Hurricane Electric's IPv6 Tunnel Broker Forums

IPv6 Certification Program Topics => General Discussion => Topic started by: thinkdesignprint on August 03, 2010, 10:52:22 PM

Title: Explorer test - web browser not seeing ipv6
Post by: thinkdesignprint on August 03, 2010, 10:52:22 PM
Ok I've got a tunnel over PPTP...

I tested it...

Code: [Select]
C:\Users\Don>tracert -6 ipv6.he.net

Tracing route to ipv6.he.net [2001:470:0:64::2]
over a maximum of 30 hops:

  1   166 ms   171 ms   167 ms  2002:c058:6301::1
  2   170 ms   169 ms   169 ms  gige-g4-12.core1.lax1.he.net [2001:470:0:14e::1]

  3   164 ms   169 ms   178 ms  10gigabitethernet2-2.core1.fmt2.he.net [2001:470
:0:18d::1]
  4   241 ms   251 ms   169 ms  gige-g4-18.core1.fmt1.ipv6.he.net [2001:470:0:2d
::1]
  5   219 ms   171 ms   178 ms  ipv6.he.net [2001:470:0:64::2]

Trace complete.

http://ipv6.he.net/certification/validate-explorer.php says:  Your reported Internet Protocol Address is: 184.104.87.104

This is the IPv4 address that the pptp tunnel delivered.

I tried using opera as suggested by someone else but fail.

Not sure what I'm doing wrong to make the web broswers see the right ip?

Suggestions?

Cheers Don

Title: Re: Explorer test - web browser not seeing ipv6
Post by: broquea on August 03, 2010, 11:15:10 PM
The fun of using 6to4/teredo on dual-stacked pages is that the browser will simply prefer v4. Try not using 6to4 (2002::/16), and instead use the HE tunnel and you should be fine.
Title: Re: Explorer test - web browser not seeing ipv6
Post by: thinkdesignprint on August 04, 2010, 12:10:22 AM
The fun of using 6to4/teredo on dual-stacked pages is that the browser will simply prefer v4.

Ok that I understand. :)

Quote
Try not using 6to4 (2002::/16), and the HE tunnel, and you should be fine.

Ok that I don't understand...

How do I not use the tunnel?  What configuration should I be using?  What should I be reading that I haven't read yet?

Thanks for the help.

Cheers Don
Title: Re: Explorer test - web browser not seeing ipv6
Post by: broquea on August 04, 2010, 12:14:56 AM
Sorry should have been "and instead use the HE tunnel"
Title: Re: Explorer test - web browser not seeing ipv6
Post by: thinkdesignprint on August 04, 2010, 12:17:21 AM
Ok that makes more sense...  I'll have a look at that now then :)
Title: Re: Explorer test - web browser not seeing ipv6
Post by: thinkdesignprint on August 04, 2010, 12:27:04 AM
No, fail...

Ran
Code: [Select]
netsh interface teredo set state disabled
netsh interface ipv6 add v6v4tunnel IP6Tunnel 121.73.114.171 66.220.18.42
netsh interface ipv6 add address IP6Tunnel 2001:470:c:8e3::2
netsh interface ipv6 add route ::/0 IP6Tunnel 2001:470:c:8e3::1

ipconfig:
Code: [Select]

C:\Users\Don>ipconfig

Windows IP Configuration


Ethernet adapter Local Area Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : pointclark.net
   Link-local IPv6 Address . . . . . : fe80::f8a7:52a0:d56b:948b%9
   IPv4 Address. . . . . . . . . . . : 192.168.2.100
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.2.1

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Ethernet adapter Local Area Connection 3:

   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::d88e:f271:4599:6208%22
   IPv4 Address. . . . . . . . . . . : 192.168.56.1
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . :

route print:

Code: [Select]
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 22    276 fe80::/64                On-link
  9    281 fe80::/64                On-link
 22    276 fe80::d88e:f271:4599:6208/128
                                    On-link
  9    281 fe80::f8a7:52a0:d56b:948b/128
                                    On-link
  1    306 ff00::/8                 On-link
 22    276 ff00::/8                 On-link
  9    281 ff00::/8                 On-link
===========================================================================

I'm still missing something aren't it?

