looks like I can still get to my consoleā€¦ that's a good thing pkg upgrade done, rebooting i could use some help if anyone's up what kind of help? i did a release-upgrade yesterday. it installed a bunch of stuff and the rebooted. after the reboot it took a loooong time to come back, and i thought it was dead, so i did a reboot via the console. now it's on the rescue mode installer main menu is that linux? ubuntu yeah, sorry, I don't run linux anywhre np thanks! jbum: which sort of Linux Ubuntu 14.04 I don't know anything about Ubuntu but if they're using grub2 there's all sorts of contortions the OS must do to get a new kernel to boot see what the kernel list looks like at boot if it is really busted your files are probably still there at least... alright! distro updated to FreeBSD 9.3-RELEASE-p24 only a few weeks after the CVE came out :) heading back to reboot my tmux + emacs + irc client there we are. does emacs + irc client mean erc? no irc.el older, but I know it better because I contributed to it heh missing some modern features though There's really not much "modern" to IRC though what's the simplest way of giving my laptop ipv6 using my arp v6 connectivity? considering your laptop is mobile, probably OpenVPN ahh, that's right openvpn does v6 nw since a gif tunnel would have you updating both sides whenever you changed external IP's. Plus gif would require external IP's on both sides. That it does. I've used it extensively in fact - whenever I VPN to my home, I get an IPv6 address :D From the OpenVPN side, it's as simple as adding the right server-ipv6 line to the server (might be a route push too, can't recall its syntax though) what would Iuse for my v6 server address the /64 that's already routed to my box? inet6 2607:f2f8:3080:: prefixlen 64 or should it be a part of the /48 that's not the /64? or wait... the whole /48 is routed to me, so I could use 2607:f2f8:3080:beef::/64, right? Correct it will need to be a whole /64, slicked from a larger subnet *sliced so like my second example? Right Incidentally, :beef: is the same subnet I use for my OpenVPN :D push "route-ipv6 2000::/3" That's what she said!! BryceBot: no Oh, okay... I'm sorry. 'push "route-ipv6 2000::/3"' ^ That's the server line to default all ipv6 traffic over the openvpn connection Hmm. missing a route oh - not just server-ipv6? need both lines? still don't have default v6 route yeah... it didn't add the route Yes you need both lines With those two lines, it "Just Works" for me. You might have client-side issues, maybe? OpenVPN's -v is your friend where does 2000::/3 come rom is that "all public routable"? Yep Aggregatable Global Unicast Addresses still not seeing that route If you had ::0/0 that covers link-local traffic and the like. Some OS will still behave properly, others will not. https://community.openvpn.net/openvpn/wiki/IPv6 guess you might need tun-ipv6 too (which I have too, just forgot about) that's implied by server-ipv6 as a push or a local? I'm getting the right /64 addrs just local in my config do you have any of those rtadv things running? For reference, this is my full openvpn server config http://sprunge.us/ZgER (It's not exactly "bare-bones" so there's lots that doesn't apply to getting ipv6 working.) I do, but they don't get routed over th vpn I figure at some point, I should be seeing a route to 2000::/3 but not happening RandalSchwartz: you should see in your openvpn client's verbose output (at least --verb 4) the parsing of information from the server, including pushed routes and addresses Oh! typo push "route-ipv6 2000://3" No buena Ok... with the typo fixed, I can ping my server, but nothing beyond do I need to add a default route on the server? linux has ipv6 routing / forwarding setting not sure about freebsd well - that's weird yeah - I have a default outbound route that says "here arp, go find 'em" via the link local maybe I need to advertise the new /64 somewhere? but I thought it automatically goes to me because of the /48 Yeah for inbound. Do you have your server setup for forwarding? Any firewalling blocking it? If you tcpdump on your external interface, do you see the ip6 traffic, indicating that everything I mentioned is working right and it's something else? > /etc/rc.conf >> ipv6_router_enable="YES" net.inet6.ip6.forwarding: 1, net.inet6.ip6.redirect: 1, etc ipv6_gateway_enable=YES (I can't really help with configuring the server's OS as that get into specifics that I just don't know, sorry.) no parameter called router_enable so maybe arp isn't routing the whole /48 to me (Remember mnathani_, RandalSchwartz is running 9.x) RandalSchwartz: mtr shows that it is that would make sense hmm well... something isn't letting it bend the corner But seriously, check with tcpdump, see whether any ip6 traffic is being routed out or not. Double check that the tun interface for your server has the IP's assigned too. It should, openvpn usually does that automatically. But it's worth checking. is your default gateway somthing like fe80::1 ? yeah - they all looked good on both sides yes (Yeah of course it looked good on both sides - you said you could ping the server at least) on the ARP server end yes - that would be one of the two sides. :) If the arp end weren't configured right, then he'd have 0 traffic whatsoever (0 ipv6 traffic, that is) anyway - this isn't an urgent need... I'm just working out how to upgrade my 8.x syntax to 9.x I was sondering if this was still only the /64 rather than the entire /48 and figured I'd also see if I could get the VPN to work s/sond/wond I was wondering if this was still only the /64 rather than the entire /48 I've got other things to do today... but thank you for the help already. you *did* prove that something in the /48 but not the /64 is routed right? Right ok - so the real question is whether I'm routing outbound then Bingo. Hence why I keep telling you to tcpdump :P yeah - I'll do that next time I get curious about this. :) that'd be dumping the fe80 I'd say "tcpdump -i em0 -nn network 2607:f2f8:3080:beef::/64" or so Either you see the traffic leaving your box and you figure out why it's not routing correctly, check the addresses etc. Or it's not leaving your box and you have an internal configuration issue to sort out.