.tunl0.regen_max_retry = 3
net.ipv6.conf.tunl0.router_solicitation_delay = 1
net.ipv6.conf.tunl0.router_solicitation_interval = 4
net.ipv6.conf.tunl0.router_solicitations = 3
net.ipv6.conf.tunl0.temp_prefered_lft = 86400
net.ipv6.conf.tunl0.temp_valid_lft = 604800
net.ipv6.conf.tunl0.use_tempaddr = -1


Code:
[root@atlanta ~]# cat /etc/sysctl.conf
# Kernel sysctl configuration file for Red Hat Linux
#
# For binary values, 0 is disabled, 1 is enabled.  See sysctl(8) and
# sysctl.conf(5) for more details.

# Controls IP packet forwarding
net.ipv4.ip_forward = 1

# Controls source route verification
net.ipv4.conf.default.rp_filter = 1

# Do not accept source routing
net.ipv4.conf.default.accept_source_route = 0

# Controls the System Request debugging functionality of the kernel
kernel.sysrq = 0

# Controls whether core dumps will append the PID to the core filename
# Useful for debugging multi-threaded applications
kernel.core_uses_pid = 1

# Controls the use of TCP syncookies
net.ipv4.tcp_syncookies = 1

# Controls the maximum size of a message, in bytes
kernel.msgmnb = 65536

# Controls the default maxmimum size of a mesage queue
kernel.msgmax = 65536

# Controls the maximum shared segment size, in bytes
kernel.shmmax = 4294967295

# Controls the maximum number of shared memory segments, in pages
kernel.shmall = 268435456


vm.swappiness = 25


dwfreed wrote:
Also, define "disabled"; default policy ACCEPT on all chains, and no rules?


Exactly.
Top
   
Reply with quote  
kg4peq
PostPosted: Wed Sep 05, 2012 2:44 am 
Offline
Senior Newbie

Joined: Wed Aug 19, 2009 10:21 pm
Posts: 13
mnordhoff wrote:
kg4peq wrote:
It's not that, as I have ip6tables disabled at the moment while trying to get all this sorted out.

Humor me. iptables rules sometimes sneak in when you aren't watching.


Code:
[root@atlanta ~]# ip6tables-save
# Generated by ip6tables-save v1.3.5 on Wed Sep  5 02:42:58 2012
*security
:INPUT ACCEPT [54:18972]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [52:5024]
COMMIT
# Completed on Wed Sep  5 02:42:58 2012
# Generated by ip6tables-save v1.3.5 on Wed Sep  5 02:42:58 2012
*raw
:PREROUTING ACCEPT [54:18972]
:OUTPUT ACCEPT [52:5024]
COMMIT
# Completed on Wed Sep  5 02:42:58 2012
# Generated by ip6tables-save v1.3.5 on Wed Sep  5 02:42:58 2012
*mangle
:PREROUTING ACCEPT [54:18972]
:INPUT ACCEPT [54:18972]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [52:5024]
:POSTROUTING ACCEPT [52:5024]
COMMIT
# Completed on Wed Sep  5 02:42:58 2012
# Generated by ip6tables-save v1.3.5 on Wed Sep  5 02:42:58 2012
*filter
:INPUT ACCEPT [54:18972]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [52:5024]
:RH-Firewall-1-INPUT - [0:0]
COMMIT
# Completed on Wed Sep  5 02:42:58 2012
[root@atlanta ~]#


mnordhoff wrote:
On a different subject, what's with all of those 6to4 and other routes on lo?


Who knows. Only 6to4 stuff I know about is whatever was created when the HE tunnel was created.
Top
   
Reply with quote  
kg4peq
PostPosted: Wed Sep 05, 2012 11:45 pm 
Offline
Senior Newbie

Joined: Wed Aug 19, 2009 10:21 pm
Posts: 13
Not sure why my final post didn't show up here, so I'll try again.

Y'all got my wheels turning, and I fixed the problem at o'dark:30 this morning.

When I said ip6tables was disabled, I was not taking down ip6tables until the system finished booting. I did not have a rule in ip6tables to allow ICMPv6 traffic, and that's apparently necessary for the interface to auto-configure. After modifying ip6tables to allow ICMPv6, everything works beautifully.

Code:
ip6tables -A INPUT -p icmpv6 -j ACCEPT


Thanks to everyone for all the help!
Top
   
Reply with quote  
sweh
PostPosted: Fri Sep 07, 2012 4:29 pm 
Offline
Senior Member
User avatar

Joined: Tue Apr 13, 2004 6:54 pm
Posts: 833
kg4peq wrote:
Not sure why my final post didn't show up here, so I'll try again.

You posted it in the wrong thread ("iptables vs ip6tables") :-)

_________________
Rgds
Stephen
(Linux user since kernel version 0.11)
Top
   
Reply with quote  
kg4peq
PostPosted: Sat Sep 08, 2012 4:23 am 
Offline
Senior Newbie

Joined: Wed Aug 19, 2009 10:21 pm
Posts: 13
sweh wrote:
kg4peq wrote:
Not sure why my final post didn't show up here, so I'll try again.

You posted it in the wrong thread ("iptables vs ip6tables") :-)


Well that's just bizarre. :) Too late at night I suppose.
Top
   
Reply with quote  
Display posts from previous:  Sort by  
Post new topic  Reply to topic

Board index » Linux Community Forums » Linux Networking


Who is online

Users browsing this forum: No registered users and 3 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
RSS

Powered by phpBB® Forum Software © phpBB Group