Cheers Don
Title: Re: Explorer test - web browser not seeing ipv6
Post by: broquea on August 04, 2010, 12:31:24 AM
Underneath the example commands is a *NOTE* about using your RFC1918 address if you are behind NAT. Try removing the interface then run the commands again but with the internal IP and not the IPv4 endpoint.
Title: Re: Explorer test - web browser not seeing ipv6
Post by: thinkdesignprint on August 04, 2010, 12:54:28 AM
Underneath the example commands is a *NOTE* about using your RFC1918 address if you are behind NAT. Try removing the interface then run the commands again but with the internal IP and not the IPv4 endpoint.

Opps... sorry, should have read the page more closely.

How do I remove the interface? 

I've been googling netsh (new to that as well sorry)...  I'm also not quite sure how to identify which is the right interface to remove.

Code: [Select]
C:\Users\Don>netsh interface ip show addresses

Configuration for interface "Local Area Connection 2"
    DHCP enabled:                         Yes
    InterfaceMetric:                      30

Configuration for interface "Bluetooth Network Connection"
    DHCP enabled:                         Yes
    InterfaceMetric:                      50

Configuration for interface "Wireless Network Connection"
    DHCP enabled:                         Yes
    IP Address:                           192.168.2.100
    Subnet Prefix:                        192.168.2.0/24 (mask 255.255.255.0)
    Default Gateway:                      192.168.2.1
    Gateway Metric:                       0
    InterfaceMetric:                      25

Configuration for interface "Local Area Connection"
    DHCP enabled:                         Yes
    InterfaceMetric:                      10

Configuration for interface "Local Area Connection 3"
    DHCP enabled:                         No
    IP Address:                           192.168.56.1
    Subnet Prefix:                        192.168.56.0/24 (mask 255.255.255.0)
    InterfaceMetric:                      20

Configuration for interface "Loopback Pseudo-Interface 1"
    DHCP enabled:                         No
    IP Address:                           127.0.0.1
    Subnet Prefix:                        127.0.0.0/8 (mask 255.0.0.0)
    InterfaceMetric:                      50

At a guess I'm suspecting "Local Area Connection 3" but it's not showing the v6 address.

Sorry to be such a knob here. :)

Cheers Don
Title: Re: Explorer test - web browser not seeing ipv6
Post by: thinkdesignprint on August 04, 2010, 01:19:01 AM
Ok I think I'm getting closer...

Code: [Select]
>netsh interface ipv6 delete interface IP6Tunnel
to remove the tunnel...

Then...
Code: [Select]
netsh interface teredo set state disabled
netsh interface ipv6 add v6v4tunnel IP6Tunnel 192.168.2.100 66.220.18.42
netsh interface ipv6 add address IP6Tunnel 2001:470:c:8e3::2
netsh interface ipv6 add route ::/0 IP6Tunnel 2001:470:c:8e3::1

Is that right?  or did I replace the wrong end point?

I tired this then ping -6 2001:470:c:8e3::1 (the gateway?) but got no answer...

Then I went back to opera again to do the exam test but that failed.

Cheers Don
Title: Re: Explorer test - web browser not seeing ipv6
Post by: cholzhauer on August 04, 2010, 04:58:25 AM
Have you assigned an address out of your routed /64 or /48 to your local area interface?

What's the output of ipconfig /all and netstat -nr ?
Title: Re: Explorer test - web browser not seeing ipv6
Post by: broquea on August 04, 2010, 07:48:44 AM
There is a chance that:

1) you need to put your Windows machine in the DMZ of the NAT appliance it is behind
2) your NAT appliance doesn't forward Protocol 41 (not port) to hosts behind it
Title: Re: Explorer test - web browser not seeing ipv6
Post by: thinkdesignprint on August 04, 2010, 03:07:55 PM
Have you assigned an address out of your routed /64 or /48 to your local area interface?
No, I didn't know I had to...
Quote
What's the output of ipconfig /all and netstat -nr ?

