Hurricane Electric's IPv6 Tunnel Broker Forums

General IPv6 Topics => IPv6 on Linux & BSD & Mac => Topic started by: Greg33 on October 26, 2009, 11:18:53 AM

Title: Problem with tunnel
Post by: Greg33 on October 26, 2009, 11:18:53 AM
Hi
I have problem with my tunnel. I try configure it on my router
based on FreeBSD (FreeBSD router.lan 7.2-RELEASE FreeBSD 7.2-RELEASE
#0).

I can't ping any ipv6 hosts, even my PoPv6 gateway.

If I try ping my gw there is no answer

ping6 2001:470:1f0a:a08::1 (my pop6 endpoint)
tcpdump -ni vr0 host 216.66.80.30
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on vr0, link-type EN10MB (Ethernet), capture size 96 bytes

19:08:06.570521 IP 83.143.43.59 > 216.66.80.30: IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, echo request, seq 0, length 16
19:08:07.571406 IP 83.143.43.59 > 216.66.80.30: IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, echo request, seq 1, length 16
19:08:08.570709 IP 83.143.43.59 > 216.66.80.30: IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, echo request, seq 2, length 16
19:08:09.571052 IP 83.143.43.59 > 216.66.80.30: IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, echo request, seq 3, length 16
19:08:10.570393 IP 83.143.43.59 > 216.66.80.30: IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, echo request, seq 4, length 16
19:08:11.570734 IP 83.143.43.59 > 216.66.80.30: IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, echo request, seq 5, length 16
19:08:11.571641 IP 83.143.43.59 > 216.66.80.30: IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, neighbor solicitation[|icmp6]
19:08:12.571085 IP 83.143.43.59 > 216.66.80.30: IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, echo request, seq 6, length 16
19:08:12.571937 IP 83.143.43.59 > 216.66.80.30: IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, neighbor solicitation[|icmp6]
19:08:13.572342 IP 83.143.43.59 > 216.66.80.30: IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, neighbor solicitation[|icmp6]

tcpdump -ni gif0
tcpdump: WARNING: gif0: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on gif0, link-type NULL (BSD loopback), capture size 96 bytes

19:08:06.570414 IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, echo request, seq 0, length 16
19:08:07.571357 IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, echo request, seq 1, length 16
19:08:08.570666 IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, echo request, seq 2, length 16
19:08:09.571008 IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, echo request, seq 3, length 16
19:08:10.570349 IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, echo request, seq 4, length 16
19:08:11.570692 IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, echo request, seq 5, length 16
19:08:11.571612 IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, neighbor solicitation, who has 2001:470:1f0a:a08::1, length 24
19:08:12.571039 IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, echo request, seq 6, length 16
19:08:12.571916 IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, neighbor solicitation, who has 2001:470:1f0a:a08::1, length 24
19:08:13.572298 IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, neighbor solicitation, who has 2001:470:1f0a:a08::1, length 24
19:08:35.871088 IP6 fe80::20d:b9ff:fe19:233c > ff02::1: ICMP6, router advertisement, length 48

ping6 ipv6.google.com

tcpdump -ni vr0 host 216.66.80.30
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on vr0, link-type EN10MB (Ethernet), capture size 96 bytes

19:09:34.103962 IP 83.143.43.59 > 216.66.80.30: IP6 2001:470:1f0a:a08::2 > 2001:4860:a005::68: ICMP6, echo request, seq 2, length 16
19:09:35.104305 IP 83.143.43.59 > 216.66.80.30: IP6 2001:470:1f0a:a08::2 > 2001:4860:a005::68: ICMP6, echo request, seq 3, length 16
19:09:36.103645 IP 83.143.43.59 > 216.66.80.30: IP6 2001:470:1f0a:a08::2 > 2001:4860:a005::68: ICMP6, echo request, seq 4, length 16
19:09:37.104945 IP 83.143.43.59 > 216.66.80.30: IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, neighbor solicitation[|icmp6]
19:09:38.105239 IP 83.143.43.59 > 216.66.80.30: IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, neighbor solicitation[|icmp6]
19:09:39.105582 IP 83.143.43.59 > 216.66.80.30: IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, neighbor solicitation[|icmp6]

tcpdump -ni gif0
tcpdump: WARNING: gif0: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode

19:09:34.103921 IP6 2001:470:1f0a:a08::2 > 2001:4860:a005::68: ICMP6, echo request, seq 2, length 16
19:09:35.104263 IP6 2001:470:1f0a:a08::2 > 2001:4860:a005::68: ICMP6, echo request, seq 3, length 16
19:09:36.103604 IP6 2001:470:1f0a:a08::2 > 2001:4860:a005::68: ICMP6, echo request, seq 4, length 16
19:09:37.104900 IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, neighbor solicitation, who has 2001:470:1f0a:a08::1, length 24
19:09:38.105200 IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, neighbor solicitation, who has 2001:470:1f0a:a08::1, length 24
19:09:39.105542 IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, neighbor solicitation, who has 2001:470:1f0a:a08::1, length 24


I try ping my ipv6 address from
http://www.subnetonline.com/pages/ipv6-network-tools/online-ipv6-ping.php

and tcpdump show
tcpdump -ni vr0 host 216.66.80.30
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on vr0, link-type EN10MB (Ethernet), capture size 96 bytes

