Recent posts

#1

Questions & Answers / Timeout and poor ping time to ...

Last post by jlde - September 11, 2023, 08:31:14 AM

Hello,
I use the tunnel broker service for a 6in4 tunnel. It's a great service which works very well. But now I get al lot of timeouts during my work over IPv6. The IPv4 connection to the tunnel server shows altough timeouts and poor ping times to the location in Frankfurt. Are there any known issues regarding the location? Any others having trouble with the Frankfurt node?

Here is a ping output:

Ping statistics for 216.66.80.30:
    Packets: Sent = 100, Received = 89, Lost = 11 (11% loss),
Approximate round trip times in milli-seconds:
    Minimum = 7ms, Maximum = 226ms, Average = 27ms

And here a traceroute output:
Tracing route to tserv1.fra1.he.net [216.66.80.30]
over a maximum of 30 hops:

  1     1 ms     1 ms     1 ms  192.168.101.1
  2     2 ms     2 ms     2 ms  192.168.2.1
  3     *        *        *     Request timed out.
  4     7 ms     6 ms     6 ms  88.79.8.22
  5     7 ms     7 ms     7 ms  188.111.161.8
  6     *        *        *     Request timed out.
  7     8 ms     8 ms    38 ms  port-channel16.core2.fra1.he.net [184.104.231.45]
  8    80 ms     *        8 ms  port-channel16.core2.fra1.he.net [184.104.231.45]
  9     7 ms     7 ms     7 ms  tserv1.fra1.he.net [216.66.80.30]


Best regards Jörg

#2

Questions & Answers / Re: Packet loss e0-30.core2.lo...

Last post by lewislfoster - September 08, 2023, 01:35:36 PM

For the past few months ive been seeing consistent 5-10% packet loss to e0-19.core2.lon2.he.net both through tunnel broker and native IPv6 from linode. Before i tried to ping from linode i thought it might have been something to do with virgin media but it appears to not be

#3

Questions & Answers / Re: Google forcing ReCAPTCHA o...

Last post by Jenick - September 08, 2023, 12:10:58 PM

If it helps, HE.net support told me to change my LAN side networks to my /48 routed, not the /64 default they hand you when you first created your tunnel.  However, if you're running pfSense and pfBlockerNG you can give this a try... https://github.com/pahtzo/hurricane-tunnel-dohdot The main issue I believe is chromium based browsers have their own built-in DNS client which automatically goes for DOH-DOT by default and maybe not even against your system based DNS servers.  I've disabled my pfBlockerNG no-AAAA for google.com and www.google.com but retained my Windows 10 registry settings to disable the built-in DOH-DOT in Brave, Chrome, and Edge.  Still working just fine.

#4

Questions & Answers / Re: Google forcing ReCAPTCHA o...

Last post by supergvozd - September 08, 2023, 05:08:20 AM

#metoo again - and yeah, the IPv6 no-AAAA hack still works.

More details please

#5

Questions & Answers / Re: Google forcing ReCAPTCHA o...

Last post by doktornotor - September 08, 2023, 01:03:18 AM

#metoo again - and yeah, the IPv6 no-AAAA hack still works.

Sigh.

#6

Questions & Answers / Re: Google forcing ReCAPTCHA o...

Last post by papamidnight - September 07, 2023, 11:03:18 AM

Google is not prepared for ipv6.
They censor.

Considering that Google is likely the largest provider that actually supports IPv6 (as Amazon AWS doesn't even fully support it yet across all of their services), this is a patently false statement. Also, "they censor" does not mean what you seem to think it means here.

The problem, as far as things seem to go, is that malicious actors are making use of HE's tunnelbroker service, and Google's viewpoint is likely that it's easier to tarpit (by way of reCAPTCHA, in this case) 2001:470::/32 than to play whack-a-mole.

It's in no way dissimilar to how practically every known Tor exit node is also similarly hit with a tarpit, if not outright blocked by some services - in order to block bad actors. That's not censorship, that's network management.

With respect to persons abusing HE.net's IPv6 TunnelBroker service, this is an issue that HE.net needs to resolve. The problem is that their absolute silence on this forum for months has been deafening; and if their interactions - or rather lack thereof - on this board given that this thread alone has been going since May are any indication of the response they've probably given to Google, then it is no wonder that Google took such an action. We all get to feel the ramifications of that.

Side note, for anyone running their own DNS, or who wants to disable IPv6 to Google, either of these two comments will help:

* https://forums.he.net/index.php?msg=23250
* https://forums.he.net/index.php?msg=23251

#7

Questions & Answers / Re: Google forcing ReCAPTCHA o...

Last post by Pentium4User - September 06, 2023, 08:28:38 AM

Google is not prepared for ipv6.
They censor.

They simply block huge ranges of addresses they don't like - without a reason.
I switched to another search engine - not only because of that.
Other Google Services seem to work.

#8

Questions & Answers / Re: Google forcing ReCAPTCHA o...

Last post by michielbruijn - September 06, 2023, 08:18:03 AM

I have to #metoo this.
I tried amsterdam and london tunnel servers. Both give me google captcha.
Google is not prepared for ipv6.
They censor.

#9

Questions & Answers / Re: Google forcing ReCAPTCHA o...

Last post by supergvozd - September 06, 2023, 01:42:21 AM

Опять началось. школьные автобусы, велосипеды и пешеходные переходы

#10

Questions & Answers / Re: Google forcing ReCAPTCHA o...

Last post by mweustink - September 06, 2023, 01:29:53 AM

Indeed, got my first captcha again this morning :(