• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

Could not grab the file via IPv6 HTTP

Started by jan101, September 11, 2013, 10:48:13 AM

Previous topic - Next topic

jan101

Hello,

I am very excited about the IPv6 certification. But I am stuck at the Enthusiast level for several days now. I built a tunnel via tunnelbroker.net. It worked but HE.net could not grab my file. So I built the tunnel via gogo6 and I got the same issue. I have my domain name configured in dns.he.net and everything looks good. I can see my information for tech-issimo.com from whatsmydns.net and it is propagating properly.

PS C:\Windows\system32> nslookup
Default Server:  google-public-dns-a.google.com
Address:  2001:4860:4860::8888

> set q=aaaa
> tech-issimo.com
Server:  google-public-dns-a.google.com
Address:  2001:4860:4860::8888

Non-authoritative answer:
Name:    tech-issimo.com
Address:  2001:5c0:1000:b::2b1d


I can access http://tech-issimo.com/ktpbwvk7d0.txt from PC where I setup the webserver. Below is my route from my PC:
PS C:\Windows\system32> route print
===========================================================================
Interface List
21...02 50 f2 00 00 01 ......gogo6 Virtual Multi-Tunnel Adapter
10...00 24 e8 cc e9 9c ......Intel(R) 82567LM Gigabit Network Connection
11...00 21 6a 7c 9d 58 ......Intel(R) WiFi Link 5300 AGN
 1...........................Software Loopback Interface 1
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
         0.0.0.0          0.0.0.0     172.31.254.1   172.31.254.197    266
       127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
       127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
 127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
     169.254.0.0      255.255.0.0         On-link     169.254.44.56    276
   169.254.44.56  255.255.255.255         On-link     169.254.44.56    276
 169.254.255.255  255.255.255.255         On-link     169.254.44.56    276
    172.31.254.0    255.255.255.0         On-link    172.31.254.197    266
  172.31.254.197  255.255.255.255         On-link    172.31.254.197    266
  172.31.254.255  255.255.255.255         On-link    172.31.254.197    266
       224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
       224.0.0.0        240.0.0.0         On-link    172.31.254.197    266
       224.0.0.0        240.0.0.0         On-link     169.254.44.56    276
 255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
 255.255.255.255  255.255.255.255         On-link    172.31.254.197    266
 255.255.255.255  255.255.255.255         On-link     169.254.44.56    276
===========================================================================
Persistent Routes:
 Network Address          Netmask  Gateway Address  Metric
         0.0.0.0          0.0.0.0     172.31.254.1  Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination      Gateway
21    276 ::/0                     On-link
 1    306 ::1/128                  On-link
21    276 2001:5c0:1000:b::/64     On-link
21    276 2001:5c0:1000:b::2b1c/128
                                   On-link
21    276 2001:5c0:1000:b::2b1d/128
                                   On-link
10    266 fe80::/64                On-link
21    276 fe80::/64                On-link
10    266 fe80::8c02:897b:321e:a348/128
                                   On-link
21    276 fe80::f038:4bab:79b9:2c38/128
                                   On-link
 1    306 ff00::/8                 On-link
10    266 ff00::/8                 On-link
21    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
If Metric Network Destination      Gateway
 0 4294967295 ::/0                     2001:470:1f10:abc::1
 0 4294967295 ::/0                     2001:470:7:b61::1
===========================================================================

cholzhauer

My answer is still the same as http://www.tunnelbroker.net/forums/index.php?topic=2979.msg17562#msg17562

I'm 95% sure it's a firewall issue, either on your server or on your "main" firewall

jan101

I got the nslookup below. Does it mean that 8.8.8.8 could not find my tech.issimo.com?

PS C:\Windows\system32> nslookup
Default Server:  google-public-dns-a.google.com
Address:  2001:4860:4860::8888

> set q=aaaa
> tech-issimo 8.8.8.8
Server:  [8.8.8.8]
Address:  8.8.8.8

*** 8.8.8.8 can't find tech-issimo: Non-existent domain
> tech-issimo.com 8.8.8.8
Server:  [8.8.8.8]
Address:  8.8.8.8

Non-authoritative answer:
Name:    tech-issimo.com
Address:  2001:5c0:1000:b::2b1d

cholzhauer

DNS isn't your issue


$ host tech-issimo.com
tech-issimo.com has IPv6 address 2001:5c0:1000:b::2b1d


Google may not know about it, but I'm pretty sure HE isn't using them anyway

You need to look at your firewall.

jan101

I opened port 80 on my firewall and HE cannot still access my file.

cholzhauer


broquea

broquea@ipvsixme:~$ host tech-issimo.com
tech-issimo.com has IPv6 address 2001:5c0:1000:b::2b1d
broquea@ipvsixme:~$ ping tech-issimo.com
ping: unknown host tech-issimo.com
broquea@ipvsixme:~$ ping6 tech-issimo.com
PING tech-issimo.com(jