Hi,
I'm trying to get IPV6 working for the machines on my lan using an HE tunnel using a Raspberry Pi as the local endpoint.
The problem is that although I can get the tunnel to establish, the machines on the LAN all get addresses in the HE prefix, and pinging ipv6.google.com works from all of them, any attempt to browse using ipv6 fails and running the various checkers don't pick up my IPV6 address. Also if I try and install something on one of the PIs I have, it fails saying it can't access a site - quoting the IPV6 address, so presumably the same problem.
I've done some research and came across a few posts that suggest that this could be down to a bug in the Broadcom chipset in my router and I need to turn off flow cache, but I've also had someone say that because the PI is the endpoint then the router chipset isn't relevant.
Can anyone help?
For info, I'm in the UK using Vodafone full fibre internet, using a Raspberry PI4 as the tunnel endpoint. The PI is behind the router using NAT. I have a static IP from Vodafone and the PI is assigned a specific reserved address by the DHCP on the router.
The various configs etc are :
On the Raspberry PI :
he-ipv6 in /etc/network/interfaces.d
auto he-ipv6
iface he-ipv6 inet6 v4tunnel
address 2001:xxx:1f1c:yyy::2
netmask 64
endpoint 216.66.88.98
local 192.168.66.77
ttl 255
gateway 2001:xxx:1f1c:yyy::1
up ip addr add 2001:xxx:1f1d:yyy::1/64 dev wlan0
ifconfig wlan0
wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.66.77 netmask 255.255.255.0 broadcast 192.168.66.255
inet6 fe80::7b20:a60f:cd65:73cc prefixlen 64 scopeid 0x20<link>
inet6 2001:xxx:1f1d:yyy::1 prefixlen 64 scopeid 0x0<global>
ether dc:a6:32:4c:4b:36 txqueuelen 1000 (Ethernet)
RX packets 1836894 bytes 970491418 (925.5 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1098147 bytes 852685368 (813.1 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
radvd.conf
interface wlan0
{
IgnoreIfMissing on;
AdvManagedFlag off;
AdvSendAdvert on;
MinRtrAdvInterval 3;
MaxRtrAdvInterval 10;
AdvOtherConfigFlag on;
AdvLinkMTU 1480;
prefix 2001:xxx:1f1d:yyy::/64
{
AdvOnLink on;
AdvAutonomous on;
AdvRouterAddr on;
};
};
route -6
localhost/128 [::] U 256 2 0 lo
tunnel588721.tunnel.tserv1.lon2.ipv6.he.net/128 [::] U 1024 1 0 he-ipv6
2001:xxx:1f1c:yyy::/64 [::] Un 256 2 0 he-ipv6
2001:xxx:1f1d:yyy::/64 [::] U 256 1 0 wlan0
fe80::/64 [::] Un 256 1 0 he-ipv6
fe80::/64 [::] U 256 1 0 wlan0
[::]/0 tunnel588721.tunnel.tserv1.lon2.ipv6.he.net UGH 1024 4 0 he-ipv6
localhost/128 [::] Un 0 5 0 lo
2001:xxx:1f1c:yyy::/128 [::] Un 0 3 0 he-ipv6
tunnel588721-pt.tunnel.tserv1.lon2.ipv6.he.net/128 [::] Un 0 5 0 he-ipv6
2001:xxx:1f1d:yyy::/128 [::] Un 0 3 0 wlan0
2001:xxx:1f1d:yyy::1/128 [::] Un 0 3 0 wlan0
fe80::/128 [::] Un 0 3 0 he-ipv6
fe80::/128 [::] Un 0 3 0 wlan0
fe80::c0a8:424d/128 [::] Un 0 5 0 he-ipv6
fe80::7b20:a60f:cd65:73cc/128 [::] Un 0 4 0 wlan0
ff00::/8 [::] U 256 1 0 he-ipv6
ff00::/8 [::] U 256 5 0 wlan0
[::]/0 [::] !n -1 1 0 lo
Windows 11 client:
ipconfig
Wireless LAN adapter WiFi:
Connection-specific DNS Suffix . : broadband
IPv6 Address. . . . . . . . . . . : 2001:xxx:1f1d:yyy:e4de:254f:6be3:6bbc
Temporary IPv6 Address. . . . . . : 2001:xxx:1f1d:yyy:c063:996f:d09b:1ca8
Link-local IPv6 Address . . . . . : fe80::b03f:933c:907:2ce9%2
IPv4 Address. . . . . . . . . . . : 192.168.66.87
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : fe80::7b20:a60f:cd65:73cc%2
192.168.66.250
route -6 print
If Metric Network Destination Gateway
2 291 ::/0 fe80::7b20:a60f:cd65:73cc
1 331 ::1/128 On-link
2 291 2001:xxx:1f1d:yyy::/64 On-link
2 291 2001:xxx:1f1d:yyy:c063:996f:d09b:1ca8/128
On-link
2 291 2001:xxx:1f1d:yyy:e4de:254f:6be3:6bbc/128
On-link
2 291 fe80::/64 On-link
2 291 fe80::b03f:933c:907:2ce9/128
On-link
1 331 ff00::/8 On-link
2 291 ff00::/8 On-link
Any help appreciated.
Thanks
Hi again,
Sorry for replying to my own post, but I've had a reply in the Vodafone forum where I'd posted as well which appears to have solved the problem.
I'd left the MTU of the tunnel at it's defaults, but was advised to set it at 1452 at both ends, and sure enough, this seems to have solved the problem, with all the tests now working fine, and ipv6 only sites accessible without any problems.
I've taken the tunnel down to do some fine tuning, including firewalling the IPV6 side (I'd left it open for testing) but looks like the issue is solved.
Just wanted to report back here in case it helps anyone else.
Ross