dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
161354
share rss forum feed


TSI Gabe
Router of Packets
Premium,VIP
join:2007-01-03
Gatineau, QC
kudos:7
reply to TSI Gabe

Re: IPv6 beta

Like I said previously, I'm going to work on Tomato so that the user doesn't have to type any IPv6 address at all. The problem at the moment is that IPv6 Neighbour Discovery + MLPPP doesn't work on our ERXes. We filed a bug report with Juniper, they acknowledged the problem and are working on a patch.



Salaman

join:2008-04-04
Pointe-Claire, QC
reply to TSI Gabe

A part of my log: »pastie.org/private/gl0xbw7httkkchacj6aivw
2607:f2c0:blah:1500::1 (replaced blah with the actual value) is in the IPv6 field, /56 selected. Still not working.



TSI Gabe
Router of Packets
Premium,VIP
join:2007-01-03
Gatineau, QC
kudos:7

Based on this

Feb 27 20:17:38 unknown local2.info pppd[5332]: Terminating link on signal 2
Feb 27 20:17:38 unknown local2.notice pppd[5332]: Link terminated.

You aren't connected... I can't tell why though.
--
TSI Gabe - TekSavvy Solutions Inc.
Authorized TSI employee ( »TekSavvy FAQ »Official support in the forum )



Salaman

join:2008-04-04
Pointe-Claire, QC

1 edit

Connected to what? I can browse the internet fine, posting this using the connection.

Should I try reflashing and erasing NVRAM?

EDIT: Looks like I'm not the only one »IPv6 Testers


dtownotown

join:2010-02-27
reply to Guspaz

said by Guspaz:

(sarcasm) No wonder, you don't even have a valid MAC address! (/sarcasm)

Seriously, it's like trying to hide a computer's local IP as 192.168.0.5, it's silly.
No sillier than that post..

But seriously, i've been at this all day and still nothing..
Can ping ipv6 hosts from the router/tools but still can't get Vista to accept an ipv6 address.. nor my Ubuntu laptop..

t3nk3n

join:2010-02-24
Mississauga, ON

1 edit
reply to Salaman

Used the solution posted at »IPv6 Testers posted by daboom. Worked nicely


m1k_3

join:2007-09-25
reply to TSI Gabe

said by TSI Gabe:

Based on this

Feb 27 20:17:38 unknown local2.info pppd[5332]: Terminating link on signal 2
Feb 27 20:17:38 unknown local2.notice pppd[5332]: Link terminated.

You aren't connected... I can't tell why though.
I am getting the same errors. I cannot ping from hosts behind my router which are getting assigned the IPv6 addresses. I get destination unreachable back from the router.
C:\ping 2001:4860:800b::93

Pinging 2001:4860:800b::93 with 32 bytes of data:

Destination host unreachable.
Destination host unreachable.
Destination host unreachable.
Destination host unreachable.

I can ping IPv6 addresses from the cli of the router.

ping -6 2001:4860:800b::93
PING 2001:4860:800b::93 (2001:4860:800b::93): 56 data bytes
64 bytes from 2001:4860:800b::93: seq=0 ttl=56 time=44.281 ms

daboom
Premium
join:2001-12-16
Oshawa, ON

1 edit
reply to ipv6less

doesn't look like u got ipv6 on at all

What OS you got running there? looks like XP.


daboom
Premium
join:2001-12-16
Oshawa, ON
reply to m1k_3

to anyone else having the router work with ipv6 and nothing else and esp if your lan device is getting a ipv6 address assigned from the router. check this part out.

»Re: IPv6 Testers
--
Come join us on EFNET irc.dks.ca #teksavvy for live chat
Java Chat back online @ »teksavvy.kicks-ass.net


Rand2k1

join:2003-12-09
Canada

2 edits
reply to TSI Gabe

Anyone mind checking out there firewall functions on tomato?

It appears to not be functioning proper/at all on IPv6. A port scan found several open ports on my system.

A IPv4 scan shows nothing open and a IPv6 scan shows 88 and 548 open. Should be easy enough to fix, but be warned, tomato appears to not firewall ipv6 at all by default.


daboom
Premium
join:2001-12-16
Oshawa, ON

Yes that's correct no Ipv6 firewall enabled yet it's like having a direct connection to the inet just make sure pc firewall is on and blocking if avail. The Ipv6 filtering may be added later and this was well discussed in various posts.
--
Come join us on EFNET irc.dks.ca #teksavvy for live chat
Java Chat back online @ »teksavvy.kicks-ass.net


Rand2k1

join:2003-12-09
Canada
reply to TSI Gabe

I must of skipped those posts then . I just assumed it would at least default to everything closed.

At any rate, I turned ipv6 off for now, I dont want to go around making sure everything is firewalled in software properly right now, plus some devices can't be firewalled through software (like my ipv6 ready printers.)


rhooper

join:2004-05-06
Ottawa, ON
reply to TSI Gabe

I managed to get IPv6 working with the custom tomato release with no trouble at all, however I do have these observations:

- I get a dynamic IPv4 rather than my static IPv4 that I get with my usual credentials. (I've received a suggestion as to how to work around this)

- The tomato interface doesn't let me add static IPv6 routes from the routing screen -- I had to go do so by adding it to administration/scripts in the form of:

ip -6 route add 2607:f2c0:foo:baz::/64 via 2607:f2c0:foo:bar::2 
 

- There was no way to manually configure and enable/disable /etc/radvd.conf although I probably don't need to.

