• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

Windows 7 Home Premium 64-bit Edition behind 2Wire 3600HGV

Started by RaptillaMajor, November 06, 2011, 03:08:18 AM

Previous topic - Next topic

RaptillaMajor

Hey Guys.

I'm trying to get tunneling working by following the instructions after creating a regular HE tunnel. I'm also following this guide to get sage certified (spare gogo6).

Here are the netsh commands used after I received my tunnel from HE:

netsh interface teredo set state disabled
netsh int ipv6 add v6v4tunnel "Hurricane Electric v6v4 Tunnel" xxx.xxx.xxx.xxx 64.62.134.130
netsh int ipv6 add address "Hurricane Electric v6v4 Tunnel" 2001:470:xxxx:xxxx::xxxx
netsh int ipv6 add route ::/0 "Hurricane Electric v6v4 Tunnel" 2001:470:xxxx:xxxx::xxxx publish=yes
netsh int ipv6 set int "Hurricane Electric v6v4 Tunnel" forwarding=enabled nud=enabled routerdiscovery=enabled


I had to set up my laptop to run with DMZ 'plus' for which the 2wire router gives my laptop my public external IP, but I still have trouble finding ipv6 sites like ipv6.google.com. I'm not too sure if 2Wire is a compatible router or not, but I'd figure I'd post here and get some feedback as to finding out if so/how to know how.

I'm in San Jose and am using an AT&T U-Verse DSL line. I'm staying with my sister until I get an apartment of my own, and am just trying to see if I can't set up a web server and such to get certified.  :)




Here's some more info:

ipconfig /all

Windows IP Configuration

  Host Name . . . . . . . . . . . . : Daedalus-Laptop
  Primary Dns Suffix  . . . . . . . :
  Node Type . . . . . . . . . . . . : Mixed
  IP Routing Enabled. . . . . . . . : No
  WINS Proxy Enabled. . . . . . . . : No
  DNS Suffix Search List. . . . . . : gateway.2wire.net

Wireless LAN adapter Wireless Network Connection:

  Connection-specific DNS Suffix  . : gateway.2wire.net
  Description . . . . . . . . . . . : Intel(R) WiFi Link 5100 AGN
  Physical Address. . . . . . . . . : xx-xx-xx-xx-xx-xx
  DHCP Enabled. . . . . . . . . . . : Yes
  Autoconfiguration Enabled . . . . : Yes
  Link-local IPv6 Address . . . . . : fe80::cdfe:c4f5:d254:72d7%23(Preferred)
  IPv4 Address. . . . . . . . . . . : xxx.xxx.xxx.xxx(Preferred)
  Subnet Mask . . . . . . . . . . . : 255.xxx.xxx.0
  Lease Obtained. . . . . . . . . . : Sunday, November 06, 2011 1:58:51 AM
  Lease Expires . . . . . . . . . . : Sunday, November 06, 2011 2:58:59 AM
  Default Gateway . . . . . . . . . : xxx.xxx.xxx.xxx
  DHCP Server . . . . . . . . . . . : 192.168.1.xxx
  DHCPv6 IAID . . . . . . . . . . . : 167779941
  DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-BE-26-E3-00-26-9E-11-24-3B
  DNS Servers . . . . . . . . . . . : 192.168.1.xxx
  NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Hurricane Electric v6v4 Tunnel:

  Connection-specific DNS Suffix  . : gateway.2wire.net
  Description . . . . . . . . . . . : Microsoft Direct Point-to-point Adapater
  Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
  DHCP Enabled. . . . . . . . . . . : No
  Autoconfiguration Enabled . . . . : Yes
  IPv6 Address. . . . . . . . . . . : 2001:470:xxxx:xxxx::xxxx(Preferred)
  Link-local IPv6 Address . . . . . : fe80::c513:d2be:3789:711c%48(Preferred)
  Default Gateway . . . . . . . . . : 2001:470:xxxx:xxxx::xxxx
  DNS Servers . . . . . . . . . . . : 192.168.1.xxx
  NetBIOS over Tcpip. . . . . . . . : Disabled


netsh int ipv6 show interfaces

Idx     Met         MTU          State                Name
---  ----------  ----------  ------------  ---------------------------
 1          50  4294967295  connected     Loopback Pseudo-Interface 1
23          25        1500  connected     Wireless Network Connection
24           5        1500  disconnected  Local Area Connection
12          50        1280  disconnected  isatap.hsd1.ca.comcast.net.
25           5        1500  disconnected  Wireless Network Connection 2
16          50        1472  disconnected  Teredo Tunneling Pseudo-Interface
48          30        1280  connected     Hurricane Electric v6v4 Tunnel
11          50        1500  disconnected  Bluetooth Network Connection
19          50        1280  disconnected  Reusable ISATAP Interface {B0FAB909-7222-47B1-A563-4E1D5E077B1D}
15          50        1280  disconnected  isatap.{71DD44F3-1F08-45C3-BF55-2435C3BCAAE7}
22          20        1404  connected     Hamachi


netsh int ipv6 show addresses

Interface 1: Loopback Pseudo-Interface 1

Addr Type  DAD State   Valid Life Pref. Life Address
---------  ----------- ---------- ---------- ------------------------
Other      Preferred     infinite   infinite ::1

