6bone access from behind NAT

[Michael Kjorling]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

If you don't mind the question, why on Earth do you want to NAT with
IPv6? I read somewhere that IPv6 addresses allow each and every
molecule on the planet to have its own IP address - I haven't checked
that but there are tons of IPv6 addresses available. You get a 64-bit
part (or is it even 80 bits?) to use any way you like; MAC addresses
which are used on Ethernet networks are 48 bits long. Lots of room to
spare even if you'd have every Ethernet card in the world on your LAN.

Also, I noted this in the 'ipv6 if' output:

> Interface 3 (site 1): 6-over-4 Virtual Interface
>   uses Neighbor Discovery
>   sends Router Advertisements
>   forwards packets
>   link-level address: 192.168.50.1
>     preferred address fe80::c0a8:3201, infinite/infinite

Just a question to the gurus here - wouldn't the address be
2001:c0a8:3201::? http://www.6bone.net/6bone_6to4.html seems to imply
this, if I read the text correctly: "A special IPv6 routing prefix
(2002::/16) is used to indicate that the remaining 32-bits of the
external routing prefix contain the IPv4 end-point address of a
boundary IPv6 router for that site that will respond to IPv6 in IPv4
encapsulation."

And here's a suggestion for you: tracert6. What does it output? How
far do you get?


Michael Kjörling


On Dec 6 2001 11:18 -0500, Dan Perry wrote:

> Hi all,
> 	I'm trying (unsuccessfully) to connect a small network of
> windows 2000 machines to the 6bone.  Originally, I had one machine
> running the standard Windows NAT service, and that server had one NIC
> connected directly to the DSL line, and the other to the private
> network.   I had that server running as a 6to4 router, and everything
> worked fine.   However, I've since replaced that server with a common
> hardware cable/DSL router.   I've configured that new router to forward
> all incoming packets to the old server.   The old server current has one
> NIC now.
> 	I've been trying to use freenet6's tunnel broker service to
> connect to the 6bone.   At first this failed as the server had a private
> IP.  However, I changed the tspc.conf file to include the external IP
> provided by my ISP as the v4 address used for the tunnel.   After doing
> this, the tunnel seems to set itself up properly.   However, I'm not
> able to ping anything but the server, or any other machine with IPv6 on
> my private network.   Can anyone point out something that I need to do
> in order to get this to work?
>
> Here are some outputs from the command line on the server I'm trying to
> create a 6to4 router on:
>
>
> C:\>ping6 www.6bone.net
>
> Pinging 6bone.net [3ffe:b00:c18:1::10] with 32 bytes of data:
>
> Request timed out.
> Request timed out.
>
> C:\>ping6 perr2187.tsps1.freenet6.net
>
> Pinging perr2187.tsps1.freenet6.net [3ffe:b80:2:2f4e::2] with 32 bytes
> of data:
>
> Reply from 3ffe:b80:2:2f4e::2: bytes=32 time<1ms
> Reply from 3ffe:b80:2:2f4e::2: bytes=32 time<1ms
>
>
> C:\>ipv6 if
> /ipv6 output snipped/
>
> C:\>ipv6 rt
> ::/0 -> 2 pref 0 (lifetime infinite, publish, no aging) 2002::/16 -> 2
> pref 0 (lifetime 1800s, publish, no aging) ::/96 -> 2 pref 0 (lifetime
> infinite)
>
>
> As you can probably tell, I'm relatively new to IPv6, but any comments
> or suggestions would be greatly appreciated.
>
> Thanks,
>
> Dan

- -- 
Michael Kjörling  --  Programmer/Network administrator  ^..^
PGP: 95f1 074d 336d f8f0 f297 6a5b 2aa3 7bfd 8a70 e33e   \/
Internet: michael@kjorling.com -- FidoNet: 2:204/254.4

"There is something to be said about not trying to be glamorous
and popular and cool. Just be real -- and life will be real."
(Joyce Sequichie Hifler, September 13 2001, www.hifler.com)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Public key is at http://michael.kjorling.com/contact/pgp.html

iD8DBQE8D8uXKqN7/Ypw4z4RAp1CAJ9Aiy143lIEFnma23ITBrYOzYTlwACgw/vM
FbGWIXTEa9JB8hmlGrKDKW8=
=Az7Q
-----END PGP SIGNATURE-----