FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian ISP

 
 
LinkBack Thread Tools
 
Old 08-10-2012, 04:34 PM
Michelle Konzack
 
Default IPv6 config... grmpf!

Hello *,

I have a real IPv6 /64 block and want to use it on my Hetzner Server.

IPv4: 78.47.247.21
and use the
IPv6: 2a01:04f8:0d12:1300::2

for the connectivity. So, I have setup the pig with

--[ command 'ssh mail.tamay-dogan.net "cat /etc/network/interfaces"' ]--
auto eth0
iface eth0 inet static
address 78.47.247.21
broadcast 78.47.247.31
netmask 255.255.255.240
gateway 78.47.247.17

up route add -net 78.47.247.16 netmask 255.255.255.240 gw 78.47.247.17 eth0

iface eth0 inet6 static
address 2a01:04f8:0d12:1300:0000:0000:0000:0002
netmask 64
gateway 2a01:04f8:0d12:1300:0000:0000:0000:0001

up ip -6 route add 2a01:04f8:0d12:1300:0000:0000:0000:0001 dev eth0
down ip -6 route del 2a01:04f8:0d12:1300:0000:0000:0000:0001 dev eth0

up ip -6 route add default 2a01:04f8:0d12:1300:0000:0000:0000:0001 dev eth0
down ip -6 route del default 2a01:04f8:0d12:1300:0000:0000:0000:0001 dev eth0
------------------------------------------------------------------------

--[ command 'dig ANY mail.tamay-dogan.net' ]---------------------------
;; Truncated, retrying in TCP mode.
mail.tamay-dogan.net. 3600 IN A 78.47.247.21
mail.tamay-dogan.net. 3600 IN RRSIG A 5 3 3600 20120821071637 20120722070052 6642 tamay-dogan.net. TJtmxzw7t+0UEuqKcaU0fQneRson576Jp5YKv1smztNwxQlRZY c9KcXj 9KvdxUpjzyv2sbNknxyHdeZHFexF++I9qDS/jPnWZO7Zcw4m7aVAAbFn bT30x2WrclmmGI+4EJqHX5yBL1kWxS3KQm0GvFD4XtVXeZTfr6 Lll+Bm 504=
mail.tamay-dogan.net. 3600 IN AAAA 2a01:4f8:d12:1300::2
mail.tamay-dogan.net. 3600 IN RRSIG AAAA 5 3 3600 20120821071637 20120722070052 6642 tamay-dogan.net. QoCxQlXyCQlQaFWOZznVY9sNCGD6Rzggn/tmV4Lqy77fq69CAX8hwial 96UwmqFibEbsAW54Gx3JqeZCDd7ztcVhAjCnWTgzSdAljVOp7n KcmWsb bhZZpAulSJE8ijOYDU9HKbMDYL3WOaDW9T3z3yZOcHoQl6lBkZ apgDJN 6/A=
mail.tamay-dogan.net. 86400 IN NSEC myspace.tamay-dogan.net. A AAAA RRSIG NSEC
mail.tamay-dogan.net. 86400 IN RRSIG NSEC 5 3 86400 20120821071637 20120722070052 6642 tamay-dogan.net. g9DZhkxFmVFrfnaRdqeX5hOONChIhPuiYOCGO22sAwvnh/oyVCsC9yXC OgTuF65XlYTylmwTd5cQzifF+D1rIZbMmFJ0RaZViWxquMok3M oSOQVe XMH33l/jrpBB1P8d6MldunIy0qOZLKzYGXfMB73wNpUAF5ZK2SOWhcUX NW4=
tamay-dogan.net. 3600 IN NS dns1.tamay-dogan.net.
tamay-dogan.net. 3600 IN NS dns2.tamay-dogan.net.
tamay-dogan.net. 3600 IN NS dns3.tamay-dogan.net.
dns1.tamay-dogan.net. 3600 IN A 78.47.104.44
dns2.tamay-dogan.net. 3600 IN A 217.147.94.23
dns3.tamay-dogan.net. 3600 IN A 78.47.247.21
------------------------------------------------------------------------

Which should be OK. However, nothing is working.

