Hurricane Electric's IPv6 Tunnel Broker Forums

Advanced search  

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Pages: 1 ... 7 8 [9] 10
 81 
 on: May 11, 2019, 10:03:30 AM 
Started by wrtpoona - Last post by wrtpoona
I'd use a Vultr VM back in the day to peer with he.net (AS6939) and it worked fine, except I used OpenBSD and bgpd.
I'm currently trying to set this up on Debian (9.9) with Bird6 (1.6.3)

I've now moved to a different provider and requested HE.net support to use the old LOA and I can see Bird6 establish the link now.
Code: [Select]
debian@fra:~$ sudo birdc6
BIRD 1.6.3 ready.
bird> show protocols
name     proto    table    state  since       info
kernel1  Kernel   master   up     11:04:22   
device1  Device   master   up     11:04:22   
static1  Static   master   up     11:04:22   
he_net   BGP      master   up     11:04:26    Established

However my machine loses IPv6 internet access after that but I can ping inside my own allocation.
Code: [Select]
$ ping ipv6.google.com
connect: No route to host

$ ping bgp-de.wrtpoona.in
PING bgp-de.wrtpoona.in (185.140.112.20) 56(84) bytes of data.
64 bytes from 185.140.112.20 (185.140.112.20): icmp_seq=1 ttl=63 time=0.505 ms
64 bytes from 185.140.112.20 (185.140.112.20): icmp_seq=2 ttl=63 time=0.455 ms
64 bytes from 185.140.112.20 (185.140.112.20): icmp_seq=3 ttl=63 time=0.450 ms

Some IPv6 data off the box:

Code: [Select]
$ sudo ip -6 r **snipped***
unreachable 2001::/32 dev lo proto bird metric 1024  error -113 pref medium
unreachable 2001:4:112::/48 dev lo proto bird metric 1024  error -113 pref medium
unreachable 2c0f:fff0::/32 dev lo proto bird metric 1024  error -113 pref medium
fe80::/64 dev he-ipv6 proto kernel metric 256  pref medium
fe80::/64 dev eth0 proto kernel metric 256  pref medium
default via 2001:470:12:1cc::1 dev he-ipv6 metric 1024  pref medium

$ sudo ip -6 n
$

$ sudo rdisc6 eth0
Soliciting ff02::2 (ff02::2) on eth0...
Timed out.
Timed out.
Timed out.
No response.

$ ping6 ff02::2%eth0
PING ff02::2%eth0(ff02::2%eth0) 56 data bytes
^C
--- ff02::2%eth0 ping statistics ---
6 packets transmitted, 0 received, 100% packet loss, time 5125ms

What am I missing here?

 82 
 on: May 09, 2019, 02:24:30 AM 
Started by bartgrefte - Last post by bartgrefte
Well, Cloudflare isn't willing to help me solve this, they say I have to contact each website owner individually to ask why I am being blocked.

 83 
 on: May 08, 2019, 01:00:38 PM 
Started by fflaw - Last post by cholzhauer
Obfuscating IPs makes it harder to help.

What's your network diagram look like?

 84 
 on: May 08, 2019, 12:56:46 PM 
Started by fflaw - Last post by fflaw
Same account

it's from 2001:470:fxxx::/48


 85 
 on: May 08, 2019, 12:50:00 PM 
Started by fflaw - Last post by cholzhauer
Are 0 and 3 on different accounts with HE?

 86 
 on: May 08, 2019, 12:13:23 PM 
Started by fflaw - Last post by fflaw
I just did a traceroute from my subnet 2001:470:fxxx:0::/64 to google.com

Here is the hops result:
Code: [Select]
Tracing route to google.com [2607:f8b0:4007:80e::200e]
over a maximum of 30 hops:

  1    <1 ms     1 ms    <1 ms  2001:470:fxxx:3::
  2    36 ms    30 ms    35 ms  tunnel532xxx.tunnel.tserv15.lax1.ipv6.he.net [2001:470:c:1xxx::1]
  3    23 ms    18 ms    19 ms  10ge9-12.core1.lax1.he.net [2001:470:0:9d::1]
  4    92 ms    75 ms    19 ms  100ge14-1.core1.lax2.he.net [2001:470:0:72::2]
  5    17 ms    24 ms    18 ms  2001:504:13::210:41
  6    19 ms    27 ms    17 ms  2001:4860:0:110e::1
  7    18 ms    41 ms    17 ms  2001:4860:0:1::44f
  8    29 ms    22 ms    27 ms  lax31s01-in-x0e.1e100.net [2607:f8b0:4007:80e::200e]

Trace complete.

