sskaje
commented
6 years ago Hi @iShift , did you have net.ipv6.conf.all.forwarding = 1 in your sysctl.conf ?
Open iShift opened 6 years ago
sskaje
commented
6 years ago Hi @iShift , did you have net.ipv6.conf.all.forwarding = 1 in your sysctl.conf ?
iShift
commented
6 years ago yes: ~$ cat /etc/sysctl.conf | grep net.ipv6
net.ipv6.conf.all.forwarding=1
sskaje
commented
6 years ago @iShift delete your reply, hide your address and then repost
iShift
commented
6 years ago @sskaje when i ping google: from my server
shift@:~$ ping6 ipv6.google.com
PING ipv6.google.com(ams16s22-in-x0e.1e100.net) 56 data bytes
64 bytes from ams16s22-in-x0e.1e100.net: icmp_seq=1 ttl=58 time=0.758 ms
64 bytes from ams16s22-in-x0e.1e100.net: icmp_seq=2 ttl=58 time=0.600 ms
64 bytes from ams16s22-in-x0e.1e100.net: icmp_seq=3 ttl=58 time=0.583 ms
64 bytes from ams16s22-in-x0e.1e100.net: icmp_seq=4 ttl=58 time=0.553 msfrom mac:
MacBook-Pro:~ Shift$ ping6 ipv6.google.com
PING6(56=40+8+8 bytes) xxxx --> 2a00:1450:4010:c02::66
^C
--- ipv6.l.google.com ping6 statistics ---
5 packets transmitted, 0 packets received, 100.0% packet lossbut from mac i can ping my server:
MacBook-Pro:~ Shift$ ping6 server_ipv6_ip
PING6(56=40+8+8 bytes) xxx --> yyy
16 bytes from yyy, icmp_seq=0 hlim=63 time=43.716 ms
16 bytes from yyy, icmp_seq=1 hlim=63 time=41.833 ms
16 bytes from yyy, icmp_seq=2 hlim=63 time=41.732 mson server i see that interface:
tun_6in4_1 Link encap:IPv6-in-IPv4
inet6 addr: ppp/64 Scope:Global
inet6 addr: zzz/64 Scope:Link
UP POINTOPOINT RUNNING NOARP MTU:1280 Metric:1
RX packets:579 errors:0 dropped:0 overruns:0 frame:0
TX packets:257 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:52581 (52.5 KB) TX bytes:40749 (40.7 KB)
PS, why? my server have public ipv6 ip and i don't shame for them =)
sskaje
commented
6 years ago @iShift
Show me your route table on your server. netstat -nr6
For deletion, if you don't have a good ipv6 firewall rule, don't paste your IP address.
iShift
commented
6 years ago i fix for one IP after my router - i add this to server:
sudo ip6tables -t nat -A POSTROUTING -s MY_IPV6_behinde_home_router -o eth0 -j MASQUERADE
to fix all my access what i should do?
2a03:b0c0:0:1::/64 :: Un 256 1 3 tun_6in4_1
2a03:b0c0:0:1010::/64 :: U 256 1 7 eth0
2a03:b0c0:0:8001::/64 :: U 1024 1 80 tun_6in4_1
fe80::/64 :: U 256 0 0 eth1
fe80::/64 :: U 256 0 0 eth0
fe80::/64 :: Un 256 0 0 tun_6in4_1
::/0 2a03:b0c0:0:1010::1 UG 1024 1 10498 eth0
::/0 :: !n -1 1 10690 lo
::1/128 :: Un 0 2 8850 lo
2a03:b0c0:0:1::/128 :: Un 0 1 0 lo
2a03:b0c0:0:1::1/128 :: Un 0 1 0 lo
2a03:b0c0:0:1010::/128 :: Un 0 1 0 lo
2a03:b0c0:0:1010::7:7001/128 :: Un 0 2 9206 lo
fe80::/128 :: Un 0 1 0 lo
fe80::/128 :: Un 0 1 0 lo
fe80::/128 :: Un 0 1 0 lo
fe80::5f55:2e4a/128 :: Un 0 1 0 lo
fe80::601:10ff:fe8a:8901/128 :: Un 0 2 3390 lo
fe80::601:10ff:fe8a:8902/128 :: Un 0 1 0 lo
ff00::/8 :: U 256 0 0 eth1
ff00::/8 :: U 256 0 0 eth0
ff00::/8 :: U 256 0 0 tun_6in4_1
::/0 :: !n -1 1 10690 loand this fix all my device
sudo ip6tables -t nat -A POSTROUTING -s ip_v6_from_tunnel_interface/64 -o eth0 -j MASQUERADE
iShift
commented
6 years ago is it good solution ? (if yes, i can make PR for your script)
GooG2e
commented
6 years ago @sskaje any way to use this without nat?
Hi, after i have tunnel, and all my wi-fi device have ip, i can ping6 to server (where 6in4 tool installed) bit i can't ping/access ipv6 internet. can you help?