dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
46
share rss forum feed


NetFixer
Freedom is NOT Free
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage
reply to GmDude66

Re: Recieving /128 Address (OpenWRT)

Actually, Comcast normally assigns a /128 IPv6 address to a router's WAN interface, and a /64 (or perhaps a /60 depending on your router's capability) to the router's LAN using DHCP6-PD. Your problem is probably with your DHCP6-PD implementation. However, you did not post any config settings that tell us how you are doing your IPv6 connection.

For starters, show us the results of an "ifconfig" command and a "ps" command so that we can see how each interface is currently configured, and so that we can see what modules are running.
--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.

When governments fear people, there is liberty. When the people fear the government, there is tyranny.

GmDude66

join:2007-09-09
York, PA
Reviews:
·Comcast
root@OpenWrt:~# ifconfig
br-lan    Link encap:Ethernet  HWaddr 10:6F:3F:02:C1:CA  
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: 2601:1:b80:4e:126f:xxxx:xxxx:xxxx/64 Scope:Global
          inet6 addr: fe80::126f:3fff:fe02:c1ca/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:78895 errors:0 dropped:0 overruns:0 frame:0
          TX packets:83868 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:12161524 (11.5 MiB)  TX bytes:73301550 (69.9 MiB)
 
eth0      Link encap:Ethernet  HWaddr 10:6F:3F:02:C1:CA  
          inet6 addr: fe80::126f:xxxx:xxxx:xxxx/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:274691 errors:0 dropped:10 overruns:0 frame:0
          TX packets:84564 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:86672260 (82.6 MiB)  TX bytes:14455055 (13.7 MiB)
          Interrupt:4 
 
eth0.1    Link encap:Ethernet  HWaddr 10:6F:3F:02:C1:CA  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3549 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:1074767 (1.0 MiB)
 
eth0.2    Link encap:Ethernet  HWaddr 10:6F:3F:02:C1:CA  
          inet addr:98.237.xxx.xxx  Bcast:98.237.xxx.xxx  Mask:255.255.252.0
          inet6 addr: fe80::126f:xxxx:xxxx:xxxx/64 Scope:Link
          inet6 addr: 2001:558:6031:17:xxxx:xxxx:xxxx:xxxx/128 Scope:Global
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:274662 errors:0 dropped:0 overruns:0 frame:0
          TX packets:81007 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:81725969 (77.9 MiB)  TX bytes:13041376 (12.4 MiB)
 
lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          inet6 addr: 2601:1:b80:4e:200:ff:fe00:0/64 Scope:Global
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:16 errors:0 dropped:0 overruns:0 frame:0
          TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:1648 (1.6 KiB)  TX bytes:1648 (1.6 KiB)
 
wlan0     Link encap:Ethernet  HWaddr 10:6F:3F:02:XX:XX  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:86980 errors:0 dropped:0 overruns:0 frame:0
          TX packets:92123 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:32 
          RX bytes:14619439 (13.9 MiB)  TX bytes:76024312 (72.5 MiB)
 
 

root@OpenWrt:~# ps
  PID USER       VSZ STAT COMMAND
    1 root      1504 S    init
    2 root         0 SW   [kthreadd]
    3 root         0 SW   [ksoftirqd/0]
    4 root         0 SW   [kworker/0:0]
    5 root         0 SW   [kworker/u:0]
    6 root         0 SW<  [khelper]
    7 root         0 SW   [kworker/u:1]
   63 root         0 SW   [sync_supers]
   65 root         0 SW   [bdi-default]
   67 root         0 SW<  [kblockd]
   98 root         0 SW   [kswapd0]
  146 root         0 SW   [fsnotify_mark]
  176 root         0 SW<  [ath79-spi]
  190 root         0 SW   [mtdblock0]
  197 root         0 SW   [mtdblock1]
  226 root         0 SW   [mtdblock2]
  231 root         0 SW   [mtdblock3]
  236 root         0 SW   [mtdblock4]
  241 root         0 SW   [mtdblock5]
  246 root         0 SW   [mtdblock6]
  251 root         0 SW   [mtdblock7]
  256 root         0 SW   [mtdblock8]
  261 root         0 SW   [mtdblock9]
  463 root         0 SWN  [jffs2_gcd_mtd7]
  481 root      1504 S    init
  519 root         0 SW<  [cfg80211]
  527 root         0 SW   [khubd]
  611 root      1508 S    /sbin/syslogd -l 8 -C16
  613 root      1492 S    /sbin/klogd
  615 root       860 S    /sbin/hotplug2 --override --persistent --set-rules-f
  621 root       868 S    /sbin/ubusd
  625 root      1524 S    /sbin/netifd
  673 root      1508 S    udhcpc -p /var/run/udhcpc-eth0.2.pid -s /lib/netifd/
  867 root      1500 S    /sbin/watchdog -t 5 /dev/watchdog
  962 root      1428 S    hostapd -P /var/run/wifi-phy0.pid -B /var/run/hostap
 1044 root       932 S    /usr/sbin/dhcp6c -c /var/etc/dhcp6c.conf eth0.2
 1273 root       940 S    /usr/sbin/radvd -C /var/etc/radvd.conf -m stderr_sys
 1275 root       940 S    /usr/sbin/radvd -C /var/etc/radvd.conf -m stderr_sys
 1344 root       932 S    /usr/sbin/miniupnpd -f /var/etc/miniupnpd.conf
 1512 root      1152 S    /usr/sbin/dropbear -P /var/run/dropbear.1.pid -p 22
 1547 root      1152 S    /usr/sbin/uhttpd -f -h /www -r OpenWrt -x /cgi-bin -
 1577 nobody     960 S    /usr/sbin/dnsmasq -C /var/etc/dnsmasq.conf
 1591 root      1500 S    /usr/sbin/ntpd -n -p 0.openwrt.pool.ntp.org -p 1.ope
 1596 root         0 SW   [kworker/0:2]
 4624 root      1220 S    /usr/sbin/dropbear -P /var/run/dropbear.1.pid -p 22
 4625 root      1504 S    -ash
 4630 root         0 SW   [kworker/0:1]
 4632 root      1496 R    ps
 


