I tried following the guide at
https://tools.bitfolk.com/wiki/IPv6/VPNs
to set up a tunnel between my VPS and a machine at home (both running
Debian testing), the plan being to give out v6 addresses to the machines
at home.
I have a /56 assigned to my VPS (2001:ba8:1f1:a00/56), and the VPS's
eth0 has 2001:ba8:1f1:a00::2 assigned to it as well as an IP from the
original /64 (2001:ba8:1f1:f07a::2). The IPv6 on there seems to work
fine (I can ping ipv6.google.com etc.).
The two ends are assigned IPs in 2001:ba8:1f1:a01::/64 - the VPS has
::1, the machine at the other end ::2.
When I start tinc on both machines, I can ping the other endpoint IPs
(i.e. ::2 from the VPS, ::1 from the machine at home) as well as the
VPS's other IPs (i.e. I can ping the IP from the original /64 from
home), but the machine at home can't get to anything beyond the VPS.
On the VPS (ra):
tinc.conf
Name = ra
ConnectTo = camulus
Interface = camulus
Device = /dev/net/tun
DeviceType = tap
BindToAddress = 85.119.82.221
Port = 655
Mode = switch
tinc-up
#!/bin/sh
ip address add 2001:ba8:1f1:a01::1/64 dev $INTERFACE
ip link set dev $INTERFACE promisc on
ip link set dev $INTERFACE up
exit 0
On camulus:
Name = camulus
ConnectTo = ra
Interface = ra
Device = /dev/net/tun
DeviceType = tap
BindToAddress = 192.168.1.13
Port = 655
Mode = switch
tinc-up
#!/bin/sh
ip -6 addr add 2001:ba8:1f1:a01::2/64 dev $INTERFACE
ip link set dev $INTERFACE promisc on
ip link set dev $INTERFACE up
ip -6 route add default via 2001:ba8:1f1:a01::1 dev $INTERFACE
exit 0
On both:
hosts/camulus
Port 655
-----BEGIN RSA PUBLIC KEY-----
-----END RSA PUBLIC KEY-----
hosts/ra
Address = 85.119.82.221
Port = 655
-----BEGIN RSA PUBLIC KEY-----
-----END RSA PUBLIC KEY-----
What am I missing?
Cheers,
Stuart
From chris@??? Tue Jul 17 11:21:53 2012
Received: from equinox.loggytronic.net ([85.119.82.64])
by mail.bitfolk.com with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32)
(Exim 4.72) (envelope-from <chris@???>)
id 1Sr5qj-0007GF-GF
for users@???; Tue, 17 Jul 2012 11:21:53 +0000
Received: from [143.53.47.14] by equinox.loggytronic.net with esmtpsa
(TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.72)
(envelope-from <chris@???>) id 1Sr5qY-0007le-VT
for users@???; Tue, 17 Jul 2012 12:21:43 +0100
Message-ID: <50054AC9.3090902@???>
Date: Tue, 17 Jul 2012 12:21:45 +0100
From: Chris Tallon <chris@???>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
rv:13.0) Gecko/20120615 Thunderbird/13.0.1
MIME-Version: 1.0
To: users@???
References: <1517ac1d07ffc56889537bd5282a3890@???>
In-Reply-To: <1517ac1d07ffc56889537bd5282a3890@???>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Vir
