- Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.
News:
Welcome to Hurricane Electric's Tunnelbroker.net forums!
Recent posts
#1
IPv6 Basics & Questions & General Chatter / India Location
Last post by jipawoh391 - February 02, 2023, 03:02:49 AMIs it possible to get an ipv6 /48 in india with tunnelbroker.net?
#2
IPv6 Basics & Questions & General Chatter / Packet loss tserv5.lon1.ipv6.h...
Last post by Datachord - January 30, 2023, 02:30:29 PMNoticing ~5% average packet loss via tserv5.lon1.ipv6.he.net.
Pinging HE address 2001:470:0:67::1 or externals ... 0% loss for ipv4.
Pinging tunnel endpoint on 216.66.80.26 results in same level of packet loss.
Any chance this could be fixed?
Regards
Pinging HE address 2001:470:0:67::1 or externals ... 0% loss for ipv4.
Pinging tunnel endpoint on 216.66.80.26 results in same level of packet loss.
Any chance this could be fixed?
Regards
#3
Questions & Answers / Re: Netflix IPv6 DNS Domains
Last post by snarked - January 23, 2023, 09:53:11 AMHow about filtering by ASN? I see that they're using Amazon Web Services, so the ASN is 16509. I would further limit filtering to just DNS queries and/or responses.
#4
Questions & Answers / Re: Dealing CGNAT to using Tun...
Last post by tjeske - January 23, 2023, 01:11:30 AMYou could use Route48 instead of HE. They do offer IPv6 tunnels over Wireguard.
#5
General Discussion / Re: What is the max points one...
Last post by tjeske - January 23, 2023, 01:09:54 AMYes.
#6
Questions & Answers / Re: Netflix IPv6 DNS Domains
Last post by tjeske - January 23, 2023, 12:58:40 AMUnfortunately, many embedded devices have hardcoded DNS servers. Mainly thought as fallback. Iirc correctly every Android device has 8.8.8.8 hardcoded as well. Could be that Google's DNS sometimes just wins the race over your local DNS. Worst would be if it's using DoH.
Again, you should sniff on the actual traffic, not just your DNS. That's possible without running Wireshark on the device itself. "Easiest" solution is probably to use your PC as router. Or block all traffic to internet on UDP:53 and see if that fixes your issues.
Again, you should sniff on the actual traffic, not just your DNS. That's possible without running Wireshark on the device itself. "Easiest" solution is probably to use your PC as router. Or block all traffic to internet on UDP:53 and see if that fixes your issues.
#7
Questions & Answers / Re: Routing help - please!
Last post by raceybe - January 16, 2023, 08:46:36 AMare there any firewalls on the tunnel that might restrict traffic?
#8
Questions & Answers / Routing help - please!
Last post by rattila - January 16, 2023, 02:26:09 AMHi,
I setup a tunnel as I read. The tunnel up and running but IPv6 traffic doesn't work. :-(
My network:
My home network is connected to Tkom telco by ONT device.
The router is terminating the PPPoE connection on my OpenWRT router.
There is a global IPv6 address from the telco. It is just an IPv6 address not a prefix. (I'm not sure ...) I think it is working bacause if I use "ping -I pppoe-Tkom ipv6.google.com" ping is working. Without -I interface parameter no answer.
Of course 6in4-henet interface is up:
root@DHGLr:~# ifconfig
6in4-henet Link encap:IPv6-in-IPv4
inet6 addr: fe80::c0a8:140/64 Scope:Link
inet6 addr: <IPv6-my-tunnel-ed>::2/128 Scope:Global
UP POINTOPOINT RUNNING NOARP MTU:1280 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:4689 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:0 (0.0 B) TX bytes:375088 (366.2 KiB)
As you can see RX is 0!!! So no received packets! :-(
Here is my routing table:
root@DHGLr:~# route -n -A inet6
Kernel IPv6 routing table
Destination Next Hop Flags Metric Ref Use Iface
::/0 :: !n -1 1 2370941 lo
::/0 :: U 1024 0 0 6in4-henet
::/0 :: U 1024 4 4665 6in4-henet
<my-henet-tunnel-end>::2/128 :: Un 256 0 0 6in4-henet
