Can't get tunnel working with OpenBSD 4.9

dbach

Newbie

Posts: 1

Can't get tunnel working with OpenBSD 4.9

« on: July 26, 2011, 07:01:54 pm »

Hello All:
I pasted the following in on my OpenBSD test box as root user:

ifconfig gif0 tunnel 192.168.0.242 216.66.38.58
ifconfig gif0 inet6 alias 2001:470:1c:661::2 2001:470:1c:661::1 prefixlen 128
route -n add -inet6 default 2001:470:1c:661::1

Also tried my external IP in place of the RFC1918 IP.

Can ping6 ::1 no problem.

Then tried the following:
# ping6 ipv6.google.com
PING6(56=40+8+8 bytes) 2001:470:1c:661::2 --> 2001:4860:800f::69

Box wouldn't progress past this point

ifconfig shows:
gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1280
priority: 0
groups: gif egress
physical address inet 192.168.0.242 --> 216.66.38.58
inet6 fe80::24f:4eff:fe0f:5061%gif0 -> prefixlen 64 scopeid 0x5
inet6 2001:470:1c:661::2 -> 2001:470:1c:661::1 prefixlen 128

Also tried pfctl -d

inet6 output from sysctl:
net.inet6.ip6.forwarding=0
net.inet6.ip6.redirect=1
net.inet6.ip6.hlim=64
net.inet6.ip6.mrtproto=103
net.inet6.ip6.maxfragpackets=200
net.inet6.ip6.accept_rtadv=0
net.inet6.ip6.keepfaith=0
net.inet6.ip6.log_interval=5
net.inet6.ip6.hdrnestlimit=10
net.inet6.ip6.dad_count=1
net.inet6.ip6.auto_flowlabel=1
net.inet6.ip6.defmcasthlim=1
net.inet6.ip6.kame_version=OpenBSD-current
net.inet6.ip6.use_deprecated=1
net.inet6.ip6.rr_prune=5
net.inet6.ip6.v6only=1
net.inet6.ip6.maxfrags=200
net.inet6.ip6.mforwarding=0
net.inet6.ip6.multipath=0
net.inet6.ip6.multicast_mtudisc=0
net.inet6.ip6.neighborgcthresh=2048
net.inet6.ip6.maxifprefixes=16
net.inet6.ip6.maxifdefrouters=16
net.inet6.ip6.maxdynroutes=4096
net.inet6.ip6.dad_pending=0
net.inet6.icmp6.rediraccept=1
net.inet6.icmp6.redirtimeout=600
net.inet6.icmp6.nd6_prune=1
net.inet6.icmp6.nd6_delay=5
net.inet6.icmp6.nd6_umaxtries=3
net.inet6.icmp6.nd6_mmaxtries=3
net.inet6.icmp6.nd6_useloopback=1
net.inet6.icmp6.nodeinfo=1
net.inet6.icmp6.errppslimit=100
net.inet6.icmp6.nd6_maxnudhint=0
net.inet6.icmp6.mtudisc_hiwat=1280
net.inet6.icmp6.mtudisc_lowat=256
net.inet6.icmp6.nd6_debug=0
net.inet6.divert.recvspace=65636
net.inet6.divert.sendspace=65636

Not sure where to go from here to get this tunnel working

Thanks for any help or suggestions.

Darryl

ping6 ipv6.google.com
PING6(56=40+8+8 bytes) 2001:470:1c:661::2 --> 2001:4860:800f::69


	Logged

cholzhauer

Hero Member

Posts: 2082

Re: Can't get tunnel working with OpenBSD 4.9

« Reply #1 on: July 27, 2011, 05:08:46 am »

Did you assign an IPv6 address out of your routed /64 to eth0?


	Logged

brad

Jr. Member

Posts: 82

Re: Can't get tunnel working with OpenBSD 4.9

« Reply #2 on: August 03, 2011, 08:05:56 pm »

Quote from: cholzhauer on July 27, 2011, 05:08:46 am

Did you assign an IPv6 address out of your routed /64 to eth0?

No such interface as eth0 on OpenBSD and there isn't a requirement for having an
address assigned to a physical interface.


	Logged

brad

Jr. Member

Posts: 82

Re: Can't get tunnel working with OpenBSD 4.9

« Reply #3 on: August 03, 2011, 08:19:25 pm »

Quote from: dbach on July 26, 2011, 07:01:54 pm

You definitely would need the external IP for the source address for the gif(4)
tunnel.

Try putting this in your /etc/hostname.gif0..

Code:

up mtu 1480
tunnel [your external IP]
dest 216.66.38.58
inet6 2001:470:1c:661::2
inet6 [another IPv6 address]
inet6 [another IPv6 address]
!/sbin/route -qn add -inet6 default 2001:470:1c:661::1

You can add additional addresses from either the /64 or a /48 to the gif(4)
interface as well.

Turn up the interface once that has been put into the file.. sh /etc/netstart gif0.

If you are running PF ensure to allow protocol 41 traffic..

Code:

pass in on $ext_if inet proto ipv6 from $v6_tunnel_endpoint to $your_fw
pass out on $ext_if inet proto ipv6 from $your_fw to $v6_tunnel_endpoint

as well as in/out v6 traffic from your gif(4) interface at a minimum.


	Logged

Pages: [1]

« previous next »