NetFixer
Freedom is NOT Free
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage

1 edit
It looks to me as if it should be working OK.

On your WAN you have 2001:558:6031:17:xxxx:xxxx:xxxx:xxxx/128
On your LAN you have 2601:1:b80:4e:126f:xxxx:xxxx:xxxx/64

Here are the similar results from my Netgear WNR1000v2-VC which runs Netgears' implementation of OpenWRT:


BusyBox v1.4.2 (2012-04-17 12:26:16 EDT) Built-in shell (ash)
Enter 'help' for a list of built-in commands.
 
  _______                     ________        __
 |       |.-----.-----.-----.|  |  |  |.----.|  |_
 |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
 |_______||   __|_____|__|__||________||__|  |____|
          |__| W I R E L E S S   F R E E D O M
 KAMIKAZE (7.09) -----------------------------------
  * 10 oz Vodka       Shake well with ice and strain
  * 10 oz Triple sec  mixture into 10 shot glasses.
  * 10 oz lime juice  Salute!
 ---------------------------------------------------
root@WNR1000v2:/# ifconfig
ath0      Link encap:Ethernet  HWaddr A0:21:B7:9C:06:02
          inet6 addr: fe80::a221:b7ff:fe9c:602/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:2290  Metric:1
          RX packets:129598 errors:0 dropped:0 overruns:0 frame:0
          TX packets:145453 errors:0 dropped:5643 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:51624197 (49.2 MiB)  TX bytes:149549679 (142.6 MiB)
 
br0       Link encap:Ethernet  HWaddr A0:21:B7:9C:06:02
          inet addr:192.168.10.1  Bcast:192.168.10.255  Mask:255.255.255.0
          inet6 addr: 2601:5:c80:56:a221:b7ff:fe9c:602/64 Scope:Global
          inet6 addr: fe80::a221:b7ff:fe9c:602/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:129602 errors:0 dropped:0 overruns:0 frame:0
          TX packets:150140 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:49809849 (47.5 MiB)  TX bytes:150169209 (143.2 MiB)
 
eth0      Link encap:Ethernet  HWaddr A0:21:B7:9C:06:03
          inet addr:67.177.173.18  Bcast:255.255.255.255  Mask:255.255.252.0
          inet6 addr: fe80::a221:b7ff:fe9c:603/64 Scope:Link
          inet6 addr: 2001:558:6016:19:2434:808:f8f1:f5b3/64 Scope:Global
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:10364834 errors:0 dropped:0 overruns:0 frame:0
          TX packets:118415 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:902017481 (860.2 MiB)  TX bytes:56475172 (53.8 MiB)
 
eth1      Link encap:Ethernet  HWaddr A0:21:B7:9C:06:02
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
 
lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:1207325 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1207325 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:56615788 (53.9 MiB)  TX bytes:56615788 (53.9 MiB)
 
wifi0     Link encap:Ethernet  HWaddr A0:21:B7:9C:06:02
          inet6 addr: fe80::a221:b7ff:fe9c:602/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:22 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
          Interrupt:48 Memory:b0000000-b0010000
 