Interface 23: Wireless Network Connection

Addr Type  DAD State   Valid Life Pref. Life Address
---------  ----------- ---------- ---------- ------------------------
Other      Preferred     infinite   infinite fe80::cdfe:c4f5:d254:72d7%23

Interface 48: Hurricane Electric v6v4 Tunnel

Addr Type  DAD State   Valid Life Pref. Life Address
---------  ----------- ---------- ---------- ------------------------
Manual     Preferred     infinite   infinite 2001:470:xxxx:xxxx::xxxx
Other      Preferred     infinite   infinite fe80::c513:d2be:3789:711c%48


netsh int ipv6 dump

# ----------------------------------
# IPv6 Configuration
# ----------------------------------
pushd interface ipv6

reset
add route prefix=::/0 interface="Hurricane Electric v6v4 Tunnel" nexthop=2001:470:xxxx:xxxx::xxxx publish=Yes
set interface interface="Hurricane Electric v6v4 Tunnel" forwarding=enabled advertise=enabled nud=enabled routerdiscovery=enabled
add address interface="Hurricane Electric v6v4 Tunnel" address=2001:470:xxxx:xxxx::xxxx/64


popd
# End of IPv6 configuration



# ----------------------------------
# ISATAP Configuration
# ----------------------------------
pushd interface isatap



popd
# End of ISATAP configuration



# ----------------------------------
# 6to4 Configuration
# ----------------------------------
pushd interface 6to4

reset



popd
# End of 6to4 configuration


netstat -nr

===========================================================================
Interface List
25...00 1e 65 0c c1 9f ......Microsoft Virtual WiFi Miniport Adapter
24...xx xx xx xx xx xx ......Realtek PCIe GBE Family Controller
23...xx xx xx xx xx xx ......Intel(R) WiFi Link 5100 AGN
11...xx xx xx xx xx xx ......Bluetooth Device (Personal Area Network)
22...7a 79 05 4f 9a 6a ......Hamachi Network Interface
 1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
48...00 00 00 00 00 00 00 e0 Microsoft Direct Point-to-point Adapater
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
         0.0.0.0          0.0.0.0   xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx     25
         5.0.0.0        255.0.0.0         On-link      5.79.154.106    276
    5.79.154.106  255.255.255.255         On-link      5.79.154.106    276
   5.255.255.255  255.255.255.255         On-link      5.79.154.106    276
 xxx.xxx.xxx.xxx    255.xxx.xxx.0         On-link   xxx.xxx.xxx.xxx    281
 xxx.xxx.xxx.xxx  255.255.255.255         On-link   xxx.xxx.xxx.xxx    281
 xxx.xxx.xxx.255  255.255.255.255         On-link   xxx.xxx.xxx.xxx    281
       127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
       127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
 127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
       224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
       224.0.0.0        240.0.0.0         On-link      5.79.154.106    276
       224.0.0.0        240.0.0.0         On-link   xxx.xxx.xxx.xxx    281
 255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
 255.255.255.255  255.255.255.255         On-link      5.79.154.106    276
 255.255.255.255  255.255.255.255         On-link   xxx.xxx.xxx.xxx    281
===========================================================================
Persistent Routes:
 None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination      Gateway
48    286 ::/0                     2001:470:xxxx:xxxx::xxxx
 1    306 ::1/128                  On-link
48    286 2001:470:xxxx:xxxx::/64  On-link
48    286 2001:470:xxxx:xxxx::xxxx/128
                                    On-link
22    276 fe80::/64                On-link
23    281 fe80::/64                On-link
48    286 fe80::/64                On-link
22    276 fe80::a56f:4e86:572a:f5ab/128
                                   On-link
48    286 fe80::c513:d2be:3789:711c/128
                                   On-link
23    281 fe80::cdfe:c4f5:d254:72d7/128
                                   On-link
 1    306 ff00::/8                 On-link
22    276 ff00::/8                 On-link
23    281 ff00::/8                 On-link
48    286 ff00::/8                 On-link
===========================================================================
Persistent Routes:
If Metric Network Destination      Gateway
 0 4294967295 ::/0                     2001:470:xxxx:xxxx::xxxx
===========================================================================

cholzhauer

With earlier versions of windows, the adapter HAD to be called "IP6Tunnel"  I don't know if that's still the case, but I would start there...delete your current interface ans create a new one

RaptillaMajor

#2
Still no luck. :-\

I deleted the old interface and reset the ipv6 settings before doing the commands again with IP6Tunnel as the interface name. Looks like the problem is elsewhere.