In the first hop it showed it went to my other subnet?  2001:470:fxxx:3::/64

Here is my router routing table:
Code: [Select]
root@ddwrt-ac3200:~# route -A inet6
Kernel IPv6 routing table
Destination                                 Next Hop                                Flags Metric Ref    Use Iface
2001:470:c:1xxx::/64                        ::                                      Un    256    0        1 ip6tun
2001:470:fxxx:3::/64                        ::                                      U     256    0        0 br1
2001:470:fxxx::/48                          ::                                      U     256    2      807 br0
2000::/3                                    ::                                      U     1024   2      797 ip6tun
fe80::/64                                   ::                                      U     256    0        0 eth0
fe80::/64                                   ::                                      U     256    0        0 vlan6
fe80::/64                                   ::                                      U     256    0        0 br1
fe80::/64                                   ::                                      U     256    0        0 vlan1
fe80::/64                                   ::                                      U     256    0        0 eth1
fe80::/64                                   ::                                      U     256    0        0 eth2
fe80::/64                                   ::                                      U     256    0        0 eth3
fe80::/64                                   ::                                      U     256    0        0 vlan3
fe80::/64                                   ::                                      U     256    0        0 vlan2
fe80::/64                                   ::                                      Un    256    0        0 ip6tun
fe80::/64                                   ::                                      U     256    0        0 wl0.1
fe80::/64                                   ::                                      U     256    0        0 wl1.1
fe80::/64                                   ::                                      U     256    0        0 br0
::/0                                        2001:470:c:1xxx::1                      UG    1      0        0 ip6tun
::/0                                        ::                                      !n    -1     1  3064701 lo
::1/128                                     ::                                      Un    0      3       11 lo
2001:470:c:1xxx::/128                       ::                                      Un    0      1        0 lo
2001:470:c:1xxx::2/128                      ::                                      Un    0      2        1 lo
2001:470:fxxx:3::/128                       ::                                      Un    0      1        0 lo
fe80::/128                                  ::                                      Un    0      1        0 lo
fe80::/128                                  ::                                      Un    0      1        0 lo
fe80::/128                                  ::                                      Un    0      1        0 lo
fe80::/128                                  ::                                      Un    0      1        0 lo
fe80::/128                                  ::                                      Un    0      1        0 lo
fe80::/128                                  ::                                      Un    0      1        0 lo
fe80::/128                                  ::                                      Un    0      1        0 lo
fe80::/128                                  ::                                      Un    0      1        0 lo
fe80::/128                                  ::                                      Un    0      1        0 lo
fe80::/128                                  ::                                      Un    0      1        0 lo
fe80::/128                                  ::                                      Un    0      1        0 lo
fe80::/128                                  ::                                      Un    0      1        0 lo
fe80::/128                                  ::                                      Un    0      1        0 lo
fe80::adc4:dd63/128                         ::                                      Un    0      1        0 lo
fe80::64f1:29ff:fe9b:1066/128               ::                                      Un    0      2        2 lo
fe80::ac9e:17ff:fea9:c1f1/128               ::                                      Un    0      1        0 lo
fe80::ac9e:17ff:fea9:c1f3/128               ::                                      Un    0      1        0 lo
fe80::ae9e:17ff:fea9:c1f0/128               ::                                      Un    0      1        0 lo
fe80::ae9e:17ff:fea9:c1f0/128               ::                                      Un    0      1        0 lo
fe80::ae9e:17ff:fea9:c1f0/128               ::                                      Un    0      1        0 lo
fe80::ae9e:17ff:fea9:c1f0/128               ::                                      Un    0      1        0 lo
fe80::ae9e:17ff:fea9:c1f0/128               ::                                      Un    0      1        0 lo
fe80::ae9e:17ff:fea9:c1f1/128               ::                                      Un    0      1        0 lo
fe80::ae9e:17ff:fea9:c1f2/128               ::                                      Un    0      1        0 lo
fe80::ae9e:17ff:fea9:c1f4/128               ::                                      Un    0      3       41 lo
fe80::ae9e:17ff:fea9:c1f8/128               ::                                      Un    0      1        0 lo
ff00::/8                                    ::                                      U     256    0        0 eth0
ff00::/8                                    ::                                      U     256    0        0 vlan6
ff00::/8                                    ::                                      U     256    2       51 br1
ff00::/8                                    ::                                      U     256    0        0 vlan1
ff00::/8                                    ::                                      U     256    0        0 eth1
ff00::/8                                    ::                                      U     256    0        0 eth2
ff00::/8                                    ::                                      U     256    0        0 eth3
ff00::/8                                    ::                                      U     256    0        0 vlan3
ff00::/8                                    ::                                      U     256    1       80 vlan2
ff00::/8                                    ::                                      U     256    2      137 br0
ff00::/8                                    ::                                      U     256    0        0 ip6tun
ff00::/8                                    ::                                      U     256    0        0 wl0.1
ff00::/8                                    ::                                      U     256    0        0 wl1.1
::/0                                        ::                                      !n    -1     1  3064701 lo

