Hurricane Electric's IPv6 Tunnel Broker Forums

Please login or register.

Login with username, password and session length
Advanced search  

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Pages: 1 [2] 3 4 ... 10
 11 
 on: April 20, 2017, 05:40:53 AM 
Started by KNBu5ZMdbR - Last post by cholzhauer
What if you temporarily turned off IPTables?

 12 
 on: April 19, 2017, 08:34:57 PM 
Started by KNBu5ZMdbR - Last post by KNBu5ZMdbR
I upgraded my Ubuntu 16.10 server to 17.02 and now it won't route IPv6.   Does anyone know if there's a setting that I should tweak to get things going again?

The server has been running and regularly upgraded for several years.  It's configured per the Debian/Ubuntu sample configuration in the Tunnel Details page.  I'm also running with just ACCEPT in ip6tables, no rules to discard packets.

When I ping the Server IPv6 Address (from the Tunnel Details page) I get
> icmp_seq=1 Destination unreachable: Address unreachable

I can ping the Client (local) IPv6 Address and also hosts local to my network.   For some reason, packets don't seem to be leaving my server over the tunnel.

The routing table ("route -n -6") looks good and

> net.ipv6.conf.all.forwarding=1

is set in /etc/sysctl.conf.

Any ideas?

 13 
 on: April 19, 2017, 02:47:15 AM 
Started by maleks - Last post by lasaine
Having a valid CAA record becomes mandatory in order to get a TLS certificate:
https://cabforum.org/2017/03/08/ballot-187-make-caa-checking-mandatory/

So I'd say it's time to reconsider the priority of adding this feature.

 14 
 on: April 18, 2017, 09:36:17 PM 
Started by maleks - Last post by universite
Vote yes +

 15 
 on: April 18, 2017, 12:10:59 PM 
Started by cholzhauer - Last post by cholzhauer
Is anyone else having issues with the Chicago tunnel being very slow today? (4/18/17)

 16 
 on: April 18, 2017, 10:05:45 AM 
Started by edoardocolombo99 - Last post by edoardocolombo99
Thanks for the reply, but still not working :(

https://gyazo.com/33c7c0921497d62000de3427d806f447

 17 
 on: April 18, 2017, 09:05:08 AM 
Started by pimzand - Last post by pimzand
Regardless whether I monitor the IPv4-only ethernet interface or the IPv6 sit interface in Wireshark, I always get to see the traffic as IPv6.

How can I see the actual IPv4 proto 41 packets?

Thanks,
Pim

 18 
 on: April 18, 2017, 08:54:12 AM 
Started by pimzand - Last post by pimzand
Since a week or so I am seeing large http up/downloads completely stalling.
The faster the connection, the longer it apears to take to hang.
In testing between our colocation server (with native IPv6) and our tunneled site, it takes some 30GB for a 100GB http download before it hangs.
rsync over ssh hangs almost immediately.

I downgraded the MTU to 1280 at both sides, but it makes no difference.

The problem does not appear to be with HE, because I am seeing the exact same thing in a private 6in4 tunnel between this colocation server's IPv4 address and our IPv4 endpoint. So somehow, our ISP must be doing something wrong.

How can I test what my ISP is doing wrong? I don't see any MTU issues when I run tracepath over the IPv4 route to the HE endpoint:

$ tracepath 216.66.84.46
 1?: [LOCALHOST]     pmtu 1500
 1:  wisper-gw.macroscoop.nl (85.146.253.158)               0.775ms
 1:  wisper-gw.macroscoop.nl (85.146.253.158)               0.707ms
 2:  static-51-197-117-93.thenetworkfactory.nl (93.117.197.51)   0.325ms
 3:  10.99.9.41 (10.99.9.41)                                4.244ms
 4:  80.112.229.249 (80.112.229.249)                        5.437ms
 5:  30gigabitethernet1-3.core1.ams1.he.net (80.249.209.150)   5.338ms
 6:  tserv1.ams1.he.net (216.66.84.46)                      5.221ms reached
     Resume: pmtu 1500 hops 6 back 6


What does strike odd is the private IPv4 address in the route. Could that be it?

 19 
 on: April 18, 2017, 06:58:25 AM 
Started by sonbolHol - Last post by sonbolHol
hi and thak you for reply

i modify some thinks

#####################################################################
# user configurable section                                         #
#####################################################################

my %config = (
   # local interface Config

   'autodev'      => 1,      # automatic interface/ip detection (if you are dialup user only)
   'extdev'       => 'eth',   # the one with your dynamic ip (if autodev answered 1 only put ppp or eth)
                  # if you leave at eth, first found eth that is up will be detected
   'tnldev0'       => 'sit0',   # (leave blank if answered 1 in autodev)
   'tnldev1'       => 'sit1',   # (leave blank if answered 1 in autodev)
   'behindnat'      => 0,      # use external site to get ip, use if behind NAT firewall
   'autonat'      => 1,      # don't change this (leave at 1). this is used to determine your ip if autodetection fails
                  # change only if your ISP forces you to use nat and they route IPv6 traffic to you
   'staticip'      => '',      # leave blank if you dont have a static ip.
                  # this option will override auto-detected ip's
   # tunnelbroker config

   'username'      => 'dd',   # tunnelbroker username
   'clearpassword'      => 'dd',   # can use, but rather use password
   'password'      => '',      # make this with: echo -n <password> | openssl md5
   'tunnelid'      => 1234,   # the tunnel id to configure, get this from the tunnel details page url
   'updatens'      => 0,      # do you want to update your name severs
   'ns1'         => '',      # name severs for the allocated prefixes
   'ns2'         => '',
   'ns3'         => '',

   # misc config

   'verbose'      => 1,      # lots of messages
   'trycount'      => 3,      # how many times it will try and set the endpoint if the server complains it's unstable
   'proxy'         => '',      # use if nessary 'cache.server:3128', behindnat never uses this proxy
   'config_int'      => 0,      # use to configure the interfaces
   'loadmod'      => 0,      # use to force load the ipv6 module

   # these get filled in by the script, from what the server tells us

   'os'         => '',      # Linux, FreeBSD
   'remote'      => '',      # remote ipv4 of the broker
   'local'         => '',      # local ipv4 - where the broker thinks we are
   'remote-ipv6'      => '',      # remote ipv6 of the broker's tunnel
   'local-ipv6'      => '',      # local ipv6 of the broker's tunnel
   'routed-48'       => '',      # your assigned /48 prefix
   'routed-64'       => '',      # your assigned /48 prefix
   'rdns1'       => '',      # reverse name server #1
   'rdns2'       => '',      # reverse name server #2
   'rdns3'       => '',      # reverse name server #3

   ''=>'');

 20 
 on: April 17, 2017, 07:22:44 AM 
Started by majortom - Last post by majortom
Is the MTU the same?  You're not using the same tunnel on your Mac as you are FreeBSD, right?

Different tunnels on both boxes, but even if they were the same, that would just prevent them from working, but I should still be able to ping6 the local end of the tunnel.

Pages: 1 [2] 3 4 ... 10