root@WNR1000v2:/# ps
  PID  Uid     VmSize Stat Command
    1 root        364 S   init
    2 root            SWN [ksoftirqd/0]
    3 root            SW< [events/0]
    4 root            SW< [khelper]
    5 root            SW< [kthread]
    8 root            SW< [kblockd/0]
   36 root            SW  [pdflush]
   37 root            SW  [pdflush]
   39 root            SW< [aio/0]
   38 root            SW  [kswapd0]
   50 root            SW  [mtdblockd]
  140 root        264 S   klogd
  144 root        296 S   datalib
  237 root        108 S   /usr/sbin/potval
  338 root        296 S   udhcpd /tmp/udhcpd.conf
  342 root        228 S   /usr/sbin/net-scan
  355 root        128 S   /usr/sbin/hnapd
  386 root        424 S   /usr/sbin/dnsmasq -r /tmp/resolv.conf --wan-interface
  470 root        240 S   udhcpc -b -i eth0 -h ap2 -r 192.168.9.10 -N 192.168.9
  504 root        332 S   /usr/sbin/ez-ipupdate -c /tmp/ez-ipupd.conf -b /tmp/e
 1714 root        632 S   hostapd /var/run/topology.conf
 1723 root        208 S   /usr/bin/wlanlog
 1744 root        352 S   syslogd -m 0 -T GMT+6GMT,M3.2.0/2:00,M11.1.0/2:00 -c
 1760 root        304 S   /usr/sbin/ntpclient
 1765 root        360 S   crond -c /tmp/etc/crontabs -T GMT+6GMT,M3.2.0/2:00,M1
 1783 root        880 S   uhttpd -e /usr/sbin/detwan
 1786 root        140 S   inetd
 1791 root        216 S   /usr/bin/detcable 2
 1793 root        424 S   /bin/sh /sbin/button_detecte
 1828 root        280 S   lld2d br0
 1853 root        296 S   /sbin/traffic_meter
 1861 root        208 S   init
15576 root        480 S   /sbin/deamonv6 eth0
15829 root        364 S   /usr/sbin/radvd -C /tmp/radvd.conf
15834 root        408 S   /usr/sbin/dhcp6s -3 -c /tmp/dhcp6s.conf -i br0
15841 root        652 S   /usr/sbin/ripngd -d -f /etc/ripngd.conf
15852 root        596 S   /usr/sbin/zebra -dk -f /etc/zebra.conf
31049 root        260 S   /usr/sbin/utelnetd -d -i br0
20205 root        460 S   /bin/ash --login
20262 root        288 S   /bin/sleep 1
20263 root        380 R   ps
 



The WNR1000v2-VC does have a /64 on its WAN instead of a /128, but it really should be a /128 (there is a bug in the firmware).

Does an IPv6 compatible PC connected to the router's LAN not get a IPv4 and IPv6 addresses assigned?

Here is the ipconfig and netsh information (and a couple of IPv6 and IPv4 ping tests) from the notebook that is currently using my Netgear WNR1000v2-VC router:


C:\>ipconfig
 
Windows IP Configuration
 
Ethernet adapter Wireless Network Connection 8:
 
        Connection-specific DNS Suffix  . :
        IP Address. . . . . . . . . . . . : 192.168.10.18
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        IP Address. . . . . . . . . . . . : 2601:5:c80:56:9c32:127f:a63e:188e
        IP Address. . . . . . . . . . . . : 2601:5:c80:56:21a:73ff:fe67:2cdc
        IP Address. . . . . . . . . . . . : fe80::21a:73ff:fe67:2cdc%8
        Default Gateway . . . . . . . . . : 192.168.10.1
                                            fe80::a221:b7ff:fe9c:602%8
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
        Connection-specific DNS Suffix  . :
        IP Address. . . . . . . . . . . . : fe80::ffff:ffff:fffd%5
        Default Gateway . . . . . . . . . :
 
Tunnel adapter Automatic Tunneling Pseudo-Interface:
 
        Connection-specific DNS Suffix  . :
        IP Address. . . . . . . . . . . . : fe80::5efe:192.168.10.18%2
        Default Gateway . . . . . . . . . :
 
C:\>netsh int ipv6 show addr
Querying active state...
 