Code: [Select]
C:\Users\Don>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Don-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : pointclark.net

Ethernet adapter Local Area Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : TAP-Win32 Adapter V9
   Physical Address. . . . . . . . . : 00-FF-65-48-25-BC
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 00-1E-37-DE-88-1D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : pointclark.net
   Description . . . . . . . . . . . : Broadcom 802.11a/b/g WLAN
   Physical Address. . . . . . . . . : 00-21-00-08-27-5A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::f8a7:52a0:d56b:948b%9(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.2.100(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, 4 August 2010 3:12:58 p.m.
   Lease Expires . . . . . . . . . . : Thursday, 5 August 2010 8:17:17 p.m.
   Default Gateway . . . . . . . . . : 192.168.2.1
   DHCP Server . . . . . . . . . . . : 192.168.2.1
   DHCPv6 IAID . . . . . . . . . . . : 301998336
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0F-86-EA-D7-00-1E-68-41-72-5B

   DNS Servers . . . . . . . . . . . : 192.168.2.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : NVIDIA nForce Networking Controller
   Physical Address. . . . . . . . . : 00-1E-68-41-72-5B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection 3:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : VirtualBox Host-Only Ethernet Adapter
   Physical Address. . . . . . . . . : 08-00-27-00-00-C1
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::d88e:f271:4599:6208%22(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.56.1(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . :
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : pointclark.net
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter IP6Tunnel:

   Connection-specific DNS Suffix  . : pointclark.net
   Description . . . . . . . . . . . : Microsoft Direct Point-to-point Adapater
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:470:c:8e3::2(Preferred)
   Link-local IPv6 Address . . . . . : fe80::24fd:cf0:dfb2:d969%12(Preferred)
   Default Gateway . . . . . . . . . : 2001:470:c:8e3::1
   DNS Servers . . . . . . . . . . . : 192.168.2.1
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 7:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{C29FDE9E-E144-4195-BBBB-CA7431FB5
654}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 16:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 10:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{654825BC-ACE0-4F95-9660-AB79B1824
DEF}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 19:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{B5FD66AE-873B-458A-B3DC-0C753086D
2B5}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 20:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{BE571522-4184-4566-BF4D-EF00CC0A8
C94}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

