New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Tunneled or native? OVZ or KVM?
Native, OpenVZ
http://lowendtalk.com/discussion/comment/721755/#Comment_721755
Just reinstalled my server, followed the whole tutorial and added a tunneled IPv6 from HE.net (removed native of course) But it still doesn't work
I'm wondering if anyone actually had success with this?
Been working on it for quite some time now, tried Debian 6 and 7, both 64 and 32 bits, tried ubuntu 14.04 32 and 64 bits, neither of those work..
I double checked in the past and fixed the typos in the tutorial, it did work for me.
Really weird... Just did another reinstall with Debian 7, and i even added the OpenVPN repo this time to get the latest version of OpenVPN, but still doesnt't work -.-
Edit: Got it working now, had to comment-out
And it starting working fine after
A bit offtopic.. but your OpenVPN script is a bit wonky. It can be connected to, but you can't browse the internet anymore after your connected. It happens on my LES VPSs and my IPXcore box. (both OpenVZ, Debian 7 freshly installed etc)
Why the hell are you using OPENVZ? That is probably half of your problem.
Because it's worked for years with OpenVPN without any issues? Nyr's script with my OpenVZ boxes perfectly in the past as well, just in the past couple of months it has broke.
You might want to read the thread title too..
No significant changes had been made to the script in the last months and it does definitively work as always. Hundreds of users are using it each month, many of them on LES. It will definitively work on OpenVZ as long as TUN is available.
Most reports of people unable to use the Internet while connected had been determined to be client side conflicts.
I followed the instructions exactly. I am able to ping the LES VPS, but not google.
Any ideas?
$ ping -6 google.com
Pinging google.com [2607:f8b0:4007:809::200e] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 2607:f8b0:4007:809::200e:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
Pinging the VPS
$ ping -6 2001:470::XXX::1
Pinging 2001:470::XXX::1 with 32 bytes of data:
Reply from 2001:470::XXX::1: time=107ms
Reply from 2001:470::XXX::1: time=109ms
Reply from 2001:470::XXX::1: time=109ms
From the VPS to google:
ping6 google.com
PING google.com(ob-in-x66.1e100.net) 56 data bytes
64 bytes from ob-in-x66.1e100.net: icmp_seq=1 ttl=54 time=10.2 ms
64 bytes from ob-in-x66.1e100.net: icmp_seq=2 ttl=54 time=8.60 ms
64 bytes from ob-in-x66.1e100.net: icmp_seq=3 ttl=54 time=8.85 ms
^C
What's the /etc/resolv.conf value?
cat /etc/resolv.conf
nameserver 8.8.8.8
nameserver 8.8.4.4
Although I don't think it's domain name resolution problem.
My initial thoughts are that it's a routing problem since I can ping the openvpn server but nothing beyond it.
I also thought that ipv6 didn't require any special masquerading/nat, etc...
I have enabled ip forwarding:
sysctl -p
net.ipv4.ip_forward = 1
net.ipv6.conf.all.forwarding = 1
Yeah, looks like a routing problem. And you are correct, no NAT is required, not sure what's wrong.
Whats
ip -6 r
andip -6 a
?root@OpenWrt:~# ip -6 r
2001:470:XXX:::/64 dev tun0 proto kernel metric 256
2000::/3 dev tun0 metric 1
fd3a:dad6:5208::/64 dev wlan0 proto static metric 1024
unreachable fd3a:dad6:5208::/48 dev lo proto static metric 2147483647 error -128
fe80::/64 dev eth0 proto kernel metric 256
fe80::/64 dev wlan0 proto kernel metric 256
and
root@OpenWrt:~# ip -6 a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 1000
inet6 fe80::3e46:d8ff:fe0d:15b2/64 scope link
valid_lft forever preferred_lft forever
4: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 1000
inet6 fd3a:dad6:5208::1/60 scope global
valid_lft forever preferred_lft forever
inet6 fe80::3e46:d8ff:fe0d:15b2/64 scope link
valid_lft forever preferred_lft forever
12: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qlen 100
inet6 2001:470:XXX:::1:0/64 scope global
valid_lft forever preferred_lft forever
Thanks!
Shameless bump since I get asked about IPv6 pretty often.
I did write some very easy instructions to set up IPv6 with NAT, which is needed if you are setting this up in a VPS without a full routed subnet:
https://wiki.nyr.es/ipv6_openvpn_without_routed_subnet
I hope this is useful for some of the guys which had been asking for IPv6 support over time. Proper IPv6 support is unfortunately very uncommon for VPS nowadays.
Which version of ip6tables are you running? I keep getting the following error:
ip6tables v1.4.14: unknown option "--to"
You are going to need 1.4.17 or newer.
You could still have problems in OVZ with old kernels, I'm not sure.