Hurricane Electric's IPv6 Tunnel Broker Forums

Advanced search  

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Author Topic: Suddenly Sucks - strange!  (Read 7333 times)

ezconcept

  • Newbie
  • *
  • Posts: 16
Suddenly Sucks - strange!
« on: October 15, 2010, 09:57:51 PM »

Code: [Select]
# ifconfig
eth0      Link encap:Ethernet  HWaddr 70:71:bc:50:4b:f2
          inet addr:74.122.160.34  Bcast:74.122.160.47  Mask:255.255.255.248
          inet6 addr: fe80::7271:bcff:fe50:4bf2/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:584 errors:0 dropped:0 overruns:0 frame:0
          TX packets:566 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:79191 (77.3 KiB)  TX bytes:50549 (49.3 KiB)
          Interrupt:219 Base address:0xc000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:48 errors:0 dropped:0 overruns:0 frame:0
          TX packets:48 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:2968 (2.8 KiB)  TX bytes:2968 (2.8 KiB)

# ifconfig sit0 up
# ifconfig sit0 inet6 tunnel ::209.51.181.2
# ifconfig sit1 up
# ifconfig sit1 inet6 add 2001:470:1f10:780::2/64
# route -A inet6 add ::/0 dev sit1
# ifconfig
eth0      Link encap:Ethernet  HWaddr 70:71:bc:50:4b:f2
          inet addr:74.122.160.34  Bcast:74.122.160.47  Mask:255.255.255.248
          inet6 addr: fe80::7271:bcff:fe50:4bf2/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:613 errors:0 dropped:0 overruns:0 frame:0
          TX packets:597 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:82275 (80.3 KiB)  TX bytes:55939 (54.6 KiB)
          Interrupt:219 Base address:0xc000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:48 errors:0 dropped:0 overruns:0 frame:0
          TX packets:48 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:2968 (2.8 KiB)  TX bytes:2968 (2.8 KiB)

sit0      Link encap:IPv6-in-IPv4
          inet6 addr: ::74.122.160.34/96 Scope:Compat
          inet6 addr: ::127.0.0.1/96 Scope:Unknown
          UP RUNNING NOARP  MTU:1480  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

sit1      Link encap:IPv6-in-IPv4
          inet6 addr: 2001:470:1f10:780::2/64 Scope:Global
          inet6 addr: fe80::4a7a:a022/64 Scope:Link
          UP POINTOPOINT RUNNING NOARP  MTU:1480  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

# ping6 ipv6.google.com
PING ipv6.google.com(yx-in-x68.1e100.net) 56 data bytes
^C
--- ipv6.google.com ping statistics ---
26 packets transmitted, 0 received, 100% packet loss, time 25012ms

Somehow it suddenly sucks this week - which worked last week! It no longer able to access IPv6 sites or vice versa.
I did nothing and it suddenly sucked.

Thanks for your help  ;D
Logged

allen4names

  • Newbie
  • *
  • Posts: 48
Re: Suddenly Sucks - strange!
« Reply #1 on: October 16, 2010, 10:05:06 AM »

Try editing your resolv.conf file. Type this if you have the 'gedit' package installed.
Code: [Select]
sudo gedit /etc/resolv.confThen you can add the following line.
Code: [Select]
nameserver 2001:470:20::2Please check to see if Network-Manager edits this file. You may want to edit /etc/rc.local as well.
Logged

broquea

  • Sr. Network Engineer, HE.NET AS6939
  • Administrator
  • Hero Member
  • *****
  • Posts: 1736
Re: Suddenly Sucks - strange!
« Reply #2 on: October 16, 2010, 10:22:40 AM »

Can ping your IPv4 endpoint just fine but cannot ping your side of the tunnel. If you are using iptables, make sure Protocol 41 is let through. Our side is configured correctly for that IPv4 endpoint.
Logged

allen4names

  • Newbie
  • *
  • Posts: 48
Re: Suddenly Sucks - strange!
« Reply #3 on: October 16, 2010, 12:14:47 PM »

Try pinging the 'turtle'.
Code: [Select]
ping6 -c 6 www.kame.net
PING www.kame.net(2001:200:dff:fff1:216:3eff:feb1:44d7) 56 data bytes
64 bytes from 2001:200:dff:fff1:216:3eff:feb1:44d7: icmp_seq=1 ttl=55 time=214 ms
64 bytes from 2001:200:dff:fff1:216:3eff:feb1:44d7: icmp_seq=2 ttl=55 time=214 ms
64 bytes from 2001:200:dff:fff1:216:3eff:feb1:44d7: icmp_seq=3 ttl=55 time=214 ms
64 bytes from 2001:200:dff:fff1:216:3eff:feb1:44d7: icmp_seq=4 ttl=55 time=215 ms
64 bytes from 2001:200:dff:fff1:216:3eff:feb1:44d7: icmp_seq=5 ttl=55 time=214 ms
64 bytes from 2001:200:dff:fff1:216:3eff:feb1:44d7: icmp_seq=6 ttl=55 time=213 ms