All that said -- wow, that was pretty painless to do my first-ever ipv6!


vitesse

join:2002-12-17
Saint-Jean-Sur-Richelieu, QC
reply to TSI Gabe

Do you plan to offer static ipv4 soon with our ipv6 login?

I was planning and successfully used ipv6 on 1.19mp2 but I see tat you only offer dynamic IP and I need a static IP


rhooper

join:2004-05-06
Ottawa, ON

2 edits
reply to brassy

Hey brassy,

I've been trying to get mpd5 configured correctly - did you have to write your own link-up scripts? I'm seeing the IPV6CP LayerUp event and the addresses involved are shown (see below), but there is nothing a the linklocal address on the PPP link afterwards (no other aliases or routes are added).

I also tried userland ppp and it never negotiated IPV6CP even though the option is specified (but did happily do MLPPP/SLPPP and IPV4)

[B1] IPV6CP: LayerUp
[B1] 02a0:ccff:fe30:abcd -> 0090:1a00:4243:wxyz

FreeBSD kerplunk 7.2-STABLE FreeBSD 7.2-STABLE #0: Sat Jan 9 14:38:23 EST 2010

Edit: Solved. MPD default route script and mpd config file attached:

#!/bin/sh
 
echo $0 "$@" >> /var/log/mpd-ifscript.log
/sbin/route add -$2 default $4 >> /var/log/mpd-ifscript.log  2>&1
 

#!/bin/sh
 
echo $0 "$@" >> /var/log/mpd-ifscript.log
#remote=`echo $5 | cut -d% -f1`
/sbin/route delete -$2 default $4 >> /var/log/mpd-ifscript.log  2>&1
 

default:  
   
      # configure the web server  
      set user admin ******** admin  
      set web self 10.X.Y.Z 5006  
      set web open  
   
      create bundle static B1  
      set ipcp ranges 0.0.0.0/0 0.0.0.0/0  
      set ipcp enable req-pri-dns  
      set ipcp enable req-sec-dns  
      set ipcp disable vjcomp  
      set iface enable tcpmssfix  
      set bundle disable round-robin  
      set bundle disable bw-manage  
      set bundle enable ipv6cp
      set bundle disable ipcp
      set bundle links L1 
      set iface mtu 1486  
      set iface disable on-demand  
      set iface route default  
      set iface up-script /usr/local/etc/mpd5/ifup.sh
      set iface down-script /usr/local/etc/mpd5/ifdown.sh
   
      create link static L1 pppoe  
      set auth authname ********@hsiservice.net
      set auth password ********
      set link max-redial 0  
      set link keep-alive 10 60  
      set pppoe iface dc0  
      set pppoe service "teksavvy"  
      set link enable multilink  
      set link enable shortseq  
      set link disable protocomp  
      set link mrru 1492  
      set link mru 1486  
      set link mtu 1486  
      set link bandwidth 3000000
      set link action bundle B1  
      open  
 


clusty

join:2009-05-15
Montreal, QC
kudos:1

Hey,

Is there a way to get an ND build so that also my Asus router can feel the loving?



TemporalFlux
Premium
join:2003-08-07
Ont, Canada
Reviews:
·TekSavvy Cable

Well after a few days of banging my head against the wall I finally have stable IPv6 access to the net. I was getting weird stuff going on. The net was there then it wasn't. I could ping from the router then but I could not from the hosts on the network. Nothing was making any sense. I played with the routing until I was blue in the face. Being in the tech industry for 12 years I was feeling fairly stupid. Then it hit me. I swapped the WRT-54GL for another one and BAM everything worked! (with the BAM sound effect and everything!!) I ended up splitting my /56 into 4 /64s and using one between the WRT-54GL and my MikroTik RB450G router and the second /64 for my LAN. The 3rd and 4rth /64s are for future expansion when I run out of address space So I am using ipv6.google.com for my searching and using the Hurricane Electric IPv6 DNS server to get youtube and all that on IPv6. All in all everything is working quite well.


robbat2
Premium
join:2010-02-24
Vancouver, BC
reply to TSI Gabe

Any update on Western Canada IPv6?



dataiv

join:2002-02-25
Ottawa, ON
reply to rhooper

Hi rhooper,

I've been trying to get it working with mpd5 for me .. and it connects, does the IPv6CP negotiation, then the interface ends up with this configured address:

IPv6 Addresses : fe80::2b0:d0ff:fee9:ef8%ng0 -> fe80::90:1a00:4243:14a8%ng0

In mpd.log it shows:

Mar 12 18:49:16 mpd: [B1] IPV6CP: LayerUp
Mar 12 18:49:16 mpd: [B1] 02b0:d0ff:fee9:0ef8 -> 0090:1a00:4243:14a8

It seems I am getting link-local addresses on the interface, but am not sure what this means!

