From sgoldste@nsf.gov Mon Feb 1 02:59:45 1999 From: sgoldste@nsf.gov (Steve Goldstein) Date: Sun, 31 Jan 1999 21:59:45 -0500 Subject: pTLA request by CHTTL-TW - comments by 8 Feb 99 please Message-ID: Bob, You wrote: > 6Bone Folk, > > CHTTL-TW, the ChungHwa Telecom. Co or Taiwan, is applying for a pTLA. > Please send any comments on this to either me or the list by 8 February 1999. CHTTL is the Telecommunication Laboratory of ChungHwa Telecom (Taiwan). The Laboratory is one of the members of Taiwan's brand new National BroadBand Experimental Network Project (NBEN). NBEN was initiated by National Science Council, Taiwan's counterpart to NSF. Taiwan has connected its advanced academic network, TAnet2, to the STAR TAP at 15 Mbps. They also connect in California (TAnet) at 30 Mbps, the remainder of the T3 from Taiwan. TAnet and ChungWha Telecom cooperate in NBEN. NSF applauds their desire to participate in IPv6 development and diffusion. NSF would be happy to have then make their 6Bone connection via STAR TAP, but we are neutral to the choice of STAR TAP or California. If you need more information about CHTTL, please contact: Kuo Wu Deputy Director National Center for High-Performance Computing National Science Council kwu@nchc.gov.tw (Kuo-Wei Wu ) Thanks, Steve Goldstein ...................................................................... ....................... Steven N. Goldstein, Ph.D. Program Director, International Networking Coordination Div. of Advanced Networking Infrastructure and Research National Science Foundation 4201 Wilson Boulevard, Room 1175 Arlington, VA 22230 USA Tel: +1-703-306-1949 (Extension 1119) FAX: +1-703-306-0621 sgoldste@NSF.GOV http://www.cise.nsf.gov/anir/Stevehome.html ...................................................................... ....................... From cmetz@inner.net Thu Feb 4 19:28:27 1999 From: cmetz@inner.net (Craig Metz) Date: Thu, 04 Feb 1999 14:28:27 -0500 Subject: Announcing NRL IPv6+IPsec alpha 7.1 Message-ID: <199902041917.TAA20611@inner.net> [My apologies if you see this multiple times; we support four BSDs and Linux now, and all these camps are known for tending to stay separate, even though many hard-core hackers pay attention to some subset of them] After a year of development, the latest release of the NRL IPv6+IPsec software is now available to the public. As the name suggests, this software is an implementation of IP Version 6 and IP Security (separately and together). This version supports: BSD/OS 4.0 on x86 (supplements our code previously merged into 4.0) OpenBSD 2.3 and 2.4 on x86 and sparc (a more integrated version of this release is now in OpenBSD's CVS tree; you need userland from this kit) NetBSD 1.3.2 and 1.3.3 on x86 and sparc FreeBSD 3.0 on x86 Linux 2.1 on x86 (for PF_KEY only) This release adds a lot of ports, updates the code to conform to newer versions of many specs (which effectively meant rewriting portions of the code), and includes a lot of general cleanups and improvements. More information and code can be found through http://www.ipv6.nrl.navy.mil. -Craig From labovit@merit.edu Thu Feb 4 21:10:11 1999 From: labovit@merit.edu (Craig Labovitz) Date: Thu, 04 Feb 1999 16:10:11 -0500 Subject: New IPv6 Routing Daemon Release (MRT-1.5.2) Message-ID: <199902042110.QAA21527@merit.edu> A new version of the MRTd IPv6 routing daemon/toolkit is now available. MRTd-1.5.2A includes support for BGP4/BGP4+/RIP/RIPNG (and initial/limited OSPF support). This version runs and has been tested on most Unix/IPv6 systems. The 1.5.2A release is stable and currently serves as the "production" routing daemon for a number of 6Bone PTLAs. The MRTd source and binaries are freely available and may be redistributed. See http://www.mrtd.net for more information. - Craig -- Craig Labovitz labovit@merit.edu Merit Network, Inc. http://www.merit.edu/~labovit 4251 Plymouth Road, Suite C. (734) 764-0252 (office) Ann Arbor, MI 48105-2785 (734) 647-3185 (fax) From ferran.foz@technologist.com Fri Feb 5 15:02:43 1999 From: ferran.foz@technologist.com (Ferran Foz) Date: Fri, 05 Feb 1999 16:02:43 +0100 Subject: Sorry, I'm having problems with mail Message-ID: <36BB0813.9B8B35FF@technologist.com> Sorry, I'm having problems with mail. If you wanted to send me a e-mail please send to ferran.foz@technologist.com Thank you! --- Perdon, estoy teniendo problemas con el correo. Si trata de enviarme un mensaje por favor, envielo a ferran.foz@technologist.com. Gracias. -- Ferran Foz i Pedemonte ICQ# 22653887 mailto:ferran.foz@technologist.com http://members.xoom.com/ferran_foz Barcelona, Catalonia, Europe, The World, ... From tesi_tlc@ing240.unife.it Fri Feb 5 16:50:38 1999 From: tesi_tlc@ing240.unife.it (Tesi TLC (G. MazzinI)) Date: Fri, 5 Feb 1999 17:50:38 +0100 (MET) Subject: inet6-apps0.34 Message-ID: Hello ! We are two students of Italian University We use linux RedHat 5.2 kernel 2.1.126 with modutils 2.1.121. We would to install ipv6 on our linux machine. We are using the Bieriger's HOWTO ! We compiled inet6-apps0.34 without problems (in apparence) with glibc2.0.7 (we haven't shadow password )! Than we used Bieringer's utility links6 for create links ! We get no errors (when we compile) but if we do: inetd (we have kill old inetd) the demon does't start ! The file /var/log/messages write : inetd [4453]:net_security_strtorequest (/usr/sbin/ftpd) We configured file /etc/inetd.conf in this way : ftp stream tcp nowait root /usr/sbin/in.ftp in.ftpd -l finger stream tcp nowait nobody /usr/sbin/fingerd in.fingerd Anyone knows this problem ? Thanks Luca & Giancarlo From vchipitsyn@picard.cs.ohiou.edu Mon Feb 8 02:55:32 1999 From: vchipitsyn@picard.cs.ohiou.edu (Vitaly Chipitsyn) Date: Sun, 7 Feb 1999 21:55:32 -0500 (EST) Subject: Cisco IOS? Message-ID: <14014.20624.548090.340680@thrawn.cs.ohiou.edu> Hello, everyone! We are in process of connecting Ohio University to the 6bone. We plan to use Cisco 2500 series router as an IPv6 connection point, but don't have the IOS that supports IPv6. Could anyone help us with this? Thank you. --vc From bmanning@ISI.EDU Mon Feb 8 05:46:42 1999 From: bmanning@ISI.EDU (Bill Manning) Date: Sun, 7 Feb 1999 21:46:42 -0800 (PST) Subject: Cisco IOS? In-Reply-To: <14014.20624.548090.340680@thrawn.cs.ohiou.edu> from "Vitaly Chipitsyn" at Feb 7, 99 09:55:32 pm Message-ID: <199902080546.VAA25003@zephyr.isi.edu> > > Hello, everyone! > > We are in process of connecting Ohio University to the 6bone. > We plan to use Cisco 2500 series router as an IPv6 connection point, > but don't have the IOS that supports IPv6. Could anyone help us with > this? > > Thank you. > --vc The general answer is to talk w/ your account reps. --bill From cnguyen@triton-network.com Mon Feb 8 15:04:28 1999 From: cnguyen@triton-network.com (Cung Nguyen) Date: Mon, 8 Feb 1999 10:04:28 -0500 Subject: trying to join 6bone Message-ID: <60731098BE78D211B37700A0C9899A80151350@triton.triton-network.com> What is the process to join 6Bone? is there a site someplace I can look this information up? Thanks ===================== Cung Nguyen Triton Network Systems Inc. 407.903.2052 or cnguyen@triton-network.com > -----Original Message----- > From: Magnus Ahltorp [SMTP:map@stacken.kth.se] > Sent: Sunday, January 31, 1999 2:49 PM > To: Ziya Suzen > Cc: 6bone > Subject: Re: trying to join 6bone > > > I work for an ISP in Northern Cyprus and i would like to join the > 6bone > > eventualy. I have read the "how to join 6bone" page on the site and > i > > foun out i need atleast two machines one router and one host. I was > > wondering if two Linux boxes could do. One as a host and one as a > > router. > > I use a Sparc 10 with Linux as a router, and it works fine. > > /Magnus > map@stacken.kth.se From fink@es.net Mon Feb 8 16:42:02 1999 From: fink@es.net (Bob Fink) Date: Mon, 08 Feb 1999 08:42:02 -0800 Subject: trying to join 6bone In-Reply-To: <60731098BE78D211B37700A0C9899A80151350@triton.triton-netwo rk.com> Message-ID: <4.1.19990208083955.00a40e40@imap2.es.net> At 10:04 AM 2/8/99 -0500, Cung Nguyen wrote: >What is the process to join 6Bone? is there a site someplace I can look >this information up? Thanks There is plenty of info on the web pages, including a Joining the 6bone document. After you have read all this, please contact me directly if you more questions to ask. Thanks, Bob From fink@es.net Mon Feb 8 20:03:38 1999 From: fink@es.net (Bob Fink) Date: Mon, 08 Feb 1999 12:03:38 -0800 Subject: Cisco IOS? In-Reply-To: <14014.20624.548090.340680@thrawn.cs.ohiou.edu> Message-ID: <4.1.19990208120221.009847f0@imap2.es.net> Vitaly, At 09:55 PM 2/7/99 -0500, Vitaly Chipitsyn wrote: >Hello, everyone! > >We are in process of connecting Ohio University to the 6bone. >We plan to use Cisco 2500 series router as an IPv6 connection point, >but don't have the IOS that supports IPv6. Could anyone help us with >this? The Cisco IPv6 IOS code is available to registered CCO users at: Now that I know this URL I will put ptrs on our various pages. Thanks, Bob From fink@es.net Mon Feb 8 20:36:39 1999 From: fink@es.net (Bob Fink) Date: Mon, 08 Feb 1999 12:36:39 -0800 Subject: A new page of implementations started Message-ID: <4.1.19990208122220.00b158c0@imap2.es.net> Various IPv6 (non-IETF business) lists: As I have finally found out how Cisco users (CCO in their parlance :-) can get their Beta code fairly automatically, I have made a new page for implemenations sourced on 6bone.net for now. Cisco's retrieval looks real easy to use. Yes, I'm a Cisco customer, so have a cco account. Unfortunately, this page only has Cisco on it so far, so I think it appropriate to get pointers to all implementations quickly. I have also pointed on the IPng Implementations page as well. Then the deploy list can add a pointer to it (or take it over if they want). The 6ren home page has the new pointer on it as well. So, if implementors want to send me a url with a description line I'll put them up. Thanks, Bob From ace@datafax.no Mon Feb 8 21:56:58 1999 From: ace@datafax.no (=?iso-8859-1?Q?Asbj=F8rn_Sannes?=) Date: Mon, 8 Feb 1999 21:56:58 -0000 Subject: Linux/compiling Message-ID: <002301be53ad$f3bab620$010a0a0a@ace.sannes.org> Hi! I have been quite unlucky when trying to compile any ipv6 application/tool. I have downloaded several of ipv6 applications to try, and I copied this from a config.log file that said my system didn't support ipv6: [output:] checking for IPv6 kernel support... no [config.log] configure:1876: checking for IPv6 kernel support configure:1898: gcc -o conftest -O2 -g -O2 -Wall -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -DFUNCPROT O -I../../include -I/usr/local/i configure:1889: warning: return-type defaults to `int' /usr/local/lib/libc.so.6: undefined reference to `_dl_object_relocation_scope' /usr/local/lib/libc.so.6: undefined reference to `_dl_global_scope_end' /usr/local/lib/libc.so.6: undefined reference to `_dl_default_scope' configure: failed program was: #line 1884 "configure" #include "confdefs.h" /* AF_INET6 avalable check */ #include #include main() { if (socket(AF_INET6, SOCK_STREAM, 0) < 0) exit(1); else exit(0); } This is my settings: RedHat 5.1 with: kernel 2.2.1 with all the settings the FAQ describes. bind-8.1.2 glibc-2.0.111-0.990127.i386.rpm glibc-debug-2.0.111-0.990127.i386.rpm glibc-devel-2.0.111-0.990127.i386.rpm (tried several more ver. of glibc to see if it works) Sorry for that paste, but I have been stuck for quite awhile! -- ace From tesi_tlc@ing240.unife.it Tue Feb 9 09:51:54 1999 From: tesi_tlc@ing240.unife.it (Tesi TLC (G. MazzinI)) Date: Tue, 9 Feb 1999 10:51:54 +0100 (MET) Subject: telnet.95.10.23..... Message-ID: Hello ! We are two students of Italian University We use linux RedHat 5.2 kernel 2.1.126 with modutils 2.1.121. We would to install ipv6 on our linux machine. We are using the Bieriger's HOWTO ! We compiled inet6-apps0.34 without problems (in apparence) with glibc2.0.7 (we haven't shadow password )! Than we used Bieringer's utility links6 for create links ! We have some problems to compile telnet.95.10.23.NE+ipv6.... When we compile we have the following error : make[3]:Entering directory '/usr/src/telnet.95.10.23.NE/telnet' cc -g -DDBUG=1 ............ ..................... commands.c: In function 'tn' : commands.c:2196: 'control_request' undeclared (first use this function) commands.c:2196: (Each undeclared identifier is reported only once commands.c:2196: for each function it appears in.) commands.c:2196: 'control_requestlen' undeclared (first use this function) make[3]: *** [commands.o] Error 1 make[3]: Leaving directory '/usr/src/telnet.95.10.23.NE/telnet' make[2]: *** [linux] Error 2 make[2]: Leaving directory '/usr/src/telnet.95.10.23.NE/telnet' make[1]: [linux] Error 2 (ignored) make[1]: Leaving directory '/usr/src/telnet.95.10.23.NE/telnet' cd telnetd; make XCFLAGS=............................ .................. We have problem to compile telnet but we haven't problems to compile telnetd ! Does anyone knows this problem ? Thanks Luca & Giancarlo From rzm@icm.edu.pl Tue Feb 9 16:54:30 1999 From: rzm@icm.edu.pl (Rafal Maszkowski) Date: Tue, 9 Feb 1999 17:54:30 +0100 Subject: telnet.95.10.23..... In-Reply-To: ; from Tesi TLC (G. MazzinI) on Tue, Feb 09, 1999 at 10:51:54AM +0100 References: Message-ID: <19990209175429.C25146@icm.edu.pl> On Tue, Feb 09, 1999 at 10:51:54AM +0100, Tesi TLC (G. MazzinI) wrote: > We are two students of Italian University > We use linux RedHat 5.2 kernel 2.1.126 with modutils 2.1.121. > We have some problems to compile telnet.95.10.23.NE+ipv6.... > When we compile we have the following error : > commands.c:2196: 'control_request' undeclared (first use this function) I workarounded this problem by switching off NETSEC define, see ftp://sunsite.icm.edu.pl/private/rzm/ipv6/inet6-apps-0.34+.diff There some other patches there too. R. From tesi_tlc@ing240.unife.it Tue Feb 9 17:43:29 1999 From: tesi_tlc@ing240.unife.it (Tesi TLC (G. MazzinI)) Date: Tue, 9 Feb 1999 18:43:29 +0100 (MET) Subject: ipv6 kernel panic Message-ID: Hello ! We are two students of Italian University ! We work with 2 pc (named : ing209 and ing216) over ATM network (IBM 8285 switch and turboways 25 pci card) with LAN emulation ! We use linux RedHat 5.2 kernel 2.1.126 with modutils 2.1.121 and glibc2.0.7. We would to install ipv6 on our linux machines. We are using the Bieriger's HOWTO ! On ing209 and ing216 we compiled inet6-apps0.34 and telnet.95.10.23.NE+ipv6-3 without problems (in apparence) On ing209 we installed net-tools1.50 (with glibc2.0.7) On ing216 we installed net-tools1.49 (with glibc2.1.111 rpm) and we configutated interface (in ing216) in this way : lec0 Link encap:Ethernet HWaddr 00:04:ac:6c:e8:5c inet addr:xxx.xxx.xxx.216 Bcast:xxx.xxx.xxx.255 Mask:255.255.255.0 inet6 addr: fe80::204:acff:fe6c:e85c/10 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets ............... TX packets ............ collision.............. lo Link encap:Local Loopback inet addr:127.000.000.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:3924 METRIC:1 RX packets................. TX packets................. collision ............. When we do (from ing216 to ing216) : ping fe80::204:acff:fe6c:e85c we haven't problem ! When we do (from ing209 to ing216) : ping fe80::204:acff:fe6c:e85c ing216 goes in kernel panic :-(((( ! Does anyone knows this problem ? It happens because we work over ATM LAN emulation or other ? Thanks Luca & Giancarlo From tim.larder@virgin.net Tue Feb 9 19:09:37 1999 From: tim.larder@virgin.net (Tim Larder) Date: Tue, 9 Feb 1999 19:09:37 -0000 Subject: Transition Message-ID: <008301be545f$be09eb60$227ca8c2@tsys2> Hi, I have been reading through the relevent RFCs on migration and deployment methods for IPv6. I was wondering in the future when IPv4 addresses have completely run out, how will it be possible for a small organisation only using IPv6 (because they are unable to be assigned any IPv4 addresses) to communicate with IPv4 only nodes. Also, why should IPv6 over IPv4 tunneling be used as opposed to using dual stack nodes, using IPv4 when packets are required to be sent through IPv4 routers or networks ? Is tunneling used to maintain functionality of IPv6 packets when they reach the end node ? Thanks Tim From pcurran@ticl.co.uk Wed Feb 10 19:50:53 1999 From: pcurran@ticl.co.uk (Peter Curran) Date: Wed, 10 Feb 1999 19:50:53 +0000 Subject: Transition In-Reply-To: <008301be545f$be09eb60$227ca8c2@tsys2> Message-ID: <199902101936.TAA01619@gate.ticl.co.uk> Tim Hope I can answer a couple of your questions (they are good ones, by the way :-) >I have been reading through the relevent RFCs on migration and deployment >methods for IPv6. I was wondering in the future when IPv4 addresses have >completely run out, how will it be possible for a small organisation only >using IPv6 (because they are unable to be assigned any IPv4 addresses) to >communicate with IPv4 only nodes. Good question! The simple answer is that you will not be able to talk to v4 nodes without at least one v4 address. There are a number of translation strategies around that will work with a single v4 address for most common requirements: NAT-PT Socks Application Layer Gateways Suggest you browse the ngtrans section of the i-d directory at ietf.org for details on some of these. >Also, why should IPv6 over IPv4 tunneling be used as opposed to using dual >stack nodes, using IPv4 when packets are required to be sent through IPv4 >routers or networks ? Is tunneling used to maintain functionality of IPv6 >packets when they reach the end node ? You question above answers this, to a degree. To use dual-stack across the board implies that all hosts have to have a v4 and a v6 address. The purpose of the tunneling is largely to provide connectivity between islands of v6 across the v4 internet (the 6bone being an excellent example of this). As addresses become scarser, the simplistic dual-stack approach will simply not scale. Some sort of translation device that can service multiple v6 users from a small number of v4 addresses will be essential. A lot of work is going on in this area, and there are now a number of different internet drafts out suggesting different approaches. Many of these overlap in terms of function and operation. The NGTRANS WG agreed, last week, in Grenoble to try and come up with some sort of roadmap to identify the way these mechanisms can be deployed and what circumstances are appropriate for the use of each mechanism.....hopefully a reasonably comprehensive set of guidance will be forthcoming soon. Hope this helps. Cheers Peter ============================================================== Peter Curran pcurran@ticl.co.uk http://www.ticl.co.uk Consultant and Author PGP key available from http://wwwkeys.uk.pgp.net:11371 or ldap://certserver.pgp.com PubKey Fingerprint = 5F94 D9A9 45EC 40A7 FB24 18BE 9C2E 74D6 E051 7F1F =============================================================== From fink@es.net Thu Feb 11 00:44:55 1999 From: fink@es.net (Bob Fink) Date: Wed, 10 Feb 1999 16:44:55 -0800 Subject: new 6bone pTLA 3FFE:3600::/24 assigned to CHTTL-TW Message-ID: <4.1.19990210163958.00b76510@imap2.es.net> 6bone Folk, I'm pleased to announce the assignment of pTLA 3FFE:3600::/24 to CHTTL-TW, the Chunghwa Telecommunication Company Telecommunication Laboratories of Taiwan. Please assist them in setting up their backbone peerings, etc. Thanks, Bob From ipv6@gmx.de Thu Feb 11 15:13:22 1999 From: ipv6@gmx.de (Projekt Ipv6) Date: Thu, 11 Feb 1999 15:13:22 +0000 Subject: Installation of Bind-8.1.2 Message-ID: <36C2F391.C7E4B44B@gmx.de> Hello ! We are two german students and work on a projekt about IPv6. We use S.U.S.E Linux 6.0, Kernel 2.1.131 and gcc Ver.2.7.2.3-5 without modutils.We are using the Bieriger's HOWTO and got now a problem installing Bind-8.1.2 with the following error message: make[2]: Entering directory `/usr/src/bind-8.1.2/bin/addr' gcc -O -g -o addr addr.o \ ../../lib/libbind.a -lfl /usr/i486-linux/bin/ld: cannot open -lfl: No such file or directory make[2]: *** [addr] Error 1 make[2]: Leaving directory `/usr/src/bind-8.1.2/bin/addr' make[1]: *** [addr] Error 2 make[1]: Leaving directory `/usr/src/bind-8.1.2/bin' make: *** [all] Error 2 It seems like that gcc doesn´t know the option -lfl Thanks Detlef Bruns Dietmar Saathoff From peterdd@gto.net.om Thu Feb 11 14:26:40 1999 From: peterdd@gto.net.om (Peter Dawson) Date: Thu, 11 Feb 1999 18:26:40 +0400 Subject: (ngtrans) V6 Deployment Work and Mail List Activity References: <199902101540.KAA0000005537@wasted.zk3.dec.com> Message-ID: <36C2E89F.B2BACD05@gto.net.om> Jim , Perry I'm a little confused ....clarifications requested. Jim Bound wrote: > To request being on the IPv6 deployment workers list send mail > to > deployment@ipv6.org. Somone will respond to you. > Perry wrote : > The mailing list, users@ipv6.org, may be subscribed to by > sending mail > to majordomo@ipv6.org with the words "subscribe users" in the > body of > the message. > DO I read two seperate lists here : deployment@ipv6.org andusers@ipv6.org ?? are there two different lists here, if so whats the difference ?? /pete ps. I subscribed to users.. should I also subcribe to deployment ?? From rrockell@sprint.net Thu Feb 11 15:18:54 1999 From: rrockell@sprint.net (Robert Rockell) Date: Thu, 11 Feb 1999 10:18:54 -0500 (EST) Subject: IPv6 Multihoming Message-ID: Is there any concentrated effort going on at present to tackle the multi-homing problem wiht IPv6, with respect to it's collision with routing policies (i.e. you dual-assign, or you announce de-aggregates; the former breaks TCP, the latter breaks routing tables)? Thanks Rob Rockell Sprintlink Internet Service Center Operations Engineering 703-689-6322 1-800-724-3329, PIN 385-8833 Ines|e gnyne qh vagr bz s|e Ino ngg una {e hgr bpu plxyne? From Francis.Dupont@inria.fr Thu Feb 11 16:29:39 1999 From: Francis.Dupont@inria.fr (Francis Dupont) Date: Thu, 11 Feb 1999 17:29:39 +0100 Subject: IPv6 Multihoming In-Reply-To: Your message of Thu, 11 Feb 1999 10:18:54 EST. Message-ID: <199902111629.RAA26601@givry.inria.fr> In your previous mail you wrote: Is there any concentrated effort going on at present to tackle the multi-homing problem wiht IPv6, with respect to it's collision with routing policies (i.e. you dual-assign, or you announce de-aggregates; the former breaks TCP, the latter breaks routing tables)? => there are many works about multi-homing, both for multi-homed nodes (interface selection, shared link detection, route optimization, ...) and multi-homed sites (aggregation, routing policies, source address selection, ...) but in (expired or unpublished) Internet drafts. The current idea is to dual assign because aggregation is more than important but this doesn't solve everything (as you believe :-). Regards Francis.Dupont@inria.fr From ace@datafax.no Thu Feb 11 17:56:30 1999 From: ace@datafax.no (=?iso-8859-1?Q?Asbj=F8rn_Sannes?=) Date: Thu, 11 Feb 1999 17:56:30 -0000 Subject: Using a tunnel/Linux Message-ID: <001501be55e7$db15d500$010a0a0a@ace.sannes.org> Hi! I got so much respons (which helped me out quite a lot of trouble, thanks!) here last time I asked a question so.. here is another one : I've got a tunnel to my Linux box, I just can't get it working.. This the info I got : Tunnel end (their side) : 195.159.0.16 IPv6 address I should use on my IPv6 tunnel interface: 3ffe:1108:403:7005::2/64 I looked around and tought this script would start it up correctly: # Your IPv6 prefix PREFIX=3FFE:1108:403:7005 # The host-part of the IPv6 address for this machine ADDRESS=2 # The IPv4 address of the far side of your tunnel TUNNEL=195.159.0.16 echo 0 > /proc/sys/net/ipv6/conf/all/autoconf echo 0 > /proc/sys/net/ipv6/conf/all/accept_ra echo 0 > /proc/sys/net/ipv6/conf/all/accept_redirects echo 1 > /proc/sys/net/ipv6/conf/all/forwarding echo 0 > /proc/sys/net/ipv6/conf/all/router_solicitations ifconfig eth0 add $PREFIX::$ADDRESS/64 route -A inet6 add $PREFIX::0/64 dev eth0 ifconfig sit0 up tunnel ::$TUNNEL ifconfig sit1 up route -A inet6 add 3ffe::0/15 gw fe80::$TUNNEL dev sit1 -- I would appricate it if someone told me what was wrong with it, since I am quite unexperienced with this. Greetings Asbjørn Sannes ace @ Efnet BTW: Thanks for all the respons on my last question, it worked out great! :) From ace@datafax.no Thu Feb 11 22:33:50 1999 From: ace@datafax.no (=?iso-8859-1?Q?Asbj=F8rn_Sannes?=) Date: Thu, 11 Feb 1999 22:33:50 -0000 Subject: Using a tunnel/Linux Message-ID: <002801be560e$99557cc0$010a0a0a@ace.sannes.org> >Which side of the tunnel won't work? Can you dump IPv6-in-IPv4-packages >with tcpdump on both hosts? >Try to ping the hosts each other and look for packages. Perhaps it's a >one-way-problem. Hmm.. it suddently works.. not knowing why or what I did, I leave it to that.. thank you very much.. :) .. that's accually pretty strange because I have been testing for hours.. and now the settings I said works.. Ping me if you like, : 3ffe:1108:403:7005::2 -- ace From jelrassi@home.com Thu Feb 11 22:06:51 1999 From: jelrassi@home.com (John El-Rassi) Date: Thu, 11 Feb 1999 17:06:51 -0500 Subject: need help in compiling inet6-apps0.35 Message-ID: <36C3547A.CA661D7D@home.com> Hi there I am trying to compile the inet6-apps-0.35 with no success (as we earlier versions i've tried 0.30 and 0.34 no luck) however net-tools -1.50 with ipv6 support compiled almost seamlessly. I'm using a Linux box Stampede Distro. with kernel 2.2.1 and glibc-2.1 (not a pre release but the recently released one) i've tried all the patches with different setups, as described in the howto at www.bieringer.de to no avail. sorry to include all the output of make but i thought it might be a clue into what i'm doing wrong or not doing .. the GNUmakefile.config has the following: OS=Linux LIBCAPI=1 LIBRESOLV= RESOLVINC= LIBCRYPT= (there's more but i thought this is all that is of importance? !) let me know. thanks and sorry for all the garbage. :) don't read beyond this point as it's only how i envoked make clean then make and it's output which i thought might clue someone to my erros then i do a make clean. then a make which prints out the following: bash-2.02# make make[1]: Entering directory `/usr/src/inet6-apps-0.35/lib' cc -I../include -I. -DINET6=1 -DFASTCTO=10 -c addrcmp.c cc -I../include -I. -DINET6=1 -DFASTCTO=10 -c misc.c cc -I../include -I. -DINET6=1 -DFASTCTO=10 -c connect.c a - addrcmp.o a - misc.o a - connect.o make[1]: Leaving directory `/usr/src/inet6-apps-0.35/lib' make[1]: Entering directory `/usr/src/inet6-apps-0.35/etc' make[1]: Leaving directory `/usr/src/inet6-apps-0.35/etc' make[1]: Entering directory `/usr/src/inet6-apps-0.35/finger' cc -I../include -DINET6=1 -c finger.c -o finger.o finger.c: In function `loginlist': finger.c:197: `R_FIRST' undeclared (first use in this function) finger.c:197: (Each undeclared identifier is reported only once finger.c:197: for each function it appears in.) finger.c:197: `R_NEXT' undeclared (first use in this function) finger.c:200: structure has no member named `seq' finger.c: In function `userlist': finger.c:284: `R_FIRST' undeclared (first use in this function) finger.c:284: `R_NEXT' undeclared (first use in this function) finger.c:287: structure has no member named `seq' make[1]: *** [finger.o] Error 1 make[1]: Leaving directory `/usr/src/inet6-apps-0.35/finger' make[1]: Entering directory `/usr/src/inet6-apps-0.35/fingerd' cc -I../include -DINET6=1 -D_PATH_FINGER=\"/usr/inet6/bin/finger\" -c fingerd.c -o fingerd.o fingerd.c: In function `main': fingerd.c:83: storage size of `su' isn't known