Cisco 877 / IPv6 issue - router and local net can't ping each other

growse

growse

growse

Soldato
Joined
18 Oct 2002
Posts
7,139
Location
Ironing
I've got a strange problem with my router (cisco 877) and IPv6 connectivity. For some reason, the router can't ping any local network ipv6 address, but can ping the outside world. The local network hosts can ping each other over ipv6, but can't ping the router, or the outside world.

I'm figuring that this is a routing issue - because the local netork hosts can't see the router, they can't route any other ipv6 address. Why the router can't see the hosts I don't know. At first I thought it was an IOS 15 issue, but have since rolled back to 12.4 and received the same problem there.

*edit* what's weirder, is that sometimes the local network hosts *can* ping the outside world. But this functionality seems to come and go. Still can't ping the router.

Ipv4 works perfectly fine.

Any ideas what's going wrong?
Router routes:

Code: 
IPv6 Routing Table - Default - 7 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
       B - BGP, M - MIPv6, R - RIP, D - EIGRP
       EX - EIGRP external
       O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
       ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
S   2000::/3 [1/0]
     via 2b06:888:6:142::1
C   2b06:888:6:142::/64 [0/0]
     via Tunnel0, directly connected
L   2b06:888:6:142::2/128 [0/0]
     via Tunnel0, receive
C   2b06:888:18A::/64 [0/0]
     via Vlan1, directly connected
L   2b06:888:18A::/128 [0/0]
     via Vlan1, receive
L   2b06:888:18A::1/128 [0/0]
     via Vlan1, receive
L   FF00::/8 [0/0]
     via Null0, receive

Config is below:

Code: 
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname talkbot
!
boot-start-marker
boot system flash c870-advipservicesk9-mz.124-24.T2.bin
boot-end-marker
!
logging count
logging message-counter syslog
logging userinfo
no logging buffered
no logging console
enable secret 5 ***
!
aaa new-model
!
!
aaa authentication login default local
aaa authorization exec default local 
aaa accounting update newinfo
!
!
aaa session-id common
clock summer-time BST recurring last Sun Mar 1:00 last Sun Oct 1:00
!
crypto pki trustpoint TP-self-signed-2878513492
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-2878513492
 revocation-check none
 rsakeypair TP-self-signed-2878513492
!
!
crypto pki certificate chain TP-self-signed-2878513492
 certificate self-signed 01
  *snip*
  	quit
dot11 syslog
no ip source-route
no ip icmp rate-limit unreachable
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.0.1
ip dhcp excluded-address 192.168.0.1 192.168.0.20
!
ip dhcp pool CLIENT
   import all
   network 192.168.0.0 255.255.255.0
   domain-name i.growse.com
   default-router 192.168.0.1 
   dns-server 192.168.0.13 
!
!
ip cef
no ip bootp server
ip domain name i.growse.com
ip name-server 192.168.0.13
ip multicast-routing 
ipv6 unicast-routing
no ipv6 cef
ipv6 dhcp pool IPV6CLIENT
 prefix-delegation 2b06:888:18A::/64 0005000400F1A4D070D003
 prefix-delegation pool prefix-pool lifetime 1800 600
 dns-server 2b06:888:18A::13
 domain-name i.growse.com
!
!
multilink bundle-name authenticated
!
!
!
username growse privilege 15 password 7 **
! 
!
!
archive
 log config
  hidekeys
!
!
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
ip ssh source-interface Vlan1
ip ssh rsa keypair-name router-key
ip ssh logging events
ip ssh version 2
!
class-map match-any BESTEFFORT
 match protocol http
 match protocol secure-http
 match protocol icmp
 match protocol secure-imap
 match protocol smtp
 match protocol ipv6
 match protocol dns
 match protocol ipsec
class-map match-any REALTIME
 match protocol rtp
 match protocol rtcp
 match protocol sip
 match protocol ssh
class-map match-any SCAVENGER
 match protocol bittorrent
!
!
policy-map POLICY
 class REALTIME
  set ip precedence 5
 class BESTEFFORT
    bandwidth percent 50
 class SCAVENGER
    police 10000 2000 2000 conform-action transmit  exceed-action drop  violate-action drop 
  set precedence 0
!
!
!
!
interface Tunnel0
 description IPv6 SixXS
 no ip address
 ipv6 address 2b06:888:6:142::2/64
 ipv6 enable
 tunnel source 55.55.55.164
 tunnel destination 77.75.104.126
 tunnel mode ipv6ip
!
interface ATM0
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip flow ingress
 no atm ilmi-keepalive
!
interface ATM0.1 point-to-point
 mtu 1500
 ip address 55.55.55.164 255.255.248.0
 ip access-group IPV6IN in
 ip verify unicast reverse-path
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip flow ingress
 ip nat outside
 ip virtual-reassembly
 ip tcp adjust-mss 1460
 atm route-bridged ip
 pvc BeThere 0/101 
  protocol ip 55.55.55.1 broadcast
  oam-pvc manage
  encapsulation aal5snap
 !
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
 description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
 ip address 192.168.0.1 255.255.255.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip flow ingress
 ip nat inside
 ip virtual-reassembly
 ip tcp adjust-mss 1452
 ipv6 address 2b06:888:18A::/64
 ipv6 address 2b06:888:18A::1/64
 ipv6 nd prefix 2b06:888:18A::/64
 ipv6 nd ra lifetime 180
 ipv6 nd ra interval 60
 hold-queue 100 out
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 55.55.55.1
no ip http server
ip http access-class 23
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
ip nat inside source list 102 interface ATM0.1 overload
ip nat inside source static tcp 192.168.0.6 22 55.55.55.164 22 extendable
ip nat inside source static tcp 192.168.0.6 80 55.55.55.164 80 extendable
ip nat inside source static tcp 192.168.0.6 22 55.55.55.164 443 extendable
ip nat inside source static tcp 192.168.0.2 873 55.55.55.164 873 extendable
ip nat inside source static tcp 192.168.0.21 987 55.55.55.164 987 extendable
ip nat inside source static tcp 192.168.0.11 22 55.55.55.165 22 extendable
ip nat inside source static tcp 192.168.0.11 25 55.55.55.165 25 extendable
ip nat inside source static 192.168.0.3 55.55.55.166 extendable
ip nat inside source static 192.168.0.8 55.55.55.167 extendable
!
ip access-list extended INTERNET-IN
 permit tcp any any eq 22
 permit tcp any any established
 permit udp any eq domain any
 remark permit IMAPS
 permit tcp any any eq 993
 remark SMTP in
 permit tcp any any eq smtp
 remark NTP
 permit udp any eq ntp any
 remark allow ping from outside
 permit icmp any any echo
 remark allow ping from ipv6 pop
 permit icmp host 77.75.104.126 host 55.55.55.164
 remark permit sixxs ipv6 tunnel
 permit 41 host 77.75.104.126 host 55.55.55.164
 permit udp host 192.165.213.231 host 55.55.55.164
 permit udp any eq isakmp any eq isakmp log
 remark allow SMTP in on port 465, NAT to 25 on mailbot
 permit tcp any host 55.55.55.165 eq 465
 remark RSYNC access to BH
 permit tcp any host 55.55.55.164 eq 873
 remark Wii DMZ
 permit ip any host 55.55.55.167
 permit icmp any any
 remark STEAM
 permit udp any range 27000 27100 any
 remark sipgate registration
 permit udp host 217.10.79.23 eq 5060 host 55.55.55.164
 remark SIP rtp packets
 permit udp any host 55.55.55.164 range 15000 15015
 remark Squeezecenter web in
 permit tcp any host 55.55.55.164 eq www
 permit tcp any host 55.55.55.164 eq 987
 permit udp any host 55.55.55.164 eq 987
 deny   ip any any
!
logging trap debugging
logging origin-id hostname
logging 192.168.0.10
access-list 102 deny   ip 192.168.0.0 0.0.0.255 192.168.0.0 0.0.0.255
access-list 102 permit ip 192.168.0.0 0.0.0.255 any
no cdp run

