Hurricane Electric's IPv6 Tunnel Broker Forums

For some reason this doesn't work, it's a connection with the dutch endpoint in Amsterdam.

I have a bunch of other linux accounts that work just fine with this config, it seems as if no packets are pushed into the sit tunnel. ip4 endpoint is pingable. Whats wrong here?

Situation:

Clean Centos 5 install <-> NAT modem router <-> Internet


[root@localhost ~]# modprobe ipv6
[root@localhost ~]# ip tunnel add he-ipv6 mode sit remote 216.66.84.46 local 84.29.129.221 ttl 255
[root@localhost ~]# ip link set he-ipv6 up
[root@localhost ~]# ip addr add 2001:470:1f14:22::2/64 dev he-ipv6
[root@localhost ~]# ip route add ::/0 dev he-ipv6
[root@localhost ~]# ip -f inet6 addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436
   inet6 ::1/128 scope host
      valid_lft forever preferred_lft forever
3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 1000
   inet6 fe80::210:a7ff:fe04:4695/64 scope link
      valid_lft forever preferred_lft forever
5: he-ipv6@NONE: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1480
   inet6 2001:470:1f14:22::2/64 scope global
      valid_lft forever preferred_lft forever
   inet6 fe80::541d:81dd/128 scope link
      valid_lft forever preferred_lft forever




[root@localhost ~]# ping6 2001:470:1f14:22::1
PING 2001:470:1f14:22::1(2001:470:1f14:22::1) 56 data bytes
From 2001:470:1f14:22::2 icmp_seq=0 Destination unreachable: Address unreachable

[root@localhost ~]# ping6 ipv6.google.com
PING ipv6.google.com(2a00:1450:8006::63) 56 data bytes
From 2001:470:1f14:22::2 icmp_seq=0 Destination unreachable: Address unreachable

[root@localhost ~]# ip -6 route
2001:470:1f14:22::/64 via :: dev he-ipv6  metric 256  expires 21334319sec mtu 1480 advmss 1420 hoplimit 4294967295
fe80::/64 dev eth0  metric 256  expires 21333684sec mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 via :: dev he-ipv6  metric 256  expires 21334319sec mtu 1480 advmss 1420 hoplimit 4294967295
default dev he-ipv6  metric 1024  expires 21334319sec mtu 1480 advmss 1420 hoplimit 4294967295

[root@localhost ~]# ping 216.66.84.46
PING 216.66.84.46 (216.66.84.46) 56(84) bytes of data.
64 bytes from 216.66.84.46: icmp_seq=1 ttl=58 time=15.2 ms



[root@localhost ~]# iptables -nL
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
[root@localhost ~]# iptables -t nat -nL
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination








[root@localhost ~]# ip6tables -nL
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination



I'm pretty sure it's because you configured your tunnel wrong.

You mentioned that you're behind a NAT router, but you didn't use your NAT address when configuring the tunnel

Quote
[root@localhost ~]# ip tunnel add he-ipv6 mode sit remote 216.66.84.46 local 84.29.129.221 ttl 255

This should be something like


[root@localhost ~]# ip tunnel add he-ipv6 mode sit remote 216.66.84.46 local 192.168.1.1 1 ttl 255


Thanks this solved it,
I saw this mentioned in other posts but I interpreted NAT address as the WAN address.  :D