I am bringing up a HE tunnel to my home router Dlink DIR-825 Hardware Version: B1 Firmware Version: 2.09NA.
I have config all what i need with 6in4 tunnel configurations on my router.
I enabled ICMP to have IPv4 tunnel up. And I have IPv4 reachability to the HE IPv4 server
I do ping6 tests from my Dlink to the server IPv6 address and it works. However, when i try to ping the same IPv6 from my PC behind the router, it doesnt work.
my laptop gets the IPv6 address from the LAN i have assigned from HE and configured on my Dlink as well. I can succesfully ping to the LAN default gw from my laptop.
So the Ipv6 in ipv4 tunnel is up and running, but i could not reach the IPv6 HE server from my laptop behind my router.
I guess is something related to NAT/protocol 41. But i dont find out the way to have reachability to the HE IPv6 server from my laptop.
Does anyone knows whats happening? and how to solve it?
THANKS!! :D
Nothing to do what NAT on IPv6
Protocol 41 works as you've proven your tunnel is up and working with the ping tests.
How are you assigning addresses from your router to hosts behind the router?
Yes, my laptop shows the IPv6 addr that i got from my lan. And I ping the LAN default gw from my laptop and works.
Even the IPV6 routing table on my laptop shows the default route ::/0 to the link local addr from my router...
In ipv4 i am assigning with DHCPv4.
in ipv6 i am assigning with Enable automatic IPv6 address assignment (non DHCP-PD). SLAAC+Stateless DHCP.
Make certain you are using the ROUTED prefix and not the tunnels, for your LAN.
Yes. I am assining to my LAN the routed /64 that HE assigned to me, that is different from the tunnel v6 subnet.
I guess post some screenshots of your config, don't hide the numbers, and maybe someone will catch the issue.
Here is my IPv6 dlink config. since i cannot upload the jpeg file for some reason, i am pasting it. hope it helps
My IPv6 Connection is : IPv6 in IPv4 tunnel
Remote IPv4 Address : 209.51.161.58
Remote IPv6 Address : 2001:470:4:571::1
Local IPv4 Address : x.x.x.x
Local IPv6 Address : 2001:470:4:571::2
Use the following IPv6 DNS servers: Yes
Primary IPv6 DNS Server : 2001:470:20::2
Enable DHCP-PD : No
LAN IPv6 Address : 2001:470:5:571::1/64
LAN IPv6 Link-Local Address : FE80::218:x/64
Enable automatic IPv6 address assignment : Yes
Enable Automatic DHCP-PD in LAN : Yes
Autoconfiguration Type : SLAAC + Stateless DHCP
Router Advertisement Lifetime : (minutes)
That looks 100% correct. You can probably drop the DHCP-PD on lan, but it there shouldn't affect routing.
2001:470:5:571::1 is definitely reachable. What is an IP on your lan?
Here is a output from my Win7:
IPv6 Address. . . . . . . . . . . : 2001:470:5:571:f158:c63e:cae3:6930
Temporary IPv6 Address. . . . . . : 2001:470:5:571:59e:61b4:8129:2db
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
10 281 ::/0 fe80::218:e7ff:fede:e915
1 306 ::1/128 On-link
10 33 2001:470:5:571::/64 On-link
10 41 2001:470:5:571::/64 fe80::218:e7ff:fede:e915
10 281 2001:470:5:571:59e:61b4:8129:2db/128
On-link
10 281 2001:470:5:571:f158:c63e:cae3:6930/128
On-link
10 281 fe80::/64 On-link
10 281 fe80::f158:c63e:cae3:6930/128
On-link
1 306 ff00::/8 On-link
10 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
If Metric Network Destination Gateway
0 4294967295 ::/0 2001:470:4:571::1
That last Gateway entry seems odd. Since that is a hop upstream. Did you try creating the tunnel on your Windows machine at any point? Otherwise your other default route looks correct (assuming your obfuscated link-local matches that). Running MTR to 2001:470:5:571:f158:c63e:cae3:6930 it stops at the tserv hop and your router's hop doesn't come up next. Maybe email ipv6@he.net and have them verify the static route for your /64 is in place.
It's definitely routed to your side. I see the traffic going out, and no errors being reported back via a tcpdump.
I'm with broquea here. That last gateway looks odd. Should be your router's LAN-side IPv6 on the client systems (or its link-local), and not our side of the tunnel. With the metric set that high, it shouldn't be used, but...
In any case, not seeing anything amiss here.
I removed that odd default route. so the only default route is pointing to my router link local addr.
and it is not working as well....
do you see IPv6 traffic over the tunnel? because i see the tunnel v4 running from my side...however i cannot reach the server IPv6 assigned from HE.
Even i cannot reach this server ipv6 addr from any looking glass....here is a capture that holds on a HE hop...
Query Results:
Sprint Source Region: Dallas, TX (sl-dr10-dal)
IP Destination: 2001:470:5:571:f158:c63e:cae3:6930
Performing: ICMP Traceroute
Tracing the route to 2001:470:5:571:F158:C63E:CAE3:6930
1 sl-crs1-fw-po0-10-5-2.v6.sprintlink.net (2600:0:2:1239:144:232:9:248) 12 msec 144 msec 4 msec
2 sl-crs1-atl-bu-1.v6.sprintlink.net (2600:0:2:1239:144:232:11:224) 176 msec 204 msec 200 msec
3 sl-st50-atl-xe-8-0-0.0.v6.sprintlink.net (2600:0:2:1239:144:232:2:209) 212 msec
sl-st50-atl-xe-11-1-0.0.v6.sprintlink.net (2600:0:2:1239:144:232:1:214) 128 msec
sl-st50-atl-xe-4-0-0.0.v6.sprintlink.net (2600:0:2:1239:144:232:1:212) 20 msec
4 2001:478:132::75 28 msec 20 msec 20 msec
5 10ge4-1.core1.mia1.he.net (2001:470:0:A6::1) 36 msec 36 msec 36 msec
6 tserv1.mia1.he.net (2001:470:0:8C::2) 36 msec 44 msec 36 msec
7 * * *
8 *