C:\Users\Don>

Code: [Select]
C:\Users\Don>netstat -nr
===========================================================================
Interface List
 14 ...00 ff 65 48 25 bc ...... TAP-Win32 Adapter V9
 11 ...00 1e 37 de 88 1d ...... Bluetooth Device (Personal Area Network)
  9 ...00 21 00 08 27 5a ...... Broadcom 802.11a/b/g WLAN
  8 ...00 1e 68 41 72 5b ...... NVIDIA nForce Networking Controller
 22 ...08 00 27 00 00 c1 ...... VirtualBox Host-Only Ethernet Adapter
  1 ........................... Software Loopback Interface 1
 18 ...00 00 00 00 00 00 00 e0  Microsoft ISATAP Adapter
 12 ...00 00 00 00 00 00 00 e0  Microsoft Direct Point-to-point Adapater
 17 ...00 00 00 00 00 00 00 e0  isatap.{C29FDE9E-E144-4195-BBBB-CA7431FB5654}
 13 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 24 ...00 00 00 00 00 00 00 e0  isatap.{654825BC-ACE0-4F95-9660-AB79B1824DEF}
 23 ...00 00 00 00 00 00 00 e0  isatap.{B5FD66AE-873B-458A-B3DC-0C753086D2B5}
 25 ...00 00 00 00 00 00 00 e0  isatap.{BE571522-4184-4566-BF4D-EF00CC0A8C94}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.2.1    192.168.2.100     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.2.0    255.255.255.0         On-link     192.168.2.100    281
    192.168.2.100  255.255.255.255         On-link     192.168.2.100    281
    192.168.2.255  255.255.255.255         On-link     192.168.2.100    281
     192.168.56.0    255.255.255.0         On-link      192.168.56.1    276
     192.168.56.1  255.255.255.255         On-link      192.168.56.1    276
   192.168.56.255  255.255.255.255         On-link      192.168.56.1    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.56.1    281
        224.0.0.0        240.0.0.0         On-link     192.168.2.100    286
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.56.1    276
  255.255.255.255  255.255.255.255         On-link     192.168.2.100    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12    286 ::/0                     2001:470:c:8e3::1
  1    306 ::1/128                  On-link
 12    286 2001:470:c:8e3::/64      On-link
 12    286 2001:470:c:8e3::2/128    On-link
 22    276 fe80::/64                On-link
  9    281 fe80::/64                On-link
 12    286 fe80::/64                On-link
 12    286 fe80::24fd:cf0:dfb2:d969/128
                                    On-link
 22    276 fe80::d88e:f271:4599:6208/128
                                    On-link
  9    281 fe80::f8a7:52a0:d56b:948b/128
                                    On-link
  1    306 ff00::/8                 On-link
 22    276 ff00::/8                 On-link
  9    281 ff00::/8                 On-link
 12    286 ff00::/8                 On-link
===========================================================================
Persistent Routes:
 If Metric Network Destination      Gateway
  0 4294967295 ::/0                     2001:470:c:8e3::1
===========================================================================

C:\Users\Don>

How do I assign an ip?

Cheers Don
Title: Re: Explorer test - web browser not seeing ipv6
Post by: thinkdesignprint on August 04, 2010, 03:13:36 PM
There is a chance that:

1) you need to put your Windows machine in the DMZ of the NAT appliance it is behind
2) your NAT appliance doesn't forward Protocol 41 (not port) to hosts behind it

Morning...

Not on a NAT appliance.

Ok we've got a Linux box and 3 windows machines with some wifi and a couple of switches...

Code: [Select]
CableModem<-->eth0-LinuxBox-eth1<-->wifiAP<-->VistaLaptop(*2)/XpDesktop
eth0 gets a public IPv4 address that's static.

The linux box is running ClarkConnect3.2 (based on Centos~4 iirc).

My next thinking is to just terminate the tunnel on a linux vm and have a play from there, but I'd kinda like to get this working just because it should work and I'd like to understand the constraints.

Cheers Don
Title: Re: Explorer test - web browser not seeing ipv6
Post by: cholzhauer on August 04, 2010, 04:24:53 PM
So your tunnel is on the Cent OS box?  Easy peasy.   Do you have the tunnel online?  If not, we need to get that working.

After that, you need to assign an IP v6 address to your local area connection...if you don't have that, Windows won't be able to do much.  Easiest way to add it is through the GUI via the control panel (same way you'd add a static IPv4 address, just chose the IPv6 stack instead)  Best way to do this is run RA (router advertisements) on your linux machine and distribute addresses that way, that way you don't need to deal with static addresses in windows)  Again, use your routed /64 or select a /64 out of your /48 (if you took it)

Title: Re: Explorer test - web browser not seeing ipv6
Post by: thinkdesignprint on August 04, 2010, 04:38:03 PM
So your tunnel is on the Cent OS box?
No.  I was trying to terminate the tunnel on my vista box.  (CableModem<>LinuxBox<>Wifi<>VistaDonPC)

Not idea if protocol41 is supported.

It does seam that termination on the linux box would make more sense.  However I'd also kinda like to know why what I've been doing isn't working.  I suspect its the protocol41 issue and am guessing that I could spend some time chasing that out of ClarkConnect3.2 (which is now end of life - hence a waste of time?).

