• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

Double-check IPv6to4 settings, please?

Started by Keiro, September 28, 2010, 01:29:41 PM

Previous topic - Next topic

Keiro

Hi, everyone.

With Broquea's help, I think it is from the e-mail... :p I've been working on getting the tunnel to work.

The config of the server:
OS: CentOS 5.5 with cPanel installed.
iptables: yes

I did the following:

Quoteifconfig sit0 up
ifconfig sit0 inet6 tunnel ::66.220.18.42
ifconfig sit1 up
ifconfig sit1 inet6 add 2001:470:c:67f::2/64
route -A inet6 add ::/0 dev sit1

then with Broquea's help, I did the following:


iptables -A INPUT -p 41 -i eth0 -j ACCEPT

iptables -A INPUT -p 41 -i sit0 -j ACCEPT

iptables -A INPUT -p 41 -i sit1 -j ACCEPT

So here's the following ifconfig output:

Quoteroot@serv [~]# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:1C:C0:F2:26:A6
          inet addr:69.61.68.10  Bcast:69.61.68.15  Mask:255.255.255.248
          inet6 addr: fe80::21c:c0ff:fef2:26a6/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:21826620 errors:0 dropped:0 overruns:0 frame:0
          TX packets:29327296 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:5360738967 (4.9 GiB)  TX bytes:31752490950 (29.5 GiB)
          Memory:d0700000-d0720000

eth0:1    Link encap:Ethernet  HWaddr 00:1C:C0:F2:26:A6
          inet addr:69.61.68.11  Bcast:69.61.68.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Memory:d0700000-d0720000

eth0:2    Link encap:Ethernet  HWaddr 00:1C:C0:F2:26:A6
          inet addr:69.61.68.12  Bcast:69.61.68.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Memory:d0700000-d0720000

eth0:3    Link encap:Ethernet  HWaddr 00:1C:C0:F2:26:A6
          inet addr:69.61.68.13  Bcast:69.61.68.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Memory:d0700000-d0720000

eth0:4    Link encap:Ethernet  HWaddr 00:1C:C0:F2:26:A6
          inet addr:69.61.68.14  Bcast:69.61.68.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Memory:d0700000-d0720000

eth0:5    Link encap:Ethernet  HWaddr 00:1C:C0:F2:26:A6
          inet addr:69.61.68.34  Bcast:69.61.68.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Memory:d0700000-d0720000

eth0:6    Link encap:Ethernet  HWaddr 00:1C:C0:F2:26:A6
          inet addr:69.61.68.35  Bcast:69.61.68.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Memory:d0700000-d0720000

eth0:7    Link encap:Ethernet  HWaddr 00:1C:C0:F2:26:A6
          inet addr:69.61.68.36  Bcast:69.61.68.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Memory:d0700000-d0720000

eth0:8    Link encap:Ethernet  HWaddr 00:1C:C0:F2:26:A6
          inet addr:69.61.68.37  Bcast:69.61.68.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Memory:d0700000-d0720000

eth0:9    Link encap:Ethernet  HWaddr 00:1C:C0:F2:26:A6
          inet addr:69.61.68.38  Bcast:69.61.68.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Memory:d0700000-d0720000

eth0:10   Link encap:Ethernet  HWaddr 00:1C:C0:F2:26:A6
          inet addr:69.61.68.39  Bcast:69.61.68.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Memory:d0700000-d0720000

eth0:11   Link encap:Ethernet  HWaddr 00:1C:C0:F2:26:A6
          inet addr:69.61.68.40  Bcast:69.61.68.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Memory:d0700000-d0720000

eth0:12   Link encap:Ethernet  HWaddr 00:1C:C0:F2:26:A6
          inet addr:69.61.68.41  Bcast:69.61.68.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Memory:d0700000-d0720000

eth0:13   Link encap:Ethernet  HWaddr 00:1C:C0:F2:26:A6
          inet addr:69.61.68.42  Bcast:69.61.68.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Memory:d0700000-d0720000