18:58:39.676697 IP 216.66.80.30 > 83.143.43.59: IP6 2001:1af8:4200:b000:20c:29ff:fe6b:49d2 > 2001:470:1f0a:a08::2: ICMP6, echo request, seq 0, length 40
18:58:39.676872 IP 83.143.43.59 > 216.66.80.30: IP6 2001:470:1f0a:a08::2 > 2001:1af8:4200:b000:20c:29ff:fe6b:49d2: ICMP6, echo reply, seq 0, length 40
18:58:40.673743 IP 216.66.80.30 > 83.143.43.59: IP6 2001:1af8:4200:b000:20c:29ff:fe6b:49d2 > 2001:470:1f0a:a08::2: ICMP6, echo request, seq 1, length 40
18:58:40.673933 IP 83.143.43.59 > 216.66.80.30: IP6 2001:470:1f0a:a08::2 > 2001:1af8:4200:b000:20c:29ff:fe6b:49d2: ICMP6, echo reply, seq 1, length 40
18:58:41.672109 IP 216.66.80.30 > 83.143.43.59: IP6 2001:1af8:4200:b000:20c:29ff:fe6b:49d2 > 2001:470:1f0a:a08::2: ICMP6, echo request, seq 2, length 40
18:58:41.672299 IP 83.143.43.59 > 216.66.80.30: IP6 2001:470:1f0a:a08::2 > 2001:1af8:4200:b000:20c:29ff:fe6b:49d2: ICMP6, echo reply, seq 2, length 40
18:58:42.674293 IP 216.66.80.30 > 83.143.43.59: IP6 2001:1af8:4200:b000:20c:29ff:fe6b:49d2 > 2001:470:1f0a:a08::2: ICMP6, echo request, seq 3, length 40
18:58:42.674483 IP 83.143.43.59 > 216.66.80.30: IP6 2001:470:1f0a:a08::2 > 2001:1af8:4200:b000:20c:29ff:fe6b:49d2: ICMP6, echo reply, seq 3, length 40
18:58:44.675464 IP 83.143.43.59 > 216.66.80.30: IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, neighbor solicitation[|icmp6]
18:58:45.675298 IP 83.143.43.59 > 216.66.80.30: IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, neighbor solicitation[|icmp6]
18:58:46.675150 IP 83.143.43.59 > 216.66.80.30: IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, neighbor solicitation[|icmp6]

tcpdump -ni gif0
tcpdump: WARNING: gif0: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on gif0, link-type NULL (BSD loopback), capture size 96 bytes

18:58:39.676732 IP6 2001:1af8:4200:b000:20c:29ff:fe6b:49d2 > 2001:470:1f0a:a08::2: ICMP6, echo request, seq 0, length 40
18:58:39.676842 IP6 2001:470:1f0a:a08::2 > 2001:1af8:4200:b000:20c:29ff:fe6b:49d2: ICMP6, echo reply, seq 0, length 40
18:58:40.673785 IP6 2001:1af8:4200:b000:20c:29ff:fe6b:49d2 > 2001:470:1f0a:a08::2: ICMP6, echo request, seq 1, length 40
18:58:40.673895 IP6 2001:470:1f0a:a08::2 > 2001:1af8:4200:b000:20c:29ff:fe6b:49d2: ICMP6, echo reply, seq 1, length 40
18:58:41.672151 IP6 2001:1af8:4200:b000:20c:29ff:fe6b:49d2 > 2001:470:1f0a:a08::2: ICMP6, echo request, seq 2, length 40
18:58:41.672262 IP6 2001:470:1f0a:a08::2 > 2001:1af8:4200:b000:20c:29ff:fe6b:49d2: ICMP6, echo reply, seq 2, length 40
18:58:42.674334 IP6 2001:1af8:4200:b000:20c:29ff:fe6b:49d2 > 2001:470:1f0a:a08::2: ICMP6, echo request, seq 3, length 40
18:58:42.674446 IP6 2001:470:1f0a:a08::2 > 2001:1af8:4200:b000:20c:29ff:fe6b:49d2: ICMP6, echo reply, seq 3, length 40
18:58:44.675421 IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, neighbor solicitation, who has 2001:470:1f0a:a08::1, length 24
18:58:45.675260 IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, neighbor solicitation, who has 2001:470:1f0a:a08::1, length 24
18:58:46.675106 IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, neighbor solicitation, who has 2001:470:1f0a:a08::1, length 24


but the ping tool show:

IPv6 Ping Output:

PING 2001:470:1f0a:a08::2(2001:470:1f0a:a08::2) 32 data bytes
--- 2001:470:1f0a:a08::2 ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 2999ms


Does anyone know what is going on ? :)
I disable any filter rules on pf, vr0 is my external interface with external IP.

Best Regards
Greg

PS. config gif0 interface

ifconfig gif0
gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1280
   tunnel inet 83.143.43.59 --> 216.66.80.30
   inet6 2001:470:1f0a:a08::2 --> 2001:470:1f0a:a08::1 prefixlen 128
   inet6 fe80::20d:b9ff:fe19:233c%gif0 prefixlen 64 scopeid 0x8
   inet6 2001:6a0:200:13d:20d:b9ff:fe19:233c prefixlen 64 autoconf

Title: Re: Problem with tunnel
Post by: cholzhauer on October 26, 2009, 11:23:05 AM
Can you post your routing table  ("netstat -nr") and the output of "ifconfig -a" ?
Title: Re: Problem with tunnel
Post by: Greg33 on October 26, 2009, 11:27:06 AM
of corse :)

Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use  Netif Expire
default              83.143.43.1     UGS         0     4404    vr0
83.143.43.0/24   link#1             UC          0        0    vr0
83.143.43.1       00:1e:68:a9:d3:3f  UHLW        2        0    vr0   1199
127.0.0.1          127.0.0.1          UH          0        0    lo0
192.168.1.0/24   link#2             UC          0        0    vr1
192.168.1.5       00:08:5d:11:36:45  UHLW        1      137    vr1   1027
192.168.2.0/24   link#3             UC          0        0    vr2
192.168.2.57      00:1e:ec:31:db:78  UHLW        1     6262    vr2    474
192.168.3.0/24   link#4             UC          0        0   ath0

