|
Posté le: Mardi 28 Janvier 2020 18:23:22
Aucun numéro de ligne indiqué dans le profil
| |
|
|
rpineau
Intéressé
Hors-ligne
Inscrit le : 19 Fév 2011 Messages : 53
Sexe :
Ville : St Herblain 44109XBN
Forfait : Freebox Optique
Freebox : N/A
|
|
|
|
|
|
|
No problem.
The router WAN config looks fine.
The Freebox config for Prefix 1 is also ok.
The IPv6 address on LAN looks fine ( on RouerLan2nd.jpg ).
On "RouerLan2nd.jpg", you used DHCPv6 (Management) for the LAN, is there a different option as I think that might be the issue. DHCPv6 is not properly supported by all operation system as client.
Is there something like SLAAC, router advertisement, stateless ...
Also there is no range in your DHCPv6 , you might want to put something like start 2001:e35:2e13:80b1::3 and end 2001:e35:2e13:80b0::ffff
Regards,
Rodolphe |
|
|
|
|
Posté le: Mardi 28 Janvier 2020 20:09:48
Numéro présent dans le profil, mais problème de récupération des caractéristiques de la ligne
| |
|
|
eliassal (Auteur du topic)
Intéressé
Hors-ligne
Inscrit le : 08 Juin 2010 Messages : 71
Sexe :
Ville : Herblay
Forfait : Freebox Dégroupage Total
Freebox : Error4
|
|
|
|
|
|
|
Unfortunately non, this is all what is for IPv6 in the LAN interface
Just after doing the snapshot, I have added the following range
2A01:E35:2E13:80B1::2
2A01:E35:2E13:80B1::63
but still my machines getting IPs from the first one 2a01:e35:2e13:80b0 and not the 2a01:e35:2e13:80b1 as follows
IPv6 Address: 2a01:e35:2e13:80b0:5e5:7c41:5e8a:467d
Temporary IPv6 Address: 2a01:e35:2e13:80b0:b85d:72bb:c5f:a5cf
Link-local IPv6 Address: fe80::5e5:7c41:5e8a:467d%16
IPv6 Default Gateway: fe80::224:d4ff:fea2:daa%16
IPv6 DNS Server: fd0f:ee:b0::1 |
|
_________________ Salam ELIAS |
|
|
|
Posté le: Mardi 28 Janvier 2020 20:14:41
Numéro présent dans le profil, mais problème de récupération des caractéristiques de la ligne
| |
|
|
eliassal (Auteur du topic)
Intéressé
Hors-ligne
Inscrit le : 08 Juin 2010 Messages : 71
Sexe :
Ville : Herblay
Forfait : Freebox Dégroupage Total
Freebox : Error4
|
|
|
|
|
|
|
Yes there is SLAAC Option instead of DHCPv6(stateful) |
|
_________________ Salam ELIAS |
|
|
|
Posté le: Mardi 28 Janvier 2020 20:17:43
Numéro présent dans le profil, mais problème de récupération des caractéristiques de la ligne
| |
|
|
eliassal (Auteur du topic)
Intéressé
Hors-ligne
Inscrit le : 08 Juin 2010 Messages : 71
Sexe :
Ville : Herblay
Forfait : Freebox Dégroupage Total
Freebox : Error4
|
|
|
|
|
|
|
You indicated in your response
Also there is no range in your DHCPv6 , you might want to put something like start 2001:e35:2e13:80b1::3 and end 2001:e35:2e13:80b0::ffff
this is 2 different networks no? |
|
_________________ Salam ELIAS |
|
|
|
Posté le: Mardi 28 Janvier 2020 20:23:28
Numéro présent dans le profil, mais problème de récupération des caractéristiques de la ligne
| |
|
|
eliassal (Auteur du topic)
Intéressé
Hors-ligne
Inscrit le : 08 Juin 2010 Messages : 71
Sexe :
Ville : Herblay
Forfait : Freebox Dégroupage Total
Freebox : Error4
|
|
|
|
|
|
|
