- Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.
News:
Welcome to Hurricane Electric's Tunnelbroker.net forums!
Recent posts
#21
Questions & Answers / Bug in tunnelbroker.net when u...
Last post by sebastiannielsen - March 02, 2024, 07:32:39 PMNoticed a weird bug when updating Client endpoint IP for my tunnel in:
Version 124.0.2437.0 (Officiell version) canary (64 bitar)
When entering the new Client IP in tunnel settings, and then clicking anywhere else to confirm, it would just do nothing. It would only react if you entered a deliberately incorrect IP (as in... 256.256.256.256 - then it would say incorrect format).
I first tought the server which sends the ICMP had changed from 66.220.2.74 (my ICMP permit firewall rule is pinned to 66.220.2.74) but then I looked in firewall logs and saw no rejected ICMP packets.
So apparently it would not fire a request to tunnelbroker's servers when updating client IP.
So I switched browser to a older version:
Version 123.0.2420.10 (Officiell version) beta (64 bitar)
THEN it worked to update client IP and the ICMP packet was sent.
So you might want to look into the page and check the javascript code that handles updating Client IP, and check why it doesn't work in:
Version 124.0.2437.0 (Officiell version) canary (64 bitar)
but does work in:
Version 123.0.2420.10 (Officiell version) beta (64 bitar)
Version 124.0.2437.0 (Officiell version) canary (64 bitar)
When entering the new Client IP in tunnel settings, and then clicking anywhere else to confirm, it would just do nothing. It would only react if you entered a deliberately incorrect IP (as in... 256.256.256.256 - then it would say incorrect format).
I first tought the server which sends the ICMP had changed from 66.220.2.74 (my ICMP permit firewall rule is pinned to 66.220.2.74) but then I looked in firewall logs and saw no rejected ICMP packets.
So apparently it would not fire a request to tunnelbroker's servers when updating client IP.
So I switched browser to a older version:
Version 123.0.2420.10 (Officiell version) beta (64 bitar)
THEN it worked to update client IP and the ICMP packet was sent.
So you might want to look into the page and check the javascript code that handles updating Client IP, and check why it doesn't work in:
Version 124.0.2437.0 (Officiell version) canary (64 bitar)
but does work in:
Version 123.0.2420.10 (Officiell version) beta (64 bitar)
#22
Questions & Answers / Re: 500 Internal Server Error
Last post by Napsterbater - March 02, 2024, 03:34:01 PMI'm getting a HTTP 500 error when trying to create a tunnel.
Inputting the IP shows
Checking address...
But it never completes, and if you click the create tunnel button you get the 500 error.
Inputting the IP shows
Checking address...
But it never completes, and if you click the create tunnel button you get the 500 error.
#23
Questions & Answers / Re: 500 Internal Server Error
Last post by kcochran - March 01, 2024, 12:02:19 PMPlease retry
#24
Questions & Answers / 500 Internal Server Error
Last post by timhp - March 01, 2024, 08:39:41 AMHTTP/1.0 500 Internal Server Error
Date: Fri, 01 Mar 2024 12:53:27 GMT
Server: Apache/2.4.52 (Ubuntu)
Hello, updating by url (@ipv4.tunnelbroker.net/nic/update?hostname=) does not work.
Date: Fri, 01 Mar 2024 12:53:27 GMT
Server: Apache/2.4.52 (Ubuntu)
Hello, updating by url (@ipv4.tunnelbroker.net/nic/update?hostname=) does not work.
#25
General Questions & Suggestions / Re: Notify's not taking effect...
Last post by beewoolie - February 25, 2024, 04:19:40 PMA search of this forum didn't turn up anything with the NOTIFY, but a search of the net did.
The issue is that the notification target is not the same as the DNS host that pulls the zones. Zones are pulled by slave.dns.he.net. Notifications to to ns1.he.net. Once I change this, I believe the updates occur reasonably quickly.
Cheers
The issue is that the notification target is not the same as the DNS host that pulls the zones. Zones are pulled by slave.dns.he.net. Notifications to to ns1.he.net. Once I change this, I believe the updates occur reasonably quickly.
Cheers
#26
General Questions & Suggestions / Notify's not taking effect?
Last post by beewoolie - February 25, 2024, 04:06:57 PMGreetings.
From time to time, when I want to move a service, I edit a zone on the master server and have it notify the HE server which is active as a slave. Eventually, he pulls the zone and make the update, but this is often hours later.
Is there some detail about a zone that limits notified updates?
I also try the "Validate" button which has an effect of pulling the zone from the master. I can see that the HE server has requested the zone due to a tsig request in the logfile of the master. However, the zone still doesn't update on he.net, even after 30 minutes.
Any suggestions?
From time to time, when I want to move a service, I edit a zone on the master server and have it notify the HE server which is active as a slave. Eventually, he pulls the zone and make the update, but this is often hours later.