fingerd.c:146: warning: assignment makes pointer from integer without a cast fingerd.c:169: warning: assignment makes pointer from integer without a cast make[1]: *** [fingerd.o] Error 1 make[1]: Leaving directory `/usr/src/inet6-apps-0.35/fingerd' make[1]: Entering directory `/usr/src/inet6-apps-0.35/ftp' cc -I../include -DINET6=1 -DINNER=1 -c ftp.c -o ftp.o ftp.c: In function `hookup': ftp.c:218: sizeof applied to an incomplete type ftp.c:226: invalid use of undefined type `union sockaddr_union' ftp.c: In function `initconn': ftp.c:1095: invalid use of undefined type `union sockaddr_union' ftp.c:1158: invalid use of undefined type `union sockaddr_union' ftp.c:1158: invalid use of undefined type `union sockaddr_union' ftp.c:1228: invalid use of undefined type `union sockaddr_union' ftp.c:1245: invalid use of undefined type `union sockaddr_union' ftp.c:1247: invalid use of undefined type `union sockaddr_union' ftp.c:1250: invalid use of undefined type `union sockaddr_union' ftp.c:1253: invalid use of undefined type `union sockaddr_union' ftp.c:1258: invalid use of undefined type `union sockaddr_union' ftp.c:1320: sizeof applied to an incomplete type ftp.c:1351: invalid use of undefined type `union sockaddr_union' ftp.c:1351: invalid use of undefined type `union sockaddr_union' ftp.c:1427: invalid use of undefined type `union sockaddr_union' ftp.c: In function `dataconn': ftp.c:1449: storage size of `from' isn't known ftp.c: In function `pswitch': ftp.c:1540: field `mctl' has incomplete type ftp.c:1541: field `hctl' has incomplete type ftp.c: At top level: ftp.c:87: storage size of `hisctladdr' isn't known ftp.c:88: storage size of `data_addr' isn't known ftp.c:89: storage size of `myctladdr' isn't known make[1]: *** [ftp.o] Error 1 make[1]: Leaving directory `/usr/src/inet6-apps-0.35/ftp' make[1]: Entering directory `/usr/src/inet6-apps-0.35/ftpd' cc -I../include -DINET6=1 -DINNER=1 -DSETPROCTITLE -c ftpd.c -o ftpd.o ftpd.c: In function `main': ftpd.c:259: sizeof applied to an incomplete type ftpd.c:264: sizeof applied to an incomplete type ftpd.c:271: invalid use of undefined type `union sockaddr_union' ftpd.c:282: invalid use of undefined type `union sockaddr_union' ftpd.c:284: invalid use of undefined type `union sockaddr_union' ftpd.c:284: invalid use of undefined type `union sockaddr_union' ftpd.c:287: invalid use of undefined type `union sockaddr_union' ftpd.c:287: invalid use of undefined type `union sockaddr_union' ftpd.c:290: invalid use of undefined type `union sockaddr_union' ftpd.c:293: invalid use of undefined type `union sockaddr_union' ftpd.c:298: invalid use of undefined type `union sockaddr_union' ftpd.c: In function `pass': ftpd.c:649: warning: assignment makes pointer from integer without a cast ftpd.c: In function `getdatasock': ftpd.c:920: invalid use of undefined type `union sockaddr_union' ftpd.c:988: invalid use of undefined type `union sockaddr_union' ftpd.c: In function `dataconn': ftpd.c:1026: storage size of `from' isn't known ftpd.c: In function `passive': ftpd.c:1724: sizeof applied to an incomplete type ftpd.c: At top level: ftpd.c:113: storage size of `ctrl_addr' isn't known ftpd.c:114: storage size of `data_source' isn't known ftpd.c:115: storage size of `data_dest' isn't known ftpd.c:116: storage size of `his_addr' isn't known ftpd.c:117: storage size of `pasv_addr' isn't known make[1]: *** [ftpd.o] Error 1 make[1]: Leaving directory `/usr/src/inet6-apps-0.35/ftpd' make[1]: Entering directory `/usr/src/inet6-apps-0.35/include' make[1]: Leaving directory `/usr/src/inet6-apps-0.35/include' make[1]: Entering directory `/usr/src/inet6-apps-0.35/inetd' cc -I../include -DINET6=1 -I/usr/include -DOFFSETPORT=9000 -c inetd.c -o inetd.o In file included from inetd.c:197: /usr/include/bsd/signal.h:15: warning: `sv_onstack' redefined /usr/include/signal.h:275: warning: this is the location of the previous definition inetd.c:248: field `se_ctrladdr' has incomplete type inetd.c: In function `main': inetd.c:387: incompatible types in assignment inetd.c: In function `inetd_setproctitle': inetd.c:1146: storage size of `sa' isn't known make[1]: *** [inetd.o] Error 1 make[1]: Leaving directory `/usr/src/inet6-apps-0.35/inetd' make[1]: Entering directory `/usr/src/inet6-apps-0.35/man' make[1]: Nothing to be done for `all'. make[1]: Leaving directory `/usr/src/inet6-apps-0.35/man' make[1]: Entering directory `/usr/src/inet6-apps-0.35/misc' cc -I../include -DINET6=1 -DFASTCTO=10 -c gendata.c -o gendata.o cc gendata.o -L../lib -linet6 -o gendata cc -I../include -DINET6=1 -DFASTCTO=10 -c socktest.c -o socktest.o cc socktest.o -L../lib -linet6 -o socktest make[1]: Leaving directory `/usr/src/inet6-apps-0.35/misc' make[1]: Entering directory `/usr/src/inet6-apps-0.35/ping' cc -I../include -DINET6=1 -c ping.c -o ping.o ping.c:171: netinet/ipv6.h: No such file or directory ping.c:172: netinet/icmpv6.h: No such file or directory make[1]: *** [ping.o] Error 1 make[1]: Leaving directory `/usr/src/inet6-apps-0.35/ping' make[1]: Entering directory `/usr/src/inet6-apps-0.35/tftp' cc -I../include -DINET6=1 -c tftp.c -o tftp.o cc -I../include -DINET6=1 -c main.c -o main.o cc -I../include -DINET6=1 -c tftpsubs.c -o tftpsubs.o cc tftp.o main.o tftpsubs.o -L../lib -linet6 -o tftp make[1]: Leaving directory `/usr/src/inet6-apps-0.35/tftp' From jl06@uow.edu.au Fri Feb 12 00:12:55 1999 From: jl06@uow.edu.au (Justin Lipman) Date: Fri, 12 Feb 1999 11:12:55 +1100 (EST) Subject: Using a tunnel/Linux In-Reply-To: <001501be55e7$db15d500$010a0a0a@ace.sannes.org> from "[Asbj_rn Sannes]" at "Feb 11, 99 05:56:30 pm" Message-ID: <199902120012.LAA18270@wumpus.its.uow.edu.au> Hi there, Ive been fighting with the same problem without any sucess. When I do a tcp dump on my outgoing port while pinging. I am able to see the packets going out. An occasional packet comes back, but nothing happens. Dont supposed anybody could explain the mechanics behind the tunnelling - as far as setup & configuration is concerned??? Goodluck, Justin > I've got a tunnel to my Linux box, I just can't get it working.. > > This the info I got : > > Tunnel end (their side) : 195.159.0.16 > IPv6 address I should use on my IPv6 tunnel interface: > 3ffe:1108:403:7005::2/64 > > I looked around and tought this script would start it up correctly: > > # Your IPv6 prefix > PREFIX=3FFE:1108:403:7005 > # The host-part of the IPv6 address for this machine > ADDRESS=2 > # The IPv4 address of the far side of your tunnel > TUNNEL=195.159.0.16 > > echo 0 > /proc/sys/net/ipv6/conf/all/autoconf > echo 0 > /proc/sys/net/ipv6/conf/all/accept_ra > echo 0 > /proc/sys/net/ipv6/conf/all/accept_redirects > echo 1 > /proc/sys/net/ipv6/conf/all/forwarding > echo 0 > /proc/sys/net/ipv6/conf/all/router_solicitations > > ifconfig eth0 add $PREFIX::$ADDRESS/64 > route -A inet6 add $PREFIX::0/64 dev eth0 > ifconfig sit0 up tunnel ::$TUNNEL > ifconfig sit1 up > route -A inet6 add 3ffe::0/15 gw fe80::$TUNNEL dev sit1 > > -- > > I would appricate it if someone told me what was wrong with it, since I am > quite unexperienced with this. From cmetz@inner.net Fri Feb 12 03:11:38 1999 From: cmetz@inner.net (Craig Metz) Date: Thu, 11 Feb 1999 22:11:38 -0500 Subject: need help in compiling inet6-apps0.35 In-Reply-To: Your message of "Thu, 11 Feb 1999 17:06:51 EST." <36C3547A.CA661D7D@home.com> Message-ID: <199902120256.CAA28290@inner.net> In message <36C3547A.CA661D7D@home.com>, you write: >I am trying to compile the inet6-apps-0.35 with no success (as we >earlier versions i've tried 0.30 and 0.34 no luck) If you're having trouble with inet6-apps, you might be well served to follow the directions in the documentation under "If you have problems." The short answer is: inet6-apps is written for glibc 2.0, not glibc 2.1. The two currently do not coexist. This will change as soon as I can get glibc 2.1 on my system (not too hard) and some free time (which might be the problem). -Craig From venaas@itea.ntnu.no Fri Feb 12 06:31:34 1999 From: venaas@itea.ntnu.no (Stig Venaas) Date: Fri, 12 Feb 1999 07:31:34 +0100 Subject: need help in compiling inet6-apps0.35 In-Reply-To: <36C3547A.CA661D7D@home.com>; from John El-Rassi on Thu, Feb 11, 1999 at 05:06:51PM -0500 References: <36C3547A.CA661D7D@home.com> Message-ID: <19990212073134.A18670@itea.ntnu.no> On Thu, Feb 11, 1999 at 05:06:51PM -0500, John El-Rassi wrote: > Hi there > > I am trying to compile the inet6-apps-0.35 with no success (as we > earlier versions i've tried 0.30 and 0.34 no luck) > > however net-tools -1.50 with ipv6 support compiled almost seamlessly. > > I'm using a Linux box Stampede Distro. with kernel 2.2.1 and glibc-2.1 > (not a pre release but the recently released one) > > i've tried all the patches with different setups, as described in the > howto at www.bieringer.de to no avail. sorry to include > all the output of make but i thought it might be a clue into what i'm > doing wrong or not doing .. I had this problem too. I've made a patch that works for me at least. You can get it from ftp.nvg.ntnu.no/venaas/inet6-apps-0.35-glibc.dif. Stig -- Stig Venås Tel: +47 73 59 53 29 NTNU Fax: +47 73 59 80 98 ITEA/Nett, Prof. Brochs g. 6 N-7034 Trondheim, Norway E-mail: venaas@itea.ntnu.no From tim.larder@virgin.net Fri Feb 12 16:08:44 1999 From: tim.larder@virgin.net (Tim Larder) Date: Fri, 12 Feb 1999 16:08:44 -0000 Subject: Transition Message-ID: <011b01be56a3$ebf7dbe0$7c78a8c2@tsys2> Hi, >Application Proxy I was just wondering if anyone knew of any practical implementations of the above. I want to try and find out what sort of processing time would be required for converting each packet using one of these devices on the border of your network rather than say a header converter. Thanks Tim From venaas@itea.ntnu.no Fri Feb 12 22:29:12 1999 From: venaas@itea.ntnu.no (Stig Venaas) Date: Fri, 12 Feb 1999 23:29:12 +0100 Subject: need help in compiling inet6-apps0.35 In-Reply-To: <19990212073134.A18670@itea.ntnu.no>; from Stig Venaas on Fri, Feb 12, 1999 at 07:31:34AM +0100 References: <36C3547A.CA661D7D@home.com> <19990212073134.A18670@itea.ntnu.no> Message-ID: <19990212232912.A9690@itea.ntnu.no> On Fri, Feb 12, 1999 at 07:31:34AM +0100, Stig Venaas wrote: > > I had this problem too. I've made a patch that works for me at least. > You can get it from ftp.nvg.ntnu.no/venaas/inet6-apps-0.35-glibc.dif. I testet the patch with glibc-2.0.109 and I assumed that it would work also with the glibc-2.1 release. Well, guess what, it doesn't. Sorry. It turns out that union sockaddr_union is gone in glibc-2.1. The quick and dirty fix is to add the following at the bottom of include/support.h in inet6-apps-0.35. Just add something like: #if defined __GLIBC__ && __GLIBC__ >= 2 union sockaddr_union { struct sockaddr sa; struct sockaddr_in sin; struct sockaddr_in6 sin6; char __maxsize[128]; }; #endif /* defined __GLIBC__ && __GLIBC__ >= 2 */ Does anyone know if sockaddr_union is deprecated? I'm wondering if the correct fix is to get sockaddr_union into the glibc include files, or if one should change the application code. I guess I'm getting a bit off topic here, sorry. Stig -- Stig Venås Tel: +47 73 59 53 29 NTNU Fax: +47 73 59 80 98 ITEA/Nett, Prof. Brochs g. 6 N-7034 Trondheim, Norway E-mail: venaas@itea.ntnu.no From jelrassi@home.com Sat Feb 13 00:41:54 1999 From: jelrassi@home.com (John El-Rassi) Date: Fri, 12 Feb 1999 19:41:54 -0500 Subject: a thanke you and a double question :) Message-ID: <36C4CA52.41FF6A2C@home.com> The Thank you: TO: Stig Venaas Re: inet6-apps-0.35 and glibc-2.1 well it worked . thanks after applying your patch then added the lines to support.h and did some changes to GNUmakfile.config I was able to compile and install, thanks again. ________________________________________________________ The question: 1) i'm not sure if i should be asking linux related questions here at 6bone@isi.edu ? let me know :) 2) as for radvd-0.4.2 well it seems to have the same incompatability problems ?? it gives the error : cc -c -g -O2 -I. -DPATH_RADVD_CONF=\"/usr/inet6/etc/radvd.conf\" -DPATH_RADVD_LOG=\"/var/log/radvd.log\" -DLOG_FACILITY=LOG_DAEMON -DVERSION=\"0.4.2\" -DINET6=1 device.c device.c: In function `setup_allrouters_membership': device.c:163: structure has no member named `ipv6mr_ifindex' make: *** [device.o] Error 1 and stops right there any ideas. well thanks all. :-) From venaas@itea.ntnu.no Sat Feb 13 06:59:18 1999 From: venaas@itea.ntnu.no (Stig Venaas) Date: Sat, 13 Feb 1999 07:59:18 +0100 Subject: a thanke you and a double question :) In-Reply-To: <36C4CA52.41FF6A2C@home.com>; from John El-Rassi on Fri, Feb 12, 1999 at 07:41:54PM -0500 References: <36C4CA52.41FF6A2C@home.com> Message-ID: <19990213075918.B15566@itea.ntnu.no> On Fri, Feb 12, 1999 at 07:41:54PM -0500, John El-Rassi wrote: > 1) i'm not sure if i should be asking linux related questions > here at 6bone@isi.edu ? > let me know :) I'm not sure either. The list linux-ipv6@inner.net might be a better place. > 2) as for radvd-0.4.2 well it seems to have the same > incompatability problems ?? > it gives the error : > > cc -c -g -O2 -I. -DPATH_RADVD_CONF=\"/usr/inet6/etc/radvd.conf\" > -DPATH_RADVD_LOG=\"/var/log/radvd.log\" -DLOG_FACILITY=LOG_DAEMON > -DVERSION=\"0.4.2\" -DINET6=1 device.c > device.c: In function `setup_allrouters_membership': > device.c:163: structure has no member named `ipv6mr_ifindex' > make: *** [device.o] Error 1 I see that the source I used when I compiled radvd has been patched or modified. I can't remember if I found a patch somewhere, and by whom. I'll diff what I have with the original and put a diff in the same place. Look for ftp.nvg.ntnu.no/venaas/radvd-0.4.2-glibc-2.0.109.diff Keep in mind though that I've only tested it with 2.0.109. I'll test it on the 2.1-release soon, and make a 2.1 diff if necessary. Stig -- Stig Venås Tel: +47 73 59 53 29 NTNU Fax: +47 73 59 80 98 ITEA/Nett, Prof. Brochs g. 6 N-7034 Trondheim, Norway E-mail: venaas@itea.ntnu.no From ipv6@gmx.de Mon Feb 15 16:55:39 1999 From: ipv6@gmx.de (Projekt Ipv6) Date: Mon, 15 Feb 1999 16:55:39 +0000 Subject: Problems by installing inett6-apps Message-ID: <36C85189.3BE03893@gmx.de> Hello ! We use S.U.S.E Linux 6.0, Kernel 2.1.131 and gcc Ver.2.7.2.3-5 without modutils.We are using the Bieriger's HOWTO and got now a problem installing inet6-apps_0.34. We've got a lot of warnings like domacro.o: warning: multiple common of `macbuf' ftp.o: warning: previous common is here After we installed the apps without error's but with these warnings we tried to start a ping to a other PC and got a bus error. What must we do, to replace these warnings and/or replace the bus error. Thanks Detlef Bruns Dietmar Saathoff From cmetz@inner.net Mon Feb 15 21:44:55 1999 From: cmetz@inner.net (Craig Metz) Date: Mon, 15 Feb 1999 16:44:55 -0500 Subject: Problems by installing inett6-apps In-Reply-To: Your message of "Mon, 15 Feb 1999 16:55:39 GMT." <36C85189.3BE03893@gmx.de> Message-ID: <199902152127.VAA32634@inner.net> In message <36C85189.3BE03893@gmx.de>, you write: >We use S.U.S.E Linux 6.0, Kernel 2.1.131 and gcc Ver.2.7.2.3-5 without >modutils.We are using the Bieriger's HOWTO and got now a problem >installing inet6-apps_0.34. We've got a lot of warnings like > >domacro.o: warning: multiple common of `macbuf' >ftp.o: warning: previous common is here > >After we installed the apps without error's but with these warnings we >tried to >start a ping to a other PC and got a bus error. What must we do, to >replace these >warnings and/or replace the bus error. RTFM under "If you have problems." This should be a FAQ... -Craig From mjoseph@cisco.com Tue Feb 16 12:11:53 1999 From: mjoseph@cisco.com (Mathew Joseph) Date: Tue, 16 Feb 1999 17:41:53 +0530 (IST) Subject: Pointers wanted ! Message-ID: <199902161211.RAA09460@dosa.cisco.com> Hi all, Could you let me know which are the best places for me to look out for implementation of IPv6 stacks ? Thanks Joseph Mathew ****************************** Cisco Systems Inc. "The network works, no excuses ****************************** From fink@es.net Tue Feb 16 14:19:59 1999 From: fink@es.net (Bob Fink) Date: Tue, 16 Feb 1999 06:19:59 -0800 Subject: Pointers wanted ! In-Reply-To: <199902161211.RAA09460@dosa.cisco.com> Message-ID: <4.1.19990216061857.00aa2100@imap2.es.net> At 05:41 PM 2/16/99 +0530, Mathew Joseph wrote: >Hi all, > >Could you let me know >which are the best places >for me to look out >for implementation of IPv6 >stacks ? At the moment it's the Implemenations page for the IPng WG: Bob From pxie@polymail.cpunix.calpoly.edu Tue Feb 16 17:40:51 1999 From: pxie@polymail.cpunix.calpoly.edu (Ping Xie) Date: Tue, 16 Feb 1999 09:40:51 -0800 (PST) Subject: Pointers wanted ! In-Reply-To: <199902161211.RAA09460@dosa.cisco.com> Message-ID: Hi there, Please try this URL: http://playground.sun.com/pub/ipng/html/ipng-implementations.html regards, Peter Ping Xie ============== Computer Science graduate student Cal Poly State University, SLO, California On Tue, 16 Feb 1999, Mathew Joseph wrote: > Hi all, > > Could you let me know > which are the best places > for me to look out > for implementation of IPv6 > stacks ? > > Thanks > Joseph Mathew > > > ****************************** > Cisco Systems Inc. > "The network works, no excuses > ****************************** > > From mferioli@isdnet.net Tue Feb 16 17:43:48 1999 From: mferioli@isdnet.net (Michael Ferioli) Date: Tue, 16 Feb 1999 18:43:48 +0100 Subject: Pointers wanted ! In-Reply-To: <199902161211.RAA09460@dosa.cisco.com> Message-ID: <3.0.5.32.19990216184348.031faec0@mailhub.isdnet.net> At 17:41 16/02/99 +0530, Mathew Joseph wrote: >Hi all, > >Could you let me know >which are the best places >for me to look out >for implementation of IPv6 >stacks ? Internetworking IPv6 with Cisco Routers, Silvano Gai ISBN 0-07-022836-1 Invaluable if you are implementing on a Cisco. I got it in 2 days from Amazon. Mike From fink@es.net Wed Feb 17 01:51:57 1999 From: fink@es.net (Bob Fink) Date: Tue, 16 Feb 1999 17:51:57 -0800 Subject: 6BONE AUP Message-ID: <4.1.19990216165439.00ae0c10@imap2.es.net> Perry, Jim, Craig, Tony et al, This will be a bit long winded, but hopefully worth it! (For the benefit of the 6bone and ngtrans list folk not on the deployment@ipv6.org list, my "research and development AUP" comments about the 6bone have been questioned.) First, a brief bit of background on the 6bone. The 6bone was created by a volunteer group of folk "to foster the development testing, and deployment of IPv6". As some of the participants offerred to host end-site tunnels and/or carry backbone traffic for those not in their normal user community, I was sensitive about violating anyone's AUP. Note that any mention of a research and development AUP was my choice (to the best of my memory), not that of the early 6bone group (i.e., the ad hoc meetings held at the IETF) or the current ngtrans group (which now includes the 6bone activity). I have scanned all the minutes of 6bone meetings held to date to refresh my memory (I may have passed over something, but doubt it). I've also included below the 6bone portion (which I wrote) of the ngtrans charter: "4. Coordinate deployment of an IPv6 testbed (known as the 6bone) to assist in the following: - Creation of "practice and experience" informational documents that capture the experiences of those who have deployed, and are deploying, various IPv6 technologies. - Feedback to various IETF IPv6-related activities, such as the IPng WG, based on testbed experience, where appropriate. - Feedback to various IPv6 product developers, based on testbed experience, where appropriate. - Development of mechanisms and procedures to aid in the transition to native IPv6, where appropriate. - Development of mechanisms and procedures for sharing operational information to aid in transition and operation of global IPv6 routing." There is no mention of either a production or non-production disposition, nor of any specific AUP. It is a testbed that, as the first 6bone meeting's goal statement said, is "to foster the development testing, and deployment of IPv6". I would also note that I have never had anyone (that I can remember) tell me that my "research and development Acceptable Use Policy (AUP)" mattered to them. I have had several say that as long as the traffic was low enough that their own AUPs could accomodate production usage. Now let's look at RFC 2471, the IPv6 Testing Address Allocation: 1.0 Introduction This document describes an allocation plan for IPv6 addresses to be used in testing IPv6 prototype software. These addresses are temporary and will be reclaimed in the future. Any IPv6 system using these addresses will have to renumber at some time in the future. These addresses will not to be routable in the Internet other than for IPv6 testing. ... 2.0 Address Format TLA = 0x1FFE = Top-Level Aggregation Identifier This is a TLA ID assigned by the IANA for 6bone testing under the auspices of the IETF IPng Transition Working Group 6bone testbed activity. It is to be administered by the chair of the 6bone activity (currently Bob Fink ). The use of this TLA ID is temporary. All users of these addresses in this TLA ID will be required to renumber at some time in the future. Again, no mention is made of any type of AUP. The biggest worry I see here is that eventually we may have to renumber, and somehow I doubt that this will be a real problem as long as the 6bone is serving a purpose. So I conclude that I'm being overly conservative in how I speak of this in print. IMO, if a 6bone pTLA or pNLA transit is concerned with the nature of IPv6 6bone traffic they carry, they will take appropriate steps of their own, and certainly not ones dictated by me. The conclusion of this is that I will simply remove the mention of a research and development AUP. In fact it is gone as you read this! I would also encourage everyone to review any and all of the 6bone pages and recommend better wording, restructuring etc. We are all in this together and there are limits to whay one person can do. Thanks, Bob From cmetz@inner.net Wed Feb 17 02:13:39 1999 From: cmetz@inner.net (Craig Metz) Date: Tue, 16 Feb 1999 21:13:39 -0500 Subject: 6BONE AUP In-Reply-To: Your message of "Tue, 16 Feb 1999 17:51:57 PST." <4.1.19990216165439.00ae0c10@imap2.es.net> Message-ID: <199902170155.BAA02415@inner.net> In message <4.1.19990216165439.00ae0c10@imap2.es.net>, you write: >The conclusion of this is that I will simply remove the mention of a >research and development AUP. In fact it is gone as you read this! > >I would also encourage everyone to review any and all of the 6bone pages >and recommend better wording, restructuring etc. We are all in this >together and there are limits to whay one person can do. Let me suggest that we make explicitly clear that the 6Bone and 6REN are experimental services, and subject to interruption or changes (such as renumbering) without notice. -Craig From fink@es.net Wed Feb 17 02:28:43 1999 From: fink@es.net (Bob Fink) Date: Tue, 16 Feb 1999 18:28:43 -0800 Subject: 6BONE AUP In-Reply-To: <199902170155.BAA02415@inner.net> References: Message-ID: <4.1.19990216182238.00b5b100@imap2.es.net> Craig, At 09:13 PM 2/16/99 -0500, Craig Metz wrote: >In message <4.1.19990216165439.00ae0c10@imap2.es.net>, you write: >>The conclusion of this is that I will simply remove the mention of a >>research and development AUP. In fact it is gone as you read this! >> >>I would also encourage everyone to review any and all of the 6bone pages >>and recommend better wording, restructuring etc. We are all in this >>together and there are limits to whay one person can do. > > Let me suggest that we make explicitly clear that the 6Bone and 6REN are >experimental services, and subject to interruption or changes (such as >renumbering) without notice. The 6REN initiative participants will renumber as soon as their already requested Sub-TLAs are issued by the registries. They are only in the 6bone number space to get their initial native IPv6 peerings tested. The 6REN is not an experimental service in any way (at least once we convert to the production numbers), rather concrete commitments from the participants to provide IPv6 services to their constituents. Thanks, Bob From tesi_tlc@ing240.unife.it Wed Feb 17 08:31:27 1999 From: tesi_tlc@ing240.unife.it (Tesi TLC (G. MazzinI)) Date: Wed, 17 Feb 1999 09:31:27 +0100 (MET) Subject: IPv6 with turboways 25 IBM Message-ID: Hello ! We are two students of Italian University ! We would like to know if there is someone which is install IPv6 over ATM (Linux) with turboways 25 card and swich 8285 IBM ? We have kernel 2.1.126 (RedHat 5.2), modutils 2.1.121, glibc 2.0.7, atm patch 0.51, cdc16 (atm drivers for turboways 25) We are using Bieringer's HOW-TO ! If there are someone ,can he tell us !! Tanks Luca & Giancarlo From mjoseph@cisco.com Wed Feb 17 12:15:39 1999 From: mjoseph@cisco.com (Mathew Joseph) Date: Wed, 17 Feb 1999 17:45:39 +0530 (IST) Subject: Pointers wanted ! Message-ID: <199902171215.RAA09710@dosa.cisco.com> Hi all, Thanks a lot to all those out there in this mailing list for the tremendous response I received for "IPng implementations" Thanks once again Joseph Mathew ****************************** Cisco Systems Inc. "The network works, no excuses ****************************** From perry@piermont.com Wed Feb 17 16:19:04 1999 From: perry@piermont.com (Perry E. Metzger) Date: 17 Feb 1999 11:19:04 -0500 Subject: 6BONE AUP In-Reply-To: Jim Bound's message of "Wed, 17 Feb 1999 11:11:14 -0500" References: <199902171611.LAA0000012551@wasted.zk3.dec.com> Message-ID: <87n22dm29z.fsf@jekyll.piermont.com> Jim Bound writes: > Renumbering is inherent in IPv6. You don't own your IPv6 address you > provider does. When you change providers assume you will have to > renumber. Also assume if your an early adopter renumbering may take > place like the 6REN. Because we have built dynamic renumbering into the > architecture of IPv6 (a bit more than window dressing again) this is not > a problem and a way of life. > > Renumbering is not an interruption but a feature of IPv6. It is a feature, but until we get more users dealing with regular renumberings a lot of things (from BIND configuration files to router filter lists) are going to be breaking. It is going to be a while until all that gets straightened out. I'm not saying, you understand, that it won't be dealt with -- just that at first it will not be as smooth as it has to be later on if this is to be used regularly. We might want to try running "fire drills" on renumbering in the 6bone in order to see what breaks and what gets to be too painful without fixes if one renumbers regularly. Perry From bmanning@ISI.EDU Wed Feb 17 16:09:28 1999 From: bmanning@ISI.EDU (bmanning@ISI.EDU) Date: Wed, 17 Feb 1999 08:09:28 -0800 (PST) Subject: 6BONE AUP In-Reply-To: <199902171611.LAA0000012551@wasted.zk3.dec.com> from "Jim Bound" at Feb 17, 99 11:11:14 am Message-ID: <199902171609.AA23610@zed.isi.edu> > > Also another point. > > Renumbering is inherent in IPv6. You don't own your IPv6 address you > provider does. A point of clarification Jim. Nobody owns the addresses. They are delegated. When delegated they impose a level of responsiblity for use. The delegation may be withdrawn for any number of reasons. In some cases a withdrawn delegation may be accompanied by a new delegation. (renumbering) This is true across the board. > When you change providers assume you will have to > renumber. Also assume if your an early adopter renumbering may take > place like the 6REN. Because we have built