Hurricane Electric's IPv6 Tunnel Broker Forums

Advanced search  

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - divad27182

Pages: [1] 2 3 4
1
Questions & Answers / Re: Problems with initial setup on Debian
« on: November 13, 2017, 11:51:39 AM »
I think I've got to the bottom of it. It appears to be the 'local' line that causes this.

If I remove that, then it seems to bring up the interface correctly.

Will monitor to make sure, but fingers crossed that's it sorted.

Andy

Well, I think the "local" line picks the IP address that the tunnel sends from.  It isn't needed, but should be slightly faster than letting the kernel pick for you based on the routing tables.  It is also more flexible not to use it, in that a change in your IP address won't require reconfiguration.

As for why that makes a default route fail: It probably doesn't, and probably didn't.  Configuration errors often leave some pieces behind, particularly if the configuration is changed between an ifup and an ifdown.  Sometimes, you just have to go through and remove everything that isn't right by hand, before trying again.  Frankly, this is one reason Microsoft Windows wants you to reboot so often. 

Other things that could be making the default route:  well, SLAAC based on your ISP's multicasts could do it.  Other entries in /etc/network/interfaces could do it.  Something in /etc/rc.local or similar could do it.  DHCP6 could do it.

Have fun with your IPv6.

2
Questions & Answers / Re: Problems with initial setup on Debian
« on: November 10, 2017, 08:55:22 PM »
/bin/ip route add ::/0 via 2001:470:1f1c:da2::1  dev he-ipv6 onlink
RTNETLINK answers: File exists
ifup: failed to bring up he-ipv6
I don't know why I didn't see it before, but the text "RTNETLINK answers: File exists" is an error from the ip command.  In particular, in this case it means it is trying to add a route to somewhere there is already a route to.   It can't add an IPv6 default route because you already have one.  Remove the preexisting default route and try again.

3
Questions & Answers / Re: Problems with initial setup on Debian
« on: November 09, 2017, 12:41:29 PM »
I'm not sure what "onlink" is doing.  My older Debian's program does not include it.  The line with that is an attempt to assign a default gateway.

Once you've brought up your links, you first test should be to ping the other end.  In your case, "2001:470:1f1c:da2::1".  If that works, try something else.  Actually, your link is up now as I can ping your address.

If you want the machine to forward for everybody else, install and configure radvd.  This will get all the other machines on the subnet addresses, and tell them where to route.  This should be using "2001:470:1f1d:da2::/64" , unless you've also requested a /48.

If "my.ip.addr.here" is you masking it out, OK.  If not, you can just omit the "local" clause altogether, and let the kernel decide on its own.

Edit: if you want it forwarding, you also need to turn on IPv6 routing, typically by adding "net.ipv6.conf.all.forwarding = 1" to /etc/sysctl.conf or /etc/sysctl.d/something.conf (and then either run the command manually or reboot...)

4
Well, they do have impressive technology pushing user configuration changes all around the world. 

And that's the bit I really would not expect to see published, unless they want to support people going into competition with them.

They also have a nice large BGP configuration to deal with all the various tunnel servers, and replicated machines.  (Apparently, they have multiple copies of the 5 DNS servers.)

5
General Questions & Suggestions / Re: Dynamic Prefix for IPv6
« on: October 22, 2017, 06:35:29 PM »
That's what the A6 record type is for.  Pity.  It went from proposed standard to experimental to historical.

6
Questions & Answers / Re: Is an IPv6 tunnel applicable for Xbox One?
« on: October 22, 2017, 11:44:04 AM »
The 3 to 126 question should probably be 64.  Bits in the netmask.

You might want to write to Hurricate Electric's support desk:  ipv6@he.net to work out how to do it, and to enable them to setup an "Example Configuration" page for your box.

Alternatively, if it is indeed Windows 10, you might try the Windows 10 Example Configuration.  I believe it will fill in all your values, and you need only paste it into a privileged shell.

7
On my main actual interface, I gave a static IPv6 ip '2001:470:1f06:282::4' to the interface. And for the gateway IP, I gave the IPv6 ip which is working on my Linux machine in this case '2001:470:1f06:282::2', is that what I was supposed to do?

