Hurricane Electric's IPv6 Tunnel Broker Forums

Advanced search  

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Pages: 1 [2] 3 4 ... 10
 11 
 on: May 20, 2020, 07:21:04 AM 
Started by taylorcs89 - Last post by passport123
I'm not sure the reason behind your need, however, I did have a similar need, i.e., I did not want random hosts/scanners connecting to the hidden master.

I resolved that need by configuring the firewall on the hidden master to allow inbound connections only from the HE secondary servers, 216.218.133.2 and 2001:470:600::2.  Outbound connections to any IP were already allowed.

That's been working fine for me.


 12 
 on: May 19, 2020, 05:25:01 PM 
Started by miloszgancarz - Last post by YASSKYLIGHT
I used MailEnable. Standard Edition is free (for comercial too). Easy setup, small resources. IIS only for WebMail, and not obligated.
For labs is very good, you could get mail and web site in one flacon.
For Windows only.

 13 
 on: May 19, 2020, 04:58:40 PM 
Started by taylorcs89 - Last post by taylorcs89
I have a hidden master server, using dns.he.net to slave to it.  However it only accepts default port of 53.  Is there a way to use a non standard port?

 14 
 on: May 19, 2020, 03:24:38 PM 
Started by AnimaNera - Last post by tjeske
I think you can just use your gmail address.

 15 
 on: May 08, 2020, 11:09:09 AM 
Started by AnimaNera - Last post by AnimaNera
hi, I would like to create an ipv6 email to get the certificate, so as to unlock the irc ports.
my requirements:

1) I have a site hosted on altervista (free)

2) vps with debian operating system

3) alias email of altervista, email
with gmail, email with hotmail

Can I get an ipv6 email with these requirements for free? if the answer is yes, what can i do? please explain to me step by step thanks

 16 
 on: May 08, 2020, 10:46:28 AM 
Started by Nomadadon - Last post by Nomadadon
I've got traffic flowing across it almost constantly though.

 17 
 on: May 08, 2020, 05:59:03 AM 
Started by Nomadadon - Last post by cholzhauer
It does sound as if keep-alive is being blocked somehow.  I haven't seen a post of this type on here in a few years, but the solution then was just to create a cron job to run ping every so often. 

 18 
 on: May 07, 2020, 04:13:22 PM 
Started by GustavoFernandes - Last post by GustavoFernandes
Hi everyone

is it possible to create an tunnel server in brazil?

although the adoption of ipv6 in Brazil is at a better level than in other countries in several smaller suppliers like the one I use, IPV6 is not yet supported

I have a tunnel created in the United States and the smallest ping I can get is 120 to 140 ms, which greatly affects navigation.

The only server in South America in Colombia returns ping between 197 and 400ms which is unusable

 19 
 on: May 07, 2020, 12:28:24 PM 
Started by Nomadadon - Last post by Nomadadon

I've had my tunnel up for a good while, but sometime in the last few months, I don't know when it started happening, but after my firewall as been up for a week, give or take 3 days, it's random, it will just stop passing traffic.

Interface is up, routes are up, I can ping the remote IPv4 and the local IPv6, but 100% packet loss over the IPv6.  No changes to the firewall rules ( iptables ) or any config, it just starts dropping all packets.  As if I'm blocking a keepalive protocol I can't find docs on.  If I reboot my linux box, traffic resumes without issue.  If I down the interface and restart IPTables, no go, still dead.
 
Here's my config:

iface he-ipv6 inet6 v4tunnel
    # Bring up the actual tunnel
    address 2001:470:39:57c::2
    netmask 64
    endpoint 184.105.250.46
    #local `/usr/local/bin/GetExternalIP.sh`
    local 209.182.74.168
    ttl 255
    gateway 2001:470:39:57c::1
    post-up /etc/init.d/Firewall-6.sh restart
    #
    # For shutting down the interface
    down /sbin/ip route del ::/0 dev he-ipv6 2>/dev/null
    down /sbin/ifconfig he-ipv6 down 2>/dev/null
    down /sbin/ip link set he-ipv6 down 2>/dev/null
    post-down /sbin/ifconfig sit0 0.0.0.0 2>/dev/null
    post-down /sbin/ifconfig sit0 down 2>/dev/null
    post-down /sbin/ifconfig sit1 0.0.0.0 2>/dev/null
    post-down /sbin/ifconfig sit1 down 2>/dev/null
    post-down /sbin/modprobe -r sit 2>/dev/null

