- Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.
News:
Welcome to Hurricane Electric's Tunnelbroker.net forums!
Recent posts
#1
Questions & Answers / Moved to AT&T Fiber, tunnel br...
Last post by BiloxiGeek - August 26, 2025, 09:18:00 AMRecently moved from a cable modem with a tunnel setup that was working to AT&T fiber and now I can't get the tunnel working. I've put the fiber modem (BGW320) into passthrough mode, disabled the IPv6 and it's firewall.
I got this set this up on a Netgate pfSense appliance (SG2100) and it was working just fine on the cable modem. I've poked around in the pfSense and I don't see anything that seems to be set differently now or needs to be set differently. Is there something about this fiber modem that will block a tunnel from working?
I got this set this up on a Netgate pfSense appliance (SG2100) and it was working just fine on the cable modem. I've poked around in the pfSense and I don't see anything that seems to be set differently now or needs to be set differently. Is there something about this fiber modem that will block a tunnel from working?
#2
Questions & Answers / Re: hongkong ipv6 tunnel serve...
Last post by binnychan - August 19, 2025, 01:28:55 AMJust found that it is online now.
Thanks for fixing.
Thanks for fixing.
#3
Questions & Answers / Alternate routes/BGP
Last post by vitaprimo - August 15, 2025, 04:25:26 PMWhile creating a remote gateway on a cloud provider I hadn't used in while, I got sidetracked reading about the services added since last time, specially this BGP service they offer; even if you don't have an ASN of your own, such as it is in the case of a Tunnelbroker range, they can assign a private ASN for you.
I don't know that much about BGP, as much as I try to learn, it fast puts me to sleep, literally. But as I understand provided I have somebody to peer with, I could in theory establish alternate routes than the sole tunnel pathway through which the address space is accessed, correct?
I have zero interest on doing that because the IPv6 space is more useful in my network than it is on a remote firewall that hosts nothing. But I'm still curious, if in the way I think it does, would it work?
One question I got burning in my head is that though they can assign a private ASN, that doesn't negate the fact that the IPv6 range still belongs to an ASN, which I don't have control of, right? As the owner of the range, can HE dictate if additional routes to its space are to be allowed?
Could you break it down in apples and oranges for me? How could alternate routes would, if they could, be established, that is.
Thanks!
I don't know that much about BGP, as much as I try to learn, it fast puts me to sleep, literally. But as I understand provided I have somebody to peer with, I could in theory establish alternate routes than the sole tunnel pathway through which the address space is accessed, correct?
I have zero interest on doing that because the IPv6 space is more useful in my network than it is on a remote firewall that hosts nothing. But I'm still curious, if in the way I think it does, would it work?
One question I got burning in my head is that though they can assign a private ASN, that doesn't negate the fact that the IPv6 range still belongs to an ASN, which I don't have control of, right? As the owner of the range, can HE dictate if additional routes to its space are to be allowed?
Could you break it down in apples and oranges for me? How could alternate routes would, if they could, be established, that is.
Thanks!
#4
Questions & Answers / Re: IPV6 tunnel and MTU issue ...
Last post by XQZR - August 09, 2025, 11:09:53 AMQuote from: moeller on August 02, 2025, 05:00:17 AMHopefully I get no large UDP packets.Don't worry, you usually won't receive oversized UDP packets.
1. Tunnel servers have a default MTU of 1480.
2. HTTP/3 (QUIC), as a common type of UDP traffic, performs PMTU probing. When it receives an ICMPv6 Packet Too Big message or detects packet loss, the HTTP/3 server will reduce the packet size.
#5
Questions & Answers / Re: hongkong ipv6 tunnel serve...
Last post by XQZR - August 05, 2025, 05:57:25 AMQuote from: greyhound on July 18, 2025, 07:02:07 AMNow the status shows tserv20.hkg1 is down, with reason "hardware failure, no ETR".Now 'Hardware failure, provisioning replacement. No ETR'
#6
Questions & Answers / Re: IPV6 tunnel and MTU issue ...
Last post by moeller - August 02, 2025, 05:00:17 AMHi XQZR
Yes setting the MSS lower works. Hopefully I get no large UDP packets.
Thank you
Markus
Yes setting the MSS lower works. Hopefully I get no large UDP packets.
Thank you
Markus
#7
Questions & Answers / Re: IPV6 tunnel and MTU issue ...
Last post by XQZR - August 01, 2025, 08:22:05 AM'he-ipv6' interface MTU 1480(def)
Use TCP MSS clamping on router
nftables:
Use TCP MSS clamping on router
nftables:
Code Select
chain forward {
type filter hook forward priority filter;
oifname he-ipv6 tcp flags syn tcp option maxseg size set rt mtu
}
#8
Questions & Answers / can i have more than 5 tunnels...
Last post by chandro - July 31, 2025, 02:41:33 PMhello i would like to know if there is an option to have more than 5 tunnels, even paying a little bit.
thanks
chandro
thanks
chandro
#9
Questions & Answers / Re: paris not routing IPv6?
Last post by lmamane - July 29, 2025, 12:44:10 PMIt turns out the tunnelserver works, only my tunnel is affected. The best guess is that something along the route must have started to block protocol 41 :-(
I need to migrate to another solution... Thanks for the stable service for a very long time now, and thanks all the fish!
I need to migrate to another solution... Thanks for the stable service for a very long time now, and thanks all the fish!
#10
Questions & Answers / Re: IPV6 tunnel and MTU issue ...
Last post by moeller - July 29, 2025, 04:12:20 AMLooking at my wireshark capture I am missing the ICMPv6 packet to big message from the HE tunnel endpoint. Can someone from HE confirm they get send ?
Thank you
Markus