Hurricane Electric's IPv6 Tunnel Broker Forums

Please login or register.

Login with username, password and session length
Advanced search  

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Pages: [1] 2 3 ... 10
 1 
 on: May 23, 2017, 12:01:27 AM 
Started by gungthar - Last post by gungthar
>Create a file with the name listed below on the website you entered above.

What is this file that is being referenced on the enthusiast level test? Where can I find it?


 2 
 on: May 21, 2017, 08:17:33 PM 
Started by mizhou - Last post by mizhou
At first I configured my Mac with the settings as follows:
ifconfig gif0 create
ifconfig gif0 tunnel xx.yy.zz.qq 216.66.80.90
ifconfig gif0 inet6 2001:aaa:bbb:ccc::2 2001:aaa:bbb:ccc::1 prefixlen 128
route -n add -inet6 default 2001:aaa:bbb:ccc::1

where xx.yy.zz.qq is the IP I get from my ISP, and aaa:bbb:ccc is substitutes for the real parts of the IPv6 address in this example (not the IP adress I used to configure the Mac). Of course this was wrong, since I'm behind a router, but I was tired when I did this. I know it's a bad excuse, but that's the way it is.

I then set up my router (Apples Time Capsule) and the tunnel sees to be working. At least from my iPhone. The phone gets a public IPv6 address and it works, but on the Mac I only get a link-local address now. I have tried reversing the setup I did on the Mac, like "ifconfig gif0 destroy", and then setup from System Preferences and there I set it to Automatic, so that I use the prefix I get from the router, and then assign the lower 64 bits automatically on the Mac. The iPhone gets the prefix from the router, and I get a fullt working address there, but on the Mac this doesn't seem to work now.

I did something wrong when trying to revert the:
ifconfig gif0 create
ifconfig gif0 tunnel xx.yy.zz.qq 216.66.80.90
ifconfig gif0 inet6 2001:aaa:bbb:ccc::2 2001:aaa:bbb:ccc::1 prefixlen 128
route -n add -inet6 default 2001:aaa:bbb:ccc::1

So something is screwed up. I've tried to google for a good answer, but haven't found one.
I've also tried route -n delete -inet6 default 2001:aaa:bbb:ccc::1 and after that ifconfig gif0 destroy

And yes, I used sudo on all those command lines, since the higher privileges are needed to configure network interface settings.

This is what it looks like on en0:(which is the interface I want to setup for IPv6) on the Mac now:
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
   options=10b<RXCSUM,TXCSUM,VLAN_HWTAGGING,AV>
   ether a8:20:66:32:02:c4
   inet 10.0.64.2 netmask 0xffffff00 broadcast 10.0.64.255
   inet6 fe80::c7b:f438:d9ba:7c58%en0 prefixlen 64 secured scopeid 0x4
   nd6 options=201<PERFORMNUD,DAD>
   media: autoselect (1000baseT <full-duplex,flow-control>)
   status: active

en0 is my ethernet port. I have also tried on WiFi (en1:) but also in that one I only get a link-local IPv6
en1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
   ether 20:c9:d0:97:b4:33
   inet6 fe80::4fd:da9d:98bd:ff81%en1 prefixlen 64 secured scopeid 0x5
   inet 10.0.64.3 netmask 0xffffff00 broadcast 10.0.64.255
   nd6 options=201<PERFORMNUD,DAD>
   media: autoselect
   status: active

In System preferences->Network I have now set IPv6 to automatic, so I thought I should get IPv6 address from the router, like the iPhone gets one. The iPhone gets both a link-local and two global addresses within my /64 block. The Mac gets only the link-local, so I don't think there's any problem with the configuration on the Time Capsule. I think my initial configuration in the Terminal on the Mac screwed up something on the Mac.

 3 
 on: May 20, 2017, 07:05:47 AM 
Started by finalbeta - Last post by angel333
Here's my quick and dirty take on this - I needed to renew all my domains so I wrote a hook script certbot. Note that it takes a session ID instead of login details. You can obtain a session id from your browser (look for a cookie named CGISESSID). On the other hand, you don't have to fiddle with zone IDs, the script will figure them out.

