Web lists-archives.com

Re: Fwd: openvpn over ipv6 /65




	Hi.

On Mon, Nov 26, 2018 at 11:49:13AM +0100, tony wrote:
> >>> As for the persistent configuration, that depends on the contents of
> >>> /etc/network/interfaces. Can be static (it's straightforward then),
> >>> DHCPv6 (you won't be able to do the split) or RA (ditto).
> >>>
> >> No, it's all static:
> > 
> > That simplifies things greatly.
> > Replace this:
> > 
> > iface eth0 inet6 static
> >            address 2a03:9800:10:54::2
> >            netmask 64
> >            gateway 2a03:9800:10:54::1
> > 
> > with this:
> > 
> > iface eth0 inet6 static
> >            address 2a03:9800:10:54::2
> >            netmask 65
> >            gateway 2a03:9800:10:54::1
> > 
> > Leave all the other entries intact.
> > Then invoke this as root (one-time only):
> > 
> > ip a d dev eth0 2a03:9800:10:54::2/64
> > ip a a dev eth0 2a03:9800:10:54::2/65
> > ip ro d default via 2a03:9800:10:54::1
>
> Thanks so much, Reco. This has got me well on the way to setting up a
> IPv6 VPN. It has also greatly enhanced my unserstanding of OpenVPN.
> 
> So, I've assigned 2a03:9800:10:54:8000::/65 to the VPN, and this appears
> to work. The logs are showing the tunnel having been established.

That's great.

> However, I can't get any IPv6 connectivity to the internet unless I stop
> OpenVPN.

You mean, you lose IPv6 connectivity on the VPS?
Or your host where OpenVPN client is has some other means of connecting
via IPv6, and this other host loses IPv6 connectivity once OpenVPN's
tunnel is up?


> Have you any further suggestions as to what I might try?

I'd like to see your IPv6 routing tables from your VPS and the OpenVPN client.
Two simple 'ip -6 ro l' will do.
And, for the sake of the completeness, the same 'ip -6 ro l' once OpenVPN is down.

Reco