Member
Posts: 138
Registered: ‎02-19-2013
Kudos: 17
Solutions: 6
Accepted Solution

Ipv6 tunnel config - RTNETLINK Permission denied

[ Edited ]

I'm not sure what I'm doing wrong here.  I set up a tunnel with Hurricane electric and started trying to use http://wiki.ubnt.com/IPv6_-_CLI_Commands as a guide to config the router.

 

Hurricane electric gave me the following:

Server IPv4 Address:209.51.161.58
Server IPv6 Address:2001:470:4:da0::1/64
Client IPv4 Address:XXXXXXX
Client IPv6 Address:2001:470:4:da0::2/64
Routed IPv6 Prefixes
Routed /64:2001:470:5:da0::/64
Routed /48:2001:470:db68::/48

 

So far I have been unable to

"set interfaces tunnel tun0 address 2001:470:4:da0::/64"

"set interfaces tunnel tun0 address 2001:470:4:da0::1/64"

"set interfaces tunnel tun0 address 2001:470:4:da0::2/64"

or

"set interfaces tunnel tun0 address 2001:470:5:da0::/64"

 

without running into "RTNETLINK answers: Permission denied"

 

 

It would also be nice if I could DDNS update my ipv4 address Hurricane electric from the router.  Feature request?


Accepted Solutions
Regular Member
Posts: 371
Registered: ‎03-31-2013
Kudos: 230
Solutions: 22

Re: Ipv6 tunnel config - RTNETLINK Permission denied

My guess is that you have IPv6 disabled. If yes, run the following commands:

 

configure
delete system ipv6 disable
commit
save 

 

You will normally be asked to reboot (done via 'reboot now')


Marcos

View solution in original post


All Replies
Previous Employee
Posts: 10,504
Registered: ‎06-09-2011
Kudos: 3141
Solutions: 945
Contributions: 16

Re: Ipv6 tunnel config - RTNETLINK Permission denied

Can you try doing:

delete interfaces tunnel tun0 address
set interfaces tunnel tun0 address 2001:470:4:da0::2/64
commit

 BTW, did you notice on HE tunnel broker there is a tab with example configs.  If you select the "os" as "vyatta", it will generate the exact CLI commands you need.

EdgeMAX Router Software Development
Member
Posts: 138
Registered: ‎02-19-2013
Kudos: 17
Solutions: 6

Re: Ipv6 tunnel config - RTNETLINK Permission denied

I gave that a try stig and its still comming back permission denied

Nick@router# delete interfaces tunnel tun0 address
Nick@router# set interfaces tunnel tun0 address 2001:470:4:da0::2/64
Nick@router# commit
[ interfaces tunnel tun0 address 2001:470:4:da0::2/64 ]
RTNETLINK answers: Permission denied

So still having an issue.  I even tried deleting the entire tunnel and just pasting the tunnelbroker commands but no luck.

 

 I saw the config example but wasn't sure if that was correct syntax. :-)

Previous Employee
Posts: 10,504
Registered: ‎06-09-2011
Kudos: 3141
Solutions: 945
Contributions: 16

Re: Ipv6 tunnel config - RTNETLINK Permission denied

Could you send the output of "sudo ip add sh"

EdgeMAX Router Software Development
Member
Posts: 138
Registered: ‎02-19-2013
Kudos: 17
Solutions: 6

Re: Ipv6 tunnel config - RTNETLINK Permission denied

sudo ip add sh
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN
    link/ether dc:9f:db:29:b0:e5 brd ff:ff:ff:ff:ff:ff
    inet 10.84.7.1/24 brd 10.84.7.255 scope global eth0
3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noqueue state DOWN
    link/ether dc:9f:db:29:b0:e6 brd ff:ff:ff:ff:ff:ff
    inet 10.1.1.1/24 brd 10.1.1.255 scope global eth1
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
    link/ether dc:9f:db:29:b0:e7 brd ff:ff:ff:ff:ff:ff
    inet 67.8.173.72/23 brd 255.255.255.255 scope global eth2
5: eth0.10@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
    link/ether dc:9f:db:29:b0:e5 brd ff:ff:ff:ff:ff:ff
    inet 10.0.10.1/27 brd 10.0.10.31 scope global eth0.10
6: eth0.7@eth0: <BROADCAST,MULTICAST> mtu 1500 qdisc noqueue state DOWN
    link/ether dc:9f:db:29:b0:e5 brd ff:ff:ff:ff:ff:ff
7: eth0.20@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
    link/ether dc:9f:db:29:b0:e5 brd ff:ff:ff:ff:ff:ff
    inet 10.0.20.1/24 brd 10.0.20.255 scope global eth0.20
10: sit0: <NOARP> mtu 1480 qdisc noop state DOWN
    link/sit 0.0.0.0 brd 0.0.0.0
11: tun0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1480 qdisc noqueue state UNKNOWN
    link/sit 67.8.173.72 peer 209.51.161.58

 

Previous Employee
Posts: 10,504
Registered: ‎06-09-2011
Kudos: 3141
Solutions: 945
Contributions: 16

Re: Ipv6 tunnel config - RTNETLINK Permission denied

Hmm, that all seems ok.  Could you try delete the interface tun0 and try recreating it as tun1 or reboot.

