[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Ipv6 problems



Hi,
I've got a sstupid problem, I've configured my OpenBSD machine
either on the ipv6 side, but she wont work and she get me ipv6
arp errors .. 
I've got two class 
2001:b40:def:f000::976/127
2001:b40:def:5000::4bb0/124
tunnel broker is 1.26.128.35 
i've configured gif0 in this way :
ifconfig gif0 tunnel 41.19.150.66 1.26.128.35
ifconfig gif0 inet6 2001:b40:def:f000::976 2001:b40:def::1
ifconfig gif0 inet6 2001:b40:def:f000::976 
route add -inet6 default 2001:b40:def:f000:0:0:0:0
And my PF.conf file is :
# ----> Macros
fastweb="xl0"
lan="ne3"
# IPv4
fw_ipv4="41.19.150.66"
puffy="192.168.40.12"
lan_net   = "192.168.40.0/24"
# IPv6
fw_ipv6="2001:b40:def:f000::976"
v6_onet="2001:b40:def:f000::976/127"
v6_cnet="2001:b40:def:5000::4bb0/124"
# RFC-1918
priv_nets = "{ 127.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12,
10.0.0.0/8 }"
# Services Ports
srvs = "{ 0:65000 }"
# ----> Tables
table <fw-dhcpd> persist { 41.19.150.1, 41.19.150.2, 41.19.150.3
}
table <fw-allow> persist
table <ipv6>	 persist
# options
set timeout { interval 10, frag 30 }
set block-policy drop 
set limit { frags 5000, src-nodes 10000, states 10000 }
set optimization normal
set state-policy if-bound
set loginterface $fastweb
#set fingerprints /etc/pf.os
# scrub
#scrub in all
scrub in  on $fastweb all fragment reassemble min-ttl 15 max-mss
1400
scrub out on $fastweb all random-id fragment reassemble 
scrub 	  on $fastweb all reassemble tcp
# ----> Nat/Rdr
#nat on $fastweb from $lan:network to any -> ($fastweb)
#rdr on $lan proto tcp from any to any port 21 -> 127.0.0.1 port
8021
# ----> filter rules
# default policy
block in log all
# trusted interfaces
pass in quick on lo0 all
pass out quick on lo0 all
pass in quick on $lan all
pass out quick on $lan all
# anti-spoofing
block drop in quick on $fastweb inet from $priv_nets to any
# outbound traffic (icmp, udp, tcp) IPv4
pass out on $fastweb inet proto { udp, tcp } all keep state
pass out on $fastweb inet proto icmp all icmp-type 8 code 0 keep
state
pass in on $fastweb inet proto icmp all icmp-type 8 code 0 keep
state
# outbound traffic (icmp, udp, tcp) IPv6
pass out quick on $fastweb inet6 proto ipv6-icmp all
pass in  quick on $fastweb inet6 proto ipv6-icmp all
pass out quick on $fastweb inet6 proto udp all
pass out quick on $fastweb inet6 proto tcp all
# ftp-proxy
#pass in on $fastweb inet proto tcp from any to $fw_ip user
proxy keep state
# Permit dhcp to comunite with dhcp if
pass in log on $fastweb proto { tcp, udp } from <fw-dhcpd> to
$fastweb  keep state
#pass in log on $fastweb proto { icmp } from <fw-dhcpd> to
$fastweb  keep state
# Services
#pass in log on $fastweb proto tcp from <fw-allow> to $fastweb
port ssh flags S/SA keep state
pass in log on $fastweb proto tcp from <fw-allow> to $fastweb
port www flags S/SA keep state
pass in log on $fastweb proto tcp from <fw-allow> to $fastweb
port ftp flags S/SA keep state
#pass in log on $fastweb proto tcp from <fw-allow> to $fastweb
port smtp flags S/SA keep state
# Services out
#pass in log on $fastweb proto tcp from <fw-allow> to $fastweb
port $services \
#flags S/SA keep state
# IPv6 Services 
pass in log on $fastweb inet6 proto tcp from <ipv6> to $fw_ipv6
port $srvs flags S/SA keep state
  
When i try to ping for example www.kame.net i lost every packets
<[email protected]:1038>$ ping6 www.kame.net               
PING6(56=40+8+8 bytes) 2001:b40:def:f000::976 -->
2001:200:0:8002:203:47ff:fea5:3085
^C
--- www.kame.net ping6 statistics ---
10 packets transmitted, 0 packets received, 100.0% packet loss
And tcpdump says :
<[email protected]:1039>$ sudo tcpdump -i gif0
tcpdump: WARNING: gif0: no IPv4 address assigned
tcpdump: listening on gif0
12:41:09.554322 2001:b40:def:f000::976 > orange.kame.net: icmp6:
echo request
12:41:10.544255 2001:b40:def:f000::976 > orange.kame.net: icmp6:
echo request
12:41:11.544252 2001:b40:def:f000::976 > orange.kame.net: icmp6:
echo request
12:41:12.544254 2001:b40:def:f000::976 > orange.kame.net: icmp6:
echo request
12:41:13.544247 2001:b40:def:f000::976 > orange.kame.net: icmp6:
echo request
12:41:14.544251 2001:b40:def:f000::976 > orange.kame.net: icmp6:
echo request
12:41:14.554197 2001:b40:def:f000::976 > 2001:b40:def:f000:::
icmp6: neighbor sol: who has 2001:b40:def:f000::
12:41:15.544259 2001:b40:def:f000::976 > orange.kame.net: icmp6:
echo request
12:41:15.554184 2001:b40:def:f000::976 > 2001:b40:def:f000:::
icmp6: neighbor sol: who has 2001:b40:def:f000::
12:41:16.544251 2001:b40:def:f000::976 > orange.kame.net: icmp6:
echo request
12:41:16.554193 2001:b40:def:f000::976 > 2001:b40:def:f000:::
icmp6: neighbor sol: who has 2001:b40:def:f000::
12:41:17.544250 2001:b40:def:f000::976 > orange.kame.net: icmp6:
echo request
12:41:18.544282 2001:b40:def:f000::976 > orange.kame.net: icmp6:
echo request
12:41:23.544228 2001:b40:def:f000::976 > 2001:b40:def:f000:::
icmp6: neighbor sol: who has 2001:b40:def:f000::
12:41:24.544224 2001:b40:def:f000::976 > 2001:b40:def:f000:::
icmp6: neighbor sol: who has 2001:b40:def:f000::
12:41:25.544248 2001:b40:def:f000::976 > 2001:b40:def:f000:::
icmp6: neighbor sol: who has 2001:b40:def:f000::
I don't know how to solve this little problem ...