Any suggestions?

OK, since I have enough traffic free on the server (I use less then 5%)
I wan to setup my own IPv6 Tunnel Broker, where I have found a HOWTO on
the internet how to do this, becuase I wan to use a VPN to 4 MobilOffice
without passing any traffic over foreign services which track down the
whole network and I have some servers, which must be reachable from time
to time from the Internet. so I want to setup VPNs from the MobilOffices
to the Server using

1) 2a01:4f8:d12:1300::1:0-ffff
2) 2a01:4f8:d12:1300::2:0-ffff
3) 2a01:4f8:d12:1300::3:0-ffff
4) 2a01:4f8:d12:1300::4:0-ffff

but first I must get the server running.

Thanks, Greetings and nice Weekend
Michelle Konzack

--
##################### Debian GNU/Linux Consultant ######################
Development of Intranet and Embedded Systems with Debian GNU/Linux
Internet Service Provider, Cloud Computing
<http://www.itsystems.tamay-dogan.net/>
<http://www.debian.tamay-dogan.net/>

itsystems@tdnet Jabber linux4michelle@jabber.ccc.de
Owner Michelle Konzack

Gewerbe Strasse 3 Tel office: +49-176-86004575
77694 Kehl Tel mobil: +49-177-9351947
Germany Tel mobil: +33-6-61925193 (France)

USt-ID: DE 278 049 239

Linux-User #280138 with the Linux Counter, http://counter.li.org/
 
Old 08-10-2012, 04:56 PM
Povl Ole Haarlev Olsen
 
Default IPv6 config... grmpf!

On Fri, 10 Aug 2012, Michelle Konzack wrote:

I have a real IPv6 /64 block and want to use it on my Hetzner Server.

[- Cut -]

mail.tamay-dogan.net. 3600 IN AAAA 2a01:4f8:d12:1300::2

[- Cut -]

Which should be OK. However, nothing is working.


It looks like someone turn off ping replies, but other than that, it seems
fine to me...


$ traceroute6 -n 2a01:4f8:d12:1300::2
traceroute to 2a01:4f8:d12:1300::2 (2a01:4f8:d12:1300::2), 30 hops max, 80 byte packets
1 2001:470:28:8b2:7374:6465:7272:ff 0.331 ms 0.299 ms 0.284 ms
2 2001:470:27:8b2::1 31.474 ms 33.445 ms 35.688 ms
3 2001:470:0:11e::1 35.717 ms 35.717 ms 35.857 ms
4 2001:470:0:22f::1 60.849 ms 61.055 ms 61.045 ms
5 2001:7f8:1::a502:4940:1 64.532 ms 64.547 ms 64.655 ms
6 2a01:4f8:0:1::12:3 70.907 ms 71.286 ms 72.013 ms
7 2a01:4f8:0:d0:2:d:12:1 73.498 ms 63.750 ms 68.598 ms
8 * * *
9 2a01:4f8:d12:1300::2 66.107 ms 63.010 ms 63.594 ms

What errors do you get?

--
Povl Ole


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/alpine.DEB.2.00.1208101847010.31523@noget.stderr.d k.localdomain
 
Old 08-10-2012, 05:10 PM
Povl Ole Haarlev Olsen
 
Default IPv6 config... grmpf!

On Fri, 10 Aug 2012, Povl Ole Haarlev Olsen wrote:

On Fri, 10 Aug 2012, Michelle Konzack wrote:

I have a real IPv6 /64 block and want to use it on my Hetzner Server.

[- Cut -]

mail.tamay-dogan.net. 3600 IN AAAA 2a01:4f8:d12:1300::2

[- Cut -]

Which should be OK. However, nothing is working.
It looks like someone turn off ping replies, but other than that, it seems
fine to me...


I did some more tests.

