A while back, I subscribed to Hurricane's TunnelBroker and I got my own networks, a /48 and a /64. However, this IPv6 was not one of them, and I was really sure that the tunnel was done. Actually, the tunnel terminated on a small cisco router that's been sitting quietly in a cupboard for a few weeks.
Here is the output of my "ifconfig":
em1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.0.6 netmask 255.255.255.0 broadcast 10.0.0.255
inet6 2a00:1028:838a:1d8e:21d:60ff:fe04:f31c prefixlen 64 scopeid 0x0<global>
inet6 fe80::21d:60ff:fe04:f31c prefixlen 64 scopeid 0x20<link>
ether 00:1d:60:04:f3:1c txqueuelen 1000 (Ethernet)
RX packets 442625 bytes 241048181 (229.8 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 482924 bytes 92626306 (88.3 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
The IPv6 2a00:1028:838a:1d8e:21d:60ff:fe04:f31c subnet belongs to my provider, O2 Czech Republic (or Telefonica). So ... My ISP supports native IPv6? Cool!
Let's go further: as there is nothing in my small router's web interface, let's have a look through the CLI. Yep, both the inside (br0) and outside (ppp0) interfaces have IPv6. Quite expected!
br0 Link encap:Ethernet HWaddr B0:B2:DC:16:3A:4C
inet addr:10.0.0.138 Bcast:10.0.0.255 Mask:255.255.255.0
inet6 addr: 2a00:1028:838a:1d8e::1/64 Scope:Global
inet6 addr: fe80::1/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3932310 errors:0 dropped:0 overruns:0 frame:0
TX packets:4920649 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:633818668 (604.4 MiB) TX bytes:43890958 (41.8 MiB)
ppp0 Link encap:Point-Point Protocol
inet addr:10.226.135.99 P-t-P:88.103.200.41 Mask:255.255.255.255
inet6 addr: 2a00:1028:838a:1d8c::1/64 Scope:Global
inet6 addr: fe80::b2b2:dcff:fe16:3a4c/10 Scope:Link
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1
RX packets:4873418 errors:0 dropped:0 overruns:0 frame:0
TX packets:3806955 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:4266450464 (3.9 GiB) TX bytes:623147288 (594.2 MiB)
When confronted to that, my first reaction is "Gosh! Firewall!". Here, that's fine: the firewall is configured to block everything that's not originating inside. This is confirmed by an online IPv6 scanner.
But then: "what if I put a rule that allows an IP on the Inside to be pinged from the Internet?"
Let's try it. It's only a try so I put the entry directly into the IPv6 FORWARD table. I found several sites that offer the ability to run a ping test to an IPv6 host. Here is the one I used. As expected, there are replies, versus none before the line was added.
Weird part is I do remember checking a few weeks ago and I had no IPv6 connectivity. So what happened?
On New Year's eve, my previous provider's supplied router died. So after a few calls and a few days, a tech from O2 showed up with a new router. I didn't really pay attention at the time, as I was quite busy with a number of other things.
The Model Number is P-660HN-T3A_IPv6, apparently a model specific to O2. When I looked up on the Zyxel website, I couldn't find any matching firmware; the latest vendor provided firmware dates back to 2011. Searching for "O2 IPv6" returns a few hits. However and funnily enough, it states that the P-66HN-T3A doesn't support IPv6 yet ...
Now, I have to contact my server hosting company in France, so they activate IPv6 as well.
And one more task on my to-do list: continue playing with IPv6.
No comments:
Post a Comment