• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

Unable to access from a 2002: IP...

Started by avsuren, December 28, 2010, 02:43:18 PM

Previous topic - Next topic


Initially I set up an 2002: IPv6 network in my workplace and was able to access ipv6.google.com, ipv6.netflix.com, etc.,.

Recently, I got a 2001 IPv6 address from HE and configured one of the nodes with that address.  This node can also ping and traceroute ipv6.google.com and ipv6.netflix.com.  This node is NOT in the path or directly attached to the subnet with the 2002:: IPv6 address I had configured earlier.  I am UNABLE to successfully connect from the 2002: network nodes to this 2001: node.

I did a packet capture on the 2001 node and I notice the request and reply packets for the 2002 subnet, but they are not making it back to the 2002: network.  Any clues.   The 2002: network is configured to connect to as the 6to4 relay.

Thanks much


errr is this node behind your 6to4? Is it directly connected to inet, with a default route pointing to the remote HE tunnel endpoint?

Can provide information to work with?


Yeah a copy of your routing tables and a rough diagram would help



Thanks for offering to take a look.

I have setup a linux box with dual stack.  It runs radvd.  Its IPv6 address is 2002:xxxx:yyyy::1(Tunnel IP).  Its lan interface has the IPv6 address 2002:xxxx:yyyy:1::1 and it advertises the route 2002:xxxx:yyyy:1::
The nodes in the subnet are able to configure themselves with IPv6 address and hints the clients to use stateful DHCPv6 for other stateful info(DNS and default route).  All this is working fine and the clients are able to ping, traceroute and http to ipv6.google.com and ipv6.netflix.com.

On a node in the DMZ, I have configured the tunnel with the 2001 IPv6 I got from HE.  This node is also able to ping and traceroute to ipv6.netflix.com and ipv6.google.com.  When I try to access this node from one of the nodes from 2002, this node receives the request and replies back, but the 2002 node does not recieve it the reply packets.

Let me know if you need additional info.



Don't obfuscate, provide real information.

routing tables
ifconfig/ip output


Let me get you more config info/details.

In the meantime can some access http on my HE's IPv6 address 2001:470:1f06:8b0::2 and let me know if that works?



2001:470:1f06:8b0::2 gives me a webpage about telcordia -ar greenhouse


Thanks all for helping out.  Problem is kind of identified.

Attn cholzhauer : Yes, I wanted to enable that site for IPv6.

The issue is when I use IPv4 derived IPv6 address
and use as the 6to4 relay, I am UNABLE to reach the HE's IPv6 address, but ABLE to reach ipv6.google.com and ipv6.netflix.com
when I use HE's 6to4 relay, I am ABLE to reach my HE's IPv6 address, but UNABLE to reach ipv6.google.com and ipv6.netflix.com.

Does that mean I need to have multiple tunnels?   In any case, next I am going to experiment with multiple tunnels with appropriate routing table and see if I have a workaround.