Problems setting up an IP6-over-IP4 tunnel

Discussion in 'Linux Networking' started by Martin Herbert Dietze, Aug 17, 2004.

  1. Hello,

    having gone through the instructions at [1], I still have
    problems getting an IP6-over-IP4 tunnel running. We're using an
    internal, experimental network; currently there are three
    machines involved:

    juliet: One end of the tunnel, eth0 bound to subnet A4 and A6
    respectively (A4: subnet using IPv4, A6: subnet using
    IPv6). Default IPv4-router is romeo.

    romeo: Other end of the tunnel, eth0 bound to same subnets as
    juliet, also eth1 bound to subnet B4 and B6

    viola: Just a host with eth0 bound to B4 and B6 respectively.
    Default router for both, IPv4 and IPv6 is romeo.

    When setting up an ordinary IPv4-and-6 network with romeo as the
    router between both IPv6-networks everything works fine, i.e. I
    can ping viola from juliet and vice versa.

    Now I setup the tunnel. For this I remove the default IPv6 router
    entry from juliet's configuration and add these lines to my
    /etc/network/interfaces file (I'm using Debian unstable):

    | iface mytunl inet6 v4tunnel
    | # this side of the tunnel has this address, eth0 has
    | # a different one
    | address 3ffe:ffff:1234:5::1:26
    | netmask 64
    | # the remote tunnel end's IPv4-address
    | endpoint
    | pre-up ip tunnel del mytunl 2>/dev/null || true
    | up ip route add 2002::0/3 via 3ffe:ffff:1234:5::1:23
    | up ip tunnel change mytunl ttl 64
    | up ip tunnel add mytunl mode sit remote
    | up ip link set mytunl up
    | up ip addr add 3ffe:ffff:1234:5::1:26 dev mytunl
    | up ip route add 2000::0/3 via 3ffe:ffff:1234:5::1:23

    First of all, this configuration does not work. When doing
    `ifup --verbose mytunl', it turns out that the last two
    commands are kind of duplicate (the ip `route add 2002::0/3...'
    actually adds a route for `2000::0/3', which is just what the
    last line would do, also the address had been added by the
    automatic magic accoring to the `address' entry in the second

    This leads me to believe that the last two lines should not be
    there at all. Did I misread [1] or was the information there

    Having removed these two lines, I can bring the thunnel up. On
    the other side I use the same configuration, only setting the
    IP addresses into opposite direction.

    I can see the tunnel using `ifconfig', I can see the routes
    using `ip -6 route', but when I do either of those commands
    below from juliet, I get `destination unreachable':

    ping6 -I eth0 ip6-viola
    ping6 -I mytunl ip6-viola

    However `ping6 -I mytunl ip6-romeo' works.

    I then tried out the second variant, setting the default route
    not to the remote tunnel end's IPv6-address, but the
    IPv4-address instead:

    | up ip route add 2000::0/3 via ::

    This does not change anything.

    Any clue what goes wrong?



    Martin Herbert Dietze, Aug 17, 2004
    1. Advertisements

  2. The problem is solved:

    These here are unnecessary:
    They were meant as an illustration of how to setup the tunnel
    manually in /etc/init.d, so they do the same thing the above
    configuration file entry does. This explains this:
    Which was correct.
    The glitch here was that in my setup eth0 and mytunl shared the
    same subnet. This confused the routing. After setting both to
    different subnets things worked fine.

    Hope this helps others via :)



    Immer Schwierigkeiten immer gerade so zu schaffen, und so macht man sich auf
    Dauer halt zum Schwierigkeitenaffen, trifft befreundete Primaten in den Kneipen
    und im Garten, wartend auf die grosse Sause oder einfach nur oder besser noch,
    die grosse Pause. -- Die Sterne
    -=-=- -=-=-=-=-
    Dipl.Ing. Martin "Herbert" Dietze -=-=- University of Buckingham -=-=-
    Martin Herbert Dietze, Aug 20, 2004
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.