Interface 8: Wireless Network Connection 8
 
Addr Type  DAD State  Valid Life   Pref. Life   Address
---------  ---------- ------------ ------------ -----------------------------
Temporary  Preferred     23h59m56s    19h57m40s 2601:5:c80:56:9c32:127f:a63e:188e
Public     Preferred     23h59m56s    23h59m56s 2601:5:c80:56:21a:73ff:fe67:2cdc
Link       Preferred      infinite     infinite fe80::21a:73ff:fe67:2cdc
 
Interface 5: Teredo Tunneling Pseudo-Interface
 
Addr Type  DAD State  Valid Life   Pref. Life   Address
---------  ---------- ------------ ------------ -----------------------------
Link       Preferred      infinite     infinite fe80::ffff:ffff:fffd
 
Interface 2: Automatic Tunneling Pseudo-Interface
 
Addr Type  DAD State  Valid Life   Pref. Life   Address
---------  ---------- ------------ ------------ -----------------------------
Link       Preferred      infinite     infinite fe80::5efe:192.168.10.18
 
Interface 1: Loopback Pseudo-Interface
 
Addr Type  DAD State  Valid Life   Pref. Life   Address
---------  ---------- ------------ ------------ -----------------------------
Loopback   Preferred      infinite     infinite ::1
Link       Preferred      infinite     infinite fe80::1
 
C:\>ping www.comcast.net
 
Pinging a1526.dscg.akamai.net [2001:559:0:501::48f6:2d1b] with 32 bytes of data:
 
Reply from 2001:559:0:501::48f6:2d1b: time=31ms
Reply from 2001:559:0:501::48f6:2d1b: time=32ms
Reply from 2001:559:0:501::48f6:2d1b: time=31ms
Reply from 2001:559:0:501::48f6:2d1b: time=31ms
 
Ping statistics for 2001:559:0:501::48f6:2d1b:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 31ms, Maximum = 32ms, Average = 31ms
 
C:\>ping -4 www.comcast.net
 
Pinging a1526.dscg.akamai.net [23.62.111.185] with 32 bytes of data:
 
Reply from 23.62.111.185: bytes=32 time=19ms TTL=58
Reply from 23.62.111.185: bytes=32 time=20ms TTL=58
Reply from 23.62.111.185: bytes=32 time=18ms TTL=58
Reply from 23.62.111.185: bytes=32 time=19ms TTL=58
 
Ping statistics for 23.62.111.185:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 18ms, Maximum = 20ms, Average = 19ms
 



--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.

When governments fear people, there is liberty. When the people fear the government, there is tyranny.

GmDude66

join:2007-09-09
York, PA
Reviews:
·Comcast
Hmm my Mac was assigned both ipv6 and ipv4 addresses. Still cannot ping on 6.

dereks-macbook:~ derek$ ifconfig
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
options=3<RXCSUM,TXCSUM>
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1 
inet 127.0.0.1 netmask 0xff000000 
inet6 ::1 prefixlen 128 
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
stf0: flags=0<> mtu 1280
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=27<RXCSUM,TXCSUM,VLAN_MTU,TSO4>
ether 00:23:32:d1:22:1e 
media: autoselect
status: inactive
en1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 00:23:6c:81:2c:25 
inet6 fe80::223:6cff:fe81:2c25%en1 prefixlen 64 scopeid 0x5 
inet 192.168.1.189 netmask 0xffffff00 broadcast 192.168.1.255
inet6 2601:1:b80:4e:223:6cff:fe81:2c25 prefixlen 64 autoconf 
inet6 2601:1:b80:4e:9861:914f:fd8f:2e5c prefixlen 64 autoconf temporary 
media: autoselect
status: active
p2p0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 2304
ether 02:23:6c:81:2c:25 
media: autoselect
status: inactive
 

dereks-macbook:~ derek$ ping www.comcast.net
PING a1526.dscg.akamai.net (184.51.126.43): 56 data bytes
64 bytes from 184.51.126.43: icmp_seq=0 ttl=55 time=26.557 ms
64 bytes from 184.51.126.43: icmp_seq=1 ttl=55 time=27.885 ms
64 bytes from 184.51.126.43: icmp_seq=2 ttl=55 time=28.937 ms
64 bytes from 184.51.126.43: icmp_seq=3 ttl=55 time=31.577 ms
^C
--- a1526.dscg.akamai.net ping statistics ---
4 packets transmitted, 4 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 26.557/28.739/31.577/1.843 ms
dereks-macbook:~ derek$ ping6 www.comcast.net
PING6(56=40+8+8 bytes) 2601:1:b80:4e:9861:914f:fd8f:2e5c --> 2001:559:0:5c::1743:3e40
^C
--- a1526.dscg.akamai.net ping6 statistics ---
141 packets transmitted, 0 packets received, 100.0% packet loss
 
dereks-macbook:~ derek$ ping6 ipv6.google.com
PING6(56=40+8+8 bytes) 2601:1:b80:4e:9861:914f:fd8f:2e5c --> 2607:f8b0:400c:c01::67
^C
--- ipv6.l.google.com ping6 statistics ---
23 packets transmitted, 0 packets received, 100.0% packet loss
 
 


NetFixer
Freedom is NOT Free
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage

1 edit
said by GmDude66:

Hmm my Mac was assigned both ipv6 and ipv4 addresses. Still cannot ping on 6.

