| 1 |
On Thursday 19 July 2007 16:12:18 Etaoin Shrdlu wrote: |
| 2 |
> More precisely, it seems that these neighbor solicitation messages come |
| 3 |
> from the far end router, like it somehow believes that your internal |
| 4 |
> host is on its same subnet, and is trying to resolve its ipv6 address to |
| 5 |
> its link layer address (similar to what ARP does in ipv4). |
| 6 |
> Is fe80::214:f600:b67e:b4db the address of your provider's router? |
| 7 |
> There could be a misconfiguration somewhere. |
| 8 |
|
| 9 |
fe80::214:f600:b67e:b4db is the link local address of the upstream router, |
| 10 |
which is also configured as dead:beef:2::1/48. |
| 11 |
It is required that all hosts are access via, and get access though, the |
| 12 |
firewall we control. The upstream router can have changes made to it if |
| 13 |
required, but it's not good to keep bothering the ISP. |
| 14 |
|
| 15 |
Now I think I understand what's wrong. The upstream router needs a route to |
| 16 |
dead:beef:2:1::/49 (or similar to cover any and all of our "internal" |
| 17 |
networks) via dead:beef:2::11, and be configured as dead:beef:2::1/64 instead |
| 18 |
of /48. Then it would route packets for dead:beef:2:136:204:23ff:fed7:e86a to |
| 19 |
dead:beef:2::11, rather than soliciting a link-local address for it. |
| 20 |
Have I got that right? |
| 21 |
|
| 22 |
Cheers |
| 23 |
|
| 24 |
-- |
| 25 |
Mike Williams |
| 26 |
-- |
| 27 |
gentoo-user@g.o mailing list |
Archives