Change tunnel server?

dmackintosh · February 25, 2012, 04:17:18 PM

Folks,

I'd like to change my tunnel server from the one I've been using forever (Chicago) to one that is closer to me (Seattle). The Seattle tunnel server was not an option when I signed up years ago. Can I do this without having to change my tunnel addresses (the /128) and the routed network (/64)?

Thanks...
Doug

cholzhauer · February 25, 2012, 04:31:48 PM

No sir....changing tunnel servers requires you to get new address ranges

dmackintosh · February 25, 2012, 04:50:08 PM

That is what I figured. Thanks for the confirmation.

kasperd · February 26, 2012, 06:33:55 AM

Can somebody explain why HE does not support having both tunnels operational simultaneously for the duration of transitioning from one tunnel server to the other?

The way I would have done it is as follows:
1. Create a new tunnel on the other tunnel server
2. Add configuration of the new tunnel on my router
3. Update all AAAA records that may be pointing to the old range to point to the new range.
4. Deprecate the old prefix for all outgoing connections
5. Delete the old tunnel.

But the configuration interface won't permit having two tunnels using the same IPv4 address for the endpoints on the user side. I know of no technical reasons that would require such a restriction, in particular not when they are on different tunnel servers.

cholzhauer · February 26, 2012, 07:12:58 AM

I thought you could run two tunnels at once if you used BGP and had a host that supported it (A Cisco router or something)

kasperd · February 26, 2012, 08:21:30 AM

Quote from: cholzhauer on February 26, 2012, 07:12:58 AMI thought you could run two tunnels at once if you used BGP and had a host that supported it (A Cisco router or something)

I do have a host that supports running two tunnels. It is not a Cisco router, and it does not do BGP. Last time I tried, the reason I couldn't get the two tunnels to work from the same host was not lack on support on my end, rather it was that what appears to be an artificial restriction in the software on the HE end.

The webinterface refused to let me set my second tunnel up to use the same IP as the first one. I consider that to be an artificial limitation, as by the time the configurations reach the tunnel server, I don't expect either of the tunnel servers to know what tunnels exist on the other tunnel server. Thus a tunnel on one tunnel server using the same IP address as a tunnel on the other tunnel server shouldn't be a problem for the software on the HE end.

snarked · February 26, 2012, 09:27:06 AM

To do what you want requires two IPv4 addresses. I think HE did that so as to prevent overloading dynamically assigned IPv4s.

News:

Change tunnel server?

dmackintosh

cholzhauer

dmackintosh

kasperd

cholzhauer

kasperd

snarked