I believe 2001:470:1f06::/48 is the transit networks off the New York City tunnelbroker.  You cannot give any other addresses on that subnet.  i.e. 2001:470:1f06:282::4 is improper.  You are assigned a second subnet, probably 2001:470:1f07:282::/64 that you may allocate addresses in, and have your machine that is 2001:470:1f06:282::2 route to and from.


8
IPv6 on Routing Platforms / Re: BGP Default Route Only
« on: October 17, 2017, 08:52:54 AM »
BGP is what you do to not have default routes.  You could tell BGP to not set the routes on your local machine, but you would probably only do that if you are doing some routing research (and you aren't).

9
Questions & Answers / Re: Problems configuring Tunnel
« on: October 15, 2017, 07:37:41 PM »
Im using just Lan 1 by the way, the Lan 2 is not used at all!

If you have and are not using the /48, you should cancel the request for it.  Those are a somewhat limited resource and you should not get one and not use it.

10
Questions & Answers / Re: Problems configuring Tunnel
« on: October 07, 2017, 06:50:09 PM »
And the fact that they DON'T delegate, but DO have well setup DNS, means that JDH1986JDH could just use domain name
JDH1986JDH-1-pt.tunnel.tserv9.chi1.ipv6.he.net
for his server.  Admittedly, if he changes his configuration before completing certification, he might need to do the reset operation and start over.

edit: Not sure if that's his current address.  He later showed one for a different account.

11
Questions & Answers / Re: Problems configuring Tunnel
« on: October 07, 2017, 06:42:03 PM »
Actually, if you only intend to have one machine there, then the hassle is setting up the routed /64.

I've actually considered doing just this with my laptop.  I haven't, but I might.  Actually, I sort of wish that you could request no routed /64, and a tunnel /126.  Then I wouldn't feel I was wasting resources.

12
Questions & Answers / Re: Problems configuring Tunnel
« on: October 07, 2017, 06:33:33 PM »
You need to assign an IPv6 address to your LAN connection..you've only assigned one to your tunnel.

Make sure you use an address out of your routed /64, not the tunnel /64

Actually, it is perfectly valid to use the tunnel /64 address, as long as you use your end of it.  It may not be ideal, but it is valid, and if you don't want to setup another /64, then you do not need to.

Indeed, if you can get an IPv6 address out of http://checkip.dns.he.net/ (or any other IPv6 tester), that will do to identify your machine.

JDH1986JDH: You should be aware that later tests are that you have an IPv6 reachable email server, and that it has IPv6 DNS.

13
IPv6 on Linux & BSD & Mac / Re: Tunnel on Mac OS X 10.12.6
« on: September 23, 2017, 10:34:19 AM »
It sounds like a DNS problem to me.  "not found" and "can't find" seem indicative.  I would expect a different error if it can't reach the server.

Did you change your DNS as part of the setup?  and if so, did you forget to restart the browser?

Was the browser started when you only had IPv4, so that it is only querying for IPv4 addresses?


14
IPv6 Basics & Questions & General Chatter / Re: ipv6 via gray ip
« on: September 03, 2017, 05:48:38 PM »
hi. how to make ipv6 if my provider give me inet with 10.152.xxx.xxx ip address (aka grey ip address)? so only dedicated ip4 address can help avoid this trouble? thanks
  • It is called a "Private Use" address, not "grey".
  • If they use a one-to-one NAT, you might be able to do it with a he.net tunnel.  Try http://checkip.dns.he.net/ repeatedly (including with hours delay).  Try other address reporting services.  If it never changes, you might have one-to-one NAT.  Or maybe the provider only has one public address.
  • Your best bet may be to see if your provider provides IPV6.  Try the autoconfiguration methods, and DHCPv6.  And ask them.  And if they don't provide IPv6, ask them to.

15
wget -O -  https://get.acme.sh | sh

Of course, if you have ANY security concerns, you will not do this at all!

Pages: [1] 2 3 4