Here's my setup. I have one CHR router, one Linux router (abbreviated LR) and two Linux hosts.
Only IPv6 is currently used.
Machine A is a VM connected to CHR with a Linux bridge (they are on the same host).
Machine B is a physical Linux host, connected via Ethernet to LR.
LR and CHR are connected with a GRE tunnel.
A <=> CHR <=> LR <=> B.
All four hosts can ping each other, traffic is successfully forwarded.
But, something weird is going on with traceroutes.
From left to right (A => B) they work fine. But B and LR have broken traceroutes to A or any IPv6 host on the Internet (CHR is the gateway).
Traceroute from A (2001:678:d2c::1) to B (2001:678:d2c:100:593d:dbf1:875d:45fc):
Code: Select all
traceroute to 2001:678:d2c:100:593d:dbf1:875d:45fc (2001:678:d2c:100:593d:dbf1:875d:45fc), 30 hops max, 80 byte packets
1 2001:678:d2c:: (2001:678:d2c::) 0.112 ms 0.109 ms 0.106 ms
2 2001:678:d2c:1ff::1 (2001:678:d2c:1ff::1) 15.237 ms 15.553 ms 15.550 ms
3 2001:678:d2c:100:593d:dbf1:875d:45fc (2001:678:d2c:100:593d:dbf1:875d:45fc) 17.779 ms 17.779 ms 17.775 ms
Traceroute from B to A:
Code: Select all
traceroute to 2001:678:d2c::1 (2001:678:d2c::1), 30 hops max, 80 byte packets
1 _gateway (2001:678:d2c:100::) 0.378 ms 0.360 ms 0.358 ms
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 lnms (2001:678:d2c::1) 17.800 ms 17.797 ms 17.792 ms
And finally we get the response from A (2001:678:d2c::1).
CHR and LR IPv6 firewalls are currently empty, accepting everything in, out, and forward.
Using some log rules on CHR, I've been able to see that it is indeed forwarding all the missing hops to A, but it never replies with Type 3 Time Exceeded, while it does the other way around.
I hope this is clear enough, I can provide more details if needed.
If anyone could help, this would be greatly appreciated! I've been trying for two days but I really don't get it.
Thanks!