Interesting, it looks as if it should be working.

Can you ping6 your router's LAN IPv6 address [2601:1:b80:4e:126f:3fff:fe02:c1ca]?

Does a traceroute6 to a known public IPv6 host like ipv6.speedtest.comcast.net reach your router's LAN interface and stop there? Does it even reach your router's LAN interface?

I know these seem like dumb questions, but I am just trying to see where the blockage occurs. Since you say you can get internet IPv6 connectivity from inside your router, and since the router and your MacBook both have IPv6 address assignments, I am thinking that this may be a firewall problem. The question would be is it the MacBook's firewall or the router's firewall.

I ran into a similar scenario when I first enabled the IPv6 firewall in my D-Link DIR655. The router and attached devices had IPv6 addresses, and I could do IPv6 pings to the internet from inside the router, but IPv6 connectivity from attached devices stopped at the DIR655's LAN interface. The problem in my case was that the IPv6 firewall in the DIR655 did not have a default allow outbound rule (unlike any router's firewall I have ever seen). As soon as I created a default allow outbound rule in its IPv6 firewall, I had IPv6 connectivity.
--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.

When governments fear people, there is liberty. When the people fear the government, there is tyranny.


graysonf
Premium,MVM
join:1999-07-16
Fort Lauderdale, FL
kudos:2
Reviews:
·Comcast
said by NetFixer:

The problem in my case was that the IPv6 firewall in the DIR655 did not have a default allow outbound rule (unlike any router's firewall I have ever seen).

m0n0wall also does not have a default "allow outbound to any" rule for IPv6 internal interfaces.

GmDude66

join:2007-09-09
York, PA
Reviews:
·Comcast

1 edit
reply to NetFixer
I cannot ping6 from any computer connected to LAN.

I can ping6 anything directly from router.

I disabled the firewall on Mac and on the router (Allow Any From Any To Any).

I ran a traceroute6:
dereks-macbook:~ derek$ traceroute6 ipv6.speedtest.comcast.net
traceroute6 to ipv6.speedtest.g.comcast.net (2001:558:1010:5:68:87:73:52) from 2601:1:b80:53:449c:1b65:79a8:3890, 64 hops max, 12 byte packets
 1  * * *
 2  * * *
^C
dereks-macbook:~ derek$ 
 

I noticed on the routes page something funky:
Active IPv4-Routes
 
 
 
 
Network
Target
IPv4-Gateway
Metric
 
 
 
wan
0.0.0.0/0
98.237.12.1
0
 
 
 
wan
98.237.12.0/22
0.0.0.0
0
 
 
 
lan
192.168.1.0/24
0.0.0.0
0
 
 
 
 
 
 
 
 
 
Active IPv6-Routes
 
 
 
 
Network
Target
IPv6-Gateway
Metric
 
 
 
wan
2001:558:6031:17:7C6F:C57F:8412:9424
0:0:0:0:0:0:0:0/0
00000100
 
 
 
wan
2001:558:FEED:0:0:0:0:1
0:0:0:0:0:0:0:0/0
00000000
 
 
 
wan
2001:558:FEED:0:0:0:0:2
0:0:0:0:0:0:0:0/0
00000000
 
 
 
loopback
2601:1:B80:4E:0:0:0:0/64
0:0:0:0:0:0:0:0/0
00000100
 
 
 
loopback
2601:1:B80:53:449C:1B65:79A8:3890
0:0:0:0:0:0:0:0/0
00000000
 
 
 
loopback
2601:1:B80:53:0:0:0:0/64
0:0:0:0:0:0:0:0/0
00000100
 
 
 
lan
2601:1:B80:53:0:0:0:0/64
0:0:0:0:0:0:0:0/0
00000100
 
 
 
wan
2607:F8B0:4006:800:0:0:0:1000
0:0:0:0:0:0:0:0/0
00000000
 
 
 
wan
2607:F8B0:4006:803:0:0:0:1005
0:0:0:0:0:0:0:0/0
00000000
 
 
 
wan
0:0:0:0:0:0:0:0/0
0:0:0:0:0:0:0:0/0
00000400
 
 
 
loopback
0:0:0:0:0:0:0:0/0
0:0:0:0:0:0:0:0/0
FFFFFFFF
 

There is no ipv6 gateway listed for anything.

