Missing link between local IPv6 and SixXS tunnel

Thomas asked:

I have acquired an IPv6 tunnel from SixXS that I want to use on my local FreeBSD 9.0 box. I have set up the Aiccu tunnel with sixxs-aiccu and rtadvd is already working.

As long as I am using the gif0 tunnel interface, I have v6 connectivity. But there appears to exist a routing problem between re0 and gif0.

$ ping6 example.com
16 bytes from 2001:500:88:200::10, icmp_seq=0 hlim=53 time=156.963 ms

$ ping6 -I re0 example.com
ping6: sendmsg: No route to host
ping6: wrote example.com 16 chars, ret=-1

netstat -rn gives me

2001:6f8:900:xxx::/64             link#6                        U           re0
2001:6f8:900:xxx::1               2001:6f8:900:xxx::2           UH         gif0
2001:6f8:900:xxx::2               link#13                       UHS         lo0
2001:6f8:900:xxx::3               link#6                        UHS         lo0

At that point it’s becoming pretty clear that I have to set up some kind of routing between ::3 (which is the static v6 address of the machine) and ::2 which is the my end of the tunnel.

How do I set up the missing link?

Edit As Michael correctly stated, I have selected the wrong range in rc.conf and rtadvd. I have now changed them to the correct subnet 2001:6f8:900:yxxx::. But still I’ve got the same issue.
My rc.conf looks like this:

ipv6_ifconfig_re0="2001:6f8:900:yxxx::1 prefixlen 64"

What am I doing wrong?

My answer:

You’re doing it wrong.

Your point-to-point tunnel uses only two addresses of the /64, 2001:db8:900:32::1 which is SixXS’s end, and 2001:db8:900:32::2, which is your end. No other addresses in that /64 should be used.

You should configure your local network (and rtadvd) with the separate /64 or /48 subnet that you were assigned, e.g. 2001:db8:900:8032::/64.

(Also make sure you have gateway_enable="YES" in /etc/rc.conf.)

It appears you are also explicitly sending your ping to the wrong interface. I have no idea why you would expect this to work. There’s no route to 2001:500:88:200::10 via re0 on your router; that address is only reachable via gif0. Unless you’ve got a second router somewhere that you didn’t mention…

View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.