It looks like your mail-server isn't listening on IPv6:

$ telnet 2a01:4f8:d12:1300::2 smtp
Trying 2a01:4f8:d12:1300::2...
telnet: Unable to connect to remote host: Connection refused

But your webserver is:

$ telnet 2a01:4f8:d12:1300::2 www
Trying 2a01:4f8:d12:1300::2...
Connected to 2a01:4f8:d12:1300::2.
Escape character is '^]'.
GET /IPv6-test HTTP/1.0

HTTP/1.1 404 Not Found
Date: Fri, 10 Aug 2012 17:01:11 GMT
Server: Apache/2.2.16 (Debian)
...
<address>Apache/2.2.16 (Debian) Server at mail.tamay-dogan.net Port 80</address>
</body></html>
Connection closed by foreign host.

--
Povl Ole


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/alpine.DEB.2.00.1208101907090.31523@noget.stderr.d k.localdomain
 
Old 08-10-2012, 09:25 PM
Michelle Konzack
 
Default IPv6 config... grmpf!

Hello Povl Ole Haarlev Olsen,

Am 2012-08-10 18:56:17, hacktest Du folgendes herunter:
> It looks like someone turn off ping replies, but other than that, it
> seems fine to me...
>
> $ traceroute6 -n 2a01:4f8:d12:1300::2
> traceroute to 2a01:4f8:d12:1300::2 (2a01:4f8:d12:1300::2), 30 hops max, 80 byte packets
> 1 2001:470:28:8b2:7374:6465:7272:ff 0.331 ms 0.299 ms 0.284 ms
> 2 2001:470:27:8b2::1 31.474 ms 33.445 ms 35.688 ms
> 3 2001:470:0:11e::1 35.717 ms 35.717 ms 35.857 ms
> 4 2001:470:0:22f::1 60.849 ms 61.055 ms 61.045 ms
> 5 2001:7f8:1::a502:4940:1 64.532 ms 64.547 ms 64.655 ms
> 6 2a01:4f8:0:1::12:3 70.907 ms 71.286 ms 72.013 ms
> 7 2a01:4f8:0:d0:2:d:12:1 73.498 ms 63.750 ms 68.598 ms
> 8 * * *
> 9 2a01:4f8:d12:1300::2 66.107 ms 63.010 ms 63.594 ms

OK... It seems, I can not get th IPv6 on my @office network running.

> What errors do you get?

"no route to host"

Are the ports 993/587/25 or 80/443 accessibel via IPv6?

Thanks, Greetings and nice Day/Evening
Michelle Konzack

--
##################### Debian GNU/Linux Consultant ######################
Development of Intranet and Embedded Systems with Debian GNU/Linux
Internet Service Provider, Cloud Computing
<http://www.itsystems.tamay-dogan.net/>
<http://www.debian.tamay-dogan.net/>

itsystems@tdnet Jabber linux4michelle@jabber.ccc.de
Owner Michelle Konzack

Gewerbe Strasse 3 Tel office: +49-176-86004575
77694 Kehl Tel mobil: +49-177-9351947
Germany Tel mobil: +33-6-61925193 (France)

USt-ID: DE 278 049 239

Linux-User #280138 with the Linux Counter, http://counter.li.org/
 
Old 08-10-2012, 09:27 PM
Michelle Konzack
 
Default IPv6 config... grmpf!

Hello Povl Ole Haarlev Olsen,

Am 2012-08-10 19:10:56, hacktest Du folgendes herunter:
> I did some more tests.
>
> It looks like your mail-server isn't listening on IPv6:
>
> $ telnet 2a01:4f8:d12:1300::2 smtp
> Trying 2a01:4f8:d12:1300::2...
> telnet: Unable to connect to remote host: Connection refused

This sounds not very good...

> But your webserver is:
>
> $ telnet 2a01:4f8:d12:1300::2 www
> Trying 2a01:4f8:d12:1300::2...
> Connected to 2a01:4f8:d12:1300::2.
> Escape character is '^]'.
> GET /IPv6-test HTTP/1.0
>
> HTTP/1.1 404 Not Found
> Date: Fri, 10 Aug 2012 17:01:11 GMT
> Server: Apache/2.2.16 (Debian)
> ...
> <address>Apache/2.2.16 (Debian) Server at mail.tamay-dogan.net Port 80</address>
> </body></html>
> Connection closed by foreign host.

OK, it semms, good.

Then I have to find out, why "courier" does not like IPv6.

Thanks, Greetings and nice Day/Evening
Michelle Konzack

--
##################### Debian GNU/Linux Consultant ######################
Development of Intranet and Embedded Systems with Debian GNU/Linux
Internet Service Provider, Cloud Computing
<http://www.itsystems.tamay-dogan.net/>
<http://www.debian.tamay-dogan.net/>

itsystems@tdnet Jabber linux4michelle@jabber.ccc.de
Owner Michelle Konzack

Gewerbe Strasse 3 Tel office: +49-176-86004575
77694 Kehl Tel mobil: +49-177-9351947
Germany Tel mobil: +33-6-61925193 (France)

USt-ID: DE 278 049 239

Linux-User #280138 with the Linux Counter, http://counter.li.org/
 
Old 08-10-2012, 09:54 PM
Andy Smith
 
Default IPv6 config... grmpf!

Hi Michelle,

On Fri, Aug 10, 2012 at 11:25:18PM +0200, Michelle Konzack wrote:
> Am 2012-08-10 18:56:17, hacktest Du folgendes herunter:
> > What errors do you get?
>
> "no route to host"

A traceroute6 or mtr output from you would be useful at this point.

> Are the ports 993/587

No.

> 25 or 80/443 accessibel via IPv6?

Yes.

Cheers,
Andy
 
Old 08-10-2012, 10:30 PM
Michelle Konzack
 
Default IPv6 config... grmpf!

Hello Andy Smith,

Am 2012-08-10 21:54:49, hacktest Du folgendes herunter:
> Hi Michelle,
> > "no route to host"
> A traceroute6 or mtr output from you would be useful at this point.

I know, but it seems, I have problems in my network with IPv6.

Hmm, I have setup my workstation using ond of the IPs from the /64 block
of my Server-Hoster and now I need to make a VPN connection to my server
to let IPv6 traffic go out via my server and not my IPv4 DSL box

> > Are the ports 993/587
> No.

This should now work... There where three
additional setings which I have overseen. :-/

> > 25 or 80/443 accessibel via IPv6?
> Yes.

OK

Thanks, Greetings and nice Day/Evening
Michelle Konzack

--
##################### Debian GNU/Linux Consultant ######################
Development of Intranet and Embedded Systems with Debian GNU/Linux
Internet Service Provider, Cloud Computing
<http://www.itsystems.tamay-dogan.net/>
<http://www.debian.tamay-dogan.net/>

itsystems@tdnet Jabber linux4michelle@jabber.ccc.de
Owner Michelle Konzack

Gewerbe Strasse 3 Tel office: +49-176-86004575
77694 Kehl Tel mobil: +49-177-9351947
Germany Tel mobil: +33-6-61925193 (France)

USt-ID: DE 278 049 239

Linux-User #280138 with the Linux Counter, http://counter.li.org/
 
Old 08-11-2012, 05:27 AM
Andy Smith
 
Default IPv6 config... grmpf!

Hi Michelle,

On Sat, Aug 11, 2012 at 12:30:56AM +0200, Michelle Konzack wrote:
> Am 2012-08-10 21:54:49, hacktest Du folgendes herunter:
> > Hi Michelle,
> > > "no route to host"
> > A traceroute6 or mtr output from you would be useful at this point.
>
> I know, but it seems, I have problems in my network with IPv6.

I honestly don't know how you expect anyone to help you debug why
you receive "no route to host" when you provide no debug
information. All we can agree is that yes, you have problems in your
network.

> > > Are the ports 993/587
> > No.
>
> This should now work... There where three
> additional setings which I have overseen. :-/

Yes, they seem to be open now.

Cheers,
Andy
 
Old 08-11-2012, 02:41 PM
Povl Ole Haarlev Olsen
 
Default IPv6 config... grmpf!

On Sat, 11 Aug 2012, Michelle Konzack wrote:

Am 2012-08-10 21:54:49, hacktest Du folgendes herunter:

"no route to host"

A traceroute6 or mtr output from you would be useful at this point.