Suggestions?

 87 
 on: May 04, 2019, 10:47:21 AM 
Started by bartgrefte - Last post by bartgrefte
Some services also report me being in Prague, Czech Republic (which is actually closer to me than Berlin), but my traffic still goes through Berlin, so even measuring round-trip times shouldn't put me that far off. Maybe similar prefixes were used by other tunnel endpoint? I have no idea. In the past I was even often located in the US, due to HE being US-based I assume.
I've seen US listed as location a while back somewhere too, figured that made sense since HE is based there (Fremont CA if I remember correctly). Also saw other countries with the geolocation services I did find, including Russia, but no countries where they speak German. So maybe Facebook itself messed up, but they do not have any support that can actually be reached. There is a way to report problems, but I've done that over half a dozen times the last two years without getting any reply from them.

Sorry I can only be anecdotal here. Adafruit.com works fine for me. Maybe you can email cloudflare?
Well, their website says this about the problem:
Quote from: Cloudflare
Why do I see an Access Restricted Cloudflare Challenge Page?

If you are the site visitor:

The IP address you came from recently had bad activity online, so Cloudflare will present a challenge before you can access the website. Here's what you can do to solve the problem:

1. Passing the captcha will help reduce the threat score associated with the IP address. If no bad activity is seen from the IP address after a two-week period, then the challenge behavior will stop against that IP address.

2. You can also request that the particular site you're visiting whitelist your IP address when you pass the captcha and send a message to the site owner. If the site owner  decides to whitelist your IP address, it does two things:

a) It allows you to access that site from that IP without further challenges for that site.

b) Helps correct false positives with IP data, which further helps reduce the threat score associated with the IP address.

Note: You must have cookies enabled to pass the captcha.
Doing captchas hasn't done anything so far (besides restoring access temporary) and not every website shows the captcha on the error page, Adafruit Industries being one of them. Since I regularly visit that website I emailed them about it and there gonna look at it. As for other pages, there are too many showing that error.

I don't see any email listed, so I guess I'll register and open up a support ticket, hopefully I can find out what's going on.

But in the mean time I still have IPv6 disabled. I'm considering creating a 2nd tunnel, hoping I end up with a different range that doesn't cause problems.

 88 
 on: May 03, 2019, 03:24:50 PM 
Started by juanignacioquesada - Last post by juanignacioquesada
It looks like dropping down the MTU to 1472 did the trick. It's now working solid

 89 
 on: May 03, 2019, 12:43:02 PM 
Started by bartgrefte - Last post by tjeske
Some services also report me being in Prague, Czech Republic (which is actually closer to me than Berlin), but my traffic still goes through Berlin, so even measuring round-trip times shouldn't put me that far off. Maybe similar prefixes were used by other tunnel endpoint? I have no idea. In the past I was even often located in the US, due to HE being US-based I assume.

Sorry I can only be anecdotal here. Adafruit.com works fine for me. Maybe you can email cloudflare?

 90 
 on: May 03, 2019, 10:46:39 AM 
Started by juanignacioquesada - Last post by juanignacioquesada
I dropped MTU from 1480 to 1472 and it is a bit more stable now. I'll check more

Pages: 1 ... 7 8 [9] 10