Hurricane Electric's IPv6 Tunnel Broker Forums

IPv6 Certification Program Topics => General Discussion => Topic started by: vivow on January 10, 2011, 04:41:44 PM

Title: [SOLVED] IPv6 eMail Test not working (with hmail setup).
Post by: vivow on January 10, 2011, 04:41:44 PM
So here I am, a IPv6 and webserver newbie, with "one of these question".
I started the IPv6 Certf. a couple of hours ago and currently am trying to pass the administratos test using my own free afraid.org domain for my servers (xampp/mercury on windows 7)
with the HE tunnelbroker.
The setup worked fine for the http grab test.
I also can receive eMails coming from the IPv4 Internet to my adress, but apparently, not from IPv6/HE.
Hitting "Send It" changes the icon to "Sending...", but nothing ever arrives.
So far Ive worked out these points of failure:
1) Mercury doesnt support IPv6 at all. Trying is useless.
2) In the mercury setup ini, I set the smtp interface to my nics IPv4 wan adress (worked for receiving ipv4 mail). my IPv6 addy didnt work at all, so we'd be back at point1. Or I made a mistake here.
3) The error is somewhere else, maybe over at HE.

vivow.chickenkiller has an A record for 91.65.122.34 (my IPv4 wan) and an AAAA one for 2001:0470:1f0a:0316:0000:0000:0000:0002 (my tunnelbroker client IP)
The MX record directs to vivow.chickenkiller.com, so IPv4 emails being sent to vivow@vivow.chickenkiller.com arrive.

So, long story short: nice try, but I have to set up a zimbra server with ipv6 enabled on linux to receive emails that way OR should it be possible with the current setup?

any kind of suggestions are appreciated. Thanks in advance. :)
I know the point of this forum isnt giving a step by step guide, but I hope a more general question regarding the test and Mercury is allowed.


short note at the end: My server will be down for a while, I dont want to leave it unattended without having worked out all/any of the security aspects.
Title: Re: IPv6 eMail Test not working (with mercury setup).
Post by: donbushway on January 10, 2011, 05:07:06 PM
You could try a different mail server since mercury does not currently support ipv6.
Hmail does and it is free also.
Title: Re: IPv6 eMail Test not working (with mercury setup).
Post by: cholzhauer on January 10, 2011, 06:44:14 PM
Agreed.

You will also want to change the IP address you've created an AAAA record with as HE doesn't delegate DNS for the tunnel interfaces...assign an address out of your routed /64 instead.
Title: Re: IPv6 eMail Test not working (with mercury setup).
Post by: vivow on January 11, 2011, 05:20:31 AM
Thanks guys,

Hmail worked fine with IPv4 (after turning off all W7 Firewall  ::) ), but again IPv6 didnt work.
Guess it all boils down to that I dont know how to assign additional adresses from my /64 to my computer.
Trying it with my :2 client Adresses resulted in a ".... unexpected welcome" from HE.
So I give up and will try again when I got more time on my hands :D

cya

Title: Re: IPv6 eMail Test not working (with mercury setup).
Post by: cholzhauer on January 11, 2011, 05:47:43 AM
If you look at your tunnel broker page, you will see a line that says "Routed /64"

Pick an address out of that range and assign it to your ethernet adapter.  If you don't know how, i'm sure Google has the answer.
Title: Re: IPv6 eMail Test not working (with mercury setup).
Post by: vivow on January 11, 2011, 05:59:24 AM
Thanks, I did assign it to my ethernat adapter, but I didnt get any IPv6 connectivity via that connection.
HE v6 Portscan only reported SMTP etc on my :2 client adress and no host on my chosen /64 one.
I also tried assigning a gateway (my :2 client adress and the HE server IP) to that nic, but didnt have any success and Windows kept complaining about multiple gateways. (IPv4 and v6 Gateway, or the tunnel and nic v6's gateways I assume).
Title: Re: IPv6 eMail Test not working (with mercury setup).
Post by: cholzhauer on January 11, 2011, 06:18:18 AM
lets see your routing tables and the output of ipconfig /all
Title: Re: IPv6 eMail Test not working (with mercury setup).
Post by: vivow on January 11, 2011, 08:03:22 AM
this is my output with the gateway fir my nic being ::1