Internet6:
Destination                       Gateway                       Flags      Netif Expire
::/96                             ::1                                 UGRS        lo0 =>
default                           2001:470:1f0a:a08::1       UGS        gif0
::1                                ::1                                 UHL         lo0
::ffff:0.0.0.0/96                 ::1                           UGRS        lo0
2001:470:1f0a:a08::1              link#8                        UHL        gif0
2001:470:1f0a:a08::2              link#8                        UHL         lo0
2001:6a0:200:13d::/64             link#8                        UC         gif0
2001:6a0:200:13d:20d:b9ff:fe19:233c link#8                        UHL         lo0
fe80::/10                         ::1                           UGRS        lo0
fe80::%vr0/64                     link#1                        UC          vr0
fe80::20d:b9ff:fe19:233c%vr0      00:0d:b9:19:23:3c             UHL         lo0
fe80::%vr1/64                     link#2                        UC          vr1
fe80::20d:b9ff:fe19:233d%vr1      00:0d:b9:19:23:3d             UHL         lo0
fe80::%vr2/64                     link#3                        UC          vr2
fe80::20d:b9ff:fe19:233e%vr2      00:0d:b9:19:23:3e             UHL         lo0
fe80::%ath0/64                    link#4                        UC         ath0
fe80::221:27ff:fecc:604f%ath0     00:21:27:cc:60:4f             UHL         lo0
fe80::%lo0/64                     fe80::1%lo0                   U           lo0
fe80::1%lo0                       link#6                        UHL         lo0
fe80::%gif0/64                    link#8                        UC         gif0
fe80::20d:b9ff:fe19:233c%gif0     link#8                        UHL         lo0
ff01:1::/32                       link#1                        UC          vr0
ff01:2::/32                       link#2                        UC          vr1
ff01:3::/32                       link#3                        UC          vr2
ff01:4::/32                       link#4                        UC         ath0
ff01:6::/32                       ::1                           UC          lo0
ff01:8::/32                       link#8                        UC         gif0
ff02::/16                         ::1                           UGRS        lo0
ff02::%vr0/32                     link#1                        UC          vr0
ff02::%vr1/32                     link#2                        UC          vr1
ff02::%vr2/32                     link#3                        UC          vr2
ff02::%ath0/32                    link#4                        UC         ath0
ff02::%lo0/32                     ::1                           UC          lo0
ff02::%gif0/32                    link#8                        UC         gif0
Title: Re: Problem with tunnel
Post by: Greg33 on October 26, 2009, 11:30:03 AM
vr0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
   options=280b<RXCSUM,TXCSUM,VLAN_MTU,WOL_UCAST,WOL_MAGIC>
   ether 00:0d:b9:19:23:3c
   inet6 fe80::20d:b9ff:fe19:233c%vr0 prefixlen 64 scopeid 0x1
   inet 83.143.43.59 netmask 0xffffff00 broadcast 83.143.43.255
   media: Ethernet autoselect (100baseTX <full-duplex>)
   status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
   inet6 ::1 prefixlen 128
   inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6
   inet 127.0.0.1 netmask 0xff000000
pflog0: flags=141<UP,RUNNING,PROMISC> metric 0 mtu 33204
gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1280
   tunnel inet 83.143.43.59 --> 216.66.80.30
   inet6 2001:470:1f0a:a08::2 --> 2001:470:1f0a:a08::1 prefixlen 128
   inet6 fe80::20d:b9ff:fe19:233c%gif0 prefixlen 64 scopeid 0x8
   inet6 2001:6a0:200:13d:20d:b9ff:fe19:233c prefixlen 64 autoconf
Title: Re: Problem with tunnel
Post by: cholzhauer on October 26, 2009, 11:31:38 AM

What commands did you use to set up your tunnel?  (Those should be in /etc/inetd.conf)
Title: Re: Problem with tunnel
Post by: cholzhauer on October 26, 2009, 11:34:04 AM
Your tunnel interface seems to have a public IPv6 address assigned to it
Quote

gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1280
   tunnel inet 83.143.43.59 --> 216.66.80.30
   inet6 2001:470:1f0a:a08::2 --> 2001:470:1f0a:a08::1 prefixlen 128
   inet6 fe80::20d:b9ff:fe19:233c%gif0 prefixlen 64 scopeid 0x8
   inet6 2001:6a0:200:13d:20d:b9ff:fe19:233c prefixlen 64 autoconf

Did you assign that?

Are you using VR0 for your network access?  I don't see an IPv6 address on there.
Title: Re: Problem with tunnel
Post by: Greg33 on October 26, 2009, 11:40:32 AM
Did you assign that?

Yes, I use this command
/sbin/ifconfig gif0 create
/sbin/ifconfig gif0 tunnel 83.143.43.59 216.66.80.30
/sbin/ifconfig gif0 inet6 2001:470:1f0a:a08::2 2001:470:1f0a:a08::1 prefixlen 128
/sbin/route -n add -inet6 default 2001:470:1f0a:a08::1
/sbin/ifconfig gif0 up

Are you using VR0 for your network access?  I don't see an IPv6 address on there.
Yes
Title: Re: Problem with tunnel
Post by: snarked on October 26, 2009, 11:42:14 AM
Quote
tcpdump: WARNING: gif0: no IPv4 address assigned
It's already telling you what's wrong.  Some setups need to assign the IPv4 endpoint address to the 6to4 interface (with a /32 or 255.255.255.255 mask).
Title: Re: Problem with tunnel
Post by: cholzhauer on October 26, 2009, 11:46:02 AM
Try putting these commands in /etc/rc.conf and rebooting.

Code: [Select]
ipv6_network_interfaces="rv0 gif1 lo0"
ipv6_gateway_enable="YES
ipv6_prefix_rv0="2001:470:1f0a:a08::3"
gif_interfaces="gif1"
gifconfig_gif1="83.143.43.59 216.66.80.30"
ipv6_ifconfig_gif1="2001:470:1f0a:a08::2/64"
ipv6_defaultrouter="-interface gif1"

If you have a /48, pick a /64 to use for the "ipv6_prefix_rv0=..."
Title: Re: Problem with tunnel
Post by: Greg33 on October 26, 2009, 12:01:47 PM
vr0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
   options=280b<RXCSUM,TXCSUM,VLAN_MTU,WOL_UCAST,WOL_MAGIC>
   ether 00:0d:b9:19:23:3c
   inet6 fe80::20d:b9ff:fe19:233c%vr0 prefixlen 64 scopeid 0x1
   inet 83.143.43.59 netmask 0xffffff00 broadcast 83.143.43.255
   inet6 2001:470:1f0a:a08::3 prefixlen 64 anycast
   media: Ethernet autoselect (100baseTX <full-duplex>)
   status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
   inet6 ::1 prefixlen 128
   inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6
   inet 127.0.0.1 netmask 0xff000000
pflog0: flags=141<UP,RUNNING,PROMISC> metric 0 mtu 33204
gif1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1280
   tunnel inet 83.143.43.59 --> 216.66.80.30
   inet6 fe80::20d:b9ff:fe19:233c%gif1 prefixlen 64 scopeid 0x8
   inet6 2001:470:1f0a:a08::2 prefixlen 64
gif0: flags=8011<UP,POINTOPOINT,MULTICAST> metric 0 mtu 1280
   inet6 2001:470:1f0a:a08::2 --> 2001:470:1f0a:a08::1 prefixlen 128
   inet6 fe80::20d:b9ff:fe19:233c%gif0 prefixlen 64 scopeid 0x9


Internet6:
Destination                       Gateway                       Flags      Netif Expire
::/96                             ::1                           UGRS        lo0 =>
default                           gif1                          ULS        gif1
::1                               ::1                           UHL         lo0
::ffff:0.0.0.0/96                 ::1                           UGRS        lo0
2001:470:1f0a:a08::/64            link#1                        UC          vr0
2001:470:1f0a:a08::1              link#9                        UHL        gif0
2001:470:1f0a:a08::2              link#8                        UHL         lo0
2001:470:1f0a:a08::3              00:0d:b9:19:23:3c             UHL         lo0
fe80::/10                         ::1                           UGRS        lo0
fe80::%vr0/64                     link#1                        UC          vr0
fe80::20d:b9ff:fe19:233c%vr0      00:0d:b9:19:23:3c             UHL         lo0
fe80::%vr1/64                     link#2                        UC          vr1
fe80::20d:b9ff:fe19:233d%vr1      00:0d:b9:19:23:3d             UHL         lo0
fe80::%vr2/64                     link#3                        UC          vr2
fe80::20d:b9ff:fe19:233e%vr2      00:0d:b9:19:23:3e             UHL         lo0
fe80::%ath0/64                    link#4                        UC         ath0
fe80::221:27ff:fecc:604f%ath0     00:21:27:cc:60:4f             UHL         lo0
fe80::%lo0/64                     fe80::1%lo0                   U           lo0
fe80::1%lo0                       link#6                        UHL         lo0
fe80::%gif1/64                    link#8                        UC         gif1
fe80::20d:b9ff:fe19:233c%gif1     link#8                        UHL         lo0
fe80::%gif0/64                    link#9                        UC         gif0
fe80::20d:b9ff:fe19:233c%gif0     link#9                        UHL         lo0
ff01:1::/32                       link#1                        UC          vr0
ff01:2::/32                       link#2                        UC          vr1
ff01:3::/32                       link#3                        UC          vr2
ff01:4::/32                       link#4                        UC         ath0
ff01:6::/32                       ::1                           UC          lo0
ff01:8::/32                       link#8                        UC         gif1
ff01:9::/32                       link#8                        UC         gif1
ff02::/16                         ::1                           UGRS        lo0
ff02::%vr0/32                     link#1                        UC          vr0
ff02::%vr1/32                     link#2                        UC          vr1
ff02::%vr2/32                     link#3                        UC          vr2
ff02::%ath0/32                    link#4                        UC         ath0
ff02::%lo0/32                     ::1                           UC          lo0
ff02::%gif1/32                    link#8                        UC         gif1
ff02::%gif0/32                    link#8                        UC         gif1

ping6 2001:470:1f0a:a08::1
PING6(56=40+8+8 bytes) 2001:470:1f0a:a08::2 --> 2001:470:1f0a:a08::1
ping6: sendmsg: Network is down
ping6: wrote 2001:470:1f0a:a08::1 16 chars, ret=-1
ping6: sendmsg: Network is down
ping6: wrote 2001:470:1f0a:a08::1 16 chars, ret=-1
ping6: sendmsg: Network is down
ping6: wrote 2001:470:1f0a:a08::1 16 chars, ret=-1
^C
--- 2001:470:1f0a:a08::1 ping6 statistics ---
3 packets transmitted, 0 packets received, 100.0% packet loss

Title: Re: Problem with tunnel
Post by: cholzhauer on October 26, 2009, 12:05:06 PM
You'll need to remove gif0
Title: Re: Problem with tunnel
Post by: Greg33 on October 26, 2009, 12:14:20 PM
gif1: flags=8151<UP,POINTOPOINT,RUNNING,PROMISC,MULTICAST> metric 0 mtu 1280
   tunnel inet 83.143.43.59 --> 216.66.80.30
   inet6 fe80::20d:b9ff:fe19:233c%gif1 prefixlen 64 scopeid 0x8
   inet6 2001:470:1f0a:a08::2 prefixlen 64


unfortunately, still the same :( as the first post
Title: Re: Problem with tunnel
Post by: cholzhauer on October 26, 2009, 12:25:58 PM
Can you repost the routing table
Title: Re: Problem with tunnel
Post by: Greg33 on October 26, 2009, 12:33:03 PM
Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use  Netif Expire
default            83.143.43.1        UGS         0      194    vr0
83.143.43.0/24     link#1             UC          0        0    vr0
83.143.43.1        00:1e:68:a9:d3:3f  UHLW        2        0    vr0   1198
127.0.0.1          127.0.0.1          UH          0        0    lo0
192.168.1.0/24     link#2             UC          0        0    vr1
192.168.2.0/24     link#3             UC          0        0    vr2
192.168.2.57       00:1e:ec:31:db:78  UHLW        1      277    vr2   1160
192.168.3.0/24     link#4             UC          0        0   ath0

