# ipv6_gateway: can't ping



## Finwe (Aug 12, 2013)

Each time I set 
	
	



```
ipv6_gateway_enable="YES"
```
I can't ping my IPv6 address anymore. Here is my rc.conf:

```
# System
hostname="myhostname"
fsck_y_enable="YES"
dumpdev="AUTO"


# Network
# -- IPv4 configuration
ifconfig_em0="inet xx.xx.xx.xx netmask 255.255.255.0 broadcast xx.xx.xx.xx"
defaultrouter="xx.xx.xx.xx"
# -- IPv6 configuration
ipv6_enable="YES"
ifconfig_em0_ipv6="ipv6 address prefixlen 128"
ipv6_static_routes="ovhgw"
ipv6_route_ovhgw="router ipv6 address -prefixlen 128 -interface em0"
ipv6_defaultrouter="router ipv6 address"
# -- NAT
gateway_enable="YES"
ipv6_gateway_enable="YES"
# -- Jails
ezjail_enable="YES"
jail_sysvipc_allow="YES"
cloned_interfaces="lo1"
ifconfig_lo1="inet 10.1.1.254 netmask 255.255.255.0"
ifconfig_lo1_ipv6="inet6 fec0::204:254 prefixlen 64"
ifconfig_lo1_alias0="10.1.1.1 netmask 255.255.255.0"
ifconfig_lo1_alias1="10.1.1.2 netmask 255.255.255.0"
ifconfig_lo1_alias2="10.1.1.3 netmask 255.255.255.0"
ifconfig_lo1_alias3="inet6 fec0::204:1 prefixlen 64"
ifconfig_lo1_alias4="inet6 fec0::204:2 prefixlen 64"
ifconfig_lo1_alias5="inet6 fec0::204:3 prefixlen 64"
# -- Firewall
pf_enable="YES"
pf_rules="/etc/pf.conf"
# -- Random Software
sshd_enable="YES"
# -- NTP
ntpdate_enable="YES"
ntpdate_hosts="213.186.33.99"
```
The IPv6 configuration is automatically done by my dedicated server provider and works fine if I don't set 
	
	



```
ipv6_gateway_enable="YES"
```
I've tried to remove everything except IP configuration and gateway, and I still get the same result. I've done some research but never find the same problem. Anybody got an idea why?


----------



## SirDice (Aug 12, 2013)

Don't use fec0:: addresses. They're deprecated.

http://tools.ietf.org/html/rfc3879


----------



## Finwe (Aug 12, 2013)

Thanks for the reply, I didn't know. Unfortunately, even if I comment this part in my rc.conf, this doesn't solve the problem.


----------



## SirDice (Aug 12, 2013)

Please post at least part of the IPv6 addresses and the specific error message you are receiving. A quick peek at the routing table would be nice too.


----------



## Finwe (Aug 12, 2013)

Here's a part of IPv6 addresses (tell me if it's not enough):

```
# -- IPv6 configuration
ipv6_enable="YES"
ifconfig_em0_ipv6="x:x:x:100f::1 prefixlen 128"
ipv6_static_routes="ovhgw"
ipv6_route_ovhgw="y:y:y:10ff:ff:ff:ff:ff -prefixlen 128 -interface em0"
ipv6_defaultrouter="y:y:y:10ff:ff:ff:ff:ff"
#ip6addrctl_enable="YES"
#ip6addrctl_policy="ipv6_prefer"
```

The ping6's error is "operation timed out"

If I restart netif with `# /etc/rc.d/netif restart`I get the following warning :
	
	



```
/etc/rc.d/netif: WARNING: $ipv6_enable is obsolete.  Use $ipv6_activate_all_interfaces instead.
```

But if I don't set 'ipv6_enable="YES"' it doesn't work at all.

Routing tables:


```
Internet:
Destination        Gateway            Flags    Refs      Use  Netif Expire
default            ipv4address        UGS         0       60    em0
ipv4address        link#1             U           0       70    em0
myhostname         link#1             UHS         0        0    lo0
localhost          link#8             UH          0        0    lo0

Internet6:
Destination        Gateway            Flags      Netif Expire
::                 localhost          UGRS        lo0
localhost          link#8             UH          lo0
::ffff:0.0.0.0     localhost          UGRS        lo0
kuro.finwe.be      link#1             UHS         lo0
x:x:x:10ff:f       00:22:4d:a6:aa:16  UHS         em0
fe80::             localhost          UGRS        lo0
fe80::%em0         link#1             U           em0
fe80::222:4dff:fea link#1             UHS         lo0
fe80::%lo0         link#8             U           lo0
fe80::1%lo0        link#8             UHS         lo0
ff01::%em0         fe80::222:4dff:fea U           em0
ff01::%lo0         localhost          U           lo0
ff02::             localhost          UGRS        lo0
ff02::%em0         fe80::222:4dff:fea U           em0
ff02::%lo0         localhost          U           lo0
```


----------



## SirDice (Aug 12, 2013)

You don't have a default gateway set for IPv6 according to your routing table.