Windows IP Configuration

   Host Name . . . . . . . . . . . . : vivow-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection* 15:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Anchorfree HSS Adapter
   Physical Address. . . . . . . . . : 00-FF-DA-85-0E-8D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Atheros AR8121/AR8113/AR8114 PCI-E Ethern
et Controller
   Physical Address. . . . . . . . . : 00-23-5A-4E-77-BC
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:470:1f0b:316::5(Preferred)
   Link-local IPv6 Address . . . . . : fe80::59cb:da5d:566:b508%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 77.20.229.35(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.252.0
   Lease Obtained. . . . . . . . . . : Tuesday, January 11, 2011 4:36:20 PM
   Lease Expires . . . . . . . . . . : Tuesday, January 11, 2011 6:20:41 PM
   Default Gateway . . . . . . . . . : 2001:470:1f0a:316::1
                                       77.20.231.254
   DHCP Server . . . . . . . . . . . : 83.169.184.130
   DHCPv6 IAID . . . . . . . . . . . : 234890074
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-A5-FA-E9-00-23-5A-4E-77-BC

   DNS Servers . . . . . . . . . . . : 2001:470:20::2
                                       83.169.184.161
                                       83.169.184.225
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{DA850E8D-5FF3-4368-9375-BBD96AC44396}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{D672CF71-F6DD-478A-9E30-C85FFF79573E}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter IP6Tunnel:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Direct Point-to-point Adapater
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:470:1f0a:316::2(Preferred)
   Link-local IPv6 Address . . . . . : fe80::8d20:b1a:4b8d:a11e%37(Preferred)
   Default Gateway . . . . . . . . . : 2001:470:1f0a:316::1
   DNS Servers . . . . . . . . . . . : 2001:470:20::2
                                       83.169.184.161
                                       83.169.184.225
   NetBIOS over Tcpip. . . . . . . . : Disabled
Title: Re: IPv6 eMail Test not working (with mercury setup).
Post by: cholzhauer on January 11, 2011, 08:09:21 AM
and the routing tables?
Title: Re: IPv6 eMail Test not working (with mercury setup).
Post by: vivow on January 11, 2011, 08:14:41 AM
sry, forgot about those

C:\Users\vivow>netstat -rn
===========================================================================
Interface List
20...00 ff da 85 0e 8d ......Anchorfree HSS Adapter
11...00 23 5a 4e 77 bc ......Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Contro
ller
  1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
37...00 00 00 00 00 00 00 e0 Microsoft Direct Point-to-point Adapater
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    77.20.231.254     77.20.229.35     20
      77.20.228.0    255.255.252.0         On-link      77.20.229.35    276
     77.20.229.35  255.255.255.255         On-link      77.20.229.35    276
    77.20.231.255  255.255.255.255         On-link      77.20.229.35    276
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      77.20.229.35    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      77.20.229.35    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination      Gateway
37    281 ::/0                     2001:470:1f0a:316::1
11    276 ::/0                     2001:470:1f0a:316::1
  1    306 ::1/128                  On-link
37    281 2001:470:1f0a:316::/64   On-link
37    281 2001:470:1f0a:316::2/128 On-link
11    276 2001:470:1f0b:316::/64   On-link
11    276 2001:470:1f0b:316::5/128 On-link
37    281 fe80::/64                On-link
11    276 fe80::/64                On-link
11    276 fe80::59cb:da5d:566:b508/128
                                    On-link
37    281 fe80::8d20:b1a:4b8d:a11e/128
                                    On-link
  1    306 ff00::/8                 On-link
37    281 ff00::/8                 On-link
11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
If Metric Network Destination      Gateway
  0 4294967295 ::/0                     2001:470:1f0a:316::1
  0 4294967295 ::/0                     2001:470:1f0a:316::1
===========================================================================
Title: Re: IPv6 eMail Test not working (with mercury setup).
Post by: cholzhauer on January 11, 2011, 08:27:27 AM
Those look OK, minus the fact you have two default routes...might want to delete them both and re-add one.

What sort of problems are you having? Nothing works?

Your tunnel is up



C:\Users\cholzhauer>ping 2001:470:1f0a:316::2

Pinging 2001:470:1f0a:316::2 with 32 bytes of data:
Reply from 2001:470:1f0a:316::2: time=232ms
Reply from 2001:470:1f0a:316::2: time=269ms
Reply from 2001:470:1f0a:316::2: time=294ms
Reply from 2001:470:1f0a:316::2: time=214ms

Ping statistics for 2001:470:1f0a:316::2:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 214ms, Maximum = 294ms, Average = 252ms


I can't ping your ::5 host though.


Title: Re: IPv6 eMail Test not working (with mercury setup).
Post by: vivow on January 11, 2011, 08:45:09 AM
Quote from: cholzhauer on January 11, 2011, 08:27:27 AM
Those look OK, minus the fact you have two default routes...might want to delete them both and re-add one.