EdgeMAX Router Software Development
Member
Posts: 138
Registered: ‎02-19-2013
Kudos: 17
Solutions: 6

Re: Ipv6 tunnel config - RTNETLINK Permission denied

I tried both.  

First I deleted the tunnel interface and then created a new one with tun1 and when that failed I used tun2

When setting tun1or2 it gave me 'Cannot find device "tun1" '   (or "tun2")

 

I then rebooted and verified no tunnel config was present in the running config.

 

and tried again with tun2 as the name

configure
edit interfaces tunnel tun2
set encapsulation sit
set local-ip XXXXXXX
set remote-ip 209.51.161.58
set address 2001:470:4:da0::2/64
set description "HE.NET IPv6 Tunnel"
exit
set protocols static interface-route6 ::/0 next-hop-interface tun2
commit

Returned:

RTNETLINK answers: Permission denied

 

I'm not sure if this matters but my WAN interface is eth2.

 

Also just to establish I am on Version: v1.1.0

 

As of this moment my interface running config is as follows:

interfaces {
    ethernet eth0 {
        address XXXXXXXX
        duplex auto
        firewall {
            in {
                name eth0_in
            }
            local {
                name eth0_local
            }
        }
        speed auto
        vif 7 {
            description "Data Network"
            disable
            mtu 1500
        }
        vif 10 {
            address XXXXXXX
            description "Management Network"
        }
        vif 20 {
            address XXXXXXXX
            description "Security Network"
            mtu 1500
        }
    }
    ethernet eth1 {
        address XXXXXXXXXX
        disable
        duplex auto
        firewall {
            in {
                name eth1_in
            }
            local {
                name eth1_local
            }
        }
        speed auto
    }
    ethernet eth2 {
        address dhcp
        duplex auto
        firewall {
            in {
                name eth2_in
            }
            local {
                name eth2_local
            }
        }
        speed auto
    }
    loopback lo {
    }
}

 

 

Previous Employee
Posts: 10,504
Registered: ‎06-09-2011
Kudos: 3141
Solutions: 945
Contributions: 16

Re: Ipv6 tunnel config - RTNETLINK Permission denied

Not sure what to say since I can't reproduce it.  Could you try rebooting then 1st create the tunnel then add the IPv6 address.  Maybe that'll help isolating if the problem is in the tunnel create or adding the address.

configure
edit interfaces tunnel tun2
set encapsulation sit
set local-ip XXXXXXX
set remote-ip 209.51.161.58
set description "HE.NET IPv6 Tunnel"
exit
commit

 Then if that is successful:

set interfaces tunnel tun2 address 2001:470:4:da0::2/64
commit

set protocols static interface-route6 ::/0 next-hop-interface tun2
commit

 

EdgeMAX Router Software Development
Member
Posts: 138
Registered: ‎02-19-2013
Kudos: 17
Solutions: 6

Re: Ipv6 tunnel config - RTNETLINK Permission denied

[ Edited ]
Fails at this step:
Nick@router# set interfaces tunnel tun2 address 2001:470:4:da0::2/64
[edit]
Nick@router# commit
[ interfaces tunnel tun2 address 2001:470:4:da0::2/64 ]
RTNETLINK answers: Permission denied

 Banghead

Regular Member
Posts: 371
Registered: ‎03-31-2013
Kudos: 230
Solutions: 22

Re: Ipv6 tunnel config - RTNETLINK Permission denied

My guess is that you have IPv6 disabled. If yes, run the following commands:

 

configure
delete system ipv6 disable
commit
save 

 

You will normally be asked to reboot (done via 'reboot now')


Marcos
Previous Employee
Posts: 10,504
Registered: ‎06-09-2011
Kudos: 3141
Solutions: 945
Contributions: 16

Re: Ipv6 tunnel config - RTNETLINK Permission denied


@itsmarcos wrote:

My guess is that you have IPv6 disabled. If yes, run the following commands:

 

configure
delete system ipv6 disable
commit
save 

 

You will normally be asked to reboot (done via 'reboot now')

If you used one of the example SOHO configs, then this is likely the problem as mrjester disabled ipv6 in his example config to simplfy the firewall.

EdgeMAX Router Software Development
Highlighted
Previous Employee
Posts: 10,504
Registered: ‎06-09-2011
Kudos: 3141
Solutions: 945
Contributions: 16

Re: Ipv6 tunnel config - RTNETLINK Permission denied

We probably should add a check for if ipv6 is disable and if so give a more reasonable error message than "RTNETLINK Permission denied".

EdgeMAX Router Software Development