Update:
Here's something interesting. Apparently I can ping ipv6.google.com and have it resolve to an ipv6 address, but that's it. It won't actually ping ipv6.google.com because of a 'general failure'.

ping ipv6.google.com

Pinging ipv6.l.google.com [2001:4860:4001:803::1011] with 32 bytes of data:
General failure.
General failure.
General failure.
General failure.

Ping statistics for 2001:4860:4001:803::1011:
   Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),


Update 2:
Okay! So I found out that I need to turn off my firewall to be able to ping ipv6 sites.  ::)

I have AVG Internet Security 2011, and so I turned the firewall off. But still though, I can't seem to actually get certified or browse ipv6 websites using Mozilla Firefox 7.0.1.

Also, I can't for the life of me figure out how to add a firewall rule to allow forwarding of ipv6 encapsulated packets for AVG. I added a rule for protocol 41 to "allow for all" for all IPv6 ranges, but it still doesn't allow for pinging. I don't want to keep my firewall turned off, especially seeing as how I'm the DMZ host on my router, and I'll be foolishly exposing myself to all the horrors of the internet. So any help would be appreciated for that too.

cholzhauer

Is that AVG the free one or is that one you pay for? Some firewalls just drop the IPv6 traffic because they don't know what it is; I would think something manufactured in 2011 (or 2010) would know about IPv6 though.

RaptillaMajor

It's the paid-AVG version. There is a 2012 version available, but I can't update to that. I guess AVG is just late in the game to support IPv6?  :-\

Truly though, at this point I'd just be happy if I could get the tunnel working and leave my firewall off until I get certified. I don't want to resort to another tunnel out there.

cholzhauer

If turning avg off didn't fix your problem, then avg isn't causing your problem.

For 6in4 to work, your router/modem needs to pass you protocol41. Unfortunately, there are some routers that wont pass proto41 even though you've put your host in the dmz.

Is your setup just internet ===> dsl modem ===> computer?

RaptillaMajor

#6
Yup, my computer's connected to my 2Wire 3600hgv DSL router, which is in turn connected to the internet through AT&T's service. I heard that AT&T routers do block protocol 41, but since I'm running as DMZ 'plus' host, that shouldn't be an issue on AT&T's particular routers I also hear. Running as DMZ host on this router also gives my laptop my external public IP, as you can see from my original post.

Also, as I said before, turning off AVG does allow me to PING external IPv6 servers, like ipv6.google.com. The only thing is that I can't BROWSE to the actual site, and I also don't have an online web presence using IPv6, so no one can see my IPv6 address, which is what I need to pass the 'explorer' certification on HE.

As I said before, if no one knows how to fix the firewall issue, at this point I wouldn't mind temporarily turning off AVG to pass the certification, as long as I can fix the other problems and go on.

Update:
Went to test-ipv6.com and I failed a test.
Broken DNS AAAA Lookups

We detected that you are able to connect to IPv6 sites, by numerical address specifically. However, connections using DNS either failed, or preferred IPv4.

What does this mean for you?

You should still be able to reach most sites fine, so long as they offer their services on IPv4. This means few near-term problems.

Possible causes:

    Firefox users may have IPv6 lookups disabled.
        Go to about:config in your browser.
        Look for network.dns.disableIPv6
        Make sure this is set to false.
    Your OS may be configured to not do AAAA lookups; that is, to prefer IPv4 only.
    Your DNS server may be filtering AAAA responses (or otherwise broken).
        Some ISPs will intentionally filter AAAA records. For example, on World IPv6 Day, we expect many Japanese ISPs to filter AAAA records, to mitigate current IPv6 deployment issues unique to their environments.
        You (or your techical support) can run dig @DNSSERVER aaaa aaaa.test-ipv6.com to confirm if the DNS server is working properly


Turns out the actual problem was that IPv6 WAS disabled in Firefox. XD
Next time I'll have to test with multiple browsers, probably Chrome or something though, as I uninstalled IE from my windows machine (lol).

Still though, if any of you have any solutions for the AVG firewall problem, I'll check back periodically. ;D

cholzhauer

One other thing to try is to assign a IPv6 to your wireless adapter.  Pick an address out of your routed /64 see what happens

RaptillaMajor

#8
Thanks for that. I assigned the IP of 2001:470:xxxx:xxxx::8001 to my wireless adapter. And until AVG officially supports IPv6 in an update, I'll keep checking back for any solutions to the firewall issue though.