• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

Regular Tunnel not working..please Help.

Started by Mohamad_786, July 21, 2012, 03:16:37 AM

Previous topic - Next topic

Mohamad_786

Hello

I set up the regular tunnel, but i can't ping ipv6.google.com

I am using ubuntu 10.04. I have disable firewall on my modem/router. No iptables configured on my ubuntu pc.

root@ADMIN01:~# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:13:d4:08:41:ce  
         inet addr:192.168.1.11  Bcast:0.0.0.0  Mask:255.255.255.0
         inet6 addr: fe80::213:d4ff:fe08:41ce/64 Scope:Link
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:43132 errors:0 dropped:0 overruns:0 frame:0
         TX packets:40215 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000
         RX bytes:48309622 (48.3 MB)  TX bytes:4619000 (4.6 MB)
         Interrupt:17

eth1      Link encap:Ethernet  HWaddr 00:e0:7c:7a:15:1e  
         UP BROADCAST MULTICAST  MTU:1500  Metric:1
         RX packets:0 errors:0 dropped:0 overruns:0 frame:0
         TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000
         RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
         Interrupt:21 Base address:0xb800

he-ipv6   Link encap:IPv6-in-IPv4  
         inet6 addr: 2001:470:1f12:f24::2/64 Scope:Global
         inet6 addr: fe80::c0a8:10b/128 Scope:Link
         UP POINTOPOINT RUNNING NOARP  MTU:1280  Metric:1
         RX packets:0 errors:0 dropped:0 overruns:0 frame:0
         TX packets:3280 errors:463 dropped:0 overruns:0 carrier:463
         collisions:0 txqueuelen:0
         RX bytes:0 (0.0 B)  TX bytes:326120 (326.1 KB)

lo        Link encap:Local Loopback  
         inet addr:127.0.0.1  Mask:255.0.0.0
         inet6 addr: ::1/128 Scope:Host
         UP LOOPBACK RUNNING  MTU:16436  Metric:1
         RX packets:507 errors:0 dropped:0 overruns:0 frame:0
         TX packets:507 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:0
         RX bytes:65232 (65.2 KB)  TX bytes:65232 (65.2 KB)


root@ADMIN01:~# route -n6
Kernel IPv6 routing table
Destination                    Next Hop                   Flag Met Ref Use If
2001:470:1f12:f24::/64         ::                         Un   256 0     0 he-ipv6
fe80::/64                      ::                         U    256 0     0 eth0
fe80::/64                      ::                         Un   256 0     0 he-ipv6
::/0                           ::                         U    1024 0     0 he-ipv6
::/0                           ::                         !n   -1  1  4461 lo
::1/128                        ::                         Un   0   1     9 lo
2001:470:1f12:f24::/128        ::                         Un   0   1     0 lo
2001:470:1f12:f24::2/128       ::                         Un   0   1  1425 lo
fe80::/128                     ::                         Un   0   1     0 lo
fe80::c0a8:10b/128             ::                         Un   0   1     0 lo
fe80::213:d4ff:fe08:41ce/128   ::                         Un   0   1     0 lo
ff00::/8                       ::                         U    256 0     0 eth0
ff00::/8                       ::                         U    256 0     0 he-ipv6
::/0                           ::                         !n   -1  1  4461 lo

root@ADMIN01:~# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
0.0.0.0         192.168.1.1     0.0.0.0         UG    0      0        0 eth0

root@ADMIN01:~# ping6 -c4 ipv6.google.com
PING ipv6.google.com(2404:6800:800b::68) 56 data bytes

--- ipv6.google.com ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 3023ms

root@ADMIN01:~# tcpdump -n -i he-ipv6
tcpdump: WARNING: he-ipv6: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on he-ipv6, link-type RAW (Raw IP), capture size 96 bytes
14:10:13.799567 IP6 2001:470:1f12:f24::2 > 2404:6800:800b::68: ICMP6, echo request, seq 1, length 64
14:10:14.807121 IP6 2001:470:1f12:f24::2 > 2404:6800:800b::68: ICMP6, echo request, seq 2, length 64
14:10:15.815109 IP6 2001:470:1f12:f24::2 > 2404:6800:800b::68: ICMP6, echo request, seq 3, length 64
14:10:16.823095 IP6 2001:470:1f12:f24::2 > 2404:6800:800b::68: ICMP6, echo request, seq 4, length 64


root@ADMIN01:~# ping6 001:470:1f12:f24::2 -c 2
PING 001:470:1f12:f24::2(1:470:1f12:f24::2) 56 data bytes

--- 001:470:1f12:f24::2 ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 1007ms


Can someone plz help.

Thanks





cholzhauer


Mohamad_786

Hello

i thought i had to forward port 41 (tcp and udp). I have forward these ports on the router (its an orange-livebox)

Can u plz specify me which port i need to forward ?

Thanking you in advance.

BR
Mohamad


broquea

Protocol 41 isn't a tcp/udp port that you can forward. Your NAT appliance either forwards it or it doesn't.

Mohamad_786

Hello

It seems that i don't have any option apart from changing the router ?

Thanks



kasperd

Quote from: Mohamad_786 on July 21, 2012, 08:15:23 PMIt seems that i don't have any option apart from changing the router ?
There are other options. Ideally you should terminate the tunnel on the router itself instead of a host behind it. That way the tunnel doesn't have to go through any sort of NAT. However not all that many routers support that, and running the tunnel through NAT is not bad enough that I would replace the router just because of that.

On some routers running a single tunnel through the NAT just works out of the box as long as there is outgoing traffic frequently enough to avoid timing out the NAT entry. It sounds like your router is not one of those. On some routers you need to use a so-called DMZ feature. If your router has such a feature, then just enable that and type in the LAN IP of the tunnel endpoint.

Another option is to switch to a different tunnel protocol. That would require using a different provider, since tunnelbroker.net only supports 6in4. Supposedly SixXS can do it (if you are able to get through the bureaucracy required to register with them).

cholzhauer

You could also use a tunnel through go go 6

Mohamad_786

Thank you all.

i install teredo on ubuntu and its working fine

root@ADMIN01:~# ping6 ipv6.google.com -c 2
PING ipv6.google.com(2404:6800:800b::68) 56 data bytes
64 bytes from 2404:6800:800b::68: icmp_seq=1 ttl=57 time=321 ms
64 bytes from 2404:6800:800b::68: icmp_seq=2 ttl=57 time=313 ms



kasperd

Quote from: Mohamad_786 on July 24, 2012, 10:49:27 AMi install teredo on ubuntu and its working fine
Everything taken into account, I think Teredo is the least reliable way to get IPv6 connectivity. Teredo can work fine as long as you are communicating with native IPv6 networks that have gone through the effort of deploying their own Teredo relays and are carefully monitoring those relays to ensure proper operation. But as soon as you communicate with networks that do not pay lots of attention to the reliability of their Teredo relays, then it will not work well.

Teredo should be seen as a last resort if you absolutely need IPv6 connectivity and have no other options. Don't even think about running servers on Teredo addresses, you are better off making servers IPv4 only than dual stack with Teredo.

There are some cases where Teredo can be useful. I use it myself on my laptop when I am in locations where I cannot use a 6in4 tunnel. At home I have a 6in4 tunnel to HE, and additionally I have set up my own Teredo relay (using miredo) such that when my laptop needs to connect to my machines at home, it can get a reliable IPv6 connection even though it is using Teredo.