So it was annoying me that on my desktop machine at work I couldn't get he.net ipv6 connectivity as I was behind NAT (for access to a our private network) and ICMP was blocked on the router I went through. I finally realized that I could just VPN through my server which I control and allows ICMP and simply use that to connect to he.net's tunnel server.
This wont be an option for many but it could be for a few. In my VPN config files I have:
ifconfig 192.168.200.2 192.168.200.1
route 66.220.18.42 255.255.255.255 vpn_gateway
So just the he.net's tunnel server is going through the VPN.
root@sigito: 11:03 PM :~# ip tunnel add he-ipv6 mode sit remote 66.220.18.42 local 192.168.200.2 ttl 255
root@sigito: 11:03 PM :~# ip link set he-ipv6 up
root@sigito: 11:03 PM :~# ip addr add 2001:XXXXXXXXXXX/64 dev he-ipv6
root@sigito: 11:03 PM :~# ip route add ::/0 dev he-ipv6
After this I had ipv6 connectivity =)
root@sigito: 11:04 PM :~# traceroute6 box.houkouonchi.jp
traceroute to box.houkouonchi.jp (2607:f298:1:100:feed:face:beef:d00d) from 2001:470:c:44a::2, 30 hops max, 24 byte packets
1 houkouonchi-3.tunnel.tserv15.lax1.ipv6.he.net (2001:470:c:44a::1) 4.803 ms 4.147 ms 3.749 ms
2 gige-g4-6.core1.lax1.he.net (2001:470:0:9d::1) 1.401 ms 4.163 ms 1.292 ms
3 10gigabitethernet1-3.core1.lax2.he.net (2001:470:0:72::2) 1.422 ms 1.258 ms 1.522 ms
4 2001:504:13::60 (2001:504:13::60) 1.732 ms 1.919 ms 1.926 ms
5 2607:f298:0:111::2 (2607:f298:0:111::2) 4.847 ms 3.144 ms 1.451 ms
6 2607:f298:1:100:feed:face:beef:d00d (2607:f298:1:100:feed:face:beef:d00d) 1.713 ms 1.751 ms 1.512 ms
root@sigito: 11:04 PM :~#
Pretty good latency to the gateway too:
root@sigito: 11:18 PM :~# ping6 -c5 2001:470:c:44a::1
PING 2001:470:c:44a::1(2001:470:c:44a::1) 56 data bytes
64 bytes from 2001:470:c:44a::1: icmp_seq=1 ttl=64 time=0.936 ms
64 bytes from 2001:470:c:44a::1: icmp_seq=2 ttl=64 time=1.06 ms
64 bytes from 2001:470:c:44a::1: icmp_seq=3 ttl=64 time=0.878 ms
64 bytes from 2001:470:c:44a::1: icmp_seq=4 ttl=64 time=0.949 ms
64 bytes from 2001:470:c:44a::1: icmp_seq=5 ttl=64 time=1.03 ms
--- 2001:470:c:44a::1 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4002ms
rtt min/avg/max/mdev = 0.878/0.972/1.067/0.073 ms
I also got pretty good speed when testing to my server which has to go desktop -> colo server -> he.net network -> colo server.
root@sigito: 11:12 PM :~# web100clt -n 2607:f298:1:100:feed:face:beef:d00d
Testing network path for configuration and performance problems -- Using IPv6 address
Checking for Middleboxes . . . . . . . . . . . . . . . . . . Done
checking for firewalls . . . . . . . . . . . . . . . . . . . Done
running 10s outbound test (client to server) . . . . . 82.61 Mb/s
running 10s inbound test (server to client) . . . . . . 77.14 Mb/s
The slowest link in the end-to-end path is a 100 Mbps Full duplex Fast Ethernet subnet
Information: Other network traffic is congesting the link
Server '2607:f298:1:100:feed:face:beef:d00d' is not behind a firewall. [Connection to the ephemeral port was successful]
Client is probably behind a firewall. [Connection to the ephemeral port failed]
Information: Network Middlebox is modifying MSS variable (changed to 1420)
Server IP addresses are preserved End-to-End
Client IP addresses are preserved End-to-End
I am happy I finally have ipv6 connectivity on my desktop machine and no longer have to ssh to a machine to access ipv6 =)
And in other news... I finally received my sage t-shirt in the mail today.. w00t!