How can I setup OpenVPN with IPv4 and IPv6 using a tap device?
Posted
by
Lekensteyn
on Server Fault
See other posts from Server Fault
or by Lekensteyn
Published on 2011-02-20T14:14:47Z
Indexed on
2011/02/21
23:26 UTC
Read the original article
Hit count: 254
I've managed to setup OpenVPN for full IPv4 connectivity using tap0. Now I want to do the same for IPv6.
Addresses and network setup (note that my real prefix is replaced by 2001:db8):
2001:db8::100:0:0/96 my assigned IPv6 range
2001:db8::100:abc:0/112 OpenVPN IPv6 range
2001:db8::100:abc:1 tap0 (on server) (set as gateway on client)
2001:db8::100:abc:2 tap0 (on client)
2001:db8::1:2:3:4 gateway for server
Home laptop (tap0: 2001:db8::100:abc:2/112 gateway 2001:db8::100:abc:1/112)
| | | (running Kubuntu 10.10; OpenVPN 2.1.0-3ubuntu1)
| wifi | |
router |
| OpenVPN
INTERNET |
eth0 | /tap0
VPS (eth0:2001:db8::1:2:3:4/64 gateway 2001:db8::1)
(tap0: 2001:db8::100:abc:1/112)
(running Debian 6; OpenVPN 2.1.3-2)
The server has both native IPv4 and IPv6 connectivity, the client has only IPv4.
I can ping6 to and from my server over OpenVPN, but not to other machines (for example, ipv6.google.com
).
net.ipv6.conf.all.forwarding
is set to 1
, I've tried disabling net.ipv6.conf.all.accept_ra
as well, without luck.
Using tcpdump
on both the server and client, I can see that packets are actually transferred over tap0 to eth0. The router (2001:db8::1) send a neighbor solicitation for the client (2001:db8::100:abc:2) to eth0 after it receives the ICMP6 echo-request. The server does not respond to that solicitation, which causes the ICMP6 echo-request not be routed to the destination.
How can I make this IPv6 connection work?
© Server Fault or respective owner