OK I changed to Slacc with the same range as you can notice in the snapshot
http://salam.hd.Free.fr/RouerLanSlacc.jpg
I disabled/enabled network cards on 2 different machines, still getting IPv6 adresses from first lan 2A01:E35:2E13:80B0::
and not the 2nd 2A01:E35:2E13:80B1::
By the way, why there is 2 IPv6 adresses,
IPv6 Address: & Temporary IPv6 Address |
|
_________________ Salam ELIAS |
|
|
|
Posté le: Mardi 28 Janvier 2020 20:31:15
Numéro présent dans le profil, mais problème de récupération des caractéristiques de la ligne
| |
|
|
eliassal (Auteur du topic)
Intéressé
Hors-ligne
Inscrit le : 08 Juin 2010 Messages : 71
Sexe :
Ville : Herblay
Forfait : Freebox Dégroupage Total
Freebox : Error4
|
|
|
|
|
|
|
and of course no network access as usual |
|
_________________ Salam ELIAS |
|
|
|
Posté le: Mardi 28 Janvier 2020 20:33:50
Numéro présent dans le profil, mais problème de récupération des caractéristiques de la ligne
| |
|
|
eliassal (Auteur du topic)
Intéressé
Hors-ligne
Inscrit le : 08 Juin 2010 Messages : 71
Sexe :
Ville : Herblay
Forfait : Freebox Dégroupage Total
Freebox : Error4
|
|
|
|
|
|
|
Rodolphe, just scratched my head, if my machines getting IPv6 from first lan
2A01:E35:2E13:80B0::
and I entered that LAN Ip is the 2nd subnet
2A01:E35:2E13:80B1::
normally they should ne be able to communicate , no? |
|
_________________ Salam ELIAS |
|
|
|
Posté le: Mardi 28 Janvier 2020 21:26:42
Numéro présent dans le profil, mais problème de récupération des caractéristiques de la ligne
| |
|
|
eliassal (Auteur du topic)
Intéressé
Hors-ligne
Inscrit le : 08 Juin 2010 Messages : 71
Sexe :
Ville : Herblay
Forfait : Freebox Dégroupage Total
Freebox : Error4
|
|
|
|
|
|
|
Correction
*****
and I entered that LAN Ip of the 2nd subnet
2A01:E35:2E13:80B1::
in my Router LAN
so there is a different range between what machines are getting the LAN IP on the router |
|
_________________ Salam ELIAS |
|
|
|
Posté le: Mercredi 29 Janvier 2020 15:02:05
Numéro présent dans le profil, mais problème de récupération des caractéristiques de la ligne
| |
|
|
eliassal (Auteur du topic)
Intéressé
Hors-ligne
Inscrit le : 08 Juin 2010 Messages : 71
Sexe :
Ville : Herblay
Forfait : Freebox Dégroupage Total
Freebox : Error4
|
|
|
|
|
|
|
Rodolphe, some good news. I desactivated the mode "bridge" on the router between WAN interface and LAN interface, chose SLACC plus a range in the LAN, and HOP, my machines started to have "Internet Access" for IPv6 (from the 2nd subnet 2A01:E35:2E13:80B1 and not the 2A01:E35:2E13:80B0) and was able to ping for example ipv6.google.com.
However, as I said, I gave a range on the router between
start 2A01:E35:2E13:80B1::2
end 2A01:E35:2E13:80B1::63
but still machines are getting bizarre IPv6, and as well as Tmporary IPv6 (not really sure why).
So before thanking you for your Rien and follow up, I am a little bit confused on how communication is established between
Freebox <> Router WAN<> Router LAN
on the Freebox, next hop is the IPV6 of the WAN so how communication gets established between the subnet 2A01:E35:2E13:80B1, WAN and the Freebox?
So many thanks for your Rien |
|
_________________ Salam ELIAS |
|
|
|
Posté le: Jeudi 30 Janvier 2020 00:28:05
Aucun numéro de ligne indiqué dans le profil
| |
|
|
rpineau
Intéressé
Hors-ligne
Inscrit le : 19 Fév 2011 Messages : 53
Sexe :
Ville : St Herblain 44109XBN
Forfait : Freebox Optique
Freebox : N/A
|
|
|
|
|
|
|
Ok so with SLAAC you get auto assigned IPv6 in the subnet you set (2A01:E35:2E13:80B1::/64), and DHCPv6 is ignored.
And yes I made a few typo between 2A01:E35:2E13:80B0 (WAN) and 2A01:E35:2E13:80B1 (LAN), sorry about that
The machines get an ip of the form 2A01:E35:2E13:80B1:YYYY:XXXX/64
For IPv6 the Freebox is a router (even if you set the Freebox in bridge mode, the bridge mode is only for IPv4).
so there is a subnet between the Freebox and your router (2A01:E35:2E13:80B0::/64) and in the IPv6 configuration in the Freebox you're adding a route to 2A01:E35:2E13:80B1::/64 via your router link local IPv6.
Then your router announces 2A01:E35:2E13:80B1::/64 to your internal machines using SLAAC in its LAN interface
So to answer your question about communication.. you are routing the traffic as you are setting up routers and adding static routes.
So your machine on your lan that has an ip in 2A01:E35:2E13:80B1::/64 send traffic for the outside to the IPv6 default gateway in that subnet, which is your router (LAN).
Then the router forward the traffic (it just route it without touching it) to the next gateway in the path to the destination, the next gateway is the Freebox, and then the Freebox forward to the next router on the path and so on util the packet reach its destination.
The response from the "destination" follow the reverse path.
Now that IPv6 is working, you can give static IPv6 IP to your machines using the 2A01:E35:2E13:80B1::/64 subnet, like 2A01:E35:2E13:80B1::2/64 for example and by setting the default IPv6 gateway to the router LAN IP 2A01:E35:2E13:80B1::1 to make it easier than using the auto configured IP.
Now you need to configure the firewall on your router to allow all outgoing traffic, allow incoming traffic from related flows and established flows because you're not protected as everything is directly routed That might already be the case if you have enable the Freebox IPv6 firewall). |
|
|
|
|
Posté le: Jeudi 30 Janvier 2020 14:36:13
Numéro présent dans le profil, mais problème de récupération des caractéristiques de la ligne
| |
|
|
eliassal (Auteur du topic)
Intéressé
Hors-ligne
Inscrit le : 08 Juin 2010 Messages : 71
Sexe :
Ville : Herblay
Forfait : Freebox Dégroupage Total
Freebox : Error4
|
|
|
|
|
|
|
Rodolphe, thanks for the explanation. As you are an expert, I would like to ask the following question.
Before enabling IPv6 in my network, when any network card connects, I see it connects and gets an IPv4 and the name of my network display as
mynetwork.net.
all servers and machines can communicate by names. Now, after enabling the IPv6, network cards connect, gets the IPv4 and IPv6 details but instead of mynetwork.net displayed, I see "Network 5"
and when I ping using the name of the machine I can not reach it and get a response strange IP as follows
Pinging prodewebserver.salam.net [69.172.201.153] with 32 bytes of data:
Request timed out.
.....
in spite of the fact that I can ping the IP and I see the machine in my DNS server with the right IP
Any idea?
Thanks |
|
_________________ Salam ELIAS |
|
|
|
Posté le: Vendredi 31 Janvier 2020 03:13:16
Aucun numéro de ligne indiqué dans le profil
| |
|
|
rpineau
Intéressé
Hors-ligne
Inscrit le : 19 Fév 2011 Messages : 53
Sexe :
Ville : St Herblain 44109XBN
Forfait : Freebox Optique
Freebox : N/A
|
|
|
|
|
|
|
This probably depends on the DNS settings in your router and what type of DNs proxying it's doing.
You might want to fully remove the IPv6 dns and see if this helps as any host will use the IPv4 DNS even to resolve host to IPv6 addresses.
