[Solved] IPv6 tunnel broker on RB2011, bridge unreachable

elpengo · November 15, 2012, 6:23pm

Hello,

I’ve recently bought a RB2011UAS-2HND-IN and tried to make IPv6 available on my network.
As my ISP doesn’t provide native IPv6 to his customer, I’ve choosen Hurricane Electric tunnel brocker.
The “link” between HE and my router works fine, I can ping an external IPv6 address but when I want to provide IPv6 to my LAN computers, here comes the problem.

I add /::64 routable address (the one given by HE, let’s say 2001:470:1f23:b74::/64 for the example) to my IPv6 Address List like this :

/ipv6 address add address=2001:470:1f23:b74:2::1/64 advertise=yes interface=bridge-local

The address is successfuly added but…IPv6 route automatically added show me “bridge-local unreachable” in Gateway field.
So I can’t have my LAN computers having an IPv6 neither make them ping6 the outside :-/

I’m using ROS 5.21 and Firmware 3.0.

Note: the RB2011UAS-2HND-IN comes with a bridge interface called “bridge-local” that regroup eth2 to eth10 and wlan1 together. I’ll prefer to keep it.

nickshore · November 16, 2012, 9:06am

Can you show the results of, /ipv6 address print and /ipv6 route print please

Nick.

elpengo · November 16, 2012, 10:10am

default ipv6 config (no route):

/ipv6 address print 
Flags: X - disabled, I - invalid, D - dynamic, G - global, L - link-local 
 #    ADDRESS                                     FROM-POOL INTERFACE                                
 0 DL fe80::d6ca:6dff:fe63:6859/64                          ether1-gateway

actual ipv6 config:

/ipv6 address print
Flags: X - disabled, I - invalid, D - dynamic, G - global, L - link-local 
 #    ADDRESS                                     FROM-POOL INTERFACE                           ADVERTISE
 0 DL fe80::d6ca:6dff:fe63:6859/64                          ether1-gateway                      no       
 1 DL fe80::c0a8:164/128                                    sixbone                             no       
 2  G 2001:470:1f12:b62::2/64                               sixbone                             yes      
 3  G 2001:470:1f23:b74:2::1/64                             bridge-local                        yes

/ipv6 route  print  
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, o - ospf, b - bgp, 
U - unreachable 
 #      DST-ADDRESS              GATEWAY                  DISTANCE
 0 A S  2000::/3                 2001:470:1f12:b62::1            1
 1 ADC  2001:470:1f12:b62::/64   sixbone                         0
 2 ADC  2001:470:1f23:b74::/64   bridge-local                    0

nickshore · November 16, 2012, 10:20am

So all routes look ok, if I use a 6to4 tunnel, I would normally add a default route like this:

/ipv6 route disabled=no distance=1 dst-address=::/0 gateway=sixbone

Do your clients on the LAN get an IPv6 address and can they ping6 the sixbone interface and then the far end of the sixbone tunnel ?

Nick.

elpengo · November 16, 2012, 11:16am

After an electrical blackout in my house, the router has now a ipv6 link-local address on reboot (that’s weird).

/ipv6 address print                                                        
Flags: X - disabled, I - invalid, D - dynamic, G - global, L - link-local 
 #    ADDRESS                                     FROM-POOL INTERFACE                           ADVERTISE
 0  G 2001:470:1f12:b62::2/64                               sixbone                             yes      
 1  G 2001:470:1f23:b74:1::1/64                             bridge-local                        yes      
 2 DL fe80::c0a8:164/128                                    sixbone                             no       
 3 DL fe80::d6ca:6dff:fe63:6859/64                          ether1-gateway                      no       
 4 DL fe80::d6ca:6dff:fe63:685a/64                          bridge-local                        no

adding ::/0 route makes bridge-local reachable in IPv6 Route List.

My LAN clients now get an ipv6 and ipv6 connectivity on internet.

Thank you