Recent posts

#1

Questions & Answers / Re: fra1 down?

Last post by jue - March 22, 2025, 06:08:05 AM

I reached out to ipv6@he.net and my ISP (server4you).

It looks like packets are dropped within my ISPs infrastructure.

#2

Questions & Answers / fra1 down?

Last post by jue - March 19, 2025, 11:01:27 AM

My tunnel to fra1 stopped working. (Tunnel ID: 381699)

I checked my configuration and it looks fine and hasn't been modified recently. I see packets outgoing to 216.66.80.30, but I'm not receiving any packets from that endpoint. Also using the IPv6 Portscan tool scanning my IPv6 endpoint doesn't show any packets coming from 216.66.80.30.

Is anyone else experiencing issues?

#3

IPv6 on Windows / Re: What if I wanna delete the...

Last post by seeno - March 13, 2025, 02:42:58 PM

Thanks

#4

General Discussion / Re: Sage T-Shirt

Last post by loompek - March 05, 2025, 11:45:37 AM

I just watched the LAN Rangers YouTube channel and noticed the shirt. I've had my Sage certification for about 15 years now, but sadly, the t-shirt I had wore out last year. I really miss it, as it was great quality. Any chance HE would be willing to send an extra one? A size M or L would be much appreciated.

#5

IPv6 Basics & Questions & General Chatter / Re: hosts getting IPv6 via DHC...

Last post by pmf026 - March 01, 2025, 10:39:26 AM

2001:db8:1::/48 that's like 65535 /64 networks...

range6 2001:db8:1:7fff:0:0:0:0 2001:db8:1:7fff:ffff:ffff:ffff:ffff;

you don't have to define absolute network boundaries anymore, it's not v4, just take the range that you gonna be working with, but first you need to delegate prefix inside that subnet6 /48 statement, any number in quad 4 is a network, so, first you trim that number to whatever you need.. so for example, 16 networks would make it /60

I'll try to explain it as simply as I can.

Code Select Expand

subnet6 2001:db8:1::/48 {
       prefix6 2001:db8:1:000[0]:: 2001:db8:1:000[f]::/60; # I put network range here in brackets
        range6 2001:db8:1:000[0]:: 2001:db8:1:000[f]::; # nice starting range for the routers yeah

# don't have routers? no problem, you can skip network division by commenting out two lines above and jump
# straight to address-space by delegating # /64 instead, you'd still need to pick network for that space.

# Understand the address-range you working with here:
# let's say you picked network "f",

        prefix6 2001:db8:1:000[f]::0 2001:db8:1:000[f]:ffff:ffff:ffff:ffff/64; # that'd be one
                                                    # [       /64         ]    # /64 of the 000f/60 network
                                              #[          /48             ]    # ..or one of 65535 in /48
         range6 2001:db8:1:000f::a8:[0000] 2001:db8:1:000f::a8:[ffff]; # you can narrow it down further
                                                              #[/112]  # for convenience (/112 in this example,
                                                                       # or 65535 addresses)
                                                             
};

I think that's about right.

Take your time to plan your future network structure, because once you picked the network (quad 4) - you have to commit to that prefix for at least a year. got 7fff by accident? :7fff: it is...
by the way, 2001:db8:: is used for documentation only)

Anyways I hope it helps.

#6

Questions & Answers / Re: Feature request: Add rate ...

Last post by pmf026 - February 28, 2025, 11:03:48 PM

I think it's something you should do yourself. Treat "he-ipv6" (or whatever name you assigned for it) like another external wan interface. Need rate-limit? Set it up, I mean it's not ISP's responsibility and if your router can't handle it, invest in more powerful router maybe?

#7

Questions & Answers / Re: strange spam of wpad queri...

Last post by pmf026 - February 25, 2025, 04:02:26 PM

It was my Win10 machine to blame after all and its MSFTNetworkConnectivityServiceIndicator.
I'd never figure it out if my link-local address wasn't logged just in time.

Code Select Expand

26-Feb-2025 02:20:16.332 security: info: client @0x7fb5c854e2c0 fe80::d3af:9874:b7bb:2fd7%2#59703 (wpad.lan.kaillera.ru): query 'wpad.lan.kaillera.ru/A/IN' denied
26-Feb-2025 02:20:16.500 security: info: client @0x7fb5b0490a60 fe80::d3af:9874:b7bb:2fd7%2#54335 (dns.msftncsi.com): query (cache) 'dns.msftncsi.com/A/IN' denied
26-Feb-2025 02:20:56.911 security: info: client @0x7fb5c457aaf0 2001:470:0:11e::2#23632 (wpad.lan.kaillera.ru): query 'wpad.lan.kaillera.ru/A/IN' denied


#8

General Questions & Suggestions / Re: Zone limits was changed?