dynamic renumbering into the > architecture of IPv6 (a bit more than window dressing again) this is not > a problem and a way of life. > > Renumbering is not an interruption but a feature of IPv6. > > /jim > > --------------------------------------------------------------------- > The IPv6 Deployment Mailing List > Unsubscribe by sending "unsubscribe deployment" to majordomo@ipv6.org > -- --bill From Alain.Durand@imag.fr Wed Feb 17 16:29:31 1999 From: Alain.Durand@imag.fr (Alain Durand) Date: Wed, 17 Feb 1999 17:29:31 +0100 Subject: renumbering (was: 6BONE AUP) References: <199902171611.LAA0000012551@wasted.zk3.dec.com> Message-ID: <199902171631.RAA11771@imag.imag.fr> At 11:19 17/02/99 -0500, Perry E. Metzger wrote: >We might want to try running "fire drills" on renumbering in the >6bone in order to see what breaks and what gets to be too painful >without fixes if one renumbers regularly. We actualy went through a global renumbering session on the 6bone once, when we moved from 5F RFC1897 addresses to the new aggregated 3FFE ones. Transiting my site was not that big a deal. The main issue was to convince people running 6bone leaf sites to do the job. The overall process took more than 3 months at the time. In the RIPE draft paper about IPv6 address allocation, they specify that you will have 3 months to renumber. example taken from this draft: when an ISP is moving from a sub-TLA to a TLA > ... The sub-TLA will have 3 months to return the sub-TLA space > after the TLA has been allocated. - Alain. From perry@piermont.com Wed Feb 17 16:38:52 1999 From: perry@piermont.com (Perry E. Metzger) Date: 17 Feb 1999 11:38:52 -0500 Subject: renumbering (was: 6BONE AUP) In-Reply-To: Alain Durand's message of "Wed, 17 Feb 1999 17:29:31 +0100" References: <199902171611.LAA0000012551@wasted.zk3.dec.com> <199902171631.RAA11771@imag.imag.fr> Message-ID: <87g185m1cz.fsf@jekyll.piermont.com> Alain Durand writes: > At 11:19 17/02/99 -0500, Perry E. Metzger wrote: > >We might want to try running "fire drills" on renumbering in the > >6bone in order to see what breaks and what gets to be too painful > >without fixes if one renumbers regularly. > > We actualy went through a global renumbering session on the 6bone once, > when we moved from 5F RFC1897 addresses to the new aggregated 3FFE ones. > > Transiting my site was not that big a deal. The main issue was to convince > people running 6bone leaf sites to do the job. > The overall process took more than 3 months at the time. > > In the RIPE draft paper about IPv6 address allocation, they specify > that you will have 3 months to renumber. In practice, if you have three months, the tools themselves have to make it possible for someone to accomplish the job in a couple of days because they won't, in practice, do much until the last possible minute. Renumbering semi-frequently on the 6bone would probably encourage us to make the tools better and to stop thinking of IP addresses as stable and permanent. (Look at the world's ntp.conf files if you want to see where that leads...) Perry From bmanning@ISI.EDU Wed Feb 17 16:39:28 1999 From: bmanning@ISI.EDU (bmanning@ISI.EDU) Date: Wed, 17 Feb 1999 08:39:28 -0800 (PST) Subject: renumbering (was: 6BONE AUP) In-Reply-To: <87g185m1cz.fsf@jekyll.piermont.com> from "Perry E. Metzger" at Feb 17, 99 11:38:52 am Message-ID: <199902171639.AA24032@zed.isi.edu> > > We actualy went through a global renumbering session on the 6bone once, > > when we moved from 5F RFC1897 addresses to the new aggregated 3FFE ones. > > > > Transiting my site was not that big a deal. The main issue was to convince > > people running 6bone leaf sites to do the job. > > The overall process took more than 3 months at the time. > > > > In the RIPE draft paper about IPv6 address allocation, they specify > > that you will have 3 months to renumber. > > In practice, if you have three months, the tools themselves have to > make it possible for someone to accomplish the job in a couple of days > because they won't, in practice, do much until the last possible > minute. > > Renumbering semi-frequently on the 6bone would probably encourage us > to make the tools better and to stop thinking of IP addresses as > stable and permanent. (Look at the world's ntp.conf files if you want > to see where that leads...) > > Perry Much of the thinking wrt renumbering went into the abortive PIER wg. NTP, DNS, SNMP(network mgmt) are all problem areas. Pop up a level and things like NFS mount points, Web Caches and SDR/Confctl tools are also suspect. I'll point out that the first pass at renumbering the 6bone did not, for the most part, involve DNS servers. Most of them were (and still are) only IPv4 aware. -- --bill From cesar@cuk.redes.unam.mx Wed Feb 17 20:35:37 1999 From: cesar@cuk.redes.unam.mx (Cesar Olvera Morales) Date: Wed, 17 Feb 1999 14:35:37 -0600 (CST) Subject: No subject Message-ID: We would like to know if there is someone which is working with IPv6 in Windows NT? We need to know how configure a tunnel endpoint. Thanks Research and Development DGSCA, UNAM Mexico From richdr@microsoft.com Wed Feb 17 21:27:23 1999 From: richdr@microsoft.com (Richard Draves) Date: Wed, 17 Feb 1999 13:27:23 -0800 Subject: Message-ID: <4D0A23B3F74DD111ACCD00805F31D8100AF81D22@RED-MSG-50> Hi Cesar, I assume you're using our MSR IPv6 stack? If so the best place for questions is our mailing list: msripv6-users@list.research.microsoft.com (send mail to listserv@list.research.microsoft.com to join the list). Our web site has directions for configuring tunnels. See http://www.research.microsoft.com/msripv6/6bone.htm. Rich > -----Original Message----- > From: Cesar Olvera Morales [mailto:cesar@cuk.redes.unam.mx] > Sent: Wednesday, February 17, 1999 12:36 PM > To: 6bone@ISI.EDU > Subject: > > > > We would like to know if there is someone which is working with > IPv6 in Windows NT? > > We need to know how configure a tunnel endpoint. > > Thanks > > Research and Development > DGSCA, UNAM > Mexico > > > From lxa@inf.utfsm.cl Thu Feb 18 12:19:30 1999 From: lxa@inf.utfsm.cl (Armando Aguirre Schlick) Date: Thu, 18 Feb 1999 09:19:30 -0300 (CDT) Subject: Resouce site... Message-ID: <199902181219.JAA23337@trauco.inf.utfsm.cl> Where can i find information about the aplications already migrated to work with IPv6??? I´d like to migrate some aplications ( for a study project) and I would not like work in an aplication already migrated. Thanks. -- Armando Aguirre Schlick mailto:lxa@inf.utfsm.cl Egresado de Ingenieria Civil en Informatica Universidad Tecnica Federico Santa Maria, Chile http://www.inf.utfsm.cl/~lxa From crawdad@fnal.gov Thu Feb 18 16:07:20 1999 From: crawdad@fnal.gov (Matt Crawford) Date: Thu, 18 Feb 1999 10:07:20 -0600 Subject: (ngtrans) Re: 6BONE AUP In-Reply-To: Your message of Thu, 18 Feb 1999 09:01:04 EST. <14716.919346464@sayshell.corp.us.uu.net> Message-ID: <199902181607.KAA06879@gungnir.fnal.gov> Louie sez ... > If you really want to demonstrate a compelling reason for ISPs and users > to begin to deploy IPv6, then I think the 6bone should renumber all the > sites on a regular basis. I used to say this when the 6bone was first forming. It may be just about time to say it again, eh? One part of renumbering which hasn't been tackled, though, is updating filter lists (aka access lists) on routers. There are probably some 6bone BGP filters in place here and there which would take small but non-zero effort to update with each renumbering. Ideas, anyone? Matt From Alain.Durand@imag.fr Thu Feb 18 16:45:29 1999 From: Alain.Durand@imag.fr (Alain Durand) Date: Thu, 18 Feb 1999 17:45:29 +0100 Subject: (ngtrans) Re: 6BONE AUP References: Message-ID: <199902181647.RAA00596@imag.imag.fr> At 10:07 18/02/99 -0600, Matt Crawford wrote: >One part of renumbering which hasn't been tackled, though, is >updating filter lists (aka access lists) on routers. There are >probably some 6bone BGP filters in place here and there which would >take small but non-zero effort to update with each renumbering. >Ideas, anyone? They are other places where IP addresses are burried deep. For example, we use some expensive software controled by a license server. The server needs a key to operate, and this key is derived by the software vendor from... the license server IP address!!! So each time the server change it's IP address, we have to go to this specific software vendor to get a new key. I suggest we try to make a list of some "well known" places where IP addresses are buried. On routers: - Access list (firewall) - BGP filters On servers: - DNS (many places) - keys for license servers - ntp configuration file - /etc/networks ??? On client hosts: - DNS server address (if not using DHCP) There is probably more to this. - Alain. From bmanning@ISI.EDU Thu Feb 18 16:48:27 1999 From: bmanning@ISI.EDU (bmanning@ISI.EDU) Date: Thu, 18 Feb 1999 08:48:27 -0800 (PST) Subject: (ngtrans) Re: 6BONE AUP In-Reply-To: <199902181647.RAA00596@imag.imag.fr> from "Alain Durand" at Feb 18, 99 05:45:29 pm Message-ID: <199902181648.AA00466@zed.isi.edu> Most of these places are documented in old PIER drafts. > > At 10:07 18/02/99 -0600, Matt Crawford wrote: > > >One part of renumbering which hasn't been tackled, though, is > >updating filter lists (aka access lists) on routers. There are > >probably some 6bone BGP filters in place here and there which would > >take small but non-zero effort to update with each renumbering. > >Ideas, anyone? > > They are other places where IP addresses are burried deep. > For example, we use some expensive software controled > by a license server. The server needs a key to operate, > and this key is derived by the software vendor > from... the license server IP address!!! > So each time the server change it's IP address, we have > to go to this specific software vendor to get a new key. > > I suggest we try to make a list of some "well known" places > where IP addresses are buried. > > On routers: > - Access list (firewall) > - BGP filters > > On servers: > - DNS (many places) > - keys for license servers > - ntp configuration file > - /etc/networks ??? > > On client hosts: > - DNS server address (if not using DHCP) > > There is probably more to this. > > - Alain. > > -- --bill From perry@piermont.com Thu Feb 18 17:15:57 1999 From: perry@piermont.com (Perry E. Metzger) Date: 18 Feb 1999 12:15:57 -0500 Subject: (ngtrans) Re: 6BONE AUP In-Reply-To: "Matt Crawford"'s message of "Thu, 18 Feb 1999 10:07:20 -0600" References: <199902181607.KAA06879@gungnir.fnal.gov> Message-ID: <87ww1fiqeq.fsf@jekyll.piermont.com> "Matt Crawford" writes: > One part of renumbering which hasn't been tackled, though, is > updating filter lists (aka access lists) on routers. There are > probably some 6bone BGP filters in place here and there which would > take small but non-zero effort to update with each renumbering. > Ideas, anyone? The trick is always another layer of indirection. The DNS has provided good names for hosts. What we need is a way to name CIDRized blocks of addresses cleanly, so that the configurations can use names which today point at the old addresses and tomorrow point at the new... Perry From perry@piermont.com Thu Feb 18 19:47:50 1999 From: perry@piermont.com (Perry E. Metzger) Date: 18 Feb 1999 14:47:50 -0500 Subject: Resouce site... In-Reply-To: Armando Aguirre Schlick's message of "Thu, 18 Feb 1999 09:19:30 -0300 (CDT)" References: <199902181219.JAA23337@trauco.inf.utfsm.cl> Message-ID: <87ogmrijdl.fsf@jekyll.piermont.com> Armando Aguirre Schlick writes: > Where can i find information about the aplications already migrated > to work with IPv6??? I´d like to migrate some aplications ( for a study > project) and I would not like work in an aplication already migrated. Try: http://www.ipv6.org/v6-apps.html Note that the list is woefully incomplete, but it *does* have some pointers that are useful. See also: http://www.ipv6.org/impl/inria.html Perry From mpburton@europa.com Thu Feb 18 22:28:47 1999 From: mpburton@europa.com (Michael P. Burton) Date: Thu, 18 Feb 1999 14:28:47 -0800 (PST) Subject: (ngtrans) Re: 6BONE AUP In-Reply-To: <87ww1fiqeq.fsf@jekyll.piermont.com> Message-ID: I'm awefully new to the IPv^ ballgame, but isn't there leeway for dual-homing on the same interface to ease transition from one prefix to another? On 18 Feb 1999, Perry E. Metzger wrote: | |"Matt Crawford" writes: |> One part of renumbering which hasn't been tackled, though, is |> updating filter lists (aka access lists) on routers. There are |> probably some 6bone BGP filters in place here and there which would |> take small but non-zero effort to update with each renumbering. |> Ideas, anyone? | |The trick is always another layer of indirection. The DNS has provided |good names for hosts. What we need is a way to name CIDRized blocks of |addresses cleanly, so that the configurations can use names which |today point at the old addresses and tomorrow point at the new... | |Perry | _____________________________________________________________________ Michael P. Burton Member:DNRC From perry@piermont.com Thu Feb 18 22:40:27 1999 From: perry@piermont.com (Perry E. Metzger) Date: 18 Feb 1999 17:40:27 -0500 Subject: (ngtrans) Re: 6BONE AUP In-Reply-To: "Michael P. Burton"'s message of "Thu, 18 Feb 1999 14:28:47 -0800 (PST)" References: Message-ID: <87lnhvgwtg.fsf@jekyll.piermont.com> "Michael P. Burton" writes: > I'm awefully new to the IPv^ ballgame, but isn't there leeway for > dual-homing on the same interface to ease transition from one > prefix to another? 1) If I add a new prefix in, do I want my filter rules to not apply to it, or for it to be blocked by accident? 