ot, configuring ipv6 routing to tap device

[Gregory Nowak]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello all.

Apologies for the off topic post, but since those happen on and off
here anyway, I thought I'd post my quandary, and see if someone might
be able to help.

Like the subject says, I'm trying to get ipv6 traffic routed to a tap
device. Let me explain in detail. I have a user-mode linux vm running
on a host system. The vm is able to communicate with the host, my lan,
and the rest of the world just fine via ipv4 over a persistent tap
device, tap0. I'm trying to get the vm to use ipv6. I have a routed
prefix, the machines on my lan can talk to each other, and the world
over ipv6, and the world can in turn talk to all of them over ipv6.

For the purposes of my post, let's say I'm using the 2001:db8::/32
address space, though I am in fact using a routed address
space. Here's what I have, tap0 on the host is configured as
2001:db8::1/32, and eth0 inside the vm is configured as
2001:db8::2/32. If I use telnet from inside the vm to try to connect
to the host, my lan, or the world, I get network is unreachable. If I
run tcpdump on the tap0 interface on the host, I can see neighbor
solicitations going out from the vm, but tap0 is as far as those
packets go. If I try to connect to the vm from the host, or my lan, I
get no route to host, and no packets appear on the host's tap0
interface. 

So, it looks like the vm and tap0 are setup just fine, and I need to
figure out how to route ipv6 traffic between the tap
device/host/lan/world. If on the host I do
ip -6 route add 2001:db8::2
I can then connect to all ports on the host system from inside the vm,
but I still can't connect to my lan/world from the vm, and the
host/lan/world still can't connect to the vm, coming back with no
route to host.

During my googling, I've found people with the same issue on the
user-mode-linux-users list, but no solution. This looks like it
definitely should work if configured right, so I'm assuming the people
that had this problem either solved it, and didn't share with that
list, or they just gave up on it. Other pages on the web indicate that
simply assigning an address to the vm, and to the tap device should be
enough to make things work, but it obviously isn't, at least not for
me, and for others as far as I can gather from my research.

So, can someone please explain where I'm going wrong, and how to do it
correctly? If I come across something that works, I'll post back, so
that this is at least documented somewhat out on the web. If more info
is needed, please let me know.

Once I get this working, since there's no need for the tap device
to have a routed ip as far as I can tell, what I'd like to do if
possible, is to in fact really place the tap device, and the vm on the
2001:db8::/32 address space, and also assign a routable ip to eth0 inside
the vm, assuming that is possible, and could be made to work. Thanks
in advance for any help.

Greg


- -- 
web site: http://www.romuald.net.eu.org
gpg public key: http://www.romuald.net.eu.org/pubkey.asc
skype: gregn1
(authorization required, add me to your contacts list first)

- --
Free domains: http://www.eu.org/ or mail dns-manager at EU.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkoPH4IACgkQ7s9z/XlyUyDBhwCg0TlCHfac/Fi8q9DpcSkzwL4V
5pwAoLCM+PXOAqA7qb4gJFgXJkOCjKEf
=z0qn
-----END PGP SIGNATURE-----