1 |
On Thursday 19 July 2007 16:12:18 Etaoin Shrdlu wrote: |
2 |
> More precisely, it seems that these neighbor solicitation messages come |
3 |
> from the far end router, like it somehow believes that your internal |
4 |
> host is on its same subnet, and is trying to resolve its ipv6 address to |
5 |
> its link layer address (similar to what ARP does in ipv4). |
6 |
> Is fe80::214:f600:b67e:b4db the address of your provider's router? |
7 |
> There could be a misconfiguration somewhere. |
8 |
|
9 |
fe80::214:f600:b67e:b4db is the link local address of the upstream router, |
10 |
which is also configured as dead:beef:2::1/48. |
11 |
It is required that all hosts are access via, and get access though, the |
12 |
firewall we control. The upstream router can have changes made to it if |
13 |
required, but it's not good to keep bothering the ISP. |
14 |
|
15 |
Now I think I understand what's wrong. The upstream router needs a route to |
16 |
dead:beef:2:1::/49 (or similar to cover any and all of our "internal" |
17 |
networks) via dead:beef:2::11, and be configured as dead:beef:2::1/64 instead |
18 |
of /48. Then it would route packets for dead:beef:2:136:204:23ff:fed7:e86a to |
19 |
dead:beef:2::11, rather than soliciting a link-local address for it. |
20 |
Have I got that right? |
21 |
|
22 |
Cheers |
23 |
|
24 |
-- |
25 |
Mike Williams |
26 |
-- |
27 |
gentoo-user@g.o mailing list |