<my-IPv6-subnet-from-henet-on-lan>::/64 :: U 1024 1 3 br-lan
<my-IPv6-subnet-from-henet-on-lan>::/64 :: !n 2147483647 0 0 lo
<my-IPv6-subnet-from-Tkom>::/64 :: UA 256 0 0 pppoe-Tkom
fd42:3214:9514:9000::/64 :: UA 256 0 0 br-lan
fd77:5451:2529::/64 :: U 1024 0 0 br-lan
fd77:5451:2529::/48 :: !n 2147483647 0 0 lo
fe80::/64 :: U 256 0 0 br-lan
fe80::/64 :: U 256 0 0 eth0
fe80::/64 :: U 256 0 0 ath0
fe80::/64 :: U 256 0 0 ath1
fe80::/64 :: Un 256 0 0 6in4-henet
fe80::/10 :: U 1 0 0 pppoe-Tkom
fe80::/10 :: U 256 0 0 pppoe-Tkom
::/0 fe80::e6c7:22ff:fe3a:9094 UGDA 1024 4 117 pppoe-Tkom
::/0 fe80::3ece:73ff:fe5a:c5c2 UGDA 1024 0 0 eth0
::/0 :: !n -1 1 2370941 lo
::1/128 :: Un 0 5 483 lo
<my-henet-tunnel-end>::2/128 :: Un 0 2 12 lo
<my-IPv6-subnet-from-henet-on-lan>::/128 :: Un 0 1 0 lo
<my-IPv6-subnet-from-henet-on-lan>::1/128 :: Un 0 5 1608 lo
<my-IPv6-subnet-from-Tkom>::/128 :: Un 0 1 0 lo
<my-Tkom-IPv6>/128 :: Un 0 5 28 lo
fd42:3214:9514:9000::/128 :: Un 0 1 0 lo
fd42:3214:9514:9000:9683:c4ff:fe1f:ac0/128 :: Un 0 1 0 lo
fd77:5451:2529::/128 :: Un 0 1 0 lo
fd77:5451:2529::1/128 :: Un 0 1 0 lo
fe80::/128 :: Un 0 1 0 lo
fe80::/128 :: Un 0 1 0 lo
fe80::/128 :: Un 0 1 0 lo
fe80::/128 :: Un 0 1 0 lo
fe80::/128 :: Un 0 1 0 lo
fe80::c0a8:140/128 :: Un 0 1 0 lo
fe80::9683:c4ff:fe1f:ac0/128 :: Un 0 1 0 lo
fe80::9683:c4ff:fe1f:ac1/128 :: Un 0 1 0 lo
fe80::9683:c4ff:fe1f:ac2/128 :: Un 0 1 0 lo
fe80::b1fd:1335:8f9b:b9e6/128 :: Un 0 1 0 lo
ff00::/8 :: U 256 4 15702 br-lan
ff00::/8 :: U 256 4 2309118 eth0
ff00::/8 :: U 256 0 0 ath0
ff00::/8 :: U 256 0 0 ath1
ff00::/8 :: U 256 0 0 6in4-henet
ff00::/8 :: U 256 1 1580 pppoe-Tkom
::/0 :: !n -1 1 2370941 lo
root@DHGLr:~#
I think as you can see I'm not an IPv6 expert - yet! :-) So please tell me exact ifconfig or route commands. I know those commands with IPv4 but not with IPv6!
Of course I can give more information if it needs.
And if you think about why I want to use HE.net TLB the answer is: my Telco filter out all IPv6 incoming traffic. So I can use IPv6 from my home network which is directed to the Net and it is filtered out from the Net so I can't reach my home devices or WEB/SSH server. :-(
BTW!
Maybe the ip6tables is wrong, too ...
Thank you for your help in advance!
TIA,
Ruzsi
I setup a tunnel as I read. The tunnel up and running but IPv6 traffic doesn't work. :-(
My network:
My home network is connected to Tkom telco by ONT device.
The router is terminating the PPPoE connection on my OpenWRT router.
There is a global IPv6 address from the telco. It is just an IPv6 address not a prefix. (I'm not sure ...) I think it is working bacause if I use "ping -I pppoe-Tkom ipv6.google.com" ping is working. Without -I interface parameter no answer.
Of course 6in4-henet interface is up:
root@DHGLr:~# ifconfig
6in4-henet Link encap:IPv6-in-IPv4
inet6 addr: fe80::c0a8:140/64 Scope:Link
inet6 addr: <IPv6-my-tunnel-ed>::2/128 Scope:Global
UP POINTOPOINT RUNNING NOARP MTU:1280 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:4689 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:0 (0.0 B) TX bytes:375088 (366.2 KiB)
As you can see RX is 0!!! So no received packets! :-(
Here is my routing table:
root@DHGLr:~# route -n -A inet6
Kernel IPv6 routing table
Destination Next Hop Flags Metric Ref Use Iface
::/0 :: !n -1 1 2370941 lo
::/0 :: U 1024 0 0 6in4-henet
::/0 :: U 1024 4 4665 6in4-henet
<my-henet-tunnel-end>::2/128 :: Un 256 0 0 6in4-henet
<my-IPv6-subnet-from-henet-on-lan>::/64 :: U 1024 1 3 br-lan
<my-IPv6-subnet-from-henet-on-lan>::/64 :: !n 2147483647 0 0 lo
<my-IPv6-subnet-from-Tkom>::/64 :: UA 256 0 0 pppoe-Tkom
fd42:3214:9514:9000::/64 :: UA 256 0 0 br-lan
fd77:5451:2529::/64 :: U 1024 0 0 br-lan
fd77:5451:2529::/48 :: !n 2147483647 0 0 lo
fe80::/64 :: U 256 0 0 br-lan
fe80::/64 :: U 256 0 0 eth0