Last post by blade5502 - February 25, 2025, 06:42:04 AM

Got the same issue
Relog didn't solve it for me

#9

Questions & Answers / strange spam of wpad queries ....

Last post by pmf026 - February 24, 2025, 03:40:00 AM

Legend:

216.66.80.90 / 2001:470:27:3be::1 = my tunnel endpoint
2001:470:0:11e::2 = tserv1.sto1.he.net.
2001:470:27:3be::2 my server that being queried for 'wpad' record.
lan.kaillera.ru. is my local network zone (v4+v6)

Question: What might be the cause of this? I mean, everything works fine on my end, and yet there are tons of these in my logs...

Code Select Expand

24-Feb-2025 08:58:39.686 security: info: client @0x7f11bc4d7670 2001:470:0:11e::2#25167 (wpad.lan.kaillera.ru): query 'wpad.lan.kaillera.ru/A/IN' denied
24-Feb-2025 08:58:39.690 security: info: client @0x7f11c853f7d0 216.66.80.90#23548 (wpad.lan.kaillera.ru): query 'wpad.lan.kaillera.ru/AAAA/IN' denied
24-Feb-2025 08:58:39.706 security: info: client @0x7f11c854b740 2001:470:0:11e::2#28185 (wpad.lan.kaillera.ru): query 'wpad.lan.kaillera.ru/A/IN' denied
24-Feb-2025 08:58:39.706 security: info: client @0x7f11cc65a2b0 2001:470:0:11e::2#61861 (wpad.lan.kaillera.ru): query 'wpad.lan.kaillera.ru/AAAA/IN' denied
24-Feb-2025 08:58:39.726 security: info: client @0x7f11bc56ee10 2001:470:0:11e::2#52237 (wpad.lan.kaillera.ru): query 'wpad.lan.kaillera.ru/A/IN' denied
24-Feb-2025 08:58:39.726 security: info: client @0x7f11c44f6c20 2001:470:0:11e::2#17834 (wpad.lan.kaillera.ru): query 'wpad.lan.kaillera.ru/AAAA/IN' denied
24-Feb-2025 09:21:45.448 security: info: client @0x7f11c854ed90 2001:470:0:11e::2#5745 (wpad.lan.kaillera.ru): query 'wpad.lan.kaillera.ru/AAAA/IN' denied
24-Feb-2025 09:21:45.456 security: info: client @0x7f11c853f7d0 216.66.80.90#50366 (wpad.lan.kaillera.ru): query 'wpad.lan.kaillera.ru/A/IN' denied
24-Feb-2025 09:21:45.468 security: info: client @0x7f11cc681580 2001:470:0:11e::2#34186 (wpad.lan.kaillera.ru): query 'wpad.lan.kaillera.ru/AAAA/IN' denied
24-Feb-2025 09:21:45.476 security: info: client @0x7f11c854ed90 2001:470:0:11e::2#11063 (wpad.lan.kaillera.ru): query 'wpad.lan.kaillera.ru/A/IN' denied
24-Feb-2025 09:21:45.484 security: info: client @0x7f11bc4f9e10 2001:470:0:11e::2#17678 (wpad.lan.kaillera.ru): query 'wpad.lan.kaillera.ru/AAAA/IN' denied
24-Feb-2025 09:21:45.492 security: info: client @0x7f11c4537930 2001:470:0:11e::2#40996 (wpad.lan.kaillera.ru): query 'wpad.lan.kaillera.ru/A/IN' denied
24-Feb-2025 09:21:45.504 security: info: client @0x7f11c853f7d0 216.66.80.90#39871 (wpad.lan.kaillera.ru): query 'wpad.lan.kaillera.ru/AAAA/IN' denied
24-Feb-2025 09:21:45.512 security: info: client @0x7f11bc4f9e10 2001:470:0:11e::2#53345 (wpad.lan.kaillera.ru): query 'wpad.lan.kaillera.ru/A/IN' denied


#10

Questions & Answers / Re: I'm getting a HTTP 500 err...

Last post by gnarlymarley - February 22, 2025, 09:00:21 AM

Could be a temporary issue with your tunnel end point.  Seems to work for me with creating and updating my tunnels.  You might want to try another end point.