Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DCO server gateway monitoring error / dpinger route error IPv6

    Scheduled Pinned Locked Moved OpenVPN
    2 Posts 1 Posters 94 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      ddbnj
      last edited by ddbnj

      I have the weirdest error I can't figure out.

      I have two openvpn servers for remote access.

      I have verizon which does not provide an ipv6 address for the wan interface, only a prefix.

      The servers are running well and tunneling all ipv4 and ipv6 traffic is working.

      I assigned an unused GUA /64 subnet to each openvpn server instance.

      The error I am getting from dpinger is that the ipv6 gateway is down for the DCO instance, but not the non-DCO version.

      If I ping the DCO ipv6 interface, the auto source is an adjacent GUA:

      XXXX;XXXX;XXXX:XXX6::/64 --> XXXX:XXXX:XXXX:XXX7::/64 failed (of course)

      I cannot find a route entry that explains why it's using that interface to ping from.

      The non-DCO pinging and dpinger works fine.

      Anyone want to share a working configuration for openvpn dco ipv6 tunnel?

      Thanks,

      Devan

      ping.png

      route.png

      D 1 Reply Last reply Reply Quote 0
      • D
        ddbnj @ddbnj
        last edited by

        I reviewed DCO limitations and the document states that openvpn /DCO should honor kernel level routes. I added static routes (although dpinger should do this as well) and that didn't fix anything.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.