What sort of problems are you having? Nothing works?

Your tunnel is up



C:\Users\cholzhauer>ping 2001:470:1f0a:316::2

Pinging 2001:470:1f0a:316::2 with 32 bytes of data:
Reply from 2001:470:1f0a:316::2: time=232ms
Reply from 2001:470:1f0a:316::2: time=269ms
Reply from 2001:470:1f0a:316::2: time=294ms
Reply from 2001:470:1f0a:316::2: time=214ms

Ping statistics for 2001:470:1f0a:316::2:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 214ms, Maximum = 294ms, Average = 252ms


I can't ping your ::5 host though.





the ::5 is the issue I have. It is not reachable from the outside. It should have the 25 port open
I can browse the ipv6 internet.

right now, i'm trying out if i can do it that http://www.tunnelbroker.net/forums/index.php?topic=918.0 (http://www.tunnelbroker.net/forums/index.php?topic=918.0) way.
Title: Re: IPv6 eMail Test not working (with mercury setup).
Post by: cholzhauer on January 11, 2011, 09:14:38 AM
You can browse the internet?  What do sites see as your public facing IP?  try something  like whatismyipv6.com or something

Like I said, I can't even ping that host, so unless you're blocking something, something else still isn't set right.

I think port 25 is closed too


[carl@ipv6router ~]$ telnet 2001:470:1f0b:316::5 25
Trying 2001:470:1f0b:316::5...
^C

Title: Re: IPv6 eMail Test not working (with mercury setup).
Post by: vivow on January 11, 2011, 09:19:07 AM
My public IPv6 IP is the ::2 client adress.
Port 25 is open in my firewall and is reachable from the ipv4.
So my problem is that I cant assign the ::5/64 Adress to my NIC and use that as public IP via the IP6Tunnel, and thus not passing the Admin Test.
Title: Re: IPv6 eMail Test not working (with mercury setup).
Post by: cholzhauer on January 11, 2011, 09:35:14 AM
It sounds like something is wrong with your routing tables, but nothing stands out at me. 

Did you clean up the two default routes?
Title: Re: IPv6 eMail Test not working (with mercury setup).
Post by: vivow on January 11, 2011, 09:54:50 AM
Yes, the is only one persistant route left which points to the ::1 server and belongs to the IP6Tunnel

for testings sake, i also enabled router discovery both for the ip6tunnel and nic and i also published the ip6tunnel route.

here the two tables again with their current status
C:\Windows\system32>netstat -rn
===========================================================================
Interface List
20...00 ff da 85 0e 8d ......Anchorfree HSS Adapter
11...00 23 5a 4e 77 bc ......Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Contro
ller
 1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
26...00 00 00 00 00 00 00 e0 Microsoft Direct Point-to-point Adapater
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
         0.0.0.0          0.0.0.0    77.20.231.254     77.20.229.35     20
     77.20.228.0    255.255.252.0         On-link      77.20.229.35    276
    77.20.229.35  255.255.255.255         On-link      77.20.229.35    276
   77.20.231.255  255.255.255.255         On-link      77.20.229.35    276
       127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
       127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
 127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
       224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
       224.0.0.0        240.0.0.0         On-link      77.20.229.35    276
 255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
 255.255.255.255  255.255.255.255         On-link      77.20.229.35    276
===========================================================================
Persistent Routes:
 None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination      Gateway
26    281 ::/0                     2001:470:1f0a:316::1
 1    306 ::1/128                  On-link
26    281 2001:470:1f0a:316::/64   On-link
26    281 2001:470:1f0a:316::2/128 On-link
11    276 2001:470:1f0b:316::/64   On-link
11    276 2001:470:1f0b:316::5/128 On-link
26    281 fe80::/64                On-link
11    276 fe80::/64                On-link
11    276 fe80::59cb:da5d:566:b508/128
                                   On-link
26    281 fe80::999a:30c3:25ec:eee7/128
                                   On-link
 1    306 ff00::/8                 On-link
26    281 ff00::/8                 On-link
11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
If Metric Network Destination      Gateway
 0 4294967295 ::/0                     2001:470:1f0a:316::1
===========================================================================


ipconfig
C:\Windows\system32>ipconfig /all

Windows IP Configuration

  Host Name . . . . . . . . . . . . : vivow-PC
  Primary Dns Suffix  . . . . . . . :
  Node Type . . . . . . . . . . . . : Hybrid
  IP Routing Enabled. . . . . . . . : No
  WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection* 15:

  Media State . . . . . . . . . . . : Media disconnected
  Connection-specific DNS Suffix  . :
  Description . . . . . . . . . . . : Anchorfree HSS Adapter
  Physical Address. . . . . . . . . : 00-FF-DA-85-0E-8D
  DHCP Enabled. . . . . . . . . . . : Yes
  Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

  Connection-specific DNS Suffix  . :
  Description . . . . . . . . . . . : Atheros AR8121/AR8113/AR8114 PCI-E Ethern
et Controller
  Physical Address. . . . . . . . . : 00-23-5A-4E-77-BC
  DHCP Enabled. . . . . . . . . . . : Yes
  Autoconfiguration Enabled . . . . : Yes
  IPv6 Address. . . . . . . . . . . : 2001:470:1f0b:316::5(Preferred)
  Link-local IPv6 Address . . . . . : fe80::59cb:da5d:566:b508%11(Preferred)
  IPv4 Address. . . . . . . . . . . : 77.20.229.35(Preferred)
  Subnet Mask . . . . . . . . . . . : 255.255.252.0
  Lease Obtained. . . . . . . . . . : Tuesday, January 11, 2011 6:50:19 PM
  Lease Expires . . . . . . . . . . : Tuesday, January 11, 2011 8:01:54 PM
  Default Gateway . . . . . . . . . : 77.20.231.254
  DHCP Server . . . . . . . . . . . : 83.169.184.130
  DHCPv6 IAID . . . . . . . . . . . : 234890074
  DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-A5-FA-E9-00-23-5A-4E-77-BC

  DNS Servers . . . . . . . . . . . : 83.169.184.161
                                      83.169.184.225
  NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{DA850E8D-5FF3-4368-9375-BBD96AC44396}:

  Media State . . . . . . . . . . . : Media disconnected
  Connection-specific DNS Suffix  . :
  Description . . . . . . . . . . . : Microsoft ISATAP Adapter
  Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
  DHCP Enabled. . . . . . . . . . . : No
  Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{D672CF71-F6DD-478A-9E30-C85FFF79573E}:

  Media State . . . . . . . . . . . : Media disconnected
  Connection-specific DNS Suffix  . :
  Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
  Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
  DHCP Enabled. . . . . . . . . . . : No
  Autoconfiguration Enabled . . . . : Yes

Tunnel adapter IP6Tunnel:

  Connection-specific DNS Suffix  . :
  Description . . . . . . . . . . . : Microsoft Direct Point-to-point Adapater
  Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
  DHCP Enabled. . . . . . . . . . . : No
  Autoconfiguration Enabled . . . . : Yes
  IPv6 Address. . . . . . . . . . . : 2001:470:1f0a:316::2(Preferred)
  Link-local IPv6 Address . . . . . : fe80::999a:30c3:25ec:eee7%26(Preferred)
  Default Gateway . . . . . . . . . : 2001:470:1f0a:316::1
  DNS Servers . . . . . . . . . . . : 83.169.184.161
                                      83.169.184.225
  NetBIOS over Tcpip. . . . . . . . : Disabled


thanks again for all your help so far.
Title: Re: IPv6 eMail Test not working (with mercury setup).
Post by: cholzhauer on January 11, 2011, 10:02:52 AM
Well that didn't work..I can't ping your side of the tunnel now.

Oh...It just hit me.  You don't have a default IPv6 gateway for your LAN connection

Title: Re: IPv6 eMail Test not working (with mercury setup).
Post by: vivow on January 11, 2011, 10:10:17 AM
I thought I only should have one Persistant route, which is the IP6Tunnel one. Having both didnt work before.
As soon as I can directly connect back to my modem (other people wanna use this net too some time :D ), I will reset everything and build it from the ground up.


€: Ok, so even with everything built from the ground up I can only use my client ::2 adress.
Maybe it doesnt even work with only one NIC on a machine and i'd have to get a second box to do the trick.
Title: Re: IPv6 eMail Test not working (with mercury setup).
Post by: vivow on January 11, 2011, 12:01:44 PM
Quick update:

I fell back to option #1, doing everything with my ::2 Client IP, since that almost worked before (except for the "unexpected welcome" error when sending the message).
After some fine tuning in Hmail, which didnt really change anything, magic happened and it worked \o/

€ for solution: Re-edited the Hmail settings according to this http://www.hmailserver.com/documentation/latest/?page=details_ipv6
The turning point was: "In the IP range, choose the same settings as in the already existing Internet IP range. [...]"
I had IMAP turned off on the internet range.

thanks anyway cholzhauer, some day I will get my /64 working :D