# Gentoo server not reachable through ipv6

## jhon987

Can someone please explain the steps needed for a gentoo server to be accessible through an ipv6 address?

I read the guide about ipv6 router which explains a bit about forwarding (https://wiki.gentoo.org/wiki/IPv6_router_guide) but what about incoming connections? the networking guide (https://wiki.gentoo.org/wiki/Handbook:X86/Full/Networking) doesn't really get in details regarding ipv6.

My web host has documentation for other Linux distros (https://www.vultr.com/docs/configuring-ipv6-on-your-vps) but none of these files exists in gentoo.

At the moment when I try: ping6 -c 3 2001:....  I only get the following from my local machine: 

```
connect: Network is unreachable
```

through ssh though:

```
3 packets transmitted, 3 received, 0% packet loss, time 2087ms
```

What am I missing?

(the IP address referred to is the one with 'global' flag shown in ifconfig)

----------

## Tony0945

Are you sure your ISP provides ipv6 service? Mine doesn't.

----------

## NeddySeagoon

jhon987,

First, check connectivity out from both ends. 

```
$ ping6 google.com

PING google.com(lhr35s01-in-x0e.1e100.net) 56 data bytes

64 bytes from lhr35s01-in-x0e.1e100.net: icmp_seq=1 ttl=57 time=17.6 ms

64 bytes from lhr35s01-in-x0e.1e100.net: icmp_seq=2 ttl=57 time=17.6 ms
```

On you server, /etc/conf.d/net needs to look like

```
# make sure use use iproute2

modules="iproute2"

config_eth0="5.x.y.z netmask 255.255.255.224 brd 5.x.y.z

             2a01:dead:beef:c::2/64"

routes_eth0="default via 5.x.y.z

             default via fe80::1"
```

You need to use an IP address from the /64 you have been allocated, not the fake one above

This gets you a routing table like

```
$ ip -6 route show dev eth0

2a01:dead:beef:c::/64 proto kernel metric 256 pref medium

fe80::/64 proto kernel metric 256 pref medium

ff00::/8 metric 256 pref medium

default via fe80::1 metric 2 pref medium
```

If you add your server to /etc/hosts, or point an AAAA record to it you can ssh by name. 

Otherwise ssh -6  2a01:dead:beef:c::2 should work.

You may need to discover the router you are connected to with a router discovery message.

----------

## eccerr0r

Oddly enough, when my router advertised that it has IPV6/SLAAC, Gentoo and I suspect NDS automatically generated a public IPV6 address for each of my machines.  How are you setting up IPV6 - is your ISP routing an IPV6 address space to you router via 6rd or otherwise?  Things should just work real easy as it is if router discovery/SLAAC is enabled on the router.

Or are you planning on doing tunneling to a broker like Hurricane or Freenet6?  If you're doing the tunneling on the machine you want to access ipv6, then this can get a bit more involved...

----------

## jhon987

@Tony0945 I suspect you've touched the bone of contention.

@NeddySeagoon as always your experienced advice are priceless

@eccerr0r just like Tony0945 you've hit the target at the bull's eye.

So, I recall I've red somewhere years ago that in order to use IPv6 I need an ISP that supports it. Now, I thought that only applies to my router/connection having an ipv6 address, didn't thought it also applies to me visiting ipv6 external IPs. All of your comments made me realize I'm probably wrong.

I know my ISP doesn't support IPv6 at the moment (or for the very least I'm not getting such support), so that's probably the issue here.

I've tried pinging google.com as per @NeddySeagoon advice yet I received:

```
 $ ping6 google.com

connect: Network is unreachable
```

which seems to me is the answer to my question.

So, I gather that nowadays even if my ISP doesn't supports it I could still enable IPv6 through tunneling or through my router or via Unicast Addresses (http://www.funtoo.org/IPv6_Networking). Do you guys have any recommendation which one I should use? (I only need it for testing purposes...)

----------

## NeddySeagoon

jhon987,

You need an IPv6 over IPv4 tunnel because you need an IPv6 path through your ISP that doesn't provide IPv6.

Your IPv6 has to get to the internet somehow.

First step is to phone your ISP and see if you can get IPv6.

Then your router needs to support it.

If you can't get native IPv6 you need a tunnel.

To host servers over a tunnel you need a static far end IPv6 address.

You can play on your own LAN with the link address or get a bit more adventurous with site local addresses.

link address need an IPv6 transparent switch, they are not routable.  Site local addresses need an IPv6 aware router, (if you want to route them)

----------

## eccerr0r

It's actually kind of funny with me.

Normally my ISP wants me to have a fairly late model router that supports IPV6.   Eventually I was able to get one from a thrift shop, and thus IPV6 worked for me. 

At that point I was trying to get my pfSense router to work on my network as it has a neat LCD that shows me system status.  I sort of didn't quite understand ipv6 at that point and my pfSense router seems to sometimes botch up ipv6 since it too was advertising as a IPV6 router, and probably depending on luck of the draw, it would or wouldn't work.

However, one day, that IPV6 ISP router died, and I had to revert back to an IPV4 router.  I assumed IPV6 was now just a memory.  Turns out I was wrong. I had more or less copied off my ISP's 6rd tunnel endpoint configuration onto my pfSense router, and after mucking with a bit, pfSense started routing ipv6 properly and thus enjoying it once more.

The pfSense router now handles both ipv4 NAT and ipv6 SLAAC/routing.

Someday I should set up the 6RD routing on one of my vhosts - that pfSense 1U rackmount box is quite noisy...

----------

## jhon987

Thanks

----------