Your ifup and ifdown scripts leave this info:

/usr/local/etc/mpd5/ifup.sh ng0 inet6 fe80::2b0:d0ff:fee9:ef8%ng0 fe80::90:1a00:4243:14a8%ng0 - 00:00:00:00:00:00
add net default: gateway fe80::90:1a00:4243:14a8%ng0

/usr/local/etc/mpd5/ifdown.sh ng0 inet6 fe80::2b0:d0ff:fee9:ef8%ng0 fe80::90:1a00:4243:14a8%ng0 - 00:00:00:00:00:00
delete net default: gateway fe80::90:1a00:4243:14a8%ng0

Any suggestions?

Thanks!



TSI Gabe
Router of Packets
Premium,VIP
join:2007-01-03
Gatineau, QC
kudos:7
reply to robbat2

We now have an IPv6 block routed to vancouver but the problem is that we need to upgrade the OS on one of the routers to properly support IPv6 over ppp. (requires downtime). No ETA for that yet.



utubewoes

@teksavvy.com

I'm having a lot of issues with youtube when logged into the hsiservice account.. It tries to connect but always times out.. When i log in with my wiredhighspeed one the problem doesn't seem to exist.. It's also just youtube i am having the problem with but to be honest I don't visit that wide of a selection of sites either.


dmz

join:2006-07-12
canada
reply to TSI Gabe

Is there any facility within Tomato/MLPPP/IPv6 for a basic IPv6 firewall? ip6tables? If not, is it planned for future release?



AOD
Premium
join:2008-01-24
Etobicoke, ON
kudos:1
Reviews:
·TekSavvy Cable

said by dmz:

Is there any facility within Tomato/MLPPP/IPv6 for a basic IPv6 firewall? ip6tables? If not, is it planned for future release?
I have this question as well.

DSL_Ricer
Premium
join:2007-07-22
kudos:3

1 edit
reply to dmz

said by dmz:

Is there any facility within Tomato/MLPPP/IPv6 for a basic IPv6 firewall? ip6tables? If not, is it planned for future release?
Stateless firewalling could be done. However statefull firewalling would require upgrading the kernel. A very brief check seems to show that even 2.4.37 doesn't seem to have contrac for ipv6. So that would probably mean upgrading to a 2.6 kernel. While that can be done, the WRT54G* and the like have no wireless driver in 2.6. That's a hefty trade-off.


AOD
Premium
join:2008-01-24
Etobicoke, ON
kudos:1
Reviews:
·TekSavvy Cable

said by DSL_Ricer:

said by dmz:

Is there any facility within Tomato/MLPPP/IPv6 for a basic IPv6 firewall? ip6tables? If not, is it planned for future release?
Stateless firewalling could be done. However statefull firewalling would require upgrading the kernel. A very brief check seems to show that even 2.4.37 doesn't seem to have contrac for ipv6. So that would probably mean upgrading to a 2.6 kernel. While that can be done, the WRT54G* and the like have no wireless driver in 2.6. That's a hefty trade-off.
Yeah for me that is huge. I use wireless a lot. by firewall i mean NAT Translation for ipv6.

DSL_Ricer
Premium
join:2007-07-22
kudos:3

said by AOD:

by firewall i mean NAT Translation for ipv6.
A brief check seems to indicate that even 2.6 might not support that.
Is there a reason why you need NAT in IPv6?

34764170

join:2007-09-06
Etobicoke, ON

said by DSL_Ricer:

said by AOD:

by firewall i mean NAT Translation for ipv6.
A brief check seems to indicate that even 2.6 might not support that.
Is there a reason why you need NAT in IPv6?
He just said. He thinks NAT is a firewall.

dmz

join:2006-07-12
canada
reply to DSL_Ricer

The question will become: what is the best "default" firewall for consumer IPv6?

Right now, with IPv4, people basically use NAT as a firewall. And then they use uPNP (or NAT-PMP) to automatically forward specific ports for applications that need to receive unsolicited traffic.

With IPv6, lets say by default we block all unsolicited traffic. What happens when an end-user wants to run an application like VoIP, or a game server, skype, etc? Do they have to manually go and allow access in their firewall? That seems like a step-backwards for the end user. Is there any mechanism that enables an application to notify the firewall to permit certain traffic through? (Much in the same way that applications can notify a router to port forward.)


DSL_Ricer
Premium
join:2007-07-22
kudos:3

said by dmz:

The question will become: what is the best "default" firewall for consumer IPv6?
In tomato, the answer is simple. You have no choice, it's none.

said by dmz:

Is there any mechanism that enables an application to notify the firewall to permit certain traffic through? (Much in the same way that applications can notify a router to port forward.)
I'd presume UPnP does, but I must admit, I haven't looked into it much.
MS's page on requirements for home routers suggests this:
»www.microsoft.com/whdc/device/ne···IGD.mspx

dmz

join:2006-07-12
canada

Interesting thread:

»www.ops.ietf.org/lists/v6ops/v6o···225.html