Results 1 to 3 of 3

Thread: IPv6 gateway computer - routing help

  1. #1
    Join Date
    Jan 2017
    Beans
    1

    Question IPv6 gateway computer - routing help

    I'm trying to use a linux VM as an IPv6 internet gateway for another VM.
    I have a server installed for which I received the ipv6 prefix 2001:abcd:1234:5678::/64 (Note I edited the prefixes for privacy reasons)

    device 1:
    I put up interface eth0 (WAN) with address 2001:abcd:1234:5678:ffff::1/120
    I put up interface eth1 (LAN) with IP fd12:3456:7890::1234

    I used the following iptables rules:
    Code:
    -A FORWARD -o eth0 -i eth1 -s 2001:abcd:1234:5678:ffff::/120 -m conntrack --ctstate NEW -j ACCEPT
    -A FORWARD -o eth1 -i eth0 -d 2001:abcd:1234:5678:ffff::/120 -m conntrack --ctstate NEW -j ACCEPT
    -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
    Option is set correctly through sysctl: net.ipv6.conf.all.forwarding=1

    The device can reach the IPv6 internet fine.

    device 2:
    I have eth0 with IP 2001:abcd:1234:5678:ffff::2/128 and gateway fd12:3456:7890::1234

    I can reach both fd12:3456:7890::1234 and 2001:abcd:1234:5678:ffff::1 fine, but any outgoing connections to WAN hang as shown in conntrack on device 1:
    Code:
    tcp      6 118 SYN_SENT src=2001:abcd:1234:5678:ffff::2 dst=2a00:1450:400e:803::200e sport=43438 dport=80 [UNREPLIED] src=2a00:1450:400e:803::200e dst=2001:abcd:1234:5678:ffff::2 sport=80 dport=43438 mark=0 use=1
    and the device 2's IP 2001:abcd:1234:5678:ffff::2 is not internet-resolvable, which is probably the cause of the hang.

    What did I do wrong in my setup? How do I make the second device reach the internet through the first device?

    See also http://askubuntu.com/questions/86956...set-up-routing
    Last edited by christina-korosec1; January 8th, 2017 at 09:17 PM. Reason: formatting, askubuntu link

  2. #2
    Join Date
    Feb 2008
    Location
    Texas
    Beans
    30,014
    Distro
    Ubuntu 24.04 Noble Numbat

    Re: IPv6 gateway computer - routing help

    Thread moved to Virtualisation.

  3. #3
    Join Date
    Dec 2007
    Location
    Eastern Washington
    Beans
    Hidden!
    Distro
    Ubuntu 16.10 Yakkety Yak

    Re: IPv6 gateway computer - routing help

    Looks like you're trying to create a NAT-style setup, but didn't add any nat table rules. You can do IPv6 NAT, but it's generally discouraged. And using any subnet smaller than /64 is a huge no-no (larger prefix=smaller subnet).

    Are you familiar enough with ip6tables to do the nat table rules? Should be similar to iptables.
    Last edited by geeksmith; January 12th, 2017 at 11:36 PM.
    Ubuntu user since Warty Warthog
    Don't Break Ubuntu/Debian
    Let smiths perform the work of smiths

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •