How can I add a second host from same WAN IP

[joeyreep]

Hi all,

I've successfully created a tunnel on 1 client within my network. Now I want to create a second tunnel (or configure the same tunnel?) on another host within my network. I configured this second host with the same commands as I did on the first host. Now the second host works but my first host doesn't anymore. Can't ping to any IPv6 addresses.

Does anyone know how to set up 2 IPv6 tunnels from 1 WAN IP?

[joeyreep]

You don't need two tunnels...you need to have your first tunnel router share the connection with your second machine.

If it's on the same network, you just need to assign an address to your second machine out of your routed /64 (check your tunnel details page)

If it's on a different network, you need to request a /48 and pick a /64 out of there to assign to your second network.

Thanks for your reply!

In the tunnel details I read:
We automatically assign a /64 to your account and route it via:
ipv6 route [routed64] [clientV6Endpoint]

This allows your endpoint device to operate as the router for this netblock and allows you to utilize DHCPv6 or RADVD to hand out IP's from this allocation to your internal network.

If you have more than one network segment please consider utilizing the /48 above.

Does this mean my first host operates as a router and therefore always has to be on?

[ratcheer]

I am still having trouble with this. I could not get radvd to start up on my Linux client, so I deleted the link to the tunnel and tried to implement radvd in my router. The router scripting bamboozles me, so I did it all manually, a command at a time into the router's command interface.

I believe I got everything configured on the router and got radvd started. Then I went back to my Linux client and ran:

Code:

tim@tim-mav-prod:~$ ip -f inet6 addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 1000
    inet6 2001:470:8:b57:230:1bff:feb5:9a1d/64 scope global dynamic
       valid_lft 86357sec preferred_lft 14357sec
    inet6 fe80::230:1bff:feb5:9a1d/64 scope link
       valid_lft forever preferred_lft forever

So, it definitely picked up something from the router's radvd. Does that inet6 address look reasonable? It looks very strange, to me.

Anyway, I cannot surf or ping 6 from the Linux client. Here is a ping6 result:

ping6 ipv6.google.com
PING ipv6.google.com(yi-in-x69.1e100.net) 56 data bytes
^C
--- ipv6.google.com ping statistics ---
7 packets transmitted, 0 received, 100% packet loss, time 6048ms

I suppose I need to show all the commands I gave the router to set this all up:

Code:

insmod ipv6
ip tunnel add he-ipv6 mode sit remote 216.66.22.2 local 192.168.1.127 ttl 255
ip link set he-ipv6 up
ip addr add 2001:470:7:b57::2/64 dev he-ipv6
ip route add ::/0 dev he-ipv6
ip -6 addr add 2001:470:8:b57::/64 dev he-ipv6
ip -6 addr add 2001:470:8:b57::/64 dev br0
ip route add 2000::/3 dev he-ipv6
radvd -C /tmp/radvd.conf &

This is a lot of stuff, but can anyone give me help or advice? Thanks.

Tim

[ratcheer]

Ok, looks like its not still working from the router. Looking Glass shows my IPv4 address, again. And pinging gives an IPv4 resolution. This is from the router:

PING ipv6.he.net (66.220.2.75): 56 data bytes
64 bytes from 66.220.2.75: seq=0 ttl=46 time=162.108 ms
64 bytes from 66.220.2.75: seq=1 ttl=46 time=96.203 ms
64 bytes from 66.220.2.75: seq=2 ttl=46 time=95.877 ms
--- ipv6.he.net ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 95.877/118.062/162.108 ms

What did I mess up?

Here is the displayed routing table from the router:

Destination LAN NET    Subnet Mask    Gateway    Interface
70.159.240.22   255.255.255.255   0.0.0.0   ppp0
70.159.240.22   255.255.255.255   0.0.0.0   ppp0
192.168.1.0   255.255.255.0   0.0.0.0   LAN & WLAN
169.254.0.0   255.255.0.0   0.0.0.0   LAN & WLAN
0.0.0.0   0.0.0.0   70.159.240.22   ppp0

Here is ifconfig from my client PC:

tim@tim-mav-prod:~$ ifconfig
eth0      Link encap:Ethernet  HWaddr 00:30:1b:b5:9a:1d 
          inet addr:192.168.1.127  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::230:1bff:feb5:9a1d/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:246951 errors:0 dropped:0 overruns:0 frame:0
          TX packets:224628 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:224553151 (224.5 MB)  TX bytes:33513421 (33.5 MB)
          Interrupt:19

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:4508 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4508 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:368942 (368.9 KB)  TX bytes:368942 (368.9 KB)

Sorry I'm such a newbie. But I'm trying to learn. Thanks,
Tim

[ratcheer]

Error in the above: I had to disable IPv6 on the client to even be able to post to tunnelbroker.net forums, so the ifconfig I posted is not valid. I guess I need to turn it back on, run the command, store output in a file, turn ipv6 back off, and repost the results.

Sorry,
Tim

[ratcheer]

Here's the first thing I noticed.

On reply #10, you said that you used 192.168.1.127 to create the tunnel on your router, but on the last reply, you show 192.168.1.127 as being on your client PC.  Do I have the two of them confused or are we talking about two separate machines?

Oh, yes, I'm such a dunce. I need to reconfigure the tunnel to point to my real WAN address, instead of the NAT address like I had to do to make it work on the client PC. Wow, this is complex.

Thanks, I'll try to manually reconfigure the router tunnel.

Tim