Here's how you renew all domains:

Code: [Select]
HE_SESSID=<session_id> certbot renew --preferred-challenges dns --manual-auth-hook /path/to/the/certbot-he-hook.sh  --manual-public-ip-logging-ok

Validating a new domain works too:

Code: [Select]
HE_SESSID=<session_id> certbot certonly --manual -d <requested.domain.com> -m your@email.com --preferred-challenges dns --manual-auth-hook /path/to/certbot-he-hook.sh  --manual-public-ip-logging-ok

Here's the script:

Code: [Select]
#!/bin/bash

TLD=$(echo $CERTBOT_DOMAIN | grep -Eo '[a-z0-9]+$')
SLD=$(echo $CERTBOT_DOMAIN | grep -Eo '[a-z0-9]+\.[a-z0-9]+$' | grep -Eo '^[a-z0-9]+')
HE_ZONEID=$(curl --stderr - --cookie CGISESSID=$HE_SESSID https://dns.he.net/index.cgi \
  | grep -Eo "delete_dom.*name=\"$SLD\.$TLD\" value=\"[0-9]+" | grep -Eo "[0-9]+$")

curl --stderr - -o /dev/null --cookie CGISESSID=$HE_SESSID https://dns.he.net/index.cgi \
  -d "account=&menu=edit_zone&Type=TXT&hosted_dns_zoneid=$HE_ZONEID&hosted_dns_recordid=&hosted_dns_editzone=1&Priority=&Name=_acme-challenge.$CERTBOT_DOMAIN&Content=$CERTBOT_VALIDATION&TTL=300&hosted_dns_editrecord=Submit"

It's also on gist: https://gist.github.com/angel333/1aae17b1ea53a9cd538966979781d8aa

Certbot also supports a cleanup script (so you're not left with "_acme-challenge" records) but I haven't written one yet.

 4 
 on: May 18, 2017, 11:16:55 PM 
Started by d3x0r - Last post by snarked
The problem with Yahoo is Yahoo's fault.  The only "correction" that works with regard to Yahoo is the ipv4 only entry in the "hosts" file.  They should not have a working IPv6 DNS entry if their web server won't accept the connection, yet they do.

I don't use the rt.com site, so I can't offer any suggestions regarding it.

 5 
 on: May 18, 2017, 02:25:06 PM 
Started by d3x0r - Last post by d3x0r
mail.yahoo.com
www.rt.com

Chrome doesn't allow disabling ipv6 (though I guess I can disable it in network adapter)...
a lot of IPv6 adresses do work, and the two sites above it attempts a connection and sends a few packets back and forth, (I do receive also) but it does not complete the connection.
in the case of RT.com I tried accessing through a proxy site and it was able to load; but I am unable to connect from my network...


 6 
 on: May 18, 2017, 12:00:29 PM 
Started by maleks - Last post by artturnip
I would also love to see support for DNS CAA records using Hurrican Electric DNS!

 7 
 on: May 16, 2017, 05:54:43 AM 
Started by pkruesi - Last post by pkruesi
Not at this time. Not certain if there will be a time.

 :( - I like the dns.he.net... but now I have to search an other one :(

 8 
 on: May 15, 2017, 03:06:01 AM 
Started by pkruesi - Last post by broquea
Not at this time. Not certain if there will be a time.

 9 
 on: May 15, 2017, 12:09:02 AM 
Started by - Last post by
got a Airport Time Capsule, software version:7.7.8
I follow the instruction, but IPv6 tunnel not working, how can I properly config it?

also how can I make airport automatically update my ip to he or a ddns


 10 
 on: May 14, 2017, 10:18:03 PM 
Started by pkruesi - Last post by pkruesi
Hi borquea

We're not fans of numeric-only domains due to the huge loads of abuse they have generated in the past, so they aren't allowed anymore.

Thanks for your answer. I understand your answer and the decision, but Is it possible to get en exception for my domain 1102.ch. Please.

Pirmin

Pages: [1] 2 3 ... 10