I've been working my way through getting a tunnel set up and doing the certification stages, but I'm having trouble getting through to ipv6.he.net in a browser, although I can get through to ipv6.google.com without problem. A request to ipv6.he.net just times out, although I can ping the site OK. Any suggestions on what I'm doing wrong would be gratefully accepted.
First, my configuration - the tunnel endpoint is a Ubuntu 10.04 box NAT'd behind a Billion 7404 with an ADSL connection. The Billion has the firewall and I've allowed protocol 41 through it and forwarded all that traffic to my box. No firewall errors are visible. Looking at wireshark dumps from a connection to google and one to to HE, it appears that ipv6.he.net just doesn't reply, whereas ipv6.google.com does.
iface eth0 inet static
address 192.168.7.46
netmask 255.255.255.0
network 192.168.7.0
broadcast 192.168.7.255
gateway 192.168.7.254
iface eth0 inet6 static
address 2001:470:1f05:1179::1
netmask 64
auto he-ipv6
iface he-ipv6 inet6 v4tunnel
address 2001:470:1f04:1179::2
netmask 64
endpoint 72.52.104.74
local 192.168.7.46
gateway 2001:470:1f04:1179::1
ttl 255
The interface addressing is setup as follows:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 100
link/ether 00:1c:c0:4a:ca:67 brd ff:ff:ff:ff:ff:ff
inet 192.168.7.46/24 brd 192.168.7.255 scope global eth0
inet6 2001:470:1f05:1179::1/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::21c:c0ff:fe4a:ca67/64 scope link
valid_lft forever preferred_lft forever
3: sit0: <NOARP> mtu 1480 qdisc noop state DOWN
link/sit 0.0.0.0 brd 0.0.0.0
4: he-ipv6: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1480 qdisc noqueue state UNKNOWN
link/sit 192.168.7.46 peer 72.52.104.74
inet6 2001:470:1f04:1179::2/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::c0a8:72e/128 scope link
valid_lft forever preferred_lft forever
The routing tables are as follows:
root@# ip route
192.168.7.0/24 dev eth0 proto kernel scope link src 192.168.7.46
default via 192.168.7.254 dev eth0 metric 100
# ip -6 route
2001:470:1f04:1179::/64 via :: dev he-ipv6 proto kernel metric 256 mtu 1480 advmss 1420 hoplimit 0
2001:470:1f05:1179::/64 dev eth0 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 0
fe80::/64 dev eth0 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 0
fe80::/64 via :: dev he-ipv6 proto kernel metric 256 mtu 1480 advmss 1420 hoplimit 0
default dev he-ipv6 metric 1024 mtu 1480 advmss 1420 hoplimit 0