GmDude66

join:2007-09-09
York, PA
Also, just found this in my kernel log:
[93708.410000] icmpv6_send: no reply to icmp error


NetFixer
Freedom is NOT Free
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage
said by GmDude66:

Also, just found this in my kernel log:
[93708.410000] icmpv6_send: no reply to icmp error

The icmpv6 config in your router is where I was just about to suggest that you look; that is why I had requested the IPv6 traceroutes and pings, so that I could see if your router responded on its LAN interface. The fact that your MacBook does not get a reply from your router's LAN when doing a traceroute6 to an Internet location says that something is wonky in your router's icmpv6 config.

Here is a traceroute I just did to ipv6.speedtest.comcast.net after temporarily disabling IPv6 routing in my D-Link DIR655 by disabling its default allow LAN to WAN IPv6 firewall rule. Following that traceroute is a ping to the router's IPv6 LAN address:


C:\>tracert ipv6.speedtest.comcast.net
 
Tracing route to ipv6.speedtest.g.comcast.net [2001:558:1010:5:68:87:73:52]
over a maximum of 30 hops:
 
  1     1 ms    <1 ms    <1 ms  2601:5:c80:90:1e7e:e5ff:fe4c:e6ff
  2     *        *        *     Request timed out.
  3     *        *        *     Request timed out.
  4     *        *        *     Request timed out.
  5     *     ^C
 
C:\>ping 2601:5:c80:90:1e7e:e5ff:fe4c:e6ff
 
Pinging 2601:5:c80:90:1e7e:e5ff:fe4c:e6ff with 32 bytes of data:
 
Reply from 2601:5:c80:90:1e7e:e5ff:fe4c:e6ff: time<1ms
Reply from 2601:5:c80:90:1e7e:e5ff:fe4c:e6ff: time<1ms
Reply from 2601:5:c80:90:1e7e:e5ff:fe4c:e6ff: time<1ms
Reply from 2601:5:c80:90:1e7e:e5ff:fe4c:e6ff: time<1ms
 
Ping statistics for 2601:5:c80:90:1e7e:e5ff:fe4c:e6ff:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 



Even with the internal IPv6 routing blocked inside the router, I can still get an ICMP echo response on its LAN interface. Right at this moment it is not convenient for me to connect to my Netgear router to check its icmpv6 config and post some things for you to look for, but later this evening I should be able to do that (if you have not already found the problem in your config before then).

--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.

When governments fear people, there is liberty. When the people fear the government, there is tyranny.

GmDude66

join:2007-09-09
York, PA
Yes, please post your configuration. In the meantime, I am searching!

GmDude66

join:2007-09-09
York, PA
Have not found any results. Thinking about switching back to DD-WRT :P


NetFixer
Freedom is NOT Free
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage
said by GmDude66:

Have not found any results. Thinking about switching back to DD-WRT :P

Sorry that I took so long to get back to you, but my notebook was in use by someone else, and that is the only reasonably convenient box I have to access my Netgear guest router.

Once I had it connected, I found that there was no clearly defined config for ICMP6 except for the ip6table rules.

Just for grins, I did an "ip6tables -F" command in the router which cleared the ipv6 firewall rules. That effectively killed LAN to WAN IPv6 traffic in that router. I then did the traceroute below from the notebook:


C:\>tracert6 ipv6.speedtest.comcast.net
 
Tracing route to ipv6.speedtest.g.comcast.net [2001:558:1010:5:68:87:73:52]
from 2601:5:c80:85:3c63:a145:83e4:bb93 over a maximum of 30 hops:
 
  1        1 ms     1 ms     1 ms  2601:5:c80:85:a221:b7ff:fe9c:602
  2        *        *        *     Request timed out.
  3        *        *        *     Request timed out.
  4        *        *        *     Request timed out.
  5        *        *     ^C
 



As you can see, I was no longer able to do a traceroute to an IPv6 server on the Internet, but my Netgear router still responded to the traceroute ICMP6 echo request on its LAN. Since your router did not respond to the ICMP6 echo request, that would seem to indicate that your problem is not necessarily related to a lack of ICMP6 rules. However, you could do a "ip6tables -L" command in your router to see what rules (if any) are present. Here is what I saw after I flushed the ip6tables in my router:


root@WNR1000v2:/# ip6tables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
 
Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
 
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
 



If you don't have any ip6tables rules in your router, that would definitely be a problem, but that may or may not be the only problem. FWIW, here are the ip6tables that are normally in my router:


root@WNR1000v2:/# ip6tables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
DROP       ipv6-icmp    anywhere             ::1/128            [8 bytes of unknown target data]
DROP       ipv6-icmp    anywhere             ::1/128            [8 bytes of unknown target data]
IPv6-CONE  all      anywhere             anywhere           [8 bytes of unknown target data]
 
Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
DROP       all     !2601:5:c80:85::/64   anywhere           [8 bytes of unknown target data]
DROP       tcp      ::1/128              ::2/128            UNKNOWN match `tcp' [8 bytes of unknown target data]
ACCEPT     udp      ::3/128              ::4/128            UNKNOWN match `udp' [8 bytes of unknown target data]
DROP       ipv6-icmp    ::5/128              ::6/128            ipv6-icmp echo-reply UNKNOWN match `limit' [8 bytes of
ACCEPT     ipv6-icmp    ::5/128              ::6/128            ipv6-icmp echo-reply [8 bytes of unknown target data]
DROP       all      ::7/128              anywhere           [8 bytes of unknown target data]
IPv6-CONE  all      anywhere             anywhere           [8 bytes of unknown target data]
 
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
 



If you would like to see any specific config or script file on my router, let me know and I will try to find it and post it. I say "try" because even though the router does run on OpenWrt, it is still a Netgear specific version of OpenWrt, and they seem to be doing some rather obfuscated things. Most of the config files that I see are created on the fly by script files on bootup, so I don't see the usual generic config files that are present in public OpenWrt distributions.

--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.

When governments fear people, there is liberty. When the people fear the government, there is tyranny.

GmDude66

join:2007-09-09
York, PA
Reviews:
·Comcast
I am thinking this is a firewall issue.

Can you please look over this config?

root@OpenWrt:~# ip6tables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all      anywhere             anywhere            ctstate RELATED,ESTABLISHED 
ACCEPT     all      anywhere             anywhere            
syn_flood  tcp      anywhere             anywhere            tcp flags:FIN,SYN,RST,ACK/SYN 
input_rule  all      anywhere             anywhere            
input      all      anywhere             anywhere            
 
Chain FORWARD (policy DROP)
target     prot opt source               destination         
ACCEPT     all      anywhere             anywhere            ctstate RELATED,ESTABLISHED 
forwarding_rule  all      anywhere             anywhere            
forward    all      anywhere             anywhere            
reject     all      anywhere             anywhere            
 
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all      anywhere             anywhere            ctstate RELATED,ESTABLISHED 
ACCEPT     all      anywhere             anywhere            
output_rule  all      anywhere             anywhere            
output     all      anywhere             anywhere            
 
Chain forward (1 references)
target     prot opt source               destination         
zone_lan_forward  all      anywhere             anywhere            
zone_wan_forward  all      anywhere             anywhere            
 
Chain forwarding_lan (1 references)
target     prot opt source               destination         
 
Chain forwarding_rule (1 references)
target     prot opt source               destination         
 
Chain forwarding_wan (1 references)
target     prot opt source               destination         
 
Chain input (1 references)
target     prot opt source               destination         
zone_lan   all      anywhere             anywhere            
zone_wan   all      anywhere             anywhere            
 
Chain input_lan (1 references)
target     prot opt source               destination         
 
Chain input_rule (1 references)
target     prot opt source               destination         
 
Chain input_wan (1 references)
target     prot opt source               destination         
 
Chain output (1 references)
target     prot opt source               destination         
zone_lan_ACCEPT  all      anywhere             anywhere            
zone_wan_ACCEPT  all      anywhere             anywhere            
 
Chain output_rule (1 references)
target     prot opt source               destination         
 
Chain reject (5 references)
target     prot opt source               destination         
REJECT     tcp      anywhere             anywhere            reject-with tcp-reset 
REJECT     all      anywhere             anywhere            reject-with icmp6-port-unreachable 
 
Chain syn_flood (1 references)
target     prot opt source               destination         
RETURN     tcp      anywhere             anywhere            tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 25/sec burst 50 
DROP       all      anywhere             anywhere            
 
Chain zone_lan (1 references)
target     prot opt source               destination         
input_lan  all      anywhere             anywhere            
zone_lan_ACCEPT  all      anywhere             anywhere            
 
Chain zone_lan_ACCEPT (2 references)
target     prot opt source               destination         
ACCEPT     all      anywhere             anywhere            
ACCEPT     all      anywhere             anywhere            
 
Chain zone_lan_DROP (0 references)
target     prot opt source               destination         
DROP       all      anywhere             anywhere            
DROP       all      anywhere             anywhere            
 
Chain zone_lan_REJECT (1 references)
target     prot opt source               destination         
reject     all      anywhere             anywhere            
reject     all      anywhere             anywhere            
 
Chain zone_lan_forward (1 references)
target     prot opt source               destination         
zone_wan_ACCEPT  all      anywhere             anywhere            
forwarding_lan  all      anywhere             anywhere            
zone_lan_REJECT  all      anywhere             anywhere            
 
Chain zone_wan (1 references)
target     prot opt source               destination         
ACCEPT     udp      fe80::/10            fe80::/10           udp spt:dhcpv6-server dpt:dhcpv6-client 
ACCEPT     ipv6-icmp    anywhere             anywhere            ipv6-icmp echo-request limit: avg 1000/sec burst 5 
ACCEPT     ipv6-icmp    anywhere             anywhere            ipv6-icmp echo-reply limit: avg 1000/sec burst 5 
ACCEPT     ipv6-icmp    anywhere             anywhere            ipv6-icmp destination-unreachable limit: avg 1000/sec burst 5 
ACCEPT     ipv6-icmp    anywhere             anywhere            ipv6-icmp packet-too-big limit: avg 1000/sec burst 5 
ACCEPT     ipv6-icmp    anywhere             anywhere            ipv6-icmp time-exceeded limit: avg 1000/sec burst 5 
ACCEPT     ipv6-icmp    anywhere             anywhere            ipv6-icmp bad-header limit: avg 1000/sec burst 5 
ACCEPT     ipv6-icmp    anywhere             anywhere            ipv6-icmp unknown-header-type limit: avg 1000/sec burst 5 
ACCEPT     ipv6-icmp    anywhere             anywhere            ipv6-icmp router-solicitation limit: avg 1000/sec burst 5 
ACCEPT     ipv6-icmp    anywhere             anywhere            ipv6-icmp neighbour-solicitation limit: avg 1000/sec burst 5 
ACCEPT     ipv6-icmp    anywhere             anywhere            ipv6-icmp router-advertisement limit: avg 1000/sec burst 5 
ACCEPT     ipv6-icmp    anywhere             anywhere            ipv6-icmp neighbour-advertisement limit: avg 1000/sec burst 5 
input_wan  all      anywhere             anywhere            
zone_wan_REJECT  all      anywhere             anywhere            
 
Chain zone_wan_ACCEPT (2 references)
target     prot opt source               destination         
ACCEPT     all      anywhere             anywhere            
ACCEPT     all      anywhere             anywhere            
 
Chain zone_wan_DROP (0 references)
target     prot opt source               destination         
DROP       all      anywhere             anywhere            
DROP       all      anywhere             anywhere            
 
Chain zone_wan_REJECT (2 references)
target     prot opt source               destination         
reject     all      anywhere             anywhere            
reject     all      anywhere             anywhere            
 
Chain zone_wan_forward (1 references)
target     prot opt source               destination         
ACCEPT     ipv6-icmp    anywhere             anywhere            ipv6-icmp echo-request limit: avg 1000/sec burst 5 
ACCEPT     ipv6-icmp    anywhere             anywhere            ipv6-icmp echo-reply limit: avg 1000/sec burst 5 
ACCEPT     ipv6-icmp    anywhere             anywhere            ipv6-icmp destination-unreachable limit: avg 1000/sec burst 5 
ACCEPT     ipv6-icmp    anywhere             anywhere            ipv6-icmp packet-too-big limit: avg 1000/sec burst 5 
ACCEPT     ipv6-icmp    anywhere             anywhere            ipv6-icmp time-exceeded limit: avg 1000/sec burst 5 
ACCEPT     ipv6-icmp    anywhere             anywhere            ipv6-icmp bad-header limit: avg 1000/sec burst 5 
ACCEPT     ipv6-icmp    anywhere             anywhere            ipv6-icmp unknown-header-type limit: avg 1000/sec burst 5 
forwarding_wan  all      anywhere             anywhere            
zone_wan_REJECT  all      anywhere             anywhere
 


NetFixer
Freedom is NOT Free
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage
If there is anything in the ip6tables information that you posted that would keep your router from processing LAN to WAN IPv6 traffic, I don't see it; but perhaps someone with a keener eye (and more IPv6 experience)* will look at it and let you know definitively.

*When I was actively providing network support before my retirement last year, I did not get involved with native IPv6 support because none of the ISPs I worked with offered it (and I did not even have any clients who needed/used IPv6 tunnels). I have therefore only been involved with my own IPv6 connections, and I have had to learn what I know about IPv6 the hard way.
--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.

When governments fear people, there is liberty. When the people fear the government, there is tyranny.