News
:
This forum is now permanently frozen.
m0n0wall Forum
>
m0n0wall Support (English)
>
IPv6
Topic: Possible to shortcut IPv6 on WAN side?
Pages: [
1
]
Topic: Possible to shortcut IPv6 on WAN side? (Read 3951 times)
Possible to shortcut IPv6 on WAN side?
« on: January 27, 2010, 06:37:00 »
bombcar
Posts: 22
I have a bit of a strange setup. I get 4 static IPs from Speakeasy. x.5 is the WAN port of my m0n0wall router; x.254 is a Gentoo server. They work great, and I can access the Gentoo box at wire speeds.
However, I've obtained two IPv6 tunnels from Hurricane Electric, one for each. The m0n0wall's IPv6 support works great, and I can ping the Gentoo's IPv6 address, but it travels down the tunnel (which means it goes over the DSL link).
I've tried a number of things, including adding an IPv6 address to the Gentoo box that is on the m0n0wall's /64 - but all that does is make ping break with:
From x::4 icmp_seq=1 Destination unreachable: Port unreachable
Is it possible to do what I'm trying to do? I basically want any access from the LAN on the m0n0wall box to the IPv6 /64 of the Gentoo box to travel directly via the WAN port, not via the IPv6-IPv4 tunnel.
I can't seem to add an additional IPv6 address to the WAN port, either.
I suspect I'll have to move the Gentoo box to OPT1 and hope that 1:1 NAT allows me to avoid split DNS on my IPv4 hosts.
Would creating OPT1 with only an IPv6 address on the Gentoo /64 allow it to work? I'd like to keep the IPv4 traffic for the Gentoo box outside of the LAN.
Re: Possible to shortcut IPv6 on WAN side?
« Reply #1 on: January 27, 2010, 10:31:57 »
brushedmoss
Posts: 446
I don't believe this is possible as all traffic to/from your tunnel ip's will have to go via the tunnel interface and therefor via the tunnel.
You could route your two lan subnets together (assuming you have one for gentoo) or you could add an a second nic or vlan to gentoo to give it an interface on your m0n0wall lan.
Otherwise you could take your lan subnet and split it into two subnets, put one on your WAN interface and use another ip in that range as an alias on your gentoo box ?
Re: Possible to shortcut IPv6 on WAN side?
« Reply #2 on: February 08, 2010, 01:03:54 »
bombcar
Posts: 22
I finally bit the bullet and got a /48 from them, and moved the server to the DMZ.
Now I have 65536 networks of 18446744073709551616 machines each.
Re: Possible to shortcut IPv6 on WAN side?
« Reply #3 on: August 14, 2010, 08:26:17 »
Lunchtime in Oakham
Posts: 5
Quote from: bombcar on February 08, 2010, 01:03:54
I finally bit the bullet and got a /48 from them, and moved the server to the DMZ.
Now I have 65536 networks of 18446744073709551616 machines each.
Someone once said 640k RAM should be enough for anyone.
Re: Possible to shortcut IPv6 on WAN side?
« Reply #4 on: October 29, 2010, 05:24:32 »
bombcar
Posts: 22
Quote from: Lunchtime in Oakham on August 14, 2010, 08:26:17
Quote from: bombcar on February 08, 2010, 01:03:54
I finally bit the bullet and got a /48 from them, and moved the server to the DMZ.
Now I have 65536 networks of 18446744073709551616 machines each.
Someone once said 640k RAM should be enough for anyone.
640k of RAM isn't even enough to hold a bitmap of the addresses I'm using!
Pages: [
1
]
Topic: Possible to shortcut IPv6 on WAN side?