07:42:/home/nomad>ifconfig he-ipv6
he-ipv6: flags=209<UP,POINTOPOINT,RUNNING,NOARP>  mtu 1480
        inet6 fe80::d1b5:4da8  prefixlen 64  scopeid 0x20<link>
        inet6 2001:470:39:57c::2  prefixlen 64  scopeid 0x0<global>
        sit  txqueuelen 1000  (IPv6-in-IPv4)
        RX packets 2504594  bytes 2856452096 (2.8 GB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1470748  bytes 248227701 (248.2 MB)
        TX errors 542  dropped 0 overruns 0  carrier 536  collisions 0

07:44:/home/nomad>ip -6 route
::1 dev lo proto kernel metric 256 pref medium
2001:470:39:57c::1 dev he-ipv6 metric 1024 pref medium
2001:470:39:57c::/64 dev he-ipv6 proto kernel metric 256 pref medium
2001:470:4b:57c::/64 dev em1 proto kernel metric 256 pref medium
fe80::/64 dev he-ipv6 proto kernel metric 256 pref medium
fe80::/64 dev enp9s4 proto kernel metric 256 pref medium
fe80::/64 dev em1 proto kernel metric 256 pref medium
fe80::/64 dev em1.5 proto kernel metric 256 pref medium
fe80::/64 dev em1.10 proto kernel metric 256 pref medium
fe80::/64 dev em1.99 proto kernel metric 256 pref medium
fe80::/64 dev em1.101 proto kernel metric 256 pref medium
default via 2001:470:39:57c::1 dev he-ipv6 metric 1024 onlink pref medium


07:42:/home/nomad>ping -c 3 184.105.250.46
PING 184.105.250.46 (184.105.250.46) 56(84) bytes of data.
64 bytes from 184.105.250.46: icmp_seq=1 ttl=59 time=8.85 ms
64 bytes from 184.105.250.46: icmp_seq=2 ttl=59 time=8.55 ms
64 bytes from 184.105.250.46: icmp_seq=3 ttl=59 time=8.60 ms

--- 184.105.250.46 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2004ms
rtt min/avg/max/mdev = 8.553/8.668/8.854/0.132 ms

07:42:/home/nomad>ping -c 3 2001:470:39:57c::2
PING 2001:470:39:57c::2(2001:470:39:57c::2) 56 data bytes
64 bytes from 2001:470:39:57c::2: icmp_seq=1 ttl=64 time=0.070 ms
64 bytes from 2001:470:39:57c::2: icmp_seq=2 ttl=64 time=0.051 ms
64 bytes from 2001:470:39:57c::2: icmp_seq=3 ttl=64 time=0.059 ms

--- 2001:470:39:57c::2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2035ms
rtt min/avg/max/mdev = 0.051/0.060/0.070/0.007 ms

07:42:/home/nomad>ping -c 3 2001:470:39:57c::1
PING 2001:470:39:57c::1(2001:470:39:57c::1) 56 data bytes

--- 2001:470:39:57c::1 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 2041ms


 20 
 on: May 05, 2020, 09:44:53 AM 
Started by dissy614 - Last post by passport123
I use drill instead of dig, but that's the syntax I use.  :)

I use he.net since I want to use DNSSEC on the three domains, and he.net doesn't provide DNSSEC when used as a master.  However, he.net does support the DNSSEC capability I need when used as secondary DNS servers.

My master DNS server does 1 to 5 updates each day as the records' signatures expire and need to be re-signed.  A script checks that each update has made it to the secondary DNS servers.  I get notified when there is a problem, e.g., an update does not make it to the secondary DNS servers.

The only time an update did not propagate correctly occurred during the time I was setting up the system.  The master DNS server was sending updates to he.net too quickly, i.e., too many in a short period of time.  I suspect I may have triggered some manner of DoS protection at he.net.

When I figured that out, I changed my scripts to do a maximum of one update every two minutes.  Since I made that change (about 7 or 8 months ago), I've not had any issues.

Pages: 1 [2] 3 4 ... 10