2) If I add a new prefix in, do I want to burn personel time dealing with the event? Perry From mpburton@europa.com Thu Feb 18 22:55:07 1999 From: mpburton@europa.com (Michael P. Burton) Date: Thu, 18 Feb 1999 14:55:07 -0800 (PST) Subject: (ngtrans) Re: 6BONE AUP In-Reply-To: <87lnhvgwtg.fsf@jekyll.piermont.com> Message-ID: |"Michael P. Burton" writes: |> I'm awefully new to the IPv^ ballgame, but isn't there leeway for |> dual-homing on the same interface to ease transition from one |> prefix to another? | |1) If I add a new prefix in, do I want my filter rules to not apply to |it, or for it to be blocked by accident? |2) If I add a new prefix in, do I want to burn personel time dealing |with the event? | |Perry Well, if it were plug-n-play, then we would all be out of a job, wouldn't we? (laugh) Seriously though - I guess it would be the network admin's job to keep very specific notes on the usage of access-lists (and other ip number dependent resources) and be able to make the needed changes in a matter of hours. Another solution might be a way to "push" new access-list information out to all routers from an authorative-router. Of course, that would have to rely on the AH and ESP headers to guarentee no wrong-doing was done... _____________________________________________________________________ Michael P. Burton Member:DNRC From perry@piermont.com Thu Feb 18 23:21:02 1999 From: perry@piermont.com (Perry E. Metzger) Date: 18 Feb 1999 18:21:02 -0500 Subject: (ngtrans) Re: 6BONE AUP In-Reply-To: "Michael P. Burton"'s message of "Thu, 18 Feb 1999 14:55:07 -0800 (PST)" References: Message-ID: <87d837guxt.fsf@jekyll.piermont.com> "Michael P. Burton" writes: > |2) If I add a new prefix in, do I want to burn personel time dealing > |with the event? > > Well, if it were plug-n-play, then we would all be out of a job, > wouldn't we? (laugh) Seriously though - I guess it would be the > network admin's job to keep very specific notes on the usage of > access-lists (and other ip number dependent resources) and be > able to make the needed changes in a matter of hours. No. That's really unacceptable. It is fine to automate something like this and say "the solution is automation" (AFTER you demonstrate said automation), but it is *not* fine to say "the solution is burning human cycles". If that is the solution, then we'll never be able to renumber. There are companies with tens of thousands of machines and huge numbers of clueless managers. If they spend six hours every week renumbering, they'll kill us all. More importantly, they'll block the moves to renumber, which will destroy the whole flexibility the system is supposed to have. Perry From mpburton@europa.com Thu Feb 18 23:33:00 1999 From: mpburton@europa.com (Michael P. Burton) Date: Thu, 18 Feb 1999 15:33:00 -0800 (PST) Subject: (ngtrans) Re: 6BONE AUP In-Reply-To: <87d837guxt.fsf@jekyll.piermont.com> Message-ID: |"Michael P. Burton" writes: |> |2) If I add a new prefix in, do I want to burn personel time dealing |> |with the event? |> |> Well, if it were plug-n-play, then we would all be out of a job, |> wouldn't we? (laugh) Seriously though - I guess it would be the |> network admin's job to keep very specific notes on the usage of |> access-lists (and other ip number dependent resources) and be |> able to make the needed changes in a matter of hours. | |No. That's really unacceptable. It is fine to automate something like |this and say "the solution is automation" (AFTER you demonstrate said |automation), but it is *not* fine to say "the solution is burning |human cycles". If that is the solution, then we'll never be able to |renumber. There are companies with tens of thousands of machines and |huge numbers of clueless managers. If they spend six hours every week |renumbering, they'll kill us all. More importantly, they'll block the |moves to renumber, which will destroy the whole flexibility the system |is supposed to have. | |Perry If they have to spend six hours a week renumbering, then there is probably another major issue to be looked at that they are willing to kill us over. The whole access-list issue is a difficult one because from my understanding, IPv6 dosn't deal with it; it is propitary tech. I'm sure Cisco could come up with a solution for their routers, but if you are dealing with different kinds of routers, you are going to be pretty hosed. But admins are going to need to be able to change their addresses on an "as-needed" basis, hopefully less than once a year. Do you have a proposed solution to this issue? _____________________________________________________________________ Michael P. Burton Member:DNRC From itojun@itojun.org Fri Feb 19 04:56:50 1999 From: itojun@itojun.org (Jun-ichiro itojun Hagino) Date: Fri, 19 Feb 1999 13:56:50 +0900 Subject: Resouce site... In-Reply-To: perry's message of 18 Feb 1999 14:47:50 EST. <87ogmrijdl.fsf@jekyll.piermont.com> Message-ID: <3183.919400210@coconut.itojun.org> >> Where can i find information about the aplications already migrated >> to work with IPv6??? I d like to migrate some aplications ( for a study >> project) and I would not like work in an aplication already migrated. >Try: >http://www.ipv6.org/v6-apps.html >Note that the list is woefully incomplete, but it *does* have some >pointers that are useful. http://www2.kame.net/faq/fom.cgi?file=45 should be useful too. itojun@i'm back From kre@munnari.OZ.AU Fri Feb 19 06:28:35 1999 From: kre@munnari.OZ.AU (Robert Elz) Date: Fri, 19 Feb 1999 17:28:35 +1100 Subject: (ngtrans) Re: 6BONE AUP In-Reply-To: Your message of "Thu, 18 Feb 1999 15:33:00 -0800." Message-ID: <9947.919405715@munnari.OZ.AU> Date: Thu, 18 Feb 1999 15:33:00 -0800 (PST) From: "Michael P. Burton" Message-ID: | The whole access-list issue is a difficult one because from my | understanding, IPv6 dosn't deal with it; it is propitary tech. I'm sure | Cisco could come up with a solution for their routers, but if you are | dealing with different kinds of routers, you are going to be pretty hosed. We don't need to define a scheme that works for cisco (or anyone else's) routers, but to provide the mechanisms that the router vendors can use to incorporate into their products. Right now (as Perry pointed out) there's no good way to say "SMTP from a uunet dialup address is disallowed", other than to discover (somehow) the IP address ranges concerned and block them explicitly. Because of that, access lists are almost exclusively written using IP addresses (or IP addresses and masks). If we can provide the mechanism to allow such things to be named, we can then lean upon the vendors to support building access lists from names instead of numbers (and if we & they do it right, the translations will contain TTLs and the access lists will be automatically updated as the addresses alter). | But admins are going to need to be able to change their addresses on an | "as-needed" basis, hopefully less than once a year. Do you have a | proposed solution to this issue? Note the problem with access lists (and the reason I assume Matt raised it) is that it isn't my address changes that are of immediate concern. It is that other guy's address changes that matter - if uunet decide (or are forced) to reassign addresses to their dialup customers, then I have a bunch of access lists I need to update. This is not a new problem for IPv6, it is just likely to become more importantthere, as renumbering is likely to happen much more often (and yes, quite possibly much more often than once a year). kre From roque@cisco.com Fri Feb 19 08:22:49 1999 From: roque@cisco.com (Pedro Marques) Date: Fri, 19 Feb 1999 00:22:49 -0800 (PST) Subject: (ngtrans) Re: 6BONE AUP In-Reply-To: <87d837guxt.fsf@jekyll.piermont.com> References: <87d837guxt.fsf@jekyll.piermont.com> Message-ID: <14029.6072.69881.109989@pedrom-ultra.cisco.com> >>>>> "Perry" == Perry E Metzger writes: Perry> No. That's really unacceptable. It is fine to automate Perry> something like this and say "the solution is automation" Perry> (AFTER you demonstrate said automation), but it is *not* Perry> fine to say "the solution is burning human cycles". If that Perry> is the solution, then we'll never be able to Perry> renumber. I've to confess i've always found the discussions about renumbering "interesting"... specially since people often refuse to quantify what should be renumbered. Since the costs of such operation depend on the position on the topology of what you are trying to renumber that has always sounded to me that ipv6 will do renumbering at all costs. From an engineering point of view, which is basically the "art" of making tradeoffs, that sounds odd. As if we had taken "renumbering" as a buzzword without looking at the implications. But let's not discuss if renumbering is, or rather when it is, a good idea. The major implication of renumbering is that you can't consider addresses as identifiers of the objects but instead you must have another handle for those objects. Thus, you must have a way to resolve objects into addresses. Which is fine for most purposes but becomes a real problem when you think about the infrastructure that is involved in that resolution. A router, for instance, is typically involved in such process. As such, it's configuration has to be already "resolved". For instance you fall into trouble really fast if you try to resolve a router's policy in terms of objects (dns names or what-have-you). Assuming we agree that a router's policy should be "resolved" and specified in terms of addresses (which i believe we do from the router renumbering efforts i'm aware off) there are basically two ways to go about solving the resolution problem. 1) Notify all the dependents of an object->address mapping of any changes in such mapping. 2) Express the router's policy in terms of objects off-line and periodicly resolve the mappings and feed the resolved policies to the router. My humble opinion is that 1 is basically an untractable problem (and curriously the aproach that has been given more consideration so far). Number 2 is basically the aproach used by a reasonably large network this days... but it is an aproach that is fairly limitative if carried all the way and that requires quite a shift in paradigm. regards, Pedro. btw: just in case you need to be reminded, the opinions expressed above reflect my own personal opinions only and not those of my current employer. From kre@munnari.OZ.AU Fri Feb 19 11:01:03 1999 From: kre@munnari.OZ.AU (Robert Elz) Date: Fri, 19 Feb 1999 22:01:03 +1100 Subject: (ngtrans) Re: 6BONE AUP In-Reply-To: Your message of "Fri, 19 Feb 1999 00:22:49 -0800." <14029.6072.69881.109989@pedrom-ultra.cisco.com> Message-ID: <12238.919422063@munnari.OZ.AU> Date: Fri, 19 Feb 1999 00:22:49 -0800 (PST) From: Pedro Marques Message-ID: <14029.6072.69881.109989@pedrom-ultra.cisco.com> | 2) Express the router's policy in terms of objects off-line and | periodicly resolve the mappings and feed the resolved policies to the | router. This is way too much over specified into implementation detail. Eg: consider a "routing system", consisting of a traditional router, and a general purpose host in a box connected to the router over one of its local net internaces (or any other way). Let the host be the thing that does the resolving of the mappings, and the feeding to the router. That seems like it would fit your model, it might even be yourintent, and certainly seems like it is a way that could work. Now let us notice that the particular router in question is in a big box, and has a big power supply, and that we don't really need quite a lot of the associated peripherals for the host for this particular purpose, so let's move the host processor, and net interface inside the router's big box. This is just a matter of packaging, so this can't make a difference to the model. Now let's avoid the unnecessary net interface by connecting the host that is in the box anyway to the router's backplane - a bunch of hardware glue is needed there, but the model doesn't change. Now let's notice that we have this fairly general purpose host sharing backplane access with the router, so let's decide we can also use that as the the "user interface" into the router - sinking telnet connections, handling SNMP queries, ... getting the info it needs into and out of the router as it needs over the backplane. As I see it, the model still hasn't changed. Now let's decide that miniaturisation is the way to go, and build the router and the host onto a single motherboard, and mount it all in a much smaller box. The model surely hasn't changed - but now by any common perception we have the router doing its own resolving of names into addresses/masks - and nothing that looks at all off-line involved at all. Which of these mechanisms any particular router vendor decides to implement is, of course, entirely up to it - we ought not be attempting to specify the mechanisms by which it is done. All that is important is that it actually be done, somehow, by someone, so users are not left configuring using IP addresses (and for access lists, filter specs, or whatever, this is almost as important for v4 as for v6). kre From perry@piermont.com Fri Feb 19 15:33:53 1999 From: perry@piermont.com (Perry E. Metzger) Date: 19 Feb 1999 10:33:53 -0500 Subject: which list? Message-ID: <87g182flwe.fsf@jekyll.piermont.com> I must admit to having been guilty on this, too, but as most of us are on ngtrans and the 6bone list, maybe we could avoid CCing mail to all three which only really belongs on one of the lists? I realized this morning I'd gotten three or four copies of all the mail that just got sent out... :( Perry From tesi_tlc@ing240.unife.it Fri Feb 19 16:44:26 1999 From: tesi_tlc@ing240.unife.it (Tesi TLC (G. MazzinI)) Date: Fri, 19 Feb 1999 17:44:26 +0100 (MET) Subject: ipv6 tunnel Message-ID: Hello ! We are two students of Italian University We use linux RedHat 5.2 kernel 2.1.126 with modutils 