--- www.kame.net ping statistics ---
6 packets transmitted, 6 received, 0% packet loss, time 5021ms
rtt min/avg/max/mdev = 213.819/214.475/215.575/0.805 ms
Google's IPv6 site may have been down.
Logged

cholzhauer

  • Hero Member
  • *****
  • Posts: 2736
Re: Suddenly Sucks - strange!
« Reply #4 on: October 16, 2010, 06:17:16 PM »

I've never seen ipv6.google.com down, but he does bring up a good point...have you tried another site?

Something had to of happened to make the tunnel stop working...have you tried a reboot?
« Last Edit: October 16, 2010, 07:38:52 PM by cholzhauer »
Logged

ezconcept

  • Newbie
  • *
  • Posts: 16
Re: Suddenly Sucks - strange!
« Reply #5 on: October 16, 2010, 10:41:41 PM »

Can ping your IPv4 endpoint just fine but cannot ping your side of the tunnel. If you are using iptables, make sure Protocol 41 is let through. Our side is configured correctly for that IPv4 endpoint.

Oh - I get it. I just forgot to enable that "port" is allowed to pass through my APF. However, how? I've googled with keyword ["Protocol 41" apf] but I get no useful websites.
Logged

allen4names

  • Newbie
  • *
  • Posts: 48
Re: Suddenly Sucks - strange!
« Reply #6 on: October 16, 2010, 11:16:37 PM »

Logged

ezconcept

  • Newbie
  • *
  • Posts: 16
Re: Suddenly Sucks - strange!
« Reply #7 on: October 17, 2010, 12:09:12 AM »

A list of IP protocol numbers may be of use.
But - how to allow it to pass through with APF?
Logged

cholzhauer

  • Hero Member
  • *****
  • Posts: 2736
Re: Suddenly Sucks - strange!
« Reply #8 on: October 17, 2010, 06:26:19 AM »

Why don't you google something like  "allow protocol 41 apf" or "forward protocol 41 apf"
Logged

ezconcept

  • Newbie
  • *
  • Posts: 16
Re: Suddenly Sucks - strange!
« Reply #9 on: October 17, 2010, 08:45:18 AM »

Why don't you google something like  "allow protocol 41 apf" or "forward protocol 41 apf"
What I get is :
Code: [Select]
$IPT -A FORWARD -p 47 -d xx.yy.zz.aa -j ACCEPT
$IPT -A FORWARD -p 47 -s xx.yy.zz.aa -j ACCEPT
$IPT -I INPUT -p 47 -j ACCEPT

Well.. none of them works
Logged

broquea

  • Sr. Network Engineer, HE.NET AS6939
  • Administrator
  • Hero Member
  • *****
  • Posts: 1736
Re: Suddenly Sucks - strange!
« Reply #10 on: October 17, 2010, 08:55:08 AM »

47 != 41

47 is GRE, not 6in4
Logged

ezconcept

  • Newbie
  • *
  • Posts: 16
Re: Suddenly Sucks - strange!
« Reply #11 on: October 17, 2010, 09:54:43 PM »

47 != 41

47 is GRE, not 6in4
Oh.. messed up two ports  >:(
Logged

broquea

  • Sr. Network Engineer, HE.NET AS6939
  • Administrator
  • Hero Member
  • *****
  • Posts: 1736
Re: Suddenly Sucks - strange!
« Reply #12 on: October 17, 2010, 10:52:39 PM »

protocols, not ports. a lot of people tend to assume that protocol 41 uses tcp/udp port 41, but it really doesn't. Make sure your filters are set for the right protocol, and should help.
« Last Edit: October 17, 2010, 10:59:49 PM by broquea »
Logged

ezconcept

  • Newbie
  • *
  • Posts: 16
Re: Suddenly Sucks - strange!
« Reply #13 on: October 18, 2010, 02:34:42 AM »

protocols, not ports. a lot of people tend to assume that protocol 41 uses tcp/udp port 41, but it really doesn't. Make sure your filters are set for the right protocol, and should help.
Another mistake  >:(

Thanks for your help anyway  ;D

</thread>
« Last Edit: October 18, 2010, 02:42:22 AM by ezconcept »
Logged