Quote
  Easy peasy.   Do you have the tunnel online? 
No.

Quote
If not, we need to get that working.

yes

Quote
After that, you need to assign an IP v6 address to your local area connection...if you don't have that, Windows won't be able to do much.  Easiest way to add it is through the GUI via the control panel (same way you'd add a static IPv4 address, just chose the IPv6 stack instead) 
Ok that makes perfect sense.

Quote
Best way to do this is run RA (router advertisements) on your linux machine and distribute addresses that way, that way you don't need to deal with static addresses in windows)  Again, use your routed /64 or select a /64 out of your /48 (if you took it)

Nice... I'm off to man the radvd stuff

I got the /64 tunnel.

Thanks for the help... I'll work on that :)

Cheers Don
Title: Re: Explorer test - web browser not seeing ipv6
Post by: cholzhauer on August 04, 2010, 04:46:24 PM
Yeah, EOL is usually bad ;)

Seems like everyone has been trying to use Vista/Windows lately for this, must be an epidemic or something

I take it you've ran the commands off the website

Code: [Select]
netsh interface teredo set state disabled
netsh interface ipv6 add v6v4tunnel IP6Tunnel 123.456.789.011 123.456.789.012
netsh interface ipv6 add address IP6Tunnel 2001:db8:1234::2
netsh interface ipv6 add route ::/0 IP6Tunnel 2001:db8:1234::1

And customized it for your own needs  (make sure if you're behind NAT, and I think you are, that you use the NAT'd address on your windows machine)

Make sure your firewall is passing protocol 41 (you might need to move your host to the DMZ or equivalent)  You'll need to use Wireshark or something to sniff the traffic and see what's going on.  Like you said, the linux machine would be better/easier because it is your router and is connected to every part of your network.

Title: Re: Explorer test - web browser not seeing ipv6
Post by: thinkdesignprint on August 04, 2010, 04:55:08 PM
Yeah, EOL is usually bad ;)
yes.

Quote
Seems like everyone has been trying to use Vista/Windows lately for this, must be an epidemic or something
Well with the media running around telling people that the sky is falling, we're having to get our skates on.

Quote
I take it you've ran the commands off the website

Code: [Select]
netsh interface teredo set state disabled
netsh interface ipv6 add v6v4tunnel IP6Tunnel 123.456.789.011 123.456.789.012
netsh interface ipv6 add address IP6Tunnel 2001:db8:1234::2
netsh interface ipv6 add route ::/0 IP6Tunnel 2001:db8:1234::1

And customized it for your own needs  (make sure if you're behind NAT, and I think you are, that you use the NAT'd address on your windows machine)

yes, did all that. (10 times)

Quote
Make sure your firewall is passing protocol 41 (you might need to move your host to the DMZ or equivalent)  You'll need to use Wireshark or something to sniff the traffic and see what's going on. 
Yes... that's about the point where I think I'm going to bow out of trying to tunnel to this pc...

Quote
Like you said, the linux machine would be better/easier because it is your router and is connected to every part of your network.
Yip...

but just to add to my fun radvd isn't installed on my Centos4 box and the repos have now gone... so how I'm going to get it and iptables6 is an issue...

I know I'm going to have to upgrade the fw eventually... but I've been putting that off...

See how we go.

Cheers for the help.

Don
Title: Re: Explorer test - web browser not seeing ipv6
Post by: cholzhauer on August 04, 2010, 05:18:00 PM
Good luck.

My plug is FreeBSD...fast, free, and easy to spin up in a VM if need be
Title: Re: Explorer test - web browser not seeing ipv6
Post by: thinkdesignprint on August 04, 2010, 05:37:51 PM
Good luck.
Thanks :)

Quote
easy to spin up in a VM if need be
Thought about that and then realized without protocol41 routing it won't be much help.

I've got debian5 vm running on my laptop all the time now.

Cheers Don

Title: Re: Explorer test - web browser not seeing ipv6
Post by: thinkdesignprint on August 04, 2010, 05:52:48 PM
Ok getting there...

choose linux-route2 instructions...

not sure I understand them but pasted anyway...

ip -f inet6 addr gave me output that I don't understand.

I can ping my IP - 2001:470:c:8e3::2 but I can't ping the gateway 2001:470:c:8e3::1 and I can't ping my VPS:  2403:cc00:1000:0:200:20ff:fe01:8502

Not sure what I'm doing wrong.  Suggestions?

Cheers Don

Code: [Select]
[root@bowenvale etc]# ip tunnel add he-ipv6 mode sit remote 66.220.18.42 local 184.104.87.104 ttl 255
[root@bowenvale etc]# ip link set he-ipv6 up
[root@bowenvale etc]# ip addr add 2001:470:c:8e3::2/64 dev he-ipv6
[root@bowenvale etc]# ip route add ::/0 dev he-ipv6
[root@bowenvale etc]# ip -f inet6 addr
1: lo: <LOOPBACK,UP> mtu 16436
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,PROMISC,UP> mtu 1500 qlen 1000
    inet6 fe80::230:4fff:fe13:2b02/64 scope link
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qlen 1000
    inet6 fe80::205:1cff:fe06:1236/64 scope link
       valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST,UP> mtu 1500 qlen 1000
    inet6 fe80::20e:2eff:fe69:39a2/64 scope link
       valid_lft forever preferred_lft forever
6: he-ipv6@NONE: <POINTOPOINT,NOARP,UP> mtu 1480
    inet6 2001:470:c:8e3::2/64 scope global
       valid_lft forever preferred_lft forever
    inet6 fe80::b868:5768/128 scope link
       valid_lft forever preferred_lft forever
[root@bowenvale etc]# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:30:4F:13:2B:02
          inet addr:121.73.114.171  Bcast:121.255.255.255  Mask:255.0.0.0
          inet6 addr: fe80::230:4fff:fe13:2b02/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:128816095 errors:0 dropped:0 overruns:0 frame:0
          TX packets:31626277 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1748958641 (1.6 GiB)  TX bytes:1194281515 (1.1 GiB)
          Interrupt:5 Base address:0xd800
Title: Re: Explorer test - web browser not seeing ipv6
Post by: cholzhauer on August 04, 2010, 06:04:27 PM
VPS = Virtual private server?  Not sure what that is

And what's with the 2403 address?

You still need a IPv6 address on eth0 

I dunno what your routed /64 is, but it's probably something like

Code: [Select]
ip addr add 2001:470:c:8e2::2/64 dev eth0

Title: Re: Explorer test - web browser not seeing ipv6
Post by: thinkdesignprint on August 04, 2010, 06:15:32 PM
VPS = Virtual private server?  Not sure what that is
Yes. 

Quote
And what's with the 2403 address?
Sorry...  not with you on that one yet...

Code: [Select]
TDP:thinkdesignprint.co.nz>_ ~# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:00:20:01:85:02
          inet addr:117.121.243.25  Bcast:117.121.243.255  Mask:255.255.255.0
          inet6 addr: 2403:cc00:1000:0:200:20ff:fe01:8502/64 Scope:Global
          inet6 addr: fe80::200:20ff:fe01:8502/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:17415903 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6521116 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:2696493719 (2.5 GiB)  TX bytes:5064169671 (4.7 GiB)

Did I grab the wrong address to show you...  I don't understand what the Scope stuff means yet.


Quote
You still need a IPv6 address on eth0 

I dunno what your routed /64 is, but it's probably something like

Code: [Select]
ip addr add 2001:470:c:8e2::2/64 dev eth0



Ok that makes sense...