Can you show what the IPv6 dns settings are on your router and also what DNS do you get on your machines.
Assigning static IPv6 IP to your machines in the 2A01:E35:2E13:80B1::/64 network might be another option if your router allows you to set some DNS names for IPv6 IPs
I personally have my own DNS that has my zones with both IPv4 and IPv6 address for all my hosts for my domain (I own a .org domain).
In you case may be your router has some facilities in that area. If not.. you could setup a Rapsberry PI as a local caching DNS with a fake zones for your local machines.
Regards, Rodolphe |
|
|
|
|
Posté le: Vendredi 31 Janvier 2020 03:20:08
Aucun numéro de ligne indiqué dans le profil
| |
|
|
rpineau
Intéressé
Hors-ligne
Inscrit le : 19 Fév 2011 Messages : 53
Sexe :
Ville : St Herblain 44109XBN
Forfait : Freebox Optique
Freebox : N/A
|
|
|
|
|
|
|
Looks like I missed one part of your question.
prodewebserver.salam.net does resolve to 69.172.201.153 (when I do a nslookup).
But it doesn't resolve to any IPv6 IP so my guess is your machines are expecting an IPv6 response and it takes a while to timeout.
Code: |
nslookup -query=AAAA prodewebserver.salam.net
Server: XXX.XXX.XXX.XXX
Address: XXX.XXX.XXX.XXX#53
Non-authoritative answer:
*** Can't find prodewebserver.salam.net: No answer
Authoritative answers can be found from:
prodewebserver.salam.net
origin = ns1.uniregistrymarket.link
mail addr = hostmaster.hostingnet.com
serial = 1555555555
refresh = 10800
retry = 3600
expire = 604800
minimum = 86400
|
So you would need that server to have an IPv6 IP if possible, or not have IPv6 DNS by default so that your machine get an answer from the IPv4 DNS (even it it can do IPv6 it will might response with an IPv4 IP first). |
|
|
|
|
Posté le: Vendredi 31 Janvier 2020 11:34:53
Numéro présent dans le profil, mais problème de récupération des caractéristiques de la ligne
| |
|
|
eliassal (Auteur du topic)
Intéressé
Hors-ligne
Inscrit le : 08 Juin 2010 Messages : 71
Sexe :
Ville : Herblay
Forfait : Freebox Dégroupage Total
Freebox : Error4
|
|
|
|
|
|
|
Thanks. I managed to fix a couple of issues by adding the IPV6 adresse of my DNS in the NIC config of the the machines and I am able now to ping correctly. I alsi added my internal DNS to the router, lets see.
What is strange, when I issue the command you used from a windows machine (2 win 10 machines)
nslookup -query=AAAA prodewebserver.salam.net
I get
Server: UnKnown
Address: XXXX:XXX:XXXX:XXXX:XXXX:e0ab:fbca:9957 (my DNS)
*** UnKnown can't find prodewebserver.salam.net: Non-existent domain
whereas I issue the same command from a linux machine, it resolves correctly as follows
[salam@linux]$ nslookup prodwebserver.salam.net
Server: 192.168.X.X
Address: 192.168.X.X#53
Name: prodwebserver.salam.net
Address: 192.168.X.X
Name: prodwebserver.salam.net
Address: 2a01:e35:2e13:80b1:55f8:f821:902f:312f |
|
_________________ Salam ELIAS |
|
|
|
Posté le: Vendredi 31 Janvier 2020 11:48:34
Numéro présent dans le profil, mais problème de récupération des caractéristiques de la ligne
| |
|
|
eliassal (Auteur du topic)
Intéressé
Hors-ligne
Inscrit le : 08 Juin 2010 Messages : 71
Sexe :
Ville : Herblay
Forfait : Freebox Dégroupage Total
Freebox : Error4
|
|
|
|
|
|
|
Rodolphe, is it possible to discuss by email as a lot of details here in public might not be a good idea? |
|
_________________ Salam ELIAS |
|
|
|
|
|