Internet6:
Destination                       Gateway                       Flags      Netif Expire
::/96                             ::1                           UGRS        lo0 =>
default                           gif1                          ULS        gif1
::1                               ::1                           UHL         lo0
::ffff:0.0.0.0/96                 ::1                           UGRS        lo0
2001:470:1f0a:a08::/64            link#1                        UC          vr0
2001:470:1f0a:a08::2              link#8                        UHL         lo0
2001:470:1f0a:a08::3              00:0d:b9:19:23:3c             UHL         lo0
fe80::/10                         ::1                           UGRS        lo0
fe80::%vr0/64                     link#1                        UC          vr0
fe80::20d:b9ff:fe19:233c%vr0      00:0d:b9:19:23:3c             UHL         lo0
fe80::%vr1/64                     link#2                        UC          vr1
fe80::20d:b9ff:fe19:233d%vr1      00:0d:b9:19:23:3d             UHL         lo0
fe80::%vr2/64                     link#3                        UC          vr2
fe80::20d:b9ff:fe19:233e%vr2      00:0d:b9:19:23:3e             UHL         lo0
fe80::%ath0/64                    link#4                        UC         ath0
fe80::221:27ff:fecc:604f%ath0     00:21:27:cc:60:4f             UHL         lo0
fe80::%lo0/64                     fe80::1%lo0                   U           lo0
fe80::1%lo0                       link#6                        UHL         lo0
fe80::%gif1/64                    link#8                        UC         gif1
fe80::20d:b9ff:fe19:233c%gif1     link#8                        UHL         lo0
ff01:1::/32                       link#1                        UC          vr0
ff01:2::/32                       link#2                        UC          vr1
ff01:3::/32                       link#3                        UC          vr2
ff01:4::/32                       link#4                        UC         ath0
ff01:6::/32                       ::1                           UC          lo0
ff01:8::/32                       link#8                        UC         gif1
ff02::/16                         ::1                           UGRS        lo0
ff02::%vr0/32                     link#1                        UC          vr0
ff02::%vr1/32                     link#2                        UC          vr1
ff02::%vr2/32                     link#3                        UC          vr2
ff02::%ath0/32                    link#4                        UC         ath0
ff02::%lo0/32                     ::1                           UC          lo0
ff02::%gif1/32                    link#8                        UC         gif1


vr0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
   options=280b<RXCSUM,TXCSUM,VLAN_MTU,WOL_UCAST,WOL_MAGIC>
   ether 00:0d:b9:19:23:3c
   inet6 fe80::20d:b9ff:fe19:233c%vr0 prefixlen 64 scopeid 0x1
   inet 83.143.43.59 netmask 0xffffff00 broadcast 83.143.43.255
   inet6 2001:470:1f0a:a08::3 prefixlen 64 anycast
   media: Ethernet autoselect (100baseTX <full-duplex>)
   status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
   inet6 ::1 prefixlen 128
   inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6
   inet 127.0.0.1 netmask 0xff000000
pflog0: flags=141<UP,RUNNING,PROMISC> metric 0 mtu 33204
gif1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1280
   tunnel inet 83.143.43.59 --> 216.66.80.30
   inet6 fe80::20d:b9ff:fe19:233c%gif1 prefixlen 64 scopeid 0x8
   inet6 2001:470:1f0a:a08::2 prefixlen 64

Title: Re: Problem with tunnel
Post by: cholzhauer on October 26, 2009, 12:38:44 PM
You're routing traffic destined for the tunnel out your local interface instead of the tunnel

Quote
2001:470:1f0a:a08::/64            link#1                        UC          vr0

It should be routed out gif1
Title: Re: Problem with tunnel
Post by: Greg33 on October 26, 2009, 12:52:43 PM
but the routing was not manually set by me, I try to change
Title: Re: Problem with tunnel
Post by: Greg33 on October 26, 2009, 01:03:52 PM
routing changed but unfortunately still not works, it is very strange :)

