• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Main Menu

Recent posts

#91
Questions & Answers / Re: all of a sudden only UDP c...
Last post by magerorg - August 04, 2023, 12:12:49 PM
Ok, must have been a problem at my provider, problem fixed.
#92
Questions & Answers / all of a sudden only UDP check...
Last post by magerorg - August 04, 2023, 11:48:49 AM
All of a sudden I do get only UDP checksum errors on my tunnel that did work fine for some time. A tcpdump on the tunnel interface looks like this:

tcpdump: listening on he-ipv6, link-type RAW (Raw IP), snapshot length 262144 bytes
20:42:58.198739 IP6 (flowlabel 0xd55fa, hlim 64, next-header TCP (6) payload length: 40) tunnel783682-pt.tunnel.tserv6.fra1.ipv6.he.net.58198 > fra07s64-in-x200a.1e100.net.https: Flags [S], cksum 0xef0c (incorrect -> 0xa65a), seq 4134613256, win 65320, options [mss 1420,sackOK,TS val 1442402625 ecr 0,nop,wscale 7], length 0
20:43:11.797944 IP6 (flowlabel 0x05cb6, hlim 64, next-header UDP (17) payload length: 48) tunnel783682-pt.tunnel.tserv6.fra1.ipv6.he.net.41641 > derp18d.tailscale.com.3478: [bad udp cksum 0x5fa2 -> 0x495a!] UDP, length 40
20:43:11.797981 IP6 (flowlabel 0x3760e, hlim 64, next-header UDP (17) payload length: 48) tunnel783682-pt.tunnel.tserv6.fra1.ipv6.he.net.41641 > derp8g.tailscale.com.3478: [bad udp cksum 0x515d -> 0xb6d7!] UDP, length 40
20:43:25.033529 IP6 (flowlabel 0xe1e69, hlim 64, next-header TCP (6) payload length: 40) tunnel783682-pt.tunnel.tserv6.fra1.ipv6.he.net.32866 > fra15s17-in-x0a.1e100.net.https: Flags [S], cksum 0xef19 (incorrect -> 0xfc5b), seq 3240943780, win 65320, options [mss 1420,sackOK,TS val 2096282838 ecr 0,nop,wscale 7], length 0

Anyone having a clue what might be going wrong?
#93
Questions & Answers / Re: Google forcing ReCAPTCHA o...
Last post by Nordulven - August 04, 2023, 08:15:21 AM
I have a theory. I wonder if all this is happening because a lot of GeoIP databases get our Geo's wrong. For me, I show up as RUSSIA.
#94
Questions & Answers / internet censorship by he.net
Last post by kronstadt - August 03, 2023, 05:49:02 AM
Hey,

It appears that all of a sudden, he.net started censoring law-abiding internet sites.

https://news.ycombinator.com/item?id=36923843
https://twitter.com/IncogNetLLC/status/1685359845505957888

Please stop doing it as it's highly inappropriate.

-sthalik
#95
Questions & Answers / Abuse alert from Google
Last post by Nordulven - August 03, 2023, 02:40:05 AM
Hey folks! Has anyone else been notified by HE that Google has filed an abuse warning with the source IP being in your subnets?



It seems like Google is on some sort of war path against HE?
#96
Questions & Answers / Re: Google forcing ReCAPTCHA o...
Last post by simondeziel - August 02, 2023, 08:16:57 AM
I too got an email asking to stop all automated or non-human activities toward Google's services. I asked for more details as there should be no such thing on my network and in fact, most devices are configured to use DuckDuckGo anyway.
#97
Questions & Answers / Re: Google forcing ReCAPTCHA o...
Last post by dittman - August 02, 2023, 07:31:40 AM
Support responded, Google is only giving them the /64 subnet but not the actual IP.  Google is being very agressive which is hypocritical because their bots don't honor /robots.txt.

I just blocked any outgoing IPv6 traffic to Google's /32.
#98
Questions & Answers / Re: Google forcing ReCAPTCHA o...
Last post by dittman - August 01, 2023, 06:26:50 PM
I was getting the captcha for a while but it stopped but today I got the following email from HE Support:

Hello,

Your tunnel has been seen as a source of automated google-services scripting behavior without adhering to Google's /robot.txt file.

Please stop all automated or non-human activities google's services through our tunnel services or your account will be disabled/removed.

Please let me know if you have any questions.

Thanks,

Hurricane Electric Support


I've replied back asking for the IPs but I don't have anything configured to use google-services and I'm pretty sure I don't have any malware doing it.  Has anyone else seen this?
#99
Questions & Answers / Re: IPv6 tunnel and GeoIP
Last post by bartgrefte - July 30, 2023, 01:49:52 AM
Quote from: kamil445 on March 24, 2023, 01:36:25 AMFor example, Facebook use geolocation based on ASN, ASN location for tunnelbroker from hurricanes is US, Freemont, so Facebook always will think, you are from US. BUT if you have Facebook app installed and enabled geolocation in you phone, facebook sometimes update IP location based on phone location.
For exmaple sometimes Facebook think i'm from US, but sometimes think i'm from Poland, sometimes this  change everyday :)
Since Facebook and Instagram are from the same company, does the ASN location apply to Instagram as well? I've been getting banned regularly due to "suspicious activity", probably because my /48 ends up in the US while my IPv4 address ends up in the Netherlands. After objecting, my account keeps getting restored because no violations of terms/agreements were found.

Also, there's a Netflix like website ( www.videoland.com/nl ) that also is being a pain in the butt, it won't let me view content (for being outside allowed region) unless I disable IPv6. Tried contacting the customer service, all I got back was a checklist for basic connection problems.
#100
Questions & Answers / Re: What's the API's max call ...
Last post by kcochran - July 28, 2023, 10:22:28 AM
As long as you're only updating when your IP changes, you'll never hit the limits.  As noted in the API information, it conforms to the Dyn dynamic DNS API, whose return codes are documented at https://help.dyn.com/remote-access-api/return-codes/

You should only send updates when your IP changes.  Any well-behaved script should store your IP from the previous run, and only hit the API when there's a change.

We're reasonably strict on this, as there are a surprisingly large number of people who send updates every minute (or few seconds!) when there's no actual change to their IP address.  Virtual all of the rate-limit blocks time out in a reasonable period of time, on the order of minutes.  People who are on the level of updating every few seconds are a different story, however.