----------



## Finwe (Aug 12, 2013)

That's right!

Here's my IPv6 routing table when I disable 
	
	



```
ipv6_gateway_enable="YES"
```


```
Internet6:
Destination        Gateway            Flags      Netif Expire
::                 localhost          UGRS        lo0 =>
default            fe80::12bd:18ff:fe UG          em0
localhost          link#8             UH          lo0
```

But I don't understand why it disap*p*ear*s* when I set this setting and why it's OK when it's not set. How can I fix that?


----------



## SirDice (Aug 12, 2013)

Setting gateway_enable shouldn't touch your default gateway (or any other route). 

But I'm not sure what you're trying to do here:

```
ipv6_static_routes="ovhgw"
ipv6_route_ovhgw="router ipv6 address -prefixlen 128 -interface em0"
ipv6_defaultrouter="router ipv6 address"
```
Try removing those and only set ipv6_defaultrouter:

```
ipv6_defaultrouter="fe80::12bd:18ff:fe"
```
(Check if that's the correct link-local address for you)

I'm using an HE.net tunnelbroker and my ipv6_defaultgateway is:

```
ipv6_defaultrouter="-iface gif0"
```
My previous ISP had native IPv6 support and all I had to do was enable rtadv on the interface:

```
ifconfig_re0_ipv6="inet6 accept_rtadv"
```


----------



## Finwe (Aug 12, 2013)

I've tried your first solution. It works fine except if, again, I set the parameter (the default gateway disappears again).

The rtadv solution don't work for me.


----------



## SirDice (Aug 12, 2013)

With ipv6_gateway_enable set, can you try setting the default gateway by hand? Does that work?

`# route add -inet6 default fe80::12bd:18ff:fe`


----------



## Finwe (Aug 12, 2013)

I can, but ping6 still don't work. I've noticed that Flags is "UGS" instead of "UG", I don't know if it's important.


```
Internet6:
Destination        Gateway            Flags      Netif Expire
::                 localhost          UGRS        lo0 =>
default            fe80::12bd:18ff:fe UGS         em0
localhost          link#8             UH          lo0
```


----------



## Finwe (Aug 13, 2013)

I've reinstalled FreeBSD and just added the IPv6 gateway parameter. I have the same problem. Anybody got an idea?


----------



## SirDice (Aug 14, 2013)

Are you able to ping the link-local address of the router?


----------



## Finwe (Aug 14, 2013)

Do you mean `ping6 IPv6 router address`? If the parameter is not set, yes, otherwise, no.


----------



## SirDice (Aug 14, 2013)

That's just weird. Either there's something else going on or we're overlooking something simple. Turning routing on shouldn't touch any of the existing routes. Is there a firewall running on the box that might interfere?


----------



## Finwe (Aug 14, 2013)

Not anymore, I've reinstalled FreeBSD.


----------



## Finwe (Aug 14, 2013)

I have 
	
	



```
if_em_load="YES"
```
 in /boot/loader.conf. I think it is for em0, my network interface, but I don't know if it's important.


----------



## SirDice (Aug 14, 2013)

That shouldn't be needed, em(4) is built into the GENERIC kernel.


----------



## Finwe (Aug 14, 2013)

It's the auto-configuration from my provider. I think I'm going to reinstall my server without their configuration. Maybe they do something I don't know and it's the problem.


