On Wed, Jun 01, 2016 Nathan Beard <[log in to unmask]> wrote:
> Is there a particular reason why the IPv6 address for route server #1
..
Hmm, it is reachable for me and 30 others on the exchange. There are two
connected to RR#2 via IPv6 that aren't on #1 & you are one of those.
RR#2 can ping you, but RR#1 gets nothing back.
FWIW: I don't know of your policies, but I can't ping your IPv6 endpoint
from my (ie. ipHouse) network either, nor can I connect to your endpoint
on the BGP port from RR#1.
IPv6 NDP on RR#1 can't seem to resolve you, which is probably why pings
and BGP connects don't work.
Although I do see BGP traffic sessions coming in from you if I
tcpdump, I can't seem to do the neighbor discovery (ie. IPv6 ARP
method) to get your address though.
09:05:45.022173 IP6 2001:504:27::8e16:0:1.36711 > 2001:504:27::d1af:0:1.179: Flags [S], seq 1656210645, win 16384, options [mss 1440,wscale 0,eol], length 0
09:05:47.023930 IP6 2001:504:27::8e16:0:1.36711 > 2001:504:27::d1af:0:1.179: Flags [S], seq 1656210645, win 16384, options [mss 1440,wscale 0,eol], length 0
09:05:51.025407 IP6 2001:504:27::8e16:0:1.36711 > 2001:504:27::d1af:0:1.179: Flags [S], seq 1656210645, win 16384, options [mss 1440,wscale 0,eol], length 0
09:05:59.027328 IP6 2001:504:27::8e16:0:1.36711 > 2001:504:27::d1af:0:1.179: Flags [S], seq 1656210645, win 16384, options [mss 1440,wscale 0,eol], length 0
But the biggest problem is that RR#1 can't seem to get back to you.
Could you check your filters for IPv6, particularly with reguard to ND
facing the route servers? There are no filters being run on the RR machines.
(ssh et. al filtering is handled upstream).
--
Doug McIntyre <[log in to unmask]>
~.~ ipHouse ~.~
Network Engineer/Provisioning/Jack of all Trades