Internet6:
Destination                       Gateway                       Flags      Netif Expire
::/96                             ::1                           UGRS        lo0 =>
default                           gif1                          ULS        gif1
::1                               ::1                           UHL         lo0
::ffff:0.0.0.0/96                 ::1                           UGRS        lo0
2001:470:1f0a:a08::/64            gif1                          ULS        gif1
2001:470:1f0a:a08::2              link#8                        UHL         lo0
2001:470:1f0a:a08::3              00:0d:b9:19:23:3c             UHL         lo0
fe80::/10                         ::1                           UGRS        lo0
fe80::%vr0/64                     link#1                        UC          vr0
fe80::20d:b9ff:fe19:233c%vr0      00:0d:b9:19:23:3c             UHL         lo0
fe80::%vr1/64                     link#2                        UC          vr1
fe80::20d:b9ff:fe19:233d%vr1      00:0d:b9:19:23:3d             UHL         lo0
fe80::%vr2/64                     link#3                        UC          vr2
fe80::20d:b9ff:fe19:233e%vr2      00:0d:b9:19:23:3e             UHL         lo0
fe80::%ath0/64                    link#4                        UC         ath0
fe80::221:27ff:fecc:604f%ath0     00:21:27:cc:60:4f             UHL         lo0
fe80::%lo0/64                     fe80::1%lo0                   U           lo0
fe80::1%lo0                       link#6                        UHL         lo0
fe80::%gif1/64                    link#8                        UC         gif1
fe80::20d:b9ff:fe19:233c%gif1     link#8                        UHL         lo0
ff01:1::/32                       link#1                        UC          vr0
ff01:2::/32                       link#2                        UC          vr1
ff01:3::/32                       link#3                        UC          vr2
ff01:4::/32                       link#4                        UC         ath0
ff01:6::/32                       ::1                           UC          lo0
ff01:8::/32                       link#8                        UC         gif1
ff02::/16                         ::1                           UGRS        lo0
ff02::%vr0/32                     link#1                        UC          vr0
ff02::%vr1/32                     link#2                        UC          vr1
ff02::%vr2/32                     link#3                        UC          vr2
ff02::%ath0/32                    link#4                        UC         ath0
ff02::%lo0/32                     ::1                           UC          lo0
ff02::%gif1/32                    link#8                        UC         gif1
Title: Re: Problem with tunnel
Post by: jimb on October 26, 2009, 07:19:02 PM
I think your initial problem might have been the fact that you were using the wrong prefix length for your IPv6 tunnel interface, /128 when it should have been /64.

Go over your HE address assignments.  They will give you an IPv6 IP for your tunnel interface, and a different one for your routed /64.  They are both /64s.  Make sure you're putting the right addresses on the right interfaces.  Your tunnel interface should get the tunnel address, and the routed /64 can go on your "inside" interface.

Title: Re: Problem with tunnel
Post by: Greg33 on October 27, 2009, 01:44:42 AM
I tried already different configurations, and nothing worked. These are allocated addresses from HE could You help me configure it ?

Server IPv4 address:     216.66.80.30
Server IPv6 address:    2001:470:1f0a:a08::1/64
Client IPv4 address:    83.143.43.59
Client IPv6 address:    2001:470:1f0a:a08::2/64
Anycasted IPv6 Caching Nameserver:   2001:470:20::2
Anycasted IPv4 Caching Nameserver:   74.82.42.42
Routed /48:    2001:470:a013::/48
Routed /64:    2001:470:1f0b:a08::/64
Title: Re: Problem with tunnel
Post by: jimb on October 27, 2009, 04:47:49 AM
All I can say is to make sure that the address 2001:470:1f0a:a08::2/64 is only on your tunnel interface.  In your netstat I see another 2001:470:1f0a:a08::3 of that IPv6 associated with the loopback interface.  That shouldn't be.  The client tunnel subnet should only be on the tunnel.

Other than that, the only thing I can think of is a firewall or other security feature on your box is blocking the traffic, or your ISP or something else is blocking the 6in4 traffic.
Title: Re: Problem with tunnel
Post by: cholzhauer on October 27, 2009, 04:55:16 AM
Quote
In your netstat I see another 2001:470:1f0a:a08::3 of that IPv6 associated with the loopback interface.  That shouldn't be.

Yep, that was my fault.  Not sure what I was thinking.

In /etc/rc.conf, replace this line  ipv6_prefix_rv0="2001:470:1f0a:a08::3"  with this line ipv6_prefix_rv0="2001:470:a013:0000"
Title: Re: Problem with tunnel
Post by: Greg33 on October 27, 2009, 09:46:01 AM
Still the same problem, maybe my ISP filtering something  :(

ipv6_network_interfaces="vr0 gif1 lo0"
ipv6_gateway_enable="YES"
ipv6_prefix_vr0="2001:470:a013:0000"
gif_interfaces="gif1"
gifconfig_gif1="83.143.43.59 216.66.80.30"
ipv6_ifconfig_gif1="2001:470:1f0a:a08::2/64"
ipv6_defaultrouter="-interface gif1"

Internet6:
Destination                       Gateway                       Flags      Netif Expire
::/96                             ::1                           UGRS        lo0 =>
default                           gif1                          ULS        gif1
::1                               ::1                           UHL         lo0
::ffff:0.0.0.0/96                 ::1                           UGRS        lo0
2001:470:1f0a:a08::/64            link#8                        UC         gif1
2001:470:1f0a:a08::2              link#8                        UHL         lo0
2001:470:a013::                   00:0d:b9:19:23:3c             UHL         lo0 =>
2001:470:a013::/64                link#1                        UC          vr0
2001:470:a013:0:20d:b9ff:fe19:233c 00:0d:b9:19:23:3c             UHL         lo0
fe80::/10                         ::1                           UGRS        lo0
fe80::%vr0/64                     link#1                        UC          vr0
fe80::20d:b9ff:fe19:233c%vr0      00:0d:b9:19:23:3c             UHL         lo0
fe80::%vr1/64                     link#2                        UC          vr1
fe80::20d:b9ff:fe19:233d%vr1      00:0d:b9:19:23:3d             UHL         lo0
fe80::%vr2/64                     link#3                        UC          vr2
fe80::20d:b9ff:fe19:233e%vr2      00:0d:b9:19:23:3e             UHL         lo0
fe80::%ath0/64                    link#4                        UC         ath0
fe80::221:27ff:fecc:604f%ath0     00:21:27:cc:60:4f             UHL         lo0
fe80::%lo0/64                     fe80::1%lo0                   U           lo0
fe80::1%lo0                       link#6                        UHL         lo0
fe80::%gif1/64                    link#8                        UC         gif1
fe80::20d:b9ff:fe19:233c%gif1     link#8                        UHL         lo0
ff01:1::/32                       link#1                        UC          vr0
ff01:2::/32                       link#2                        UC          vr1
ff01:3::/32                       link#3                        UC          vr2
ff01:4::/32                       link#4                        UC         ath0
ff01:6::/32                       ::1                           UC          lo0
ff01:8::/32                       link#8                        UC         gif1
ff02::/16                         ::1                           UGRS        lo0
ff02::%vr0/32                     link#1                        UC          vr0
ff02::%vr1/32                     link#2                        UC          vr1
ff02::%vr2/32                     link#3                        UC          vr2
ff02::%ath0/32                    link#4                        UC         ath0
ff02::%lo0/32                     ::1                           UC          lo0
ff02::%gif1/32                    link#8                        UC         gif1