Is there some detail about a zone that limits notified updates?
I also try the "Validate" button which has an effect of pulling the zone from the master. I can see that the HE server has requested the zone due to a tsig request in the logfile of the master. However, the zone still doesn't update on he.net, even after 30 minutes.
Any suggestions?
#27
Questions & Answers / HE tunnel issues for Apple dev...
Last post by cshilton - February 25, 2024, 02:37:18 PMI don't have two much information about this right now. Having said that, I've noticed that my Apple devices, iPads, and iPhones, are having trouble connecting to my network when the HE tunnel is up and active. When I reboot my iPad, it comes up and doesn't indicate that it's connected to my WiFi. I give it a minute, then connect it to the WiFi either in Setup or by pulling down the control pad and toggling the WiFi off, then back on once, quickly. If I do this in Setup, most of the time the device will have an error message: "No Internet Connection". Toggling the WiFi off and then back on solves the "No Internet Connection" problem and things just work as I expect them to from then on.
Turning off SLAAC so devices don't get an IPv6 address automatically fixes this problem.
I've taken a tcpdump of my iPad starting and I'm looking to see what IPv6 traffic the iPad is trying to send at startup. Nothing is being blocked and nothing looks out of the ordinary.
Has anyone else seen anything like this? Did my google searches on the subject fail because I looked for the wrong thing or because this problem is too obscure?
Turning off SLAAC so devices don't get an IPv6 address automatically fixes this problem.
I've taken a tcpdump of my iPad starting and I'm looking to see what IPv6 traffic the iPad is trying to send at startup. Nothing is being blocked and nothing looks out of the ordinary.
Has anyone else seen anything like this? Did my google searches on the subject fail because I looked for the wrong thing or because this problem is too obscure?
#28
Questions & Answers / Re: abuse warning but tunnel w...
Last post by anzial - February 13, 2024, 10:29:51 PMwell, now I get the "abuse" message AND the tunnel no longer works.
#29
General Questions & Suggestions / Support for SVCB and HTTPS rec...
Last post by cdauth - February 11, 2024, 07:27:16 PMI just stumbled across this article explaining the new SVCB and HTTPS record types: https://blog.cloudflare.com/speeding-up-https-and-http-3-negotiation-with-dns
Basically they can instruct clients to load a website through HTTP/3 straight away without having to make a HTTP/2 request first (to look for an Alt-Svc header) and without having to make a HTTP request first (to see if there is a redirect to HTTPS).
I would love to be able to add such records in my HE DNS configuration. Or maybe there is already a way?
Basically they can instruct clients to load a website through HTTP/3 straight away without having to make a HTTP/2 request first (to look for an Alt-Svc header) and without having to make a HTTP request first (to see if there is a redirect to HTTPS).
I would love to be able to add such records in my HE DNS configuration. Or maybe there is already a way?
#30
Questions & Answers / Re: Google forcing ReCAPTCHA o...
Last post by ChrisDos - January 25, 2024, 06:05:09 AMQuote from: cecilspiqwuc on January 25, 2024, 01:19:24 AMI first noticed this issue with Google search also, then it slowly spread across all Google Services, and now I basically find that the entire 2001:470:: address space, or maybe the entire HE.NET domain, is basically blacklisted.
I no longer get Captcha challenges, I am immediately met with HTTP 403 - Forbidden everywhere I go regardless of the browser, app, device, or operating system.
Netflix, Microsoft, Google, Apple, Samsung, Github, mozilla, live.com, Amazon, banks, paypal, ticketmaster, walmart, etc. I even get 403 errors in the browser console from advertising networks. Then things got worse, basically any site/app that uses cloudflare or AWS gives me a 403 error. Now I even get 403 errors from major DNS services - CloudFlare, GooglePublic DNS, SafeDNS, OpenDNS, Quad9 are all blocking DNS requests of any type from my he.net tunnel.
Disabled the tunnel and all problems immediately disappear. Re-enable tunnel and problems return.
I tried deleting my tunnel then creating a new tunnel to different North American site with both /64 and /48 networks in order to obtain a new prefix. I have tried tunnels to Seattle/Beaverton, Fremont, Ashville, Denver, and Phoenix. They worked at first but all ended up the same after the first few hours.
Then add insult to injury I also found I could not create a AAAA DNS record that contained a he.net tunnel address because the DNS service provider said the address space is prohibited.
I finally just gave up and disabled IPv6 on my connection, then deleted my HE.NET tunnels in my account and I'm just going to let the account fade away.
Whatever.....
Boy, I had not idea it had gotten that bad. I was waiting for it to clear up again before re-enabling it, but based on what you were saying, I don't think that is going to happen.
Time to look to see if there is another provider of of IPv6 tunnels. It sure is a lot of work on my end to switch everything over if an alternative exists.