• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

Two hosts with two different tunnels - one small Q:

Started by tMHru, July 03, 2019, 03:05:02 AM

Previous topic - Next topic

tMHru

Hello everyone. I use two hosts with two different tunnels.
The first host has this setting as I see in "ip a" command:
3: sit0: <NOARP> mtu 1480 qdisc noop state DOWN
    link/sit 0.0.0.0 brd 0.0.0.0
4: ip6tnl0: <NOARP> mtu 1452 qdisc noop state DOWN
    link/tunnel6 :: brd ::

but when I do "ip a" on the 2nd host I see this only:
3: sit0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN group default qlen 1
    link/sit 0.0.0.0 brd 0.0.0.0

Talking about state of he-ipv6 interface - the 1st host has
he-ipv6: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1480 qdisc noqueue state UNKNOWN"

while second host has
he-ipv6@NONE: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1480 qdisc noqueue state UNKNOWN group default qlen 1

The main problem that IP addresses defined on 2nd hosts aren't visible on internet (IRC, web), when 1st host has defined additional IPs those are visible on internet.

Can someone explain - why 2nd host cannot show up its IP address, yet it has sit0@NONE and he-ipv6@NONE - not like the 1st host?

Thank in advance !
-t

cholzhauer


tMHru

Quote from: cholzhauer on July 03, 2019, 05:43:00 AMAre these two hosts behind the same public IP?

No, they have different public static IPs.

Btw, you've risen another small Q: - is it possible to establish tunnel within _one_ tunnel network - on two hosts (with public IPs, as I said) ? For example, I have my-side IP and server-side IP:
2001:470:27:*::1/64
2001:470:27:*::2/64
- how I can connect SECOND host inside this tunnel - of course, if its possible?:)
Thanks in advance!!!



cholzhauer

You can have one tunnel per public IP.  If you want more than one host to have an IPv6 address, you can use the routed /64 for hosts in the same VLAN or request a /48 to handle multiple VLANs. 

tMHru

Quote from: cholzhauer on July 03, 2019, 10:23:08 AM
You can have one tunnel per public IP.  If you want more than one host to have an IPv6 address, you can use the routed /64 for hosts in the same VLAN or request a /48 to handle multiple VLANs.
Got it, Thanks !

And - what about main question - can you tell, please, why 2nd host has these strange "sit0@NONE" and "he-ipv6@NONE" while 1st host have "normal" ones ?:)

snarked

Different versions of the "ip" program, or different OSs.

tMHru

Quote from: snarked on July 04, 2019, 08:30:16 AMDifferent versions of the "ip" program, or different OSs.

Both of them are " Linux Mint 17.3 Rosa", the first is armvl7 media player, the second 'usual computer' with core2duo.

Still I don't get why 2nd host (core2duo) cannot use assigned v6 addresses within my IP range of the tunnel - like this one -  2001:470:28:*::123

I see that tunnel is working:
64 bytes from 2001:470:27:*::1: icmp_seq=1 ttl=64 time=19.2 ms
64 bytes from 2001:470:27:*::1: icmp_seq=2 ttl=64 time=19.2 ms

I see that mine side :2 is visible to irc/web, but - other IPs are not, still...
what is this, can someone tell ?

BTW, I do not see no "ip6tnl0" mention on 2nd host "ip a"...might be this is the main problem ?

cholzhauer

Can the non-working computer ping the router ahead of it?

tMHru

Quote from: cholzhauer on July 05, 2019, 08:02:32 PMCan the non-working computer ping the router ahead of it?

I have no router, but switch with 16 ports instead.

Yes, from 2nd host I can ping ipv6.google.com, I can ping :2 - remote gw of he.net, and I can ping 1st host ipv6 addresses, and vice versa - when I ping three v6 addresses on 2nd host from 1st host the pings passing ok.

Moreover, I did tests with IRC server connections, and this is what I received:
>irc *635 -h 2001:470:28:*::123 efnet.portlane.se
*** Connecting to port 6667 of server efnet.portlane.se
*** Couldn't bind to IRCHOST
[ Whois *635!*@tunnel*-pt.tunnel.tserv24.sto1.ipv6.he.net (Network) ]
-- I tried to connect with this ::123 host to efnet.portlane.se (v6 compatible server), but I get "Couldn't bind to IRCHOST" and then I get connection with default :2 host as you see, which is resolved.

Another test with standard telnet:
>telnet -b 2001:470:28:*::90 efnet.portlane.se 6667
Trying 2a00:1a28:1100:7::1337...
Connected to efnet.portlane.se.
Escape character is '^]'.
NOTICE AUTH :*** Processing connection to efnet.portlane.se
NOTICE AUTH :*** Looking up your hostname...
NOTICE AUTH :*** Checking Ident
NOTICE AUTH :*** Couldn't look up your hostname
NOTICE AUTH :*** Got Ident response
-- as you can notice - the connection passes ok, even irc server drop me notice about unresolved host which is :90 one.

At first I thought it was ircII (irc client) problem - but I compiled newest version and got the same "Couldn't bind to IRCHOST".

Any ideas? :) I still wonder - why 1st host have this "ip6tnl0" in ip list while 2nd host does not...

cholzhauer

You have to have a router somewhere...the thing that's hosting your IPv6 tunnel.

tMHru

Quote from: cholzhauer on July 08, 2019, 05:23:26 AM
You have to have a router somewhere...the thing that's hosting your IPv6 tunnel.

Sorry for _that_ delay, but I found the problem - it is not related to HE at all but related to ircII client. Sorry again, I think this can be deleted completely:)