vr0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
   options=280b<RXCSUM,TXCSUM,VLAN_MTU,WOL_UCAST,WOL_MAGIC>
   ether 00:0d:b9:19:23:3c
   inet6 fe80::20d:b9ff:fe19:233c%vr0 prefixlen 64 scopeid 0x1
   inet 83.143.43.59 netmask 0xffffff00 broadcast 83.143.43.255
   inet6 2001:470:a013:0:20d:b9ff:fe19:233c prefixlen 64
   inet6 2001:470:a013:: prefixlen 64 anycast
   media: Ethernet autoselect (100baseTX <full-duplex>)
   status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
   inet6 ::1 prefixlen 128
   inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6
   inet 127.0.0.1 netmask 0xff000000
pflog0: flags=141<UP,RUNNING,PROMISC> metric 0 mtu 33204
gif1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1280
   tunnel inet 83.143.43.59 --> 216.66.80.30
   inet6 fe80::20d:b9ff:fe19:233c%gif1 prefixlen 64 scopeid 0x8
   inet6 2001:470:1f0a:a08::2 prefixlen 64
Title: Re: Problem with tunnel
Post by: cholzhauer on October 27, 2009, 10:27:22 AM
Everything looks fine to me.

You're not blocking protocol 41 anywhere?  What does tcpdump show?
Title: Re: Problem with tunnel
Post by: Greg33 on October 27, 2009, 10:37:58 AM
ping6 2001:470:1f0a:a08::1

tcpdump: WARNING: gif1: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on gif1, link-type NULL (BSD loopback), capture size 96 bytes
18:29:26.335024 IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, echo request, seq 0, length 16
18:29:27.335098 IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, echo request, seq 1, length 16
18:29:28.334697 IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, echo request, seq 2, length 16

tcpdump -ni vr0 host 216.66.80.30
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on vr0, link-type EN10MB (Ethernet), capture size 96 bytes
18:29:26.335202 IP 83.143.43.59 > 216.66.80.30: IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, echo request, seq 0, length 16
18:29:27.335128 IP 83.143.43.59 > 216.66.80.30: IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, echo request, seq 1, length 16
18:29:28.334729 IP 83.143.43.59 > 216.66.80.30: IP6 2001:470:1f0a:a08::2 > 2001:470:1f0a:a08::1: ICMP6, echo request, seq 2, length 16

ping6 ipv6.google.com
tcpdump -ni gif1
tcpdump: WARNING: gif1: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on gif1, link-type NULL (BSD loopback), capture size 96 bytes
18:30:37.998292 IP6 2001:470:1f0a:a08::2 > 2001:4860:a005::68: ICMP6, echo request, seq 0, length 16
18:30:38.998415 IP6 2001:470:1f0a:a08::2 > 2001:4860:a005::68: ICMP6, echo request, seq 1, length 16
18:30:39.998236 IP6 2001:470:1f0a:a08::2 > 2001:4860:a005::68: ICMP6, echo request, seq 2, length 16

tcpdump -ni vr0 host 216.66.80.30
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on vr0, link-type EN10MB (Ethernet), capture size 96 bytes
18:30:37.998341 IP 83.143.43.59 > 216.66.80.30: IP6 2001:470:1f0a:a08::2 > 2001:4860:a005::68: ICMP6, echo request, seq 0, length 16
18:30:38.998446 IP 83.143.43.59 > 216.66.80.30: IP6 2001:470:1f0a:a08::2 > 2001:4860:a005::68: ICMP6, echo request, seq 1, length 16
18:30:39.998266 IP 83.143.43.59 > 216.66.80.30: IP6 2001:470:1f0a:a08::2 > 2001:4860:a005::68: ICMP6, echo request, seq 2, length 16

ping my IPv6 2001:470:1f0a:a08::2 from http://www.subnetonline.com/pages/ipv6-network-tools/online-ipv6-ping.php

PING 2001:470:1f0a:a08::2(2001:470:1f0a:a08::2) 32 data bytes
--- 2001:470:1f0a:a08::2 ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 3000ms

tcpdump -ni gif1
tcpdump: WARNING: gif1: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on gif1, link-type NULL (BSD loopback), capture size 96 bytes
18:31:52.818923 IP6 2001:1af8:4200:b000:20c:29ff:fe6b:49d2 > 2001:470:1f0a:a08::2: ICMP6, echo request, seq 0, length 40
18:31:52.819028 IP6 2001:470:1f0a:a08::2 > 2001:1af8:4200:b000:20c:29ff:fe6b:49d2: ICMP6, echo reply, seq 0, length 40
18:31:53.819208 IP6 2001:1af8:4200:b000:20c:29ff:fe6b:49d2 > 2001:470:1f0a:a08::2: ICMP6, echo request, seq 1, length 40
18:31:53.819324 IP6 2001:470:1f0a:a08::2 > 2001:1af8:4200:b000:20c:29ff:fe6b:49d2: ICMP6, echo reply, seq 1, length 40
18:31:54.817239 IP6 2001:1af8:4200:b000:20c:29ff:fe6b:49d2 > 2001:470:1f0a:a08::2: ICMP6, echo request, seq 2, length 40
18:31:54.817344 IP6 2001:470:1f0a:a08::2 > 2001:1af8:4200:b000:20c:29ff:fe6b:49d2: ICMP6, echo reply, seq 2, length 40
18:31:55.819817 IP6 2001:1af8:4200:b000:20c:29ff:fe6b:49d2 > 2001:470:1f0a:a08::2: ICMP6, echo request, seq 3, length 40
18:31:55.819930 IP6 2001:470:1f0a:a08::2 > 2001:1af8:4200:b000:20c:29ff:fe6b:49d2: ICMP6, echo reply, seq 3, length 40

