• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

machine hangs after implementing tunnel

Started by PMch, June 16, 2022, 02:37:12 PM

Previous topic - Next topic

PMch

Hi all,

  I'm currently trying to get the tunnels working, and have a first one configured as a pilot. Configuration itself went smooth and the tunnel immediately started working (after enabling P:41 in the firwall). I can login to the tunneled IPv6 via ssh from from my other sites with DANE+kerberos, so most things appear to be working.

But now every few hours the machine disappears. I don't know what is happening, there is nothing in any of the system logs, the machine does just go off the grid entirely. (It did run for half a year without problems before.)
The machine is a rented KVM, where I installed FreeBSD 13.1 onto. I tried to get a glimpse of the machine console with the vncviewer, but when the machine is in this state, that does not work either: vncviewer will just hang and not even ask for a password. The only remedy is hard PowerOFF.

A few hours ago the machine again became unresponsive, but this time the vncviewer did still work, and I found that regular IPv4 access also did still work. Then I found in the www.tunnelbroker.net/status.php , the tunnelserver was red.

Okay so far, but five minutes after that, my machine was again in the unresponsive state. I powered off and rebooted, tunnelserver was still red. After a while the tunnelserver became green and I could ping the other tunnel end. But now there is no IPv6 connection anymore.

This is the gif device:
gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1480
        options=80000<LINKSTATE>
        tunnel inet **.**.**.** --> 216.66.84.42
        inet6 2001:470:1f12:13::2 --> 2001:470:1f12:13::1 prefixlen 128
        groups: gif
        nd6 options=1<PERFORMNUD>

From the installed machine I can ping the 2001:470:1f12:13::2 (obviousely, that one is local), I can ping the 2001:470:1f12:13::1 (with a bunch of milliseconds looptime, so this must be remote), and I can ping the 216.66.84.42.

From my desktop I can NOT ping the machine via IPv6. I can not ping the 2001:470:1f12:13::2 either, and I can also NOT ping the 2001:470:1f12:13::1 (but I can ping google on IPv6). I can however ping the 216.66.84.42.

The only clue that I can get from that is: everything is working, but the remote IPv6 tunnel endpoint is no longer connected to the Internet.

So there are two issues which may or may not be related - and at the moment I do not yet have a clue on where to start to debug this. Any ideas, anybody?

cholzhauer

A lot of times there's a firewall in the way and it cuts off traffic.  A workaround I've seen in the past is to setup a cron job to run a ping command every few minutes...that generates enough traffic that the firewall won't kill the connection.

PMch

Hello, & thanks for Your answer. Firewalls are my own creation and probably not the problem. But it seems that hosting at that shop is not very reliable; I now set up my other two places without issues.