Mailinglist Archive: opensuse-support (91 mails)

< Previous Next >
Re: [opensuse-support] configuration of ipv6 forwarding
07.09.2018 23:47, Adam Mizerski пишет:

W dniu 07.09.2018 o 11:07, Andrei Borzenkov pisze:
On Thu, Sep 6, 2018 at 11:01 PM Adam Mizerski <adam@xxxxxxxxxxx> wrote:


I have the following situation: I have a VPS with openSUSE 15 Leap on
it. It has a public IPv6 address and connectivity with outside world
works correctly. I also have a whole /64 subnet to use (public address
is not in this subnet).

I want to configure WireGuard so that devices connected to it would have
addresses from my subnet (for now set by hand, I'll play with
autoconfiguration later) and connectivity to outside world.

My VSP operator requires that all IPv6 traffic should come out of my
public address.

Here's what I've got:

# ip -6 a
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 {PUBLIC_IP}/64 scope global
valid_lft forever preferred_lft forever
3: wg0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1420 state UNKNOWN qlen 1000
inet6 {SUBNET}::1/64 scope global deprecated
valid_lft forever preferred_lft 0sec

# ip -6 r
local ::1 dev lo proto kernel metric 256 pref medium
{SUBNET}::/64 dev wg0 proto kernel metric 256 pref medium
{PUBLIC_IP_SUBNET}::/64 dev eth0 proto kernel metric 256 pref medium
fe80::/64 dev eth0 proto kernel metric 256 pref medium
default via {GATEWAY} dev eth0 src {PUBLIC_IP} metric 1024 pref medium

# sysctl -a | grep ipv6 | grep forwarding | grep -v mc_forwarding
net.ipv6.conf.all.forwarding = 1
net.ipv6.conf.default.forwarding = 1
net.ipv6.conf.eth0.forwarding = 1
net.ipv6.conf.lo.forwarding = 0
net.ipv6.conf.wg0.forwarding = 1

# ping6 -c1 -I eth0
PING (2a02:898:146::2)) from
{PUBLIC_IP} eth0: 56 data bytes
64 bytes from (2a02:898:146::2): icmp_seq=1
ttl=58 time=28.1 ms

--- ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 28.109/28.109/28.109/0.000 ms


So it looks like this:

# ping6 -c1
PING (2a02:898:146::2)) 56 data bytes
From {PUBLIC_IP} ({PUBLIC_IP}) icmp_seq=1 Destination unreachable:
Address unreachable
ping: sendmsg: Destination address required

--- ping statistics ---
1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms

As you can see, ping failed. But if I use `ping6 -c1 -I eth0`
it works, as I wrote before. And I don't see the reason why it fails.
Because address on wg0 is deprecated, I though both command should be

Earlier you said that connectivity to outside world works correctly.
Does it mean only ping fails? Can you connect to any IPv6 using TCP/UDP?

strace of both successful and failed ping invocations would be useful.

< Previous Next >
Follow Ups