Hurricane Electric's IPv6 Tunnel Broker Forums

Advanced search  

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Author Topic: Tunnel working, but no connectivity from the router  (Read 5943 times)

optix

  • Newbie
  • *
  • Posts: 4
Tunnel working, but no connectivity from the router
« on: July 03, 2010, 11:23:12 AM »

Hi all,

This keeps puzzling me for a few days now, and I haven't been able to find similar problem on the forum...

Router is Cisco 1801 with directly attached ADSL line.

Basically, I can't get any ipv6 connectivity from the router to global ipv6 addresses, pinging HE end of the tunnel doesn't work, pinging any other ipv6 address doesn't work, telnet to opened telnet server on ipv6 doesn't work etc. However, everything is working just fine from Win machines inside my allocated /48 block.


Relevant config:
Code: [Select]
!
ipv6 unicast-routing
ipv6 cef
!
interface Tunnel0
 description Hurricane Electric IPv6 Tunnel
 no ip address
 ipv6 address 2001:xxx:xxx:xxx::2/64
 ipv6 enable
 tunnel source Dialer1
 tunnel destination 216.66.80.30
 tunnel mode ipv6ip
!         
interface Dialer1
 mtu 1492
 ip address negotiated
 ip access-group Traffic-from-Internet in
 ip access-group Traffic-to-Internet out
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 load-interval 30
 dialer pool 1
 no cdp enable
 ppp authentication pap callin
 ppp pap sent-username xxx password xxx
!             
interface Vlan1
 ip address 10.10.10.5 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 ip tcp adjust-mss 1452
 ipv6 address 2001:xxx:xxxx::1/48
 ipv6 enable
!         
ip nat inside source list 1 interface Dialer1 overload
!
ipv6 route ::/0 Tunnel0
!


Any thoughts, or has someone experienced similar issue?

I've tried modifying MTU several times, changed IOS, but problem remains...

Code: [Select]
c1801#ping ipv6.google.com
Translating "ipv6.google.com"...domain server (8.8.8.8) [OK]

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2A00:1450:8007::69, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
c1801#

Win machine

Code: [Select]
C:\>ping ipv6.google.com

Pinging ipv6.l.google.com [2A00:1450:8007::69] with 32 bytes of data:
Reply from 2A00:1450:8007::69: time=28ms
Reply from 2A00:1450:8007::69: time=28ms
Reply from 2A00:1450:8007::69: time=28ms
Reply from 2A00:1450:8007::69: time=28ms

Ping statistics for 2A00:1450:8007::69:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 28ms, Maximum = 28ms, Average = 28ms

C:\>


Thanks!
Logged

jimb

  • Hero Member
  • *****
  • Posts: 805
  • ^^^ Warped picture
Re: Tunnel working, but no connectivity from the router
« Reply #1 on: July 03, 2010, 06:37:32 PM »

You shouldn't have an entire /48 on your LAN.  You should break it into /64 subnets.

That shouldn't really prevent you from pinging though.  Have you tried to ping using the tunnel interface as source?  Does that work?
Logged

optix

  • Newbie
  • *
  • Posts: 4
Re: Tunnel working, but no connectivity from the router
« Reply #2 on: July 04, 2010, 03:13:47 AM »

I have, unfortunately result is the same  :(

Code: [Select]
c1801#ping ipv6.google.com source tunnel0
Translating "ipv6.google.com"...domain server (8.8.8.8) [OK]

Translating "ipv6.google.com"...domain server (8.8.8.8) [OK]

Translating "ipv6.google.com"...domain server (8.8.8.8) [OK]

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2A00:1450:8007::68, timeout is 2 seconds:
Packet sent with a source address of 2001:470:1F0A:1391::2
.....
Success rate is 0 percent (0/5)
c1801#

Traceroute from win machine... everything as it should be

Code: [Select]
C:\>tracert ipv6.google.com

Tracing route to ipv6.l.google.com [2a00:1450:8007::69]
over a maximum of 30 hops:

  1    <1 ms    <1 ms    <1 ms  c1801.optix.rs [2001:470:9da5::1]
  2    32 ms    32 ms    32 ms  optix-1.tunnel.tserv6.fra1.ipv6.he.net [2001:470:1f0a:1391::1]
  3    28 ms    29 ms    32 ms  gige-g2-4.core1.fra1.ipv6.he.net [2001:470:0:69::1]
  4    28 ms    29 ms    30 ms  de-cix20.net.google.com [2001:7f8::3b41:0:2]
  5    28 ms    28 ms    31 ms  2001:4860::1:0:10
  6    27 ms    29 ms    29 ms  2001:4860::23
  7    28 ms    28 ms    28 ms  2001:4860:0:1::cb
  8    29 ms    28 ms    28 ms  2a00:1450:8007::69

Trace complete.

C:\>

From Switch looking glass... ping breaks on my router

Code: [Select]
Router: swiCE2.switch.ch
Command: trace 2001:470:9da5::2

Type escape sequence to abort.
Tracing the route to orion.optix.rs (2001:470:9DA5::2)

  1 swiCE3-10GE-1-4.switch.ch (2001:620:0:C03D::2) 0 msec 0 msec 0 msec
  2 20gigabitethernet1-3.core1.ams1.ipv6.he.net (2001:7F8:1::A500:6939:1) 20 msec 16 msec 16 msec
  3 10gigabitethernet1-1.core1.fra1.ipv6.he.net (2001:470:0:47::2) 20 msec 20 msec 24 msec
  4 gige-gbge0.tserv6.fra1.ipv6.he.net (2001:470:0:69::2) 24 msec 20 msec 20 msec
  5  *  *  *
  6 orion.optix.rs (2001:470:9DA5::2) 50 msec 52 msec 46 msec

Logged

snarked

  • Hero Member
  • *****
  • Posts: 773
Re: Tunnel working, but no connectivity from the router
« Reply #3 on: July 04, 2010, 03:23:10 PM »

RE Reply #1 - Aside:  In fact, if one has a SINGLE LAN, there's no reason to request a /48.  Just use the "routed /64."
Logged

optix

  • Newbie
  • *
  • Posts: 4
Re: Tunnel working, but no connectivity from the router
« Reply #4 on: July 04, 2010, 04:07:35 PM »

Guys, I agree with you 100% :) However, this is just a temporary (test) config, there are several vlans on that router and each one will eventually have it's /64, but that's a different subject.

I'm just curious as to why there's no connectivity from the router itself... I have one 2800 with almost identical config, but with an optical uplink... and no problems of this kind there.

Thanks for replying :)
Logged

jimb

  • Hero Member
  • *****
  • Posts: 805
  • ^^^ Warped picture
Re: Tunnel working, but no connectivity from the router
« Reply #5 on: July 04, 2010, 04:10:53 PM »

From what I can actually see of the config, it looks fine to me.  I can only guess some ACL, or a Cisco bug on that IOS.

I vaguely remember reading about such bugs, perhaps on here.  Esp when VLANs were involved.
Logged

optix

  • Newbie
  • *
  • Posts: 4
Re: Tunnel working, but no connectivity from the router
« Reply #6 on: July 11, 2010, 02:49:17 PM »

Wasn't working on advent. 15.0-1M, 15.0-1XA, 12.4-24T, 12.4-22T, but now finally works on 12.4-15T7, go figure... :)

Now to find out what other feature will not work on this Train release... :)
Logged