I set up a Server, which will I use mostly as “US” gateway ;)
On Server Side, I have two interfaces. eth0 & tap_soft. eth0 has the given IPv6 address 2604:[…]:8001. I set manual to tap_soft the address: 2604:[…]:8002.
I also set manual the client-IP to 2604:[…]:8003.
The VPN is Layer2 based and I can ping 2604:[…]:8002 from my client, but ether 2604:[…]:8001 or any public ipv6 addresslike google (tried 8001 and 8002 as gateway) I have enabled “net.ipv6.conf.all.forwarding=1” in sysctl.conf. I think the problem is the “step” from the tap-device to eth0. For IPv4 I use iptables and SNAT. But I don’t want to nat ipv6, if I have enough addresses. (and yes, 16 addresses are enough for me^^)
Any Ideas or even better: solutions? Thanks
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
This question was answered by @martinb738fb511:
Sounds familiar. I think the problem is that your VPN segment is not bridged with eth0 for NDP to work (which is good and I do not recommend to do such bridging). To overcome that you have to configure NDP proxy for all IPv6 addresses that are used in the VPN segment:
ip -6 neigh add proxy 2a03:b0c0:2::xxxx dev eth0
with xxxx going from 8002 to 800f, 14 commands total. Update the prefix to suit your assignment.
Sounds familiar. I think the problem is that your VPN segment is not bridged with eth0 for NDP to work (which is good and I do not recommend to do such bridging). To overcome that you have to configure NDP proxy for all IPv6 addresses that are used in the VPN segment:
ip -6 neigh add proxy 2a03:b0c0:2::xxxx dev eth0
with xxxx going from 8002 to 800f, 14 commands total. Update the prefix to suit your assignment.
+1 got the same problem. Any solutions yet? Maybe one has to set a route?
+1 desperate to figure this out, too! i can’t even seem to ping my tap (8002) interface from outside. it is definitely an issue “bridging” the ipv6 traffic that only seems to want to hit eth0!