ipv6 route 2000::/3 2b06:888:6:142::1
!
!
!
!
snmp-server community public RO
snmp-server location Under The Chest of Drawers
snmp-server contact Me
snmp-server enable traps tty
!
ipv6 access-list IPV6IN
 sequence 30 remark mailbot
 permit tcp any host 2b06:888:18A::4 eq smtp
 deny ipv6 any any log
!
control-plane
!
banner login [--- Hello! ---]

banner motd [--- Hello! ---]

!
line con 0
 no modem enable
 transport output none
line aux 0
 transport output none
line vty 0 4
 privilege level 15
 transport preferred ssh
 transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end

Windows host routing table

Code: 
C:\Users\andrew>route print -6
===========================================================================
Interface List
 28...00 22 15 79 d2 1c ......TEAM: team
 19...00 50 56 c0 00 01 ......VMware Virtual Ethernet Adapter for VMnet1
 20...00 50 56 c0 00 08 ......VMware Virtual Ethernet Adapter for VMnet8
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 28    261 ::/0                     fe80::223:4ff:fe11:98bd
  1    306 ::1/128                  On-link
 28     13 2b06:888:18a::/64        On-link
 28    261 2b06:888:18a:0:25ec:fcab:761c:700e/128
                                    On-link
 28    261 2b06:888:18a:0:e935:f1:fba3:272b/128
                                    On-link
 19    276 fe80::/64                On-link
 20    276 fe80::/64                On-link
 28    261 fe80::/64                On-link
 20    276 fe80::5ce:e1c6:ca0e:1857/128
                                    On-link
 28    261 fe80::25ec:fcab:761c:700e/128
                                    On-link
 19    276 fe80::d909:b84:74de:a3dd/128
                                    On-link
  1    306 ff00::/8                 On-link
 19    276 ff00::/8                 On-link
 20    276 ff00::/8                 On-link
 28    261 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None

Linux routing table:

Code: 
growse@mailbot:~$ route -6
Kernel IPv6 routing table
Destination                    Next Hop                   Flag Met Ref Use If
2b06:888:18a::/64              ::                         Ue   256 0  8205 eth0
fe80::/64                      ::                         U    256 0     0 eth0
::/0                           fe80::223:4ff:fe11:98bd    UGDAe 1024 0    12 eth0
::/0                           ::                         !n   -1  1 66031 lo
::1/128                        ::                         Un   0   1 42322 lo
2b06:888:18a::11/128           ::                         Un   0   1276121 lo
2b06:888:18a:0:20c:29ff:fe9e:537/128 ::                         Un   0   1 15395 lo
fe80::20c:29ff:fe9e:537/128    ::                         Un   0   1 12225 lo
ff00::/8                       ::                         U    256 0     0 eth0
::/0                           ::                         !n   -1  1 66031 lo

Ping results to outside address, the router itself, and an internal host from the router:

Code: 
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 280/284/288 ms
talkbot#ping ipv6 2b06:888:18a::

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2b06:888:18A::, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/4 ms
talkbot#ping ipv6 2b06:888:18a::11

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2b06:888:18A::11, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
 
Last edited:
You must log in or register to reply here.
Back
Top Bottom