IPv6 (6in4) Tunnelbroker Setup

knulf · February 23, 2021, 7:48pm

My tunnel endpoint is: 2001:470:XXX:XX::2/64
The routed /48 prefix: 2001:470:YYYY::/48

I basically followed the setup in this script.
You can also find most of my config in my original post. Let me know if there's anything else that might help.

Does this look better:

root@OpenWrt:~# ip -6 route show
default from 2001:470:YYY::/48 dev 6in4-henet proto static metric 1024 pref medium
unreachable 2001:470:YYY::/48 dev lo proto static metric 2147483647 error 4294967148 pref medium
fd23:3587:3330::/64 dev br-lan proto static metric 1024 pref medium
unreachable fd23:3587:3330::/48 dev lo proto static metric 2147483647 error 4294967148 pref medium
fe80::/64 dev eth0 proto kernel metric 256 pref medium
fe80::/64 dev eth0.2 proto kernel metric 256 pref medium
fe80::/64 dev br-lan proto kernel metric 256 pref medium
fe80::/64 dev wlan1 proto kernel metric 256 pref medium
fe80::/64 dev wlan0 proto kernel metric 256 pref medium
fe80::/64 dev 6in4-henet proto kernel metric 256 pref medium

dl12345 · February 23, 2021, 7:52pm

Start out by trying what I suggested. Ping the ipv4 and ipv6 tunnel endpoints. See if they reply

knulf · February 23, 2021, 8:12pm

Sorry, didn't see your additional post before.
Pinging the ipv4 addresses works.
Ping to the client ipv6 (2001:470:XXXX:XX::2) works.
Only pinging the tunnel server ipv6 address does not work:

PING 2001:470:XXXX:XX::1 (2001:470:XXXX:XX::1): 56 data bytes
ping6: sendto: Permission denied

dl12345 · February 23, 2021, 8:37pm

So this indicates an incorrect config, since you cannot ping the remote endpoint

lcsaszar · February 24, 2021, 10:51am

Only half success
I configure a static route, but it disappears after a network restart:

root@OpenWrt:/etc/config# ip -6 route add default via 2001:xxxxxx6::1 dev 6in4-wan6

root@OpenWrt:/etc/config# ip -6 route
2001:xxxxxxx6::/64 dev 6in4-wan6 proto kernel metric 256 pref medium
2001:xxxxxxx5::/64 dev br-lan proto static metric 1024 pref medium
unreachable 2001:xxxxxxx5::/64 dev lo proto static metric 2147483647 pref medium
fd31:xxxxxxx1::/64 dev br-lan proto static metric 1024 pref medium
unreachable fd31:xxxxxxx::/48 dev lo proto static metric 2147483647 pref medium
fe80::/64 dev br-lan proto kernel metric 256 pref medium
fe80::/64 dev eth1 proto kernel metric 256 pref medium
fe80::/64 dev 6in4-wan6 proto kernel metric 256 pref medium
fe80::/64 dev ifb4eth1 proto kernel metric 256 pref medium
default via 2001:xxxxxxx6::1 dev 6in4-wan6 metric 1024 pref medium

root@OpenWrt:/etc/config# /etc/init.d/network restart
'radio0' is disabled
root@OpenWrt:/etc/config# ip -6 route
2001:xxxxxxx6::/64 dev 6in4-wan6 proto kernel metric 256 pref medium
2001:xxxxxxx5::/64 dev br-lan proto static metric 1024 pref medium
unreachable 2001:xxxxxxx5::/64 dev lo proto static metric 2147483647 pref medium
fd31:xxxxxxx:1::/64 dev br-lan proto static metric 1024 pref medium
unreachable fd31:xxxxxxx::/48 dev lo proto static metric 2147483647 pref medium
fe80::/64 dev ifb4eth1 proto kernel metric 256 pref medium
fe80::/64 dev br-lan proto kernel metric 256 pref medium
fe80::/64 dev eth1 proto kernel metric 256 pref medium
fe80::/64 dev 6in4-wan6 proto kernel metric 256 pref medium

How could I make it permanent? I could not figure out how do I add the static route in /etc/config/network or via LuCi. The default route that I configured on CLI does not appear in /etc/config/network, but it will show up in LuCi (until a network restart):

Perhaps the static keyword is missing.

trendy · February 24, 2021, 11:06am

https://openwrt.org/docs/guide-user/network/routes_configuration#ipv6_routes

lcsaszar · February 24, 2021, 11:30am

I added this section in /etc/config/network

config route6
        option interface wan6'
        option target '::/0'
        option gateway '2001:xxxxxxx6::1/64'
        option table 'main'
        optiin proto 'static'
        option metric '1'
        option type 'unicast'

This remains there after a network restart. However it does not appear in LuCi. Only if I add a default route via CLI then it will appear for network 6in4-wan6 in LuCi and the tunnel would work. My problem is that

the route6 section in /etc/config/network has no effect (at least for the 6in4 tunnel)
the default IPv6 route entered via CLI is not persistent

vgaetera · February 24, 2021, 11:53am

There's a typo:

Validate all configs to make sure there are no more problems like that:
https://openwrt.org/docs/guide-user/base-system/uci#corrupted_configs

lcsaszar · February 24, 2021, 11:59am

Indeed, thanks for spotting it. I fixed this but it did not change anything.

vgaetera · February 24, 2021, 2:34pm

Specify only interface and target, and remove other options.

ifup wan6; sleep 5; ip -6 route show default

lcsaszar · February 24, 2021, 5:19pm

This made it, thanks.