# IPv6 6to4 tunneling help needed

## foobar.bernie

Hello everyone,

this is my first post after being a frequent reader of the Gentoo forum since 2004.

Studying the Gentoo router guide at http://www.gentoo.org/doc/en/ipv6.xml I tried to configure my own 6to4 tunnel but never got it to work.

I am trying to setup a virtual box on my root server with a /64 ipv6 subnet as the remote tunnel:

```
( Home Router :: 6to4tun ) <-------> ( Internet ) <----------> ( 4to6tun :: VirtBox IPv6 )
```

Home Router config:

```
# Remote tunnel server v4 IP address

ip_remote=***.***.***.***

# My /64 IPv6 subnet at the data center

ipv6_subnet=****:****:****:****::

# create tunnel to remote box

ip tunnel add 6to4tun mode sit remote ${ip_remote} ttl 128 dev eth0

# tunneling overhead

ip link set 6to4tun mtu 1280

# starting tunnel

ip link set 6to4tun up

# assign an IPv6 address

ip addr add ${ipv6_subnet}b00 dev 6to4tun

# route all global unicast IPv6 addresses through the tunnel

ip -6 route add 2000::/3 dev 6to4tun
```

Remote tunnel config:

```
# Router IP v4 address

ip_router=***.***.***.***

# My /64 IPv6 subnet at the data center

ipv6_subnet=****:****:****:****::

# create tunnel to router

ip tunnel add 6to4tun mode sit remote ${ip_router} ttl 128 dev eth0

# tunneling overhead

ip link set 6to4tun mtu 1280

# starting tunnel

ip link set 6to4tun up

# assign an IPv6 address

ip addr add ${ipv6_subnet}f00 dev 6to4tun
```

I think I am doing something terribly wrong. Any help is very appreciated.

//Bernie

----------

## truc

I don't know what is ${ipv6_subnet}b00 and f00 for the remote side, are, I have a netmask instead?

Other than that, it looks right to my inexpert eyes. The best way to see what's happening is to monitor with tcpdump and your firewall log, since you have some forwarding to allow.

Try to monitor on both sides at the same time, it should be easier.

Also, if you plan to continue posting here, consider showing us the routing table, your firewall rules ip{,6}tables-save and so on. You can hide you IP if you want, but try to make something up which is easy to read!

----------