fe80::/64 :: U 256 0 0 ath0
fe80::/64 :: U 256 0 0 ath1
fe80::/64 :: Un 256 0 0 6in4-henet
fe80::/10 :: U 1 0 0 pppoe-Tkom
fe80::/10 :: U 256 0 0 pppoe-Tkom
::/0 fe80::e6c7:22ff:fe3a:9094 UGDA 1024 4 117 pppoe-Tkom
::/0 fe80::3ece:73ff:fe5a:c5c2 UGDA 1024 0 0 eth0
::/0 :: !n -1 1 2370941 lo
::1/128 :: Un 0 5 483 lo
<my-henet-tunnel-end>::2/128 :: Un 0 2 12 lo
<my-IPv6-subnet-from-henet-on-lan>::/128 :: Un 0 1 0 lo
<my-IPv6-subnet-from-henet-on-lan>::1/128 :: Un 0 5 1608 lo
<my-IPv6-subnet-from-Tkom>::/128 :: Un 0 1 0 lo
<my-Tkom-IPv6>/128 :: Un 0 5 28 lo
fd42:3214:9514:9000::/128 :: Un 0 1 0 lo
fd42:3214:9514:9000:9683:c4ff:fe1f:ac0/128 :: Un 0 1 0 lo
fd77:5451:2529::/128 :: Un 0 1 0 lo
fd77:5451:2529::1/128 :: Un 0 1 0 lo
fe80::/128 :: Un 0 1 0 lo
fe80::/128 :: Un 0 1 0 lo
fe80::/128 :: Un 0 1 0 lo
fe80::/128 :: Un 0 1 0 lo
fe80::/128 :: Un 0 1 0 lo
fe80::c0a8:140/128 :: Un 0 1 0 lo
fe80::9683:c4ff:fe1f:ac0/128 :: Un 0 1 0 lo
fe80::9683:c4ff:fe1f:ac1/128 :: Un 0 1 0 lo
fe80::9683:c4ff:fe1f:ac2/128 :: Un 0 1 0 lo
fe80::b1fd:1335:8f9b:b9e6/128 :: Un 0 1 0 lo
ff00::/8 :: U 256 4 15702 br-lan
ff00::/8 :: U 256 4 2309118 eth0
ff00::/8 :: U 256 0 0 ath0
ff00::/8 :: U 256 0 0 ath1
ff00::/8 :: U 256 0 0 6in4-henet
ff00::/8 :: U 256 1 1580 pppoe-Tkom
::/0 :: !n -1 1 2370941 lo
root@DHGLr:~#
I think as you can see I'm not an IPv6 expert - yet! :-) So please tell me exact ifconfig or route commands. I know those commands with IPv4 but not with IPv6!
Of course I can give more information if it needs.
And if you think about why I want to use HE.net TLB the answer is: my Telco filter out all IPv6 incoming traffic. So I can use IPv6 from my home network which is directed to the Net and it is filtered out from the Net so I can't reach my home devices or WEB/SSH server. :-(
BTW!
Maybe the ip6tables is wrong, too ...
Thank you for your help in advance!
TIA,
Ruzsi
#9
IPv6 on Linux & BSD & Mac / Re: netplan with a dynamic loc...
Last post by elauriault - January 15, 2023, 10:27:03 AMHere is the netplan yaml I use for the he tunnel on 22.04:
network:
version: 2
renderer: networkd
tunnels:
he-ipv6:
addresses:
- "xxx/64"
mode: "sit"
local: "0.0.0.0"
remote: "yyy"
routes:
- to: ::/0
scope: link
network:
version: 2
renderer: networkd
tunnels:
he-ipv6:
addresses:
- "xxx/64"
mode: "sit"
local: "0.0.0.0"
remote: "yyy"
routes:
- to: ::/0
scope: link
#10
Questions & Answers / ongoing IPv6 Facebook/Meta net...
Last post by raceybe - January 15, 2023, 09:10:25 AMI seem to be experiencing the same issue that others see with Facebook regarding packet loss or failed connections. If I disable IPv6 my connection works great. With the tunnel, it works well in most places, but often fails with Facebook/Meta networks (including Instagram, etc.). Pages don't finish loading, multiple refreshes required, etc.
I have fibre over PPPoE and noticed the default MTU of 1480. Due to the PPPoE link, I figure it is logical to reduce the HE tunnel by 8 bytes to 1472. I have configured that, and further implemented clamping on my router at 1412 (1432 for IPv6, minus another 20 bytes).
Is there anything I'm doing wrong? The connection works well for the majority of situations. It's running on a Ubiquiti ER-X. I used the default configuration from the Tunnel Broker account, with the addition of setting the MTU to 1472.
I have fibre over PPPoE and noticed the default MTU of 1480. Due to the PPPoE link, I figure it is logical to reduce the HE tunnel by 8 bytes to 1472. I have configured that, and further implemented clamping on my router at 1412 (1432 for IPv6, minus another 20 bytes).
Is there anything I'm doing wrong? The connection works well for the majority of situations. It's running on a Ubiquiti ER-X. I used the default configuration from the Tunnel Broker account, with the addition of setting the MTU to 1472.