2007-10-26 Trying to access machines at home direct ... 12 years ago
Trying to access machines at home directly from the outside via ipv6 made the old ndisc_send_redirect: not a neighbour show up again. I found the reason: I added an address on the internal network to the external interface, so a cool address would show and not the xs4all-ipv6-tunnel interface address, with up ip -6 addr add 2001:888:1011::13/64 dev xs4allipv6 in /etc/network/interfaces. Now when trying to access an internal machine, 2 possible routes to 2001:888:1011::/64 existed. Fix: add another line up ip -6 route del 2001:888:1011::/64 dev xs4allipv6 to remove that extra route again. Now I can access machines on the home network directly from ipv6 hosts all over the world. Time for extra firewalling rules!
Update 2010-04-15: Better way to configure this: use a /128 netmask, so I now have in /etc/network/interfaces:up ip -6 addr add 2001:888:1011::13/128 dev xs4allipv6