- Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.
News:
Welcome to Hurricane Electric's Tunnelbroker.net forums!
Recent posts
#1
General Questions & Suggestions / SOA EXPIRE number is: 3600000....
Last post by dizik - February 26, 2026, 07:22:31 AMHello.
I checked my domain with Google: https://intodns.com/ and the check showed two warnings.
1. SOA EXPIRE. Your SOA EXPIRE number is: 3600000. That's NOT OK.
2. SOA MINIMUM TTL. Your SOA MINIMUM TTL value is: 172800. This value seems a bit high. You should consider decreasing this value to about 1-3 hours, as recommended by RFC2308. This value was used as a default TTL for records without a given TTL value and is now used for negative caching (indicates how long a resolver may cache the negative answer). RFC2308 recommends a value of 1-3 hours.
I can't fix these warnings. This is an automatically created record. What can I do? Just accept it? Or will you fix them according to RFC2308 recommendations?
I checked my domain with Google: https://intodns.com/ and the check showed two warnings.
1. SOA EXPIRE. Your SOA EXPIRE number is: 3600000. That's NOT OK.
2. SOA MINIMUM TTL. Your SOA MINIMUM TTL value is: 172800. This value seems a bit high. You should consider decreasing this value to about 1-3 hours, as recommended by RFC2308. This value was used as a default TTL for records without a given TTL value and is now used for negative caching (indicates how long a resolver may cache the negative answer). RFC2308 recommends a value of 1-3 hours.
I can't fix these warnings. This is an automatically created record. What can I do? Just accept it? Or will you fix them according to RFC2308 recommendations?
#2
IPv6 on Windows / Re: unreachable from outside
Last post by cnsh - February 24, 2026, 02:59:22 AMLittle update.
I knocked all firewalls down and then the port was reachable. (IPv4 host is reachable even when the firewall is up)
Wondering where I can make IPv6 firewall rules follow the ones of IPv4.
+ The IPv6 and Neighborhood Discovery Core Networking in advanced firewall is also enabled.
I knocked all firewalls down and then the port was reachable. (IPv4 host is reachable even when the firewall is up)
Wondering where I can make IPv6 firewall rules follow the ones of IPv4.
+ The IPv6 and Neighborhood Discovery Core Networking in advanced firewall is also enabled.
#3
IPv6 on Windows / unreachable from outside
Last post by cnsh - February 24, 2026, 02:52:33 AMI have set up an IPv6 tunnel, but cannot ping from outside, and cannot access open ports from outside.
Both ping and port scan works over IPv4, but IPv6 doesn't.
I'm using Frankfurt endpoint.
It's not my ISP's issue as they themselves have IPv6 services.
Both ping and port scan works over IPv4, but IPv6 doesn't.
I'm using Frankfurt endpoint.
It's not my ISP's issue as they themselves have IPv6 services.
#4
General Questions & Suggestions / Does not work site dns.he.net
Last post by worknd - February 02, 2026, 01:18:46 AMI can not get access to site dns.he.net
#5
Questions & Answers / Re: rwhois.he.net:4321 is down...
Last post by idealneck - January 29, 2026, 10:25:32 AMCloudflare does the following for their WARP service:
Code Select
$ whois 104.16.0.0
% IANA WHOIS server
% for more information on IANA, visit http://www.iana.org
% This query returned 1 object
refer: whois.arin.net
inetnum: 104.0.0.0 - 104.255.255.255
organisation: ARIN
status: ALLOCATED
whois: whois.arin.net
changed: 2011-02
source: IANA
# whois.arin.net
NetRange: 104.16.0.0 - 104.31.255.255
CIDR: 104.16.0.0/12
NetName: CLOUDFLARENET
NetHandle: NET-104-16-0-0-1
Parent: NET104 (NET-104-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Cloudflare, Inc. (CLOUD14)
RegDate: 2014-03-28
Updated: 2024-09-04
Comment: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
Comment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
Ref: https://rdap.arin.net/registry/ip/104.16.0.0
QuoteComment: Geofeed: https://api.cloudflare.com/local-ip-ranges.csv
#6
Questions & Answers / Re: rwhois.he.net:4321 is down...
Last post by idealneck - January 29, 2026, 10:18:26 AMI thought the whois referral might have a link to https://tunnelbroker.net/export/google.
I asked a geoip provider (forgot which, I had submitted to various different geoip providers asking for my geolocation to be updated; most have done so at this point) to fetch https://tunnelbroker.net/export/google but one of them stated that it had to be linked to in the whois data before they would trust it.
I asked a geoip provider (forgot which, I had submitted to various different geoip providers asking for my geolocation to be updated; most have done so at this point) to fetch https://tunnelbroker.net/export/google but one of them stated that it had to be linked to in the whois data before they would trust it.
#7
Questions & Answers / Re: rwhois.he.net:4321 is down...
Last post by snarked - January 26, 2026, 02:26:09 AMWhat makes you think that most geoip databases follow the whois referral or RFC 8805 data to begin with? Some only list the info from the RIRs in their address allocation databases. All of this is up to each geoip feeds' discretion.
As long as your own info is correct in each publishing of the above original sources, you have done all that you can do.
As long as your own info is correct in each publishing of the above original sources, you have done all that you can do.
#8
Questions & Answers / rwhois.he.net:4321 is down; co...
Last post by idealneck - January 22, 2026, 01:42:58 AMThe geoip for my address range is out of date in most geoip database for a week now and I'm wondering if the cause is that the whois server isn't responding. It is actually correct at https://tunnelbroker.net/export/google
I am not exactly sure how geofeeds work but my understanding is that the whois server would reference the geofeed URL in the whois and geoip providers end up ingesting that. I am thinking that the whois being down means they are no longer checking that geofeed.
rwhois.he.net:4321 is specifically down, the web interface is https://rwhois.he.net up but the whois server itself gets a connection refused response.
I am not exactly sure how geofeeds work but my understanding is that the whois server would reference the geofeed URL in the whois and geoip providers end up ingesting that. I am thinking that the whois being down means they are no longer checking that geofeed.
rwhois.he.net:4321 is specifically down, the web interface is https://rwhois.he.net up but the whois server itself gets a connection refused response.
#9
Questions & Answers / Re: Move tunnel to another com...
Last post by evantkh - January 16, 2026, 07:32:25 AMQuote from: Parodper on January 15, 2026, 06:20:55 AMSo uh, I didn't do anything, and now it works? Sorry for the noise.
@evantkh, thanks for the tip, although I didn't get to try it.
Looks like you need to wait for NAT mapping expiration (for protocol 41) before you can use on another computer.
#10
Questions & Answers / Re: Move tunnel to another com...
Last post by Parodper - January 15, 2026, 06:20:55 AMSo uh, I didn't do anything, and now it works? Sorry for the noise.
@evantkh, thanks for the tip, although I didn't get to try it.
@evantkh, thanks for the tip, although I didn't get to try it.