Hi,
I've been working with my upstream ISP on getting protocol 41 working correctly so I can setup an IPv6 tunnel. Protocol 41
SEEMS to be working because I can traceroute to the tunnel endpoint using protocol 41.
Quote
$ sudo traceroute -P 41 -n 184.105.253.14
traceroute to 184.105.253.14 (184.105.253.14), 30 hops max, 60 byte packets
1 10.42.0.1 2.596 ms 1.754 ms 2.150 ms
2 10.143.1.62 0.961 ms 0.887 ms 0.870 ms
3 198.133.178.254 1.038 ms 0.992 ms 0.985 ms
4 209.203.112.109 1.379 ms 1.364 ms 1.361 ms
5 66.192.241.78 19.435 ms 19.019 ms 19.020 ms
6 206.223.118.37 19.455 ms 19.362 ms 21.301 ms
7 184.105.213.118 51.066 ms 50.333 ms 49.848 ms
Any other nodes on the network can't accomplish this traceroute. However, when a I do a ping6 on my endpoint, I get nothing:
Quote
$ ping6 2001:470:1f10:98c::1
PING 2001:470:1f10:98c::1(2001:470:1f10:98c::1) 56 data bytes
^C
--- 2001:470:1f10:98c::1 ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 3022ms
And a tcpdump of protocol 41 traffic:
Quote
$ sudo tcpdump -ns 0 proto 41
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
09:51:48.922381 IP 10.42.0.15 > 184.105.253.14: IP6 2001:470:1f10:98c::2 > 2001:470:1f10:98c::1: ICMP6, echo request, seq 1, length 64
09:51:49.929286 IP 10.42.0.15 > 184.105.253.14: IP6 2001:470:1f10:98c::2 > 2001:470:1f10:98c::1: ICMP6, echo request, seq 2, length 64
09:51:50.937279 IP 10.42.0.15 > 184.105.253.14: IP6 2001:470:1f10:98c::2 > 2001:470:1f10:98c::1: ICMP6, echo request, seq 3, length 64
09:51:51.945277 IP 10.42.0.15 > 184.105.253.14: IP6 2001:470:1f10:98c::2 > 2001:470:1f10:98c::1: ICMP6, echo request, seq 4, length 64
4 packets captured
4 packets received by filter
0 packets dropped by kernel
And my
/etc/network/interfaces file:
Quote
auto eth0
iface eth0 inet static
address 10.42.0.15
netmask 255.255.248.0
gateway 10.42.0.1
dns-nameservers 10.192.22.74 10.192.22.76
iface eth0 inet6 static
address 2001:470:1f11:98c::c0de
netmask 64
auto he-ipv6
iface he-ipv6 inet6 v4tunnel
address 2001:470:1f10:98c::2
netmask 64
endpoint 184.105.253.14
local 10.42.0.15
ttl 255
gateway 2001:470:1f10:98c::1
Everything I can see in the configuration seems to be OK. This is not the first tunnel I've deployed and I haven't seen this behavior.
1) Is there a better way of verifying protocol 41 firewall/NAT configuration than the traceroute I ran?
2) Is there anything I could possibly be overlooking.
Any and all suggestions and hints are greatly appreciated.
I'm no ubuntu expert, so I can't verify your setup, but it looks reasonably correct.
However, your packet capture only shows traffic one way; nothing looks to be coming back in