dmesg following
OpenBSD 3.6-stable (GENERIC) #3: Wed Jan 12 16:52:46 CET 2005
    [email protected]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel Pentium III ("GenuineIntel" 686-class) 896 MHz
cpu0: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE
real mem  = 335060992 (327208K)
avail mem = 298348544 (291356K)
using 4115 buffers containing 16855040 bytes (16460K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(4f) BIOS, date 06/20/00, BIOS32 rev.
0 @ 0xfb380
apm0 at bios0: Power Management spec V1.2
apm0: AC on, battery charge unknown
pcibios0 at bios0: rev 2.1 @ 0xf0000/0xb808
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdf00/144 (7
entries)
pcibios0: PCI Exclusive IRQs: 5 9 10 11
pcibios0: PCI Interrupt Router at 000:07:0 ("Intel 82371SB ISA"
rev 0x00)
pcibios0: PCI bus #1 is the last bus
bios0: ROM list: 0xc0000/0xc000
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "Intel 82443BX AGP" rev 0x03
ppb0 at pci0 dev 1 function 0 "Intel 82443BX AGP" rev 0x03
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 "Nvidia GeForce2 Ti" rev 0xa4
wsdisplay0 at vga1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
pcib0 at pci0 dev 7 function 0 "Intel 82371AB PIIX4 ISA" rev
0x02
pciide0 at pci0 dev 7 function 1 "Intel 82371AB IDE" rev 0x01:
DMA, channel 0 
wired to compatibility, channel 1 wired to compatibility
wd0 at pciide0 channel 0 drive 0: <Maxtor 6Y060L0>
wd0: 16-sector PIO, LBA, 58644MB, 120103200 sectors
wd1 at pciide0 channel 0 drive 1: <Maxtor 6Y060L0>
wd1: 16-sector PIO, LBA, 58644MB, 120103200 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2
wd1(pciide0:0:1): using PIO mode 4, Ultra-DMA mode 2
atapiscsi0 at pciide0 channel 1 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: <HP, DVD Writer 300n, 3.10> SCSI0
5/cdrom 
removable
wd2 at pciide0 channel 1 drive 1: <Maxtor 6Y080L0>
wd2: 16-sector PIO, LBA, 78167MB, 160086528 sectors
cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2
wd2(pciide0:1:1): using PIO mode 4, Ultra-DMA mode 2
uhci0 at pci0 dev 7 function 2 "Intel 82371AB USB" rev 0x01: irq
5
usb0 at uhci0: USB revision 1.0
uhub0 at usb0
uhub0: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
"Intel 82371AB Power Mgmt" rev 0x02 at pci0 dev 7 function 3 not
configured
emu0 at pci0 dev 9 function 0 "Creative Labs SoundBlaster Live"
rev 0x04: irq 5
ac97: codec id 0x00004103
audio0 at emu0
"Creative Labs PCI Gameport Joystick" rev 0x01 at pci0 dev 9
function 1 not 
configured
xl0 at pci0 dev 11 function 0 "3Com 3c905 100Base-TX" rev 0x00:
irq 10, address 
00:60:08:4e:f8:34
nsphy0 at xl0 phy 24: DP83840 10/100 media interface, rev. 1
ne3 at pci0 dev 13 function 0 "Realtek 8029" rev 0x00: irq 11
ne3: address 00:40:33:a0:23:73
isa0 at pcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pmsi0 at pckbc0 (aux slot)
pckbc0: using irq 12 for aux slot
wsmouse0 at pmsi0 mux 0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: <PC speaker>
sysbeep0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
lm0 at isa0 port 0x290/8: LM79
npx0 at isa0 port 0xf0/16: using exception 16
pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
biomask e365 netmask ef65 ttymask ffe7
pctr: 686-class user-level performance counters enabled
mtrr: Pentium Pro MTRR support
dkcsum: wd0 matched BIOS disk 80
dkcsum: wd1 matched BIOS disk 81
wd2: no disk label
dkcsum: wd2 matched BIOS disk 82
root on wd0a
rootdev=0x0 rrootdev=0x300 rawdev=0x302
arp info overwritten for 41.19.150.65 by 00:00:0c:07:ac:03 on
xl0
arp info overwritten for 41.19.150.65 by 00:c0:26:80:34:2d on
xl0
-- 
nik <[email protected]>
Powered by OpenBSD
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GP d-- s+: a? C+++ UB- P L E- W++ N* o-- K- w-- 
O M- V+ PS+++ PE+++ Y+ PGP+ t 5 X+ R+ tv-- b++ DI+ D++ 
G e++++ h++ r% y+ 
------END GEEK CODE BLOCK------