I'm attempting to set up an IPv6 testbed. Very basic: Just two Ubuntu Linux boxes talking to each other over a LAN. Both boxes have working IPv4 connectivity, but I have had no luck using SSH over IPv6. Following this HOWTO, I've given both machines addresses in the site local range (fec0::). On the first box, I ran:
sudo ifconfig eth0 inet6 add fec0::1/64
And on the second, I ran:
sudo ifconfig eth0 inet6 add fec0::2/64
I then checked the routing table, and each appears to have a route to that network going through the eth0 interface. Next, I added an entry in /etc/hosts
pointing from the second box to the first. But when I then try to SSH from the second box to the first, the SSH client simply hangs. No error or anything. If I run tcpdump
on the client, I see no IPv6 traffic at all. What's going on?
Note that if I SSH to the ip6-localhost
address from the server machine to itself, it works fine, so it doesn't seem to be an SSH problem. Any help greatly appreciated.
First, if you have
ufw
installed, check/etc/default/ufw
to see if theIPV6=no
option is set. You'll have to set this toyes
orufw
will firewall all IPv6 traffic by default.After doing this, try some basic diagnostics that you should know about as you're learning IPv6.
The first thing you should do is install the
ndisc6
package and then try to do a neighbor solicitation. (this is the equivalent of doing an ARP request in IPv4)Note, you'll need the
universe
repository enabled for this.Then, from your first machine:
This will ensure that you can find the MAC address for
fec0::2
.(Note, the
ndisc6
package also comes with a handy utility calledrdisc6
which can be useful if you have an IPv6 router on your network; it will check to see if the router is correctly responding.)After validating that neighbor discovery works, next try
ping6 fec0::2
.Other diagnostics you might want to post if you're still having problems:
We'll need a little more info to really help -- For starters, can you successfully ping between the two hosts over IPv6? If you can't ping you've got a more basic issue to sort out still...
Assuming you can ping (basic connectivity works) double check in netstat (or by SSHing to the fec0::N address from the local box) to make sure your SSH daemon is listening on the IPv6 addresses you're trying to use. You might need to edit your sshd.conf file and/or restart sshd so it realizes there are new v6 addresses to listen on.