No. I can see three routes to them (AS10310), one through NetAssist (AS29632) and two through HE (AS6939).

This could be an issue with PMTU discovery. Please check your MTU setting on both tunnel ends and if needed - lower it to match your physical interface MTU minus IPv4 header.

Are they using Cogent for transit?

I added Yahoo's IPv6 block to my firewall's IPv6 block list (used to block Netflix's networks so I can watch videos on Netflix) and it's working now.  There's an issue between HE and Yahoo that still needs to be resolved but this works in the meantime.

Yahoo's IPv6 network is 2001:4998::/32.

I'm running into the same problem.  If I take the IPv6 tunnel down I have no problems.

This only started recently.

You don't have DNS control of the tunnel /64, you do with the routed /64. So no, you cannot change the DNS for $TUNNEL::1 and $TUNNEL::2.

Hello,

just a simple question; when I'm using my own DNS servers with the tunnel,
I can enter a maximum of 5 DNS servers, ok;

with the tunnel I have a routed /64 prefix and another /64 prefix where only ::1 and ::2 are used - the tunnel itself;

when I do  "whois tunnel-prefix::1" there are also shown my DNS servers, can I follow, that
I can override the default DNS names e.g. tunnel123456.tunnel.tserv1.fra1.ipv6.he.net (the ::1) and tunnel123456-pt.tunnel.tserv1.fra1.ipv6.he.net (the ::2)?

Thanks in advance,
Walter H.

p.s. till now I only defined the rDNS zone of the routed prefix, not noted that also tunnel prefix shows my DNS servers;

mstorms, see the attachment below for the Netgear D6400 6rd tunnel values via Centurylink.com.  Also, you can find these values at the following uniform resource locator ( URL ): "https://www.centurylink.com/home/help/internet/modems-and-routers/advanced-setup/enable-ipv6.html.
These values may be difficult to determine at the above-given url, but the values are clear in the attachment included with this post ( a screen shot from my own Netgear D6400 router ).  This should enable you to successfully connect to "ipv6.google.com," for example. 

REWILLIS, I'm having the same issues with my D6400; what values did you use for DRD6 for CenturyLink?

For the past few weeks, I've been having trouble connecting to yahoo mail.   Does anyone know what could be the problem?

I try this with HE IPv6 tunnel.  Nothing happens except a timeout after five minutes.

Code: [Select]

$ curl --verbose --verbose https://mail.yahoo.com
* Rebuilt URL to: https://mail.yahoo.com/
*   Trying 2001:4998:1c:800::1000...
* TCP_NODELAY set
* Connected to mail.yahoo.com (2001:4998:1c:800::1000) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* Operation timed out after 300156 milliseconds with 0 out of 0 bytes received
* stopped the pause stream!
* Closing connection 0
curl: (28) Operation timed out after 300156 milliseconds with 0 out of 0 bytes received

whereas if I do:

Code: [Select]

$ curl --verbose --verbose -4 https://mail.yahoo.comthe response is instantaneous.

A plain http://mail.yahoo.com over IPv6 (port 80) forwards immediately to https://mail.yahoo.com (port 443) which times out.  So http to yahoo over IPv6 is good.

I can get to other IPv6 sites just fine, he.net, youtube, google... with and without https.  ipv6foo on my browser verifies IPv6 connection usage.  I'm filling out this form with https://forums.he.net (port 443) and the site is quite responsive.

I've reproduced this problem on Windows, RHEL and Ubuntu.

since about 1 hour the transfer rates went down to nearly zero;
restarting my endpoint ... didn't help;
what happened?
Thanks,
Walter