Ok... added that and still no ping to :1

Code: [Select]
modprobe ipv6
ip tunnel add he-ipv6 mode sit remote 66.220.18.42 local 184.104.87.104 ttl 255
ip link set he-ipv6 up
ip addr add 2001:470:c:8e3::2/64 dev he-ipv6
ip route add ::/0 dev he-ipv6
ip -f inet6 addr

ip addr add 2001:470:c:8e2::2/64 dev eth0

There's the commands I've issued again...

Haven't I now allocated :2 in two places?
ip addr add 2001:470:c:8e3::2/64 dev he-ipv6
ip addr add 2001:470:c:8e2::2/64 dev eth0

Sorry, I know my linux routing skills here are lacking...  I do appreciate your patients with me.  I feel like a right knob right now :)

Cheers Don
Title: Re: Explorer test - web browser not seeing ipv6
Post by: broquea on August 04, 2010, 06:31:41 PM
Review your tunnel's details page and you'll see the difference between the tunnel /64 and routed, and in BOLD

I refuse to use big red <BLINK> tags
Title: Re: Explorer test - web browser not seeing ipv6
Post by: patrickdk on August 04, 2010, 06:37:31 PM
2403:: is valid, it's allocated from APNIC's 2400::/12

inet6num:       2403:CC00:1000::/36
netname:        GPLHOST
descr:          Virtual Private Server (VPS) Hosting Services
Title: Re: Explorer test - web browser not seeing ipv6
Post by: thinkdesignprint on August 04, 2010, 08:29:57 PM
Review your tunnel's details page and you'll see the difference between the tunnel /64 and routed, and in BOLD

I refuse to use big red <BLINK> tags

Ok.  Sorry, all I did was follow the suggested install stuff.  I confess I just don't understand enough about this stuff yet.  With ipv4 I don't route, I just nat stuff about, and only in a small way.  I can see that this v6 stuff is going to require more understanding about routing.

I think I follow...

I've assigned the wrong IP to eth0


ip addr add 2001:470:c:8e2::2/64 dev eth0

should have been...

ip addr add 2001:470:d:8e3::2 dev eth0

Yes?

Now do I reasign it?  Do have have to remove the address or will it just over write it?

Do you have any recommended reading so I don't ask so many idiot questions?

Cheers Don
Title: Re: Explorer test - web browser not seeing ipv6
Post by: cholzhauer on August 05, 2010, 04:38:20 AM
Quote
2403:: is valid, it's allocated from APNIC's 2400::/12

inet6num:       2403:CC00:1000::/36
netname:        GPLHOST
descr:          Virtual Private Server (VPS) Hosting Service

Sorry, I had never heard of that before.

You need to delete the first address...I assume the syntax is something like

Code: [Select]
ip addr delete 2001:470:c:8e2::2/64 dev eth0
ip addr add 2001:470:c:8e3::2/64 dev eth0

Some of the things in here might help

http://ipv6.he.net/presentations.php
Title: Re: Explorer test - web browser not seeing ipv6
Post by: thinkdesignprint on August 06, 2010, 03:05:51 AM
Thanks for your help guys... fixed it :)

See: http://www.bowenvale.co.nz/ipv6/ and http://www.bowenvale.co.nz/ipv6/?p=10

Got it all working in the end...

Quick summary:

    * Both ends of the 6to4 tunnel need to have a public IPv4 address
      (thought I guess you can probably do some dodgy NAT if you're
      forwarding protocol 41).
    * You only need to run one tunnel from one device on your LAN to HE.
      After that you route a /48 to you to get other things connected.
    * Protocol 41 needs to be allowed, and needs to be near the top of your
      firewall chain, not at the bottom :)
    * You need to tell HE your correct IPv4 end point.
    * You need to get a /48 routed to you by HE and assign a /64 out of
      that to your LAN.
    * You need to turn on ipv6 forwarding echo "1"
      > >/proc/sys/net/ipv6/conf/all/forwarding.
    * Keep things simple. Use static addressing to start with, then maybe
      look at Radvd or DHCPv6.

Hopefully this could save someone a few dramas in the future.