I know, but it seems, I have problems in my network with IPv6.


You could try a traceroute6 from your server to ipv6.google.com or you
could use Hurricane Electric's Looking Glass at http://lg.he.net/ to do a
traceroute from one of their routers to your server.


Unfortunately that looking glass service doesn't provide a way to test if
a port on your server is open or not, but the ping and traceroute tests
are a good starting point.


If anyone knows a good looking glass service with a port test, I would
like to know. Thanks in advance...


--
Povl Ole


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/alpine.DEB.2.00.1208111635380.31523@noget.stderr.d k.localdomain
 
Old 08-11-2012, 04:59 PM
Michelle Konzack
 
Default IPv6 config... grmpf!

Hello Povl Ole Haarlev Olsen,

Am 2012-08-11 16:41:16, hacktest Du folgendes herunter:
> You could try a traceroute6 from your server to ipv6.google.com or
> you could use Hurricane Electric's Looking Glass at
> http://lg.he.net/ to do a traceroute from one of their routers to
> your server.

My first Server <mail.tamay-dogan.net> seems to work now with IPv6
properly. Unfortunately, the second Server <dns1.tamay-dogan.net>
currently not. I hope I can resolv this problem this weekend.

However, while I use for the Server the IPv6 from

<2a01:4f8:d12:1300:::0:0> to <2a01:4f8:d12:1300:::0:ffff>

I have configured my <intranet1.tamay-dogan.net> subnet to use

<2a01:4f8:d12:1300:::1:0> to <2a01:4f8:d12:1300:::1:ffff>

but I can not establish connections between my my workstations and
servers:

--[ '/etc/bind/masters/net/tamay-dogan/net.tanmay-dogan.intranet1' ]--
@ 3600 IN SOA dns1.tamay-dogan.net. hostmaster.tamay-dogan.net. ( 1344640689 14400 3600 604800 86400 )

NS dns1.tamay-dogan.net.
NS dns2.tamay-dogan.net.
NS dns3.tamay-dogan.net.
NS dns.intranet1.tamay-dogan.net.

MX 10 samba.intranet1.tamay-dogan.net.

intranet1.tamay-dogan.net. TXT "v=spf1 a mx ~all"

www.intranet1.tamay-dogan.net. IN CNAME vserver09.tamay-dogan.net.

router.intranet1.tamay-dogan.net. IN A 192.168.0.1
router.intranet1.tamay-dogan.net. IN AAAA 2a01:04f8:0d12:1300:0000:0000:0001:0001
easybox-o2.intranet1.tamay-dogan.net. IN A 192.168.0.2
easybox-ortel.intranet1.tamay-dogan.net. IN A 192.168.0.3
easybox-bouygues.intranet1.tamay-dogan.net. IN A 192.168.0.4

dns.intranet1.tamay-dogan.net. IN A 192.168.0.11
dns.intranet1.tamay-dogan.net. IN AAAA 2a01:04f8:0d12:1300:0000:0000:0001:0011
samba.intranet1.tamay-dogan.net. IN A 192.168.0.12
samba.intranet1.tamay-dogan.net. IN AAAA 2a01:04f8:0d12:1300:0000:0000:0001:0012
work1.intranet1.tamay-dogan.net. IN A 192.168.0.13
work1.intranet1.tamay-dogan.net. IN AAAA 2a01:04f8:0d12:1300:0000:0000:0001:0013
backup.intranet1.tamay-dogan.net. IN A 192.168.0.14
backup.intranet1.tamay-dogan.net. IN AAAA 2a01:04f8:0d12:1300:0000:0000:0001:0014
admin.intranet1.tamay-dogan.net. IN A 192.168.0.15
admin.intranet1.tamay-dogan.net. IN AAAA 2a01:04f8:0d12:1300:0000:0000:0001:0015
asterisk.intranet1.tamay-dogan.net. IN A 192.168.0.16
asterisk.intranet1.tamay-dogan.net. IN AAAA 2a01:04f8:0d12:1300:0000:0000:0001:0016
pgsql.intranet1.tamay-dogan.net. IN A 192.168.0.18
pgsql.intranet1.tamay-dogan.net. IN AAAA 2a01:04f8:0d12:1300:0000:0000:0001:0018
work2.intranet1.tamay-dogan.net. IN A 192.168.0.19
work2.intranet1.tamay-dogan.net. IN AAAA 2a01:04f8:0d12:1300:0000:0000:0001:0019