tcpdump -ni vr0 host 216.66.80.30
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on vr0, link-type EN10MB (Ethernet), capture size 96 bytes
18:31:52.818886 IP 216.66.80.30 > 83.143.43.59: IP6 2001:1af8:4200:b000:20c:29ff:fe6b:49d2 > 2001:470:1f0a:a08::2: ICMP6, echo request, seq 0, length 40
18:31:52.819056 IP 83.143.43.59 > 216.66.80.30: IP6 2001:470:1f0a:a08::2 > 2001:1af8:4200:b000:20c:29ff:fe6b:49d2: ICMP6, echo reply, seq 0, length 40
18:31:53.819169 IP 216.66.80.30 > 83.143.43.59: IP6 2001:1af8:4200:b000:20c:29ff:fe6b:49d2 > 2001:470:1f0a:a08::2: ICMP6, echo request, seq 1, length 40
18:31:53.819356 IP 83.143.43.59 > 216.66.80.30: IP6 2001:470:1f0a:a08::2 > 2001:1af8:4200:b000:20c:29ff:fe6b:49d2: ICMP6, echo reply, seq 1, length 40
18:31:54.817201 IP 216.66.80.30 > 83.143.43.59: IP6 2001:1af8:4200:b000:20c:29ff:fe6b:49d2 > 2001:470:1f0a:a08::2: ICMP6, echo request, seq 2, length 40
18:31:54.817375 IP 83.143.43.59 > 216.66.80.30: IP6 2001:470:1f0a:a08::2 > 2001:1af8:4200:b000:20c:29ff:fe6b:49d2: ICMP6, echo reply, seq 2, length 40
18:31:55.819780 IP 216.66.80.30 > 83.143.43.59: IP6 2001:1af8:4200:b000:20c:29ff:fe6b:49d2 > 2001:470:1f0a:a08::2: ICMP6, echo request, seq 3, length 40
18:31:55.819957 IP 83.143.43.59 > 216.66.80.30: IP6 2001:470:1f0a:a08::2 > 2001:1af8:4200:b000:20c:29ff:fe6b:49d2: ICMP6, echo reply, seq 3, length 40


And this is very strange becasue there is traffic in and out but the icmp don't reach the target
Title: Re: Problem with tunnel
Post by: Greg33 on October 27, 2009, 10:39:31 AM
My pf.rules are clear, is only nat for localnet.

Title: Re: Problem with tunnel
Post by: snarked on October 27, 2009, 11:58:16 AM
Did you bother to read reply #7?
Title: Re: Problem with tunnel
Post by: Greg33 on October 27, 2009, 12:27:41 PM
Yes, I tried

ifconfig gif1 inet 192.168.4.1 netmask 255.255.255.255
ifconfig: ioctl (SIOCAIFADDR): Destination address required
Title: Re: Problem with tunnel
Post by: jimb on October 28, 2009, 04:17:22 AM
Yes, I tried

ifconfig gif1 inet 192.168.4.1 netmask 255.255.255.255
ifconfig: ioctl (SIOCAIFADDR): Destination address required

I think he means assign the IPv4 address for your outside interface (83.143.43.59/32) to the gif0 interface also, not just as a tunnel endpoint address, but as an interface address too.  Must be some sort of BSD retardation.  :P

What's odd is that you can see the traffic from the pings from that web site coming to your 6in4 interface, and the associated 6in4 traffic from the tunnel server.  But your outgoing pings generate no 6in4 replies from the tunnel server.  It's almost is if outgoing 6in4 traffic is being blocked further down the line.

I'd double and triple check your BSD boxes firewall and other security settings.  BSD tends to be pretty "locked down" from the factory.  Perhaps IPv6 uses a separate instance of pf than IPv4 (although the tcpdump show the traffic going out).  Also, if there are further network firewalls on the path to your ISP, make sure they allow 6in4 (IP proto 41).

EDIT: Perhaps as an experiment, you might want to try setting up a 6in4 tunnel with local computer, perhaps on a different subnet, just to make sure it's not BSD being stupid.  Then, try setting one up with a friend outside your ISP.  That way you can both monitor the traffic to see if the 6in4 traffic is actually making it out for your BSD box and/or ISP.
Title: Re: Problem with tunnel
Post by: cholzhauer on October 28, 2009, 05:01:18 AM
FWIW, I didn't have to assign my public IP address to my gif interface.  And yes, there are a different set of PF rules for IPv6 then are used for IPv4.  Out of the box, there is no firewall installed on FreeBSD and it didn't take me a whole lot of work to get mine working (once I figured out the correct /etc/rc.conf settings)
Title: Re: Problem with tunnel
Post by: Greg33 on October 28, 2009, 11:41:13 AM
Thank you for your help.
I wrote to HE support and got message that they didn't see traffic from my side of the tunnel, so I think the problem is with my ISP.

Greg
Title: Re: Problem with tunnel
Post by: snarked on October 28, 2009, 12:04:57 PM
RE: Reply #27 - Exactly.  My unix variation requires the IPv4 address on the "0" encapsulation interface so that the source IPv4 is set properly.
Title: Re: Problem with tunnel
Post by: jimb on October 28, 2009, 01:31:33 PM
Yeah that sucks.  There's definitely ISPs out there I've heard of that filter various perfectly legit traffic such as 6in4.  I guess yours is one of 'em.