----------



## Finwe (Aug 14, 2013)

Well, I've reinstalled from an official FreeBSD disc and just added this to rc.conf:

```
$ cat /etc/rc.conf
sshd_enable="YES"

ifconfig_em0="inet ipv4 netmask 255.255.255.0 broadcast ipbroadcast"
defaultrouter="ipv4 router"

ipv6_enable="YES"
ipv6_network_interfaces="auto"
ifconfig_em0_ipv6="inet6 2001:x:x:x::1 prefixlen 128"
ipv6_defaultrouter="2001:41D0:A:10ff:ff:ff:ff:ff"

gateway_enable="YES"
ipv6_gateway_enable="YES"

hostname="myhostname"
```
and I still have the same problem! Is it possible that the problem is hardware? Or did I need to do more configuration? Again without 
	
	



```
ipv6_gateway_enable="YES"
```
 everything works fine. No firewall, no extra parameter, no custom kernel.


----------



## Finwe (Aug 17, 2013)

With this rc.conf:

```
# IPv6 configuration
ipv6_enable="YES"
ipv6_network_interfaces="auto"
ifconfig_em0_ipv6="inet6 2001:41D0:x:x::1 prefixlen 128"
ipv6_static_routes="ovhgw defaultgw"
ipv6_route_ovhgw="2001:41D0:A:10ff:ff:ff:ff:ff -prefixlen 128 -interface em0"
ipv6_route_defaultgw="default 2001:41D0:A:10ff:ff:ff:ff:ff"
ipv6_defaultrouter="2001:41D0:A:10ff:ff:ff:ff:ff"

hostname="myhostname"

gateway_enable="YES"
ipv6_gateway_enable="YES"
```
I have a "good" routing table, 

```
Internet:
Destination        Gateway            Flags    Refs      Use  Netif Expire
default            37.187.16.254      UGS         0      234    em0
37.187.16.0        link#1             U           0      858    em0
myhostname         link#1             UHS         0        0    lo0
localhost          link#8             UH          0        0    lo0

Internet6:
Destination        Gateway            Flags      Netif Expire
::                 localhost          UGRS        lo0 =>
default            2001:41d0:a:10ff:f UGS         em0
localhost          link#8             UH          lo0
::ffff:0.0.0.0     localhost          UGRS        lo0
myhostname         link#1             UHS         lo0
2001:41d0:a:10ff:f 00:22:4d:a6:aa:16  UHS         em0
fe80::             localhost          UGRS        lo0
fe80::%em0         link#1             U           em0
fe80::222:4dff:fea link#1             UHS         lo0
fe80::%lo0         link#8             U           lo0
fe80::1%lo0        link#8             UHS         lo0
ff01::%em0         fe80::222:4dff:fea U           em0
ff01::%lo0         localhost          U           lo0
ff02::             localhost          UGRS        lo0
ff02::%em0         fe80::222:4dff:fea U           em0
ff02::%lo0         localhost          U           lo0
```
but ping on IPv6 still doesn't work. If it could help, the server is a KS 2G from OVH: http://www.kimsufi.com/


----------



## Finwe (Aug 17, 2013)

I've deleted the parameters from rc.conf and added the sysctl in sysctl.conf.

```
net.inet6.ip6.forwarding=1
net.inet.ip.forwarding=1
```
I can ping my IPv6 address, but, I can't use IPv6 in my jails. With this code in my pf.conf, I can:

```
nat on $wan_if inet proto {tcp, udp} from $ftp_ip to any -> $wan_ip
```
but with this one:

```
nat on $wan_if inet6 proto {tcp, udp} from $ftp_ip6 to any -> $wan_ip6
```
I can't.


----------



## kpa (Aug 17, 2013)

Why do you have prefixlen 128 on the ifconfig_em0_ipv6 line? Shouldn't you have 64 in there?


----------



## Finwe (Aug 17, 2013)

My provider gave me this:

```
IPv6: 2001:41d0:x:x::1/128
```

The auto-configuration is also with /128, so I think /128 is the correct prefix.


----------



## kpa (Aug 17, 2013)

It looks weird because it's on an Ethernet interface. If it was on a point to point link like a gif(4) interface it would be just fine.


----------



## Finwe (Aug 17, 2013)

I'll try with a /64. Do you think it might be the source of my problems?


----------



## kpa (Aug 17, 2013)

Your provider has decided on a peculiar setup, that might have something to do with your problems. Usually the addresses are configured with prefixlen 64 when the configuration is done via router advertisements. Try but I think it won't work.


----------



## Finwe (Aug 18, 2013)

I've tried with /64 and it works, but, again, if I set 
	
	



```
ipv6_gateway_enable=YES
```
 in my rc.conf, my IPv6 connectivity goes away...


----------



## Finwe (Aug 19, 2013)

I've also tried with FreeBSD 9.2. The problem is still here...


----------

