• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

he-ipv6: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1480 qdisc noqueue state UNKNOWN

Started by ceaser, August 13, 2012, 02:11:51 PM

Previous topic - Next topic


I have a router with NAT turned on. I can SSH to my box remotely, but can't get the he-ipv6 virtual device to come up. I'm working off the info it gives under example configurations the Linux-route 2. I had this setup and working in the past on a VPS, but now am on my home box. It sounds like a common problem people have. How do I fix this?


when you set up the tunnel, did you substitute the nat address?

Take some packet dumps and see if your firewall is passing  protocol 41 traffic


Yes, he.net won't let you set up a tunnel unless they can ping your router. I had to have my correct outside IP which is protected by the NAT. I just would need to know which port to open up to the he.net server That's what I don't know.

(broquea made a video on how to open up your router for protocol 41, but it's listed as "private" on youtube and I can't watch it from the post. I bet this video shows what I need to do.)


I did? Only private videos I have are one about my old commute via motorcycle, and the other is the really old tunnelbroker.net tour from 2008, which was no longer relevant with some webUI changes that were made over the years (multiple tunnels, /48s, etc). If your router does not give you the ability to configure allowed protocols (basically nothing off-the-shelf typically does) then you either try and put your host in the DMZ, or get an off-the-shelf router that is known to pass Protocol 41 to hosts behind it.


I slapped together a video presentation on setting up a Linux tunnel behind a firewall that passes Protocol41:


Full resolution version here: http://broquea.corp.he.net/videos/tutorial.ogv  (Ogg/Vorbis/Theor0a, used recordMyDesktop under Linux)

^^^ is what i was talking about broquea, that video

I have a Cisco AE4500 which is just a decent N900 consumer router. I don't know if this router "passes protocol 41." :(

- and - according to a screenshot of the E4200 Cisco/Linksys this router really sucks. I do not like the interface on it at all. Work gave it to me for free.

(E4200 has a much nicer interface)

thought this screen shot might help but i still am not getting it to work: http://www.tunnelbroker.net/forums/index.php?topic=1850.0


Yeah, that "firewall" was already passing Protocol 41. No configuration made by me or was needed. Also the URL is invalid because I don't work at HE.NET anymore, so no more corp.he.net web account.