onlinestore.intranet1.tamay-dogan.net. IN A 192.168.0.20
onlinestore.intranet1.tamay-dogan.net. IN AAAA 2a01:04f8:0d12:1300:0000:0000:0001:0020

cups.intranet1.tamay-dogan.net. IN A 192.168.0.50
cups.intranet1.tamay-dogan.net. IN AAAA 2a01:04f8:0d12:1300:0000:0000:0001:0050
fs3700.intranet1.tamay-dogan.net. IN A 192.168.0.51
fs3700.intranet1.tamay-dogan.net. IN AAAA 2a01:04f8:0d12:1300:0000:0000:0001:0051
fs1030d.intranet1.tamay-dogan.net. IN A 192.168.0.52
fs1030d.intranet1.tamay-dogan.net. IN AAAA 2a01:04f8:0d12:1300:0000:0000:0001:0052

$include /etc/bind/master/net/tamay-dogan/Kintranet1.tamay-dogan.net.+005+55290.key
$include /etc/bind/master/net/tamay-dogan/Kintranet1.tamay-dogan.net.+005+40822.key
------------------------------------------------------------------------

Is there something missing?

On my Workstation it looks like:

--[ '/etc/network/interfaces' ]-----------------------------------------
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
address 192.168.0.13
netmask 255.255.255.0
network 192.168.0.0
broadcast 192.168.0.255
gateway 192.168.0.1
dns-nameservers 192.168.0.11
dns-search intranet1.tamay-dogan.net

iface eth0 inet6 static
address 2a01:04f8:0d12:1300:0000:0000:0001:0013
netmask 64
gateway 2a01:04f8:0d12:1300:0000:0000:0000:0001
dns-nameservers 2a01:04f8:0d12:1300:0000:0000:0001:0011
dns-search intranet1.tamay-dogan.net
up ip -6 route add 2a01:04f8:0d12:1300:0000:0000:0000:0001 dev eth0
down ip -6 route del 2a01:04f8:0d12:1300:0000:0000:0000:0001 dev eth0
up ip -6 route add default 2a01:04f8:0d12:1300:0000:0000:0000:0001 dev eth0
down ip -6 route del default 2a01:04f8:0d12:1300:0000:0000:0000:0001 dev eth0
------------------------------------------------------------------------

Same on the <dns1>, <samba> and <cups> server and <work2> workstation
and of course, with there own rigth IPs.

If I get my local network running with IPv6, I will continue to setup
the VPN between the <mail> server which then will be act like an IPv6
Broker and as Gateway...

> Unfortunately that looking glass service doesn't provide a way to
> test if a port on your server is open or not, but the ping and
> traceroute tests are a good starting point.
>
> If anyone knows a good looking glass service with a port test, I
> would like to know. Thanks in advance...

You are not alone.

I have some problems with "nmap" and IPv6. Do I need special options to
check an IPv6?

Thanks, Greetings and nice Day/Evening
Michelle Konzack

--
##################### Debian GNU/Linux Consultant ######################
Development of Intranet and Embedded Systems with Debian GNU/Linux
Internet Service Provider, Cloud Computing
<http://www.itsystems.tamay-dogan.net/>
<http://www.debian.tamay-dogan.net/>

itsystems@tdnet Jabber linux4michelle@jabber.ccc.de
Owner Michelle Konzack

Gewerbe Strasse 3 Tel office: +49-176-86004575
77694 Kehl Tel mobil: +49-177-9351947
Germany Tel mobil: +33-6-61925193 (France)

USt-ID: DE 278 049 239

Linux-User #280138 with the Linux Counter, http://counter.li.org/
 

Thread Tools




All times are GMT. The time now is 09:49 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org