eth0:14   Link encap:Ethernet  HWaddr 00:1C:C0:F2:26:A6
          inet addr:69.61.68.43  Bcast:69.61.68.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Memory:d0700000-d0720000

eth0:15   Link encap:Ethernet  HWaddr 00:1C:C0:F2:26:A6
          inet addr:69.61.68.44  Bcast:69.61.68.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Memory:d0700000-d0720000

eth0:16   Link encap:Ethernet  HWaddr 00:1C:C0:F2:26:A6
          inet addr:69.61.68.45  Bcast:69.61.68.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Memory:d0700000-d0720000

eth0:17   Link encap:Ethernet  HWaddr 00:1C:C0:F2:26:A6
          inet addr:69.61.68.46  Bcast:69.61.68.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Memory:d0700000-d0720000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:1961182 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1961182 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:206697510 (197.1 MiB)  TX bytes:206697510 (197.1 MiB)

sit0      Link encap:IPv6-in-IPv4
          inet6 addr: ::69.61.68.45/96 Scope:Compat
          inet6 addr: ::69.61.68.44/96 Scope:Compat
          inet6 addr: ::69.61.68.14/96 Scope:Compat
          inet6 addr: ::69.61.68.13/96 Scope:Compat
          inet6 addr: ::69.61.68.46/96 Scope:Compat
          inet6 addr: ::69.61.68.12/96 Scope:Compat
          inet6 addr: ::69.61.68.41/96 Scope:Compat
          inet6 addr: ::69.61.68.11/96 Scope:Compat
          inet6 addr: ::69.61.68.40/96 Scope:Compat
          inet6 addr: ::69.61.68.10/96 Scope:Compat
          inet6 addr: ::69.61.68.43/96 Scope:Compat
          inet6 addr: ::69.61.68.42/96 Scope:Compat
          inet6 addr: ::69.61.68.37/96 Scope:Compat
          inet6 addr: ::69.61.68.36/96 Scope:Compat
          inet6 addr: ::127.0.0.1/96 Scope:Unknown
          inet6 addr: ::69.61.68.39/96 Scope:Compat
          inet6 addr: ::69.61.68.38/96 Scope:Compat
          inet6 addr: ::69.61.68.35/96 Scope:Compat
          inet6 addr: ::69.61.68.34/96 Scope:Compat
          UP RUNNING NOARP  MTU:1480  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

sit1      Link encap:IPv6-in-IPv4
          inet6 addr: fe80::453d:442d/64 Scope:Link
          inet6 addr: fe80::453d:442c/64 Scope:Link
          inet6 addr: fe80::453d:440e/64 Scope:Link
          inet6 addr: 2001:470:c:67f::2/64 Scope:Global
          inet6 addr: fe80::453d:440d/64 Scope:Link
          inet6 addr: fe80::453d:442e/64 Scope:Link
          inet6 addr: fe80::453d:440c/64 Scope:Link
          inet6 addr: fe80::453d:4429/64 Scope:Link
          inet6 addr: fe80::453d:440b/64 Scope:Link
          inet6 addr: fe80::453d:4428/64 Scope:Link
          inet6 addr: fe80::453d:440a/64 Scope:Link
          inet6 addr: fe80::453d:442b/64 Scope:Link
          inet6 addr: fe80::453d:442a/64 Scope:Link
          inet6 addr: fe80::453d:4425/64 Scope:Link
          inet6 addr: fe80::453d:4424/64 Scope:Link
          inet6 addr: fe80::453d:4427/64 Scope:Link
          inet6 addr: fe80::453d:4426/64 Scope:Link
          inet6 addr: fe80::453d:4423/64 Scope:Link
          inet6 addr: fe80::453d:4422/64 Scope:Link
          UP POINTOPOINT RUNNING NOARP  MTU:1480  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:44 dropped:0 overruns:0 carrier:44
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

And I tried running tcpdump, but I was a little overwhelmed by the dump going by so fast because this server receives a LOT of traffic.

So I'll ask for others' eyes on this, as I need to ensure I'm getting this right, haha. If you guys need further info, please let me know. :)

cholzhauer


Keiro

Basically, I'm having trouble checking to see if the ipv6to4 tunnel is working.

I know a tcpdump would be the preferred option, but I'd like to confirm from the outside whether it actually works or not.

Basically, what I'm trying to do is to verify that the tunnel is in fact working and can receive/send ipv6 to 4 traffic.

cholzhauer

Gotcha

I tried pinging your side of the tunnel, but didn't work



mars# ping6 2001:470:c:67f::2
PING6(56=40+8+8 bytes) 2001:470:c27d:e000:20c:29ff:fe8a:1618 --> 2001:470:c:67f::2
^C
--- 2001:470:c:67f::2 ping6 statistics ---
4 packets transmitted, 0 packets received, 100.0% packet loss



I saw you're using IPTables (I'm not familiar with it, so forgive me for being dumb) but if you're not blocking ICMP, I can't get through

Keiro

#4
Yes, I'm using IPTables.

And yes, I'm blocking ICMP. Anyone that traceroutes to the server tends to get blocked, though I'm considering unblocking ICMP. I'm checking the firewall and making an edit to allow traceroutes.

Edit: Should be allowed now, I think.

cholzhauer

No, still doesn't work

We won't get into the IMCP blocking debate.

What service can we test if you're blocking ICMP?

snarked

Please note that HE tunnels are "6in4", not "6to4".  6to4 are assigned from 2002::/16.

Keiro

Quote from: cholzhauer on September 29, 2010, 05:01:04 AM
No, still doesn't work

We won't get into the IMCP blocking debate.

What service can we test if you're blocking ICMP?

You can test HTTPD, as I know for certain anyone can reach it... I know that one's reachable, heh. I'm not entirely sure yet, as I've been figuring out how all of this works, as this isn't like ipv4. As for the site, it'd be shatteredtears.com

Snarked: Ah, thanks for the correction.

I'll be contacting CSF/cPanel shortly for further help on ipv6in4.

cholzhauer


[carl@mars ~]$ host shatteredtears.com
shatteredtears.com has address 69.61.68.10
shatteredtears.com mail is handled by 0 mail6.zoneedit.com.
shatteredtears.com mail is handled by 0 mail7.zoneedit.com.


Nope, that site isn't IPv6 capable.


Keiro

Hm. Alright. I'll disable the server's IPTables for the moment and take it out of the equation and see what happens.

Thanks for helping me out so far!

cholzhauer

Quote
Hm. Alright. I'll disable the server's IPTables for the moment and take it out of the equation and see what happens.

That won't work for this.  You'll need to edit the DNS entry if you want the site to be associated with an IPv6 address

Keiro

Alright, I'm going to try assigning an IPv6 address to the site. >_>

I'm kinda fighting this one.

I assigned the IP: 2001:470:c:67f::2 to shatteredtears.com

but it doesn't seem to have taken, so I think it's something else at issue here. I'm going to contact my datacenter and see if they can help me out here, as they seem to have a working IPv6 setup on their VPS servers.

cholzhauer

ping works to that address



[carl@mars ~]$ ping6 2001:470:c:67f::2
PING6(56=40+8+8 bytes) 2001:470:c27d:e000:20c:29ff:fe8a:1618 --> 2001:470:c:67f::2
16 bytes from 2001:470:c:67f::2, icmp_seq=0 hlim=56 time=259.932 ms
16 bytes from 2001:470:c:67f::2, icmp_seq=1 hlim=56 time=254.006 ms
16 bytes from 2001:470:c:67f::2, icmp_seq=2 hlim=56 time=255.635 ms
^C
--- 2001:470:c:67f::2 ping6 statistics ---
4 packets transmitted, 3 packets received, 25.0% packet loss
round-trip min/avg/max/std-dev = 254.006/256.524/259.932/2.500 ms



But you're right, no DNS entry yet

Keiro

Score, something works! IT WORKS! hahahaha

Alright, working on it. I think this requires an AAAA?

cholzhauer