2.1.121. We would to install ipv6 on our linux machine. We are using the Bieriger's HOWTO ! We compiled : inet6-apps0.34 telnet95.10.23..... libcap0.4a6...... tcpdump3.4a.... traceroute1.4a5.... net-tools1.50 chimera2.0a14.... ...................... We don't understand tunnel ipv6 ! Where can we get some information ? We would like to know how to configure ipv6 tunnel ! We don't understand why we must set up sit0 and sit1 ! Anybody can help us ? Thanks Luca & Giancarlo From Adailton J. S. Silva" 6Bone Folks, We are very pleased to announce the Brazilian 6Bone web site at http://www.6bone.rnp.br, and a 6Bone Whois Mirror at http://www.6bone.rnp.br/whois.html. Both sites can be reached throught IPv6 and IPv4 networks. Best Regards, Adailton Silva Brazilian Research Network - Brazil Phone: +55 19 788-2090 Fax: +55 19 788-2094 From perry@piermont.com Fri Feb 19 23:18:12 1999 From: perry@piermont.com (Perry E. Metzger) Date: 19 Feb 1999 18:18:12 -0500 Subject: ipv6 tunnel In-Reply-To: "Tesi TLC's message of "Fri, 19 Feb 1999 17:44:26 +0100 (MET)" References: Message-ID: <873e42dlu3.fsf@jekyll.piermont.com> Hi; You might also want to try asking on the "IPv6 Users" mailing list. The address there is users@ipv6.org -- subscription via majordomo@ipv6.org. You will have to subscribe before posting... Perry "Tesi TLC (G. MazzinI)" writes: > Hello ! > We are two students of Italian University > We use linux RedHat 5.2 kernel 2.1.126 with modutils 2.1.121. > We would to install ipv6 on our linux machine. > We are using the Bieriger's HOWTO ! > We compiled : > inet6-apps0.34 > telnet95.10.23..... > libcap0.4a6...... > tcpdump3.4a.... > traceroute1.4a5.... > net-tools1.50 > chimera2.0a14.... > ...................... > > We don't understand tunnel ipv6 ! > Where can we get some information ? > We would like to know how to configure ipv6 tunnel ! > We don't understand why we must set up sit0 and sit1 ! > Anybody can help us ? > > Thanks > > Luca & Giancarlo > > From vchipitsyn@picard.cs.ohiou.edu Mon Feb 22 07:37:47 1999 From: vchipitsyn@picard.cs.ohiou.edu (Vitaly Chipitsyn) Date: Mon, 22 Feb 1999 02:37:47 -0500 (EST) Subject: Cisco tunnel config Message-ID: <14033.1786.810985.377400@thrawn.cs.ohiou.edu> Hello, everyone. It is me (with my cisco) again. ;) I have found IOS 11.3/IPv6 for Series 2501, and my present problem is that I cannot find a proper way to configure tunnel to our pTLA. Those of you who use ciscos, could you send me any hints? Sections of your `show running-config` as examples will be very helpful. There is a command 'show ipv6 tunnel', but there is no command (none that I could find) under configure-mode that I can use to actually _configure_ a tunnel. Generally, is there any documentation available that covers IPv6 part of Cisco's IOS? I will look for it at www.cisco.com as a CCO-member, so I am basicly asking about documentation other than from Cisco. Thanks. --vc From kre@munnari.OZ.AU Mon Feb 22 11:38:23 1999 From: kre@munnari.OZ.AU (Robert Elz) Date: Mon, 22 Feb 1999 22:38:23 +1100 Subject: (ngtrans) Re: 6BONE AUP In-Reply-To: Your message of "Mon, 22 Feb 1999 12:19:51 BST." <3.0.2.32.19990222121951.009e2510@dokka.maxware.no> Message-ID: <2394.919683503@munnari.OZ.AU> Date: Mon, 22 Feb 1999 12:19:51 +0100 From: Harald Tveit Alvestrand Message-ID: <3.0.2.32.19990222121951.009e2510@dokka.maxware.no> | Doesn't the A6 record have about the right format to do the job? As an RR, yes, it could serve probably (I have not thought about that a lot - an RR to convey the information is about the least of the issues to work out). What's more important to figure out is just what information needs to be conveyed, to whom, and when. Pedro Marques and I engaged in a short exchange about all of this over the weekend - the result was a message which could conceivably be turned into an I-D in one of ngtrans, ipngwg, or even pier if it still exists. I am waiting to hear from the chairs of those groups whether there is any interest. kre From mjoseph@cisco.com Mon Feb 22 12:18:09 1999 From: mjoseph@cisco.com (Mathew Joseph) Date: Mon, 22 Feb 1999 17:48:09 +0530 (IST) Subject: Port number ! Message-ID: <199902221218.RAA24965@dosa.cisco.com> Hi Bob, Can I get the backing of the 6bone net for applying to the IANA/IETF for a port number that would involve IPv6 application Shall send the details of the freeware, once I get your response Thanks Joseph Mathew From hoashkar@idsc1.gov.eg Mon Feb 22 13:22:15 1999 From: hoashkar@idsc1.gov.eg (Hossam El-Ashkar) Date: Mon, 22 Feb 1999 15:22:15 +0200 (EET) Subject: Cisco tunnel config In-Reply-To: <14033.1786.810985.377400@thrawn.cs.ohiou.edu> Message-ID: > I have downloaded your ios image for 1600 routers. There is a > command for the configured tunnel " tunnel mode ipv6ip " in the interface > conf mode. It does not work, the ios does not recognize this command!!! > How can i configure a tunnel?? you are trying this with a tunnel interface? A typical tunnel configuration would look something like this: interface Tunnel0 no ip address ipv6 unnumbered Ethernet0 tunnel source Ethernet0 tunnel destination 130.67.0.1 tunnel mode ipv6ip ! If this doesn't work can you please send us the output of sh ver and sh conf? Thanks, Ole On Mon, 22 Feb 1999, Vitaly Chipitsyn wrote: > Hello, everyone. > > It is me (with my cisco) again. ;) > I have found IOS 11.3/IPv6 for Series 2501, and my present problem is > that I cannot find a proper way to configure tunnel to our > pTLA. Those of you who use ciscos, could you send me any hints? > > Sections of your `show running-config` as examples will be very helpful. > > There is a command 'show ipv6 tunnel', but there is no command (none > that I could find) under configure-mode that I can use to actually > _configure_ a tunnel. > > Generally, is there any documentation available that covers IPv6 part > of Cisco's IOS? I will look for it at www.cisco.com as a CCO-member, > so I am basicly asking about documentation other than from Cisco. > > Thanks. > --vc > -------------------------------------------------------------- Hossam El-Ashkar IDSC/RITSEC - Communication Dept. hoashkar@idsc1.gov.eg From cnguyen@triton-network.com Mon Feb 22 14:22:12 1999 From: cnguyen@triton-network.com (Cung Nguyen) Date: Mon, 22 Feb 1999 09:22:12 -0500 Subject: Cisco tunnel config Message-ID: <60731098BE78D211B37700A0C9899A801513CA@triton.triton-network.com> I believe there are several books that may be of help to your research: 1) Implementing IPV6 by Mark Miller 2) Internetworking IPV6 w/ Cisco routers by Silvano Gai There are also others and you can look them up in amazon.com web site. Hope that helps! Sounds like the configuration command may be a subset of the IPV6 configuration command. ================= Cung Nguyen Triton Network Systems Inc. 407.903.2052 or cnguyen@triton-network.com > -----Original Message----- > From: Vitaly Chipitsyn [SMTP:vchipitsyn@picard.cs.ohiou.edu] > Sent: Monday, February 22, 1999 2:38 AM > To: 6bone Mailing List > Subject: Cisco tunnel config > > Hello, everyone. > > It is me (with my cisco) again. ;) > I have found IOS 11.3/IPv6 for Series 2501, and my present problem is > that I cannot find a proper way to configure tunnel to our > pTLA. Those of you who use ciscos, could you send me any hints? > > Sections of your `show running-config` as examples will be very > helpful. > > There is a command 'show ipv6 tunnel', but there is no command (none > that I could find) under configure-mode that I can use to actually > _configure_ a tunnel. > > Generally, is there any documentation available that covers IPv6 part > of Cisco's IOS? I will look for it at www.cisco.com as a CCO-member, > so I am basicly asking about documentation other than from Cisco. > > Thanks. > --vc From fink@es.net Mon Feb 22 15:44:40 1999 From: fink@es.net (Bob Fink) Date: Mon, 22 Feb 1999 07:44:40 -0800 Subject: Port number ! In-Reply-To: <199902221218.RAA24965@dosa.cisco.com> Message-ID: <4.1.19990222074142.00b01c40@imap2.es.net> Mathew, At 05:48 PM 2/22/99 +0530, Mathew Joseph wrote: >Hi Bob, > >Can I get the backing >of the 6bone net for >applying to the IANA/IETF >for a port number that >would involve IPv6 application > >Shall send the details of the >freeware, once I get your response Have to admit to not knowing how to respond to this. Maybe one of our ADs (Harald or Bert) could reply to this. Anyone else know what the policy is re getting port numbers, what it takes, who really does it, etc. (not clear the 6bone has any place in this at all)? Thanks, Bob From Jose.J.Serrano@uv.es Mon Feb 22 13:59:44 1999 From: Jose.J.Serrano@uv.es (Jose Joaquin Serrano Rodenas) Date: Mon, 22 Feb 1999 14:59:44 +0100 (MET) Subject: Cisco tunnel config In-Reply-To: <14033.1786.810985.377400@thrawn.cs.ohiou.edu> Message-ID: On Mon, 22 Feb 1999, Vitaly Chipitsyn wrote: > Hello, everyone. > > It is me (with my cisco) again. ;) > I have found IOS 11.3/IPv6 for Series 2501, and my present problem is > that I cannot find a proper way to configure tunnel to our > pTLA. Those of you who use ciscos, could you send me any hints? > > Sections of your `show running-config` as examples will be very helpful. > > There is a command 'show ipv6 tunnel', but there is no command (none > that I could find) under configure-mode that I can use to actually > _configure_ a tunnel. > > Generally, is there any documentation available that covers IPv6 part > of Cisco's IOS? I will look for it at www.cisco.com as a CCO-member, > so I am basicly asking about documentation other than from Cisco. > > Thanks. > --vc Hello. Here is my tunnel configuration interface Tunnel0 description Tunel hacia RedIris (IPv6) no ip address ipv6 enable ipv6 address tunnel source tunnel destination tunnel mode ipv6ip ! interface Ethernet0 ip address 147.156.1.131 255.255.128.0 ip pim dense-mode ipv6 address ! This configuration work good. To configure the ipv6 tunnel you should use the same command that to configure a ipv4 tunnel bye. Jose Serrano From Alain.Durand@imag.fr Mon Feb 22 15:51:06 1999 From: Alain.Durand@imag.fr (Alain Durand) Date: Mon, 22 Feb 1999 16:51:06 +0100 Subject: Port number ! In-Reply-To: <4.1.19990222074142.00b01c40@imap2.es.net> References: <199902221218.RAA24965@dosa.cisco.com> Message-ID: <4.2.0.24.19990222164733.00a3a3e0@brahma.imag.fr> At 07:44 22/02/99 -0800, Bob Fink wrote: >Anyone else know what the policy is re getting port numbers, what it takes, >who really does it, etc. (not clear the 6bone has any place in this at all)? Years ago (maybe it was easier at the time) I asked IANA for a port number. I first had to give them a short description of the protocol to argue if/why I needed a "privilege" one (<1024). Later on I send them a draft documenting the protocol itself. - Alain. From cross@eng.us.uu.net Mon Feb 22 16:08:35 1999 From: cross@eng.us.uu.net (Chris P. Ross) Date: Mon, 22 Feb 1999 11:08:35 -0500 (EST) Subject: Cisco tunnel config In-Reply-To: Vitaly Chipitsyn's message of Mon, 22 February 1999 02:37:47 -0500 <14033.1786.810985.377400@thrawn.cs.ohiou.edu> References: <14033.1786.810985.377400@thrawn.cs.ohiou.edu> Message-ID: <14033.33027.323431.150145@ballista.eng.us.uu.net> Vitaly Chipitsyn said: > Hello, everyone. > It is me (with my cisco) again. ;) > I have found IOS 11.3/IPv6 for Series 2501, and my present problem is > that I cannot find a proper way to configure tunnel to our > pTLA. Those of you who use ciscos, could you send me any hints? > Sections of your `show running-config` as examples will be very helpful. It's just part of a "normal" tunnel configuration, except you need to set the mode to "ipv6ip", via "tunnel mode". My tunnel to UUNET-UK looks [about] like: interface Tunnel6 description IPv6 in IPv4 tunnel to UUNET-UK (6r1.paloalto.ip6.pipex.net) no ip address ipv6 address tunnel source tunnel destination tunnel mode ipv6ip > There is a command 'show ipv6 tunnel', but there is no command (none > that I could find) under configure-mode that I can use to actually > _configure_ a tunnel. > Generally, is there any documentation available that covers IPv6 part > of Cisco's IOS? I will look for it at www.cisco.com as a CCO-member, > so I am basicly asking about documentation other than from Cisco. When I originally got IPv6 code from my Cisco rep, before it was made available to CCO members from their web page (4 months ago?) I also got from him a commands.txt file that contained information on the changes made in the IPv6 code base, and how to configure the IPv6 bits. You might ask your cisco rep for such a thing. I suppose I could also ask mine if it would be alright to contribute this document to the 6bone.net web page, or a link therefrom... - Chris -- Chris P. Ross UUNET Technologies, Inc. cross@eng.us.uu.net R & D / Engineering cross@uu.net From jabley@clear.co.nz Tue Feb 23 10:13:45 1999 From: jabley@clear.co.nz (Joe Abley) Date: Tue, 23 Feb 1999 23:13:45 +1300 Subject: v6 numbering confusion Message-ID: <19990223231345.D29663@clear.co.nz> Hi all, I'm currently pestering pTLAs and pNLAs to accept tunnels from us as we take our first stab at a test v6 deployment. Our main motives for testing at this stage are to get a firm grip of the administrative issues surrounding the operation of a diversely-connected v6 network, including application of route policy and associated filtering, and processes for the delegation of addresses to downstream customer networks. One issue that confuses me slightly is that of the aggregation of addresses. If one pTLA delegates a 48-bit prefix to us, should we then announce that prefix to any successive pTLAs who allow us to build a tunnel to them? This sounds a bit like the hole-punching that abounds with current IPv4 numbering and aggregation. Isn't this a bad thing? Have I missed some basic point? [probably -- please bear with me; I'm still learning :)] Joe From Erich.Meier@informatik.uni-erlangen.de Wed Feb 24 15:47:17 1999 From: Erich.Meier@informatik.uni-erlangen.de (Erich Meier) Date: Wed, 24 Feb 1999 16:47:17 +0100 Subject: Cisco tunnel config In-Reply-To: <14033.33027.323431.150145@ballista.eng.us.uu.net>; from Chris P. Ross on Mon, Feb 22, 1999 at 11:08:35AM -0500 References: <14033.1786.810985.377400@thrawn.cs.ohiou.edu> <14033.33027.323431.150145@ballista.eng.us.uu.net> Message-ID: <19990224164717.B7757@avalon.informatik.uni-erlangen.de> > When I originally got IPv6 code from my Cisco rep, before it was > made available to CCO members from their web page (4 months ago?) I > also got from him a commands.txt file that contained information on > the changes made in the IPv6 code base, and how to configure the IPv6 > bits. You might ask your cisco rep for such a thing. This file is also available via CCO, just like the IOS image. Erich From jabley@clear.co.nz Wed Feb 24 12:04:26 1999 From: jabley@clear.co.nz (Joe Abley) Date: Thu, 25 Feb 1999 01:04:26 +1300 Subject: v6 route reflector Message-ID: <19990225010426.D36253@clear.co.nz> Hi again, I forgot to mention - if it would be helpful to anybody else to obtain an occasional glance at the routing tables from the other side of the network, you are welcome to telnet to ng1.acld.clix.net.nz using username "guest" and password "joshua5". ng1.acld talks (well, listens to, mainly) BGP4+ to cisco, sprint and bt-labs, and also RIPng to digital australia. This is an experimental router, so if someone decides to exploit Hideous Bugs in Cisco Telnet and blow the thing up, we'll live :) Joe From jabley@clear.co.nz Wed Feb 24 11:56:46 1999 From: jabley@clear.co.nz (Joe Abley) Date: Thu, 25 Feb 1999 00:56:46 +1300 Subject: v6 numbering confusion In-Reply-To: <19990223231345.D29663@clear.co.nz>; from Joe Abley on Tue, Feb 23, 1999 at 11:13:45PM +1300 References: <19990223231345.D29663@clear.co.nz> Message-ID: <19990225005645.C36253@clear.co.nz> Me again :) On Tue, Feb 23, 1999 at 11:13:45PM +1300, Joe Abley wrote: > > One issue that confuses me slightly is that of the aggregation of addresses. > If one pTLA delegates a 48-bit prefix to us, should we then announce that > prefix to any successive pTLAs who allow us to build a tunnel to them? > > This sounds a bit like the hole-punching that abounds with current IPv4 > numbering and aggregation. Isn't this a bad thing? OK. A couple of people got back to me on this, but the answers seem strange... and not entirely in-line with what I am finding when setting up some v6 over v4 tunnels around the place. The advice I got was that if pTLA (a) delegates prefix P(a) to me, and pTLA (b) delegates prefix P(b) to me, then I should not advertise P(a) to pTLA (b) [and vice versa], since it breaks the aggregation model. That makes sense. Kind of. However, there are a few complications that I can see: 1. If I am assigned n prefixes from n pTLAs to whom I connect, then I end up with n different unicast addresses for every v6-capable host in my network. If one of the pTLA tunnels is down, then the corresponding host addresses (taken from within the corresponding prefix) are unreachable. If I am using round-robin DNS to spread load across different host addresses, then in this failure mode my hosts are unreachable 1/n of the time, and any TCP sessions using the affected unicast address will die following the failure. Hmm. 2. If I delegate addresses to our customers (we have customers who want to join via our v6 network), it seems as though I need to delegate n prefixes to each customer, and they need to number each of _their_ hosts n times as well. Didn't the renumbering problem just get n times worse? On a completely different topic, I have noticed that some 6bone experimenters are happy to number the point-to-point tunnel networks between their routers and mine using quite short-prefix subnets (e.g. 64 bits), whilst others are super-frugal and use prefixes as long as 127 bits. Is there a convention developing about numbering point-to-point circuits? Joe From marsman@telin.nl Wed Feb 24 09:34:27 1999 From: marsman@telin.nl (J. Marsman) Date: Wed, 24 Feb 1999 10:34:27 +0100 Subject: IPv6: Enet. problem Message-ID: <36D3C7A3.193FEC81@telin.nl> This is a multi-part message in MIME format. --------------8E8A16F452A42C94ECB512DE Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Hello all, We are trying to set up an IPv6 network for testing QoS and IPv6 Sec. At the moment we have two Win NT 4.0 machines configured with IPv6, these two machines can Ping each other. After this we configured a Linux machine with kernel 2.2.1 and so on. This machine can ping itself and, as far as we can see, works fine. The problem is we cannot ping the NT machine from the Linux machine or the Linux machin from the NT machine. After some packet sniffering with NetMon with the IPv6 update from microsoft we found that on ethernet level the ping from the NT machine used Etype: 0x0800. On the other hand the ping from the linux machine used Etype 0x86DD, as far as we know this is the standard etype for IPv6. Can this differenc in etype be a problem? Are there known problems with pinging from NT to linux and backwards? HOw to solve...... Regards, Jan Marsman Marsman@telin.nl --------------8E8A16F452A42C94ECB512DE Content-Type: message/rfc822 Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-ID: <36D3BE42.C2BB9BCF@telin.nl> Date: Wed, 24 Feb 1999 09:54:26 +0100 From: Jan Marsman Organization: Telematica Instituut X-Mailer: Mozilla 4.06 [en] (WinNT; I) MIME-Version: 1.0 To: 6bone@ici.edu, msripv6-users@list.research.microsoft.com Subject: IPv6: Enet. problem Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Hello all, We are trying to set up an IPv6 network for testing QoS and IPv6 Sec. At the moment we have two Win NT 4.0 machines configured with IPv6, these two machines can Ping each other. After this we configured a Linux machine with kernel 2.2.1 and so on. This machine can ping itself and, as far as we can see, works fine. The problem is we cannot ping the NT machine from the Linux machine or the Linux machin from the NT machine. After some packet sniffering with NetMon with the IPv6 update from microsoft we found that on ethernet level the ping from the NT machine used Etype: 0x0800. On the other hand the ping from the linux machine used Etype 0x86DD, as far as we know this is the standard etype for IPv6. Can this differenc in etype be a problem? Are there known problems with pinging from NT to linux and backwards? HOw to solve...... Regards, Jan Marsman Marsman@telin.nl --------------8E8A16F452A42C94ECB512DE-- From crawdad@fnal.gov Wed Feb 24 17:53:47 1999 From: crawdad@fnal.gov (Matt Crawford) Date: Wed, 24 Feb 1999 11:53:47 -0600 Subject: IPv6: Enet. problem In-Reply-To: Your message of Wed, 24 Feb 1999 10:34:27 +0100. <36D3C7A3.193FEC81@telin.nl> Message-ID: <199902241753.LAA06520@gungnir.fnal.gov> Were the NT machines sending native IPv6 or were they using tunnels or "6 over 4" encapsulation? In other words, following the ethernet header with type 0x0800, was there an IPv4 header with protocol = 41 decimal? Or was it an IPv6 header? The former would be a configuration error, the latter would be very puzzling. ______________________________________________________________________________ Matt Crawford crawdad@fnal.gov Fermilab "A5.1.5.2.7.1. Remove all classified and CCI boards from the COMSEC equipment, thoroughly smash them with a hammer or an ax, and scatter the pieces." From richdr@microsoft.com Wed Feb 24 18:26:37 1999 From: richdr@microsoft.com (Richard Draves) Date: Wed, 24 Feb 1999 10:26:37 -0800 Subject: FW: IPv6: Enet. problem Message-ID: <4D0A23B3F74DD111ACCD00805F31D8100AF81DBD@RED-MSG-50> -----Original Message----- From: Richard Draves Sent: Wednesday, February 24, 1999 9:49 AM To: 'J. Marsman' Cc: 6bone@ici.edu; msripv6-users@list.research.microsoft.com Subject: RE: IPv6: Enet. problem > We are trying to set up an IPv6 network for testing QoS and > IPv6 Sec. At > the moment we have two Win NT 4.0 machines configured with IPv6, these > two machines can Ping each other. After this we configured a Linux > machine with kernel 2.2.1 and so on. This machine can ping itself and, > as far as we can see, works fine. > The problem is we cannot ping the NT machine from the Linux machine or > the Linux machin from the NT machine. > After some packet sniffering with NetMon with the IPv6 update from > microsoft we found that on ethernet level the ping from the NT machine > used Etype: 0x0800. > On the other hand the ping from the linux machine used Etype > 0x86DD, as > far as we know this is the standard etype for IPv6. > > Can this differenc in etype be a problem? Are there known > problems with > pinging from NT to linux and backwards? HOw to solve...... Our implementation uses the standard ethertype and it does interoperate with Linux. I suspect that you are confusing the 6over4 interface/link-local addresses with the ethernet interface/link-local addresses. When you use the "ipv6 if" command to list the interfaces on your NT machine, it will show an ethernet interface and a 6over4 interface. (You can tell them apart because the 6over4 interface will have a v4 address as its link-layer address.) Be sure to use the ethernet interface and its associated addresses when communicating with Linux. Rich From jabley@clear.co.nz Thu Feb 25 22:35:49 1999 From: jabley@clear.co.nz (Joe Abley) Date: Fri, 26 Feb 1999 11:35:49 +1300 Subject: Protocol number for IPv6 in IPv4 tunnel Message-ID: <19990226113549.A44596@clear.co.nz> Hi, What's the protocol number seen by an IPv4-snooping device when it encounters an IPv4-encapsulated IPv6 packet? Is it 41? In case it makes a difference (and I doubt it does) we are terminating our tunnels on a cisco router using the "ipv6ip" tunnel mode. Appreciated, Joe From tseidmann@SIMULTAN.CH Fri Feb 26 06:42:28 1999 From: tseidmann@SIMULTAN.CH (Thomas Seidmann) Date: Fri, 26 Feb 1999 07:42:28 +0100 Subject: Protocol number for IPv6 in IPv4 tunnel References: <19990226113549.A44596@clear.co.nz> Message-ID: <36D64254.B16D50D8@simultan.ch> Joe Abley wrote: > What's the protocol number seen by an IPv4-snooping device when it encounters > an IPv4-encapsulated IPv6 packet? Is it 41? That's right, 41. Thomas From keith.jamieson@bt.com Fri Feb 26 14:38:23 1999 From: keith.jamieson@bt.com (keith.jamieson@bt.com) Date: Fri, 26 Feb 1999 14:38:23 -0000 Subject: Ping IPv6 ONLY ? Message-ID: <97E01B170FC1D211B8EB0000F8FE9E076AA258@mbtlipnt03.btlabs.bt.co.uk> To All I have set up 1) my Sun Ultra 10 with Solaris 7 and the IPv6 patches, from the playground. 2) the /etc/hosts and /etc/hosts6 to include all hosts on my subnet. 3) the DNS server with IPv6 hosts 4) the /etc/nsswitch.conf for files then dns for hosts and hosts6 I can 1) Ping IPv6 address longhand ( ping ::1 , ping fec0:f1::a00:20ff:fxxx.xxxx.xxxx ) 2) nslookup, set q=aaaa and enter host names and get IPv6 address returned. I cannot 1) ping hostname 2) telnet hostname 3) ftp ......... PLEASE - Can anyone help ? Is the sun package for IPv4 and IPv6 or is it just IPv6 ? - I think the former, suspect that the lower lying libraries are IPv4 only. Keith Keith Jamieson * keith.jamieson@bt.com * 01473 641662 From dewell@woods.net Fri Feb 26 18:33:53 1999 From: dewell@woods.net (dewell@woods.net) Date: Fri, 26 Feb 1999 09:33:53 -0900 (AKST) Subject: Ping IPv6 ONLY ? In-Reply-To: <97E01B170FC1D211B8EB0000F8FE9E076AA258@mbtlipnt03.btlabs.bt.co.uk> References: <97E01B170FC1D211B8EB0000F8FE9E076AA258@mbtlipnt03.btlabs.bt.co.uk> Message-ID: <14038.59665.446391.666527@snowy.woods.net> It sounds like you are using old packages, perhaps the 2.5.1 version on Solaris 7? It is not going to work properly if so. BUT, the old stuff used to put the utilities in /usr/ipv6/bin and /usr/ipv6/sbin, are those first in your path? If not, you would get the IPv4 binaries from /usr/bin and /usr/sbin. Of course all this is changed in the newer releases... I suspect that installing the 2.5.1 version of the package on Solaris 7 wouldn't work, but if it did, it would probably do what you are saying it does. Suggestion: if it is called something like ipv6_5.3.tar.Z, don't use it. Note that the date on that file is two years ago or so... Remove it, and work on getting the Solaris 7 package. http://www.sun.com/solaris/ipv6/ That's the site for Solaris IPv6, however, last I checked (three days ago), it hadn't been updated since sometime the middle of 1997. (Sun: this page *really* needs to be updated. Really it does. Actually, the page that it refers to needs to be updated.) keith.jamieson@bt.com wrote: > To All > > I have set up > 1) my Sun Ultra 10 with Solaris 7 and the IPv6 patches, from the playground. > 2) the /etc/hosts and /etc/hosts6 to include all hosts on my subnet. > 3) the DNS server with IPv6 hosts > 4) the /etc/nsswitch.conf for files then dns for hosts and hosts6 > > I can > 1) Ping IPv6 address longhand ( ping ::1 , ping > fec0:f1::a00:20ff:fxxx.xxxx.xxxx ) > 2) nslookup, set q=aaaa and enter host names and get IPv6 address returned. > > I cannot > 1) ping hostname > 2) telnet hostname > 3) ftp ......... > > PLEASE - Can anyone help ? > > Is the sun package for IPv4 and IPv6 or is it just IPv6 ? - I think the > former, suspect that the lower lying libraries are IPv4 only. > > Keith > > Keith Jamieson > * keith.jamieson@bt.com > * 01473 641662 _______________________________________________________________________ |Aaron Dewell ===> dewell@woods.net | |aka local guru ===> dewell@greatland.net | |http://www.woods.net/~dewell http://www.woods.net/ | |PGP keyid 0x0D12A6B9 available from http://keys.pgp.com/ | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~