[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

problems configuring a gif(4) tunnel

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: problems configuring a gif(4) tunnel
From: eric <eric-list-openbsd-misc_(_at_)_catastrophe_(_dot_)_net>
Date: Thu, 14 Apr 2005 17:04:08 -0500
Mail-followup-to: misc_(_at_)_openbsd_(_dot_)_org
Organization: Catastrophe.Net <http://www.catastrophe.net/>

I have two machines that are interconnected via a gif(4) tunnel. I'm trying
to configure a tunnel for pushing ipv6 traffic across the tunnel.
Unfortunately it isn't work. If anyone can let me know if there's glaring
problems with the following configuration I'd appreciate it.

Machine A is the router with the ipv6 native uplink. Machine B only has ipv4
access and needs a tunnel to ipv6. I have a /96 allocated for the remote
subnet.

machineA:/etc/hostname.gif0
giftunnel 10.17.81.184 10.17.21.131
!ifconfig gif0 inet6 2001:x:y:9999::a 2001:x:y:9999::b prefixlen 128
!route -n add -inet6 2001:x:y:200::0 -prefixlen 96 2001:x:y:9999::a

There are a few pf(4) rules in place.

pass in on xl0 inet proto ipv6 from 10.17.21.131 to any keep state (if-bound)
pass out on xl0 inet proto ipv6 from any to 10.17.21.131 keep state (if-bound)

machineB:/etc/hostname.gif0
giftunnel 10.17.21.131 10.17.81.143
!ifconfig gif0 inet6 2001:x:y:9999::b 2001:x:y:9999::a prefixlen 128
!route -n add -inet6 default 2001:x:y:9999::a

This also has pf(4) rules as such...

pass in on xl0 inet proto ipv6 from 10.17.81.134 to any keep state (if-bound)
pass out on xl0 inet proto ipv6 from any to 10.17.81.134 keep state (if-bound)

When I try to ping6 2001:x:y:9999::b from machineA, I nothing happens.

I do see the following when looking at bge (the physical interface of
machineB)...

$ ping6 2001:x:y:9999::b
Apr 14 16:48:58.352329 0:7:b3:b:63:3c 0:2:55:b7:78:c5 0800 90: 
10.17.81.184 > 10.17.21.131: 2001:x:y:9999::a > 2001:x:y:9999::b: 
icmp6: echo request (len 16, hlim 64) (ttl 61, id 17163)

Apr 14 16:48:59.352373 0:7:b3:b:63:3c 0:2:55:b7:78:c5 0800 90:
10.17.81.184 > 10.17.21.131: 2001:x:y:9999::a > 2001:x:y:9999::b: 
icmp6: echo request (len 16, hlim 64) (ttl 61, id 32098)

Monitoring this same traffic on machineA while doing a `ping6
2001:x:y:9999::a` from machineB shows no traffic. Also, when I monitor
traffic on gif0 on either machines, I see nothing

Here's the routing table entries from both machines...

Machine A

machineA$ netstat -rnf inet6 | grep 2001
2001:x:y:200::/96             2001:x:y:9999::a          UGS 0       16      -   gif0
2001:x:y:9999::a              link#8                    UHL 1        0      -   lo0
2001:x:y:9999::b              2001:x:y:9999::a          UH 0       32      -   gif0

Machine B

machineB$ netstat -rnf inet6 | grep 2001
2001:x:y:9999::a              2001:x:y:9999::b          UH 0      399      -   gif0
2001:x:y:9999::b              link#7                    UHL 0        0      -   lo0

Thanks for any hints.

- Eric

Follow-Ups:
- Re: problems configuring a gif(4) tunnel
  - From: eric

Prev by Date: No sound from ESS SOLO-1
Next by Date: Re: problems configuring a gif(4) tunnel
Previous by thread: Re: No sound from ESS SOLO-1
Next by thread: Re: problems configuring a gif(4) tunnel
Index(es):
- Date
- Thread

Visit your host, monkey.org