Problems creating a tunnel under mac os x

[sweex]

First of all I must apologize I'm still in my learning curve both in using terminal commands and using the Hurricane tunnel.
I use these commands to create my tunnel :
ifconfig gif0 tunnel 87.XX.XX.XX 216.66.84.42
ifconfig gif0 inet6 2001:470:1f12:241::2 2001:470:1f12:241::1 prefixlen 128
route -n add -inet6 default 2001:470:1f12:241::1

So basic commands but then when I try to ping an ipv6 address like ipv6.google.com i get this:

ping6 ipv6.google.com
PING6(56=40+8+8 bytes) 2001:123:123b:1234::bad:cafe --> 2a00:1450:8002::63
Request timeout for icmp_seq=0
Request timeout for icmp_seq=1
Request timeout for icmp_seq=2
Request timeout for icmp_seq=3
Request timeout for icmp_seq=4
Request timeout for icmp_seq=5
Request timeout for icmp_seq=6
Request timeout for icmp_seq=7
Request timeout for icmp_seq=8
^C
--- ipv6.l.google.com ping6 statistics ---
10 packets transmitted, 0 packets received, 100.0% packet loss

The underlined ipv6 adress where I am pinging from is definitely not correct.
I think it might come from this site that I used trying to create a working script. But since it wasn't working I deleted it.
So if anybody could give me a clue about how to resolve this I would be thankful!

[cholzhauer]

Are you behind a NAT?  If so, you'll need to substitute that address for the public IP address in the first command.

Second, IIRC, Mac is based loosely off BSD...in BSD, the prefixlen in command #2 needs to be 64, not 128. 

In any event, you need to use the NAT address if you have a NAT.  If you don't, give my second idea a whirl and see it it works

[sweex]

if I try prefixlen 64 I get this error:

sh-3.2# ifconfig gif0 inet6 2001:470:1f12:241::2 2001:470:1f12:241::1 prefixlen 64
ifconfig: ioctl (SIOCAIFADDR): Invalid argument

So I do think it's 128 but my NAT adress is it the 192.168.1.XX? (192.168.1.1 beeing my routers ip address)
Thanks a lot for your help!

[cholzhauer]

Yep.  If your IP address is 192.168.1.something then you're behind a NAT.

You would need to substitute 192.168.1.something for the 87 address in the second line

[sweex]

So I need to give my router's IP to tunnelbroker as my IP address but type in my local IP in the terminal window?

edit:
I tried it but still get the same problem:
sh-3.2# ifconfig gif0 tunnel 192.168.1.16 216.66.84.42sh-3.2# ifconfig gif0 inet6 2001:470:1f12:241::2 2001:470:1f12:241::1 prefixlen 128
sh-3.2# route -n add -inet6 default 2001:470:1f12:241::1add net default: gateway 2001:470:1f12:241::1
sh-3.2# ping6 ipv6.google.comPING6(56=40+8+8 bytes) 2001:123:123b:1234::bad:cafe --> 2a00:1450:8006::93
Request timeout for icmp_seq=0
Request timeout for icmp_seq=1
Request timeout for icmp_seq=2
Request timeout for icmp_seq=3
Request timeout for icmp_seq=4

[cholzhauer]

Hmm Strange.

Have you seen this?

http://pugio.net/2009/01/enable-ipv6-on-mac-os-x-the-tu.html

Do you know if your router is able to pass protocol 41 traffic?

[sweex]

That was the link I was referring to. And I don't know, I guess but I know that I didn't allow incoming UPD traceroutes, so maybe if I enable that it will help.
But I already had a gogonet tunnel wich was working fine, until they blocked port 119 so...

[cholzhauer]

But gogo6 doesn't need protocol41.

To narrow this down, just allow everything to start.  If that works, you can start blocking things and testing to see what you do and don't need to have enabled

[lukec]

On your tunnel a prefix length of /128 won't work. That's equivalent to a "host" address - if you get an error using a /64 then try a /126 (p-t-p concept)
REgards
lukec

[sweex]

I am not at my home anymore, I'm using my campus network now so I can't change anything at the router settings, but to reply to lukec, I've tried both again:

sh-3.2# ifconfig gif0 inet6 2001:470:1f14:ea1::2 2001:470:1f14:ea1::1 prefixlen 64
ifconfig: ioctl (SIOCAIFADDR): Invalid argument
sh-3.2# ifconfig gif0 inet6 2001:470:1f14:ea1::2 2001:470:1f14:ea1::1 prefixlen 126
ifconfig: ioctl (SIOCAIFADDR): Invalid argument
sh-3.2# ifconfig gif0 inet6 2001:470:1f14:ea1::2 2001:470:1f14:ea1::1 prefixlen 128

and only the 128 doesn't give me an error, and why would tunnelbroker put it in the configuration example if it isn't correct?
And now when I try to ping I get this message:
sh-3.2# route -n add -inet6 default 2001:470:1f14:ea1::1
add net default: gateway 2001:470:1f14:ea1::1
sh-3.2# ping6 ipv6.google.com
PING6(56=40+8+8 bytes) 2001:470:1f14:ea1::2 --> 2a00:1450:8002::69
ping6: sendmsg: Can't assign requested address
ping6: wrote ipv6.l.google.com 16 chars, ret=-1
Request timeout for icmp_seq=0
ping6: sendmsg: Can't assign requested address
ping6: wrote ipv6.l.google.com 16 chars, ret=-1
Request timeout for icmp_seq=1
ping6: sendmsg: Can't assign requested address
ping6: wrote ipv6.l.google.com 16 chars, ret=-1
Request timeout for icmp_seq=2
ping6: sendmsg: Can't assign requested address
ping6: wrote ipv6.l.google.com 16 chars, ret=-1
Request timeout for icmp_seq=3
ping6: sendmsg: Can't assign requested address
ping6: wrote ipv6.l.google.com 16 chars, ret=-1
Request timeout for icmp_seq=4
ping6: sendmsg: Can't assign requested address
ping6: wrote ipv6.l.google.com 16 chars, ret=-1
Request timeout for icmp_seq=5
ping6: sendmsg: Can't assign requested address
ping6: wrote ipv6.l.google.com 16 chars, ret=-1
Request timeout for icmp_seq=6
ping6: sendmsg: Can't assign requested address
ping6: wrote ipv6.l.google.com 16 chars, ret=-1
^C
--- ipv6.l.google.com ping6 statistics ---
8 packets transmitted, 0 packets received, 100.0% packet loss

[Hipska]

I also have the same output messages from ping6 after running the ipv6script.

Someone found a solution to this?

[cholzhauer]

Did you confirm that your router is passing protocol 41?  Is your ISP blocking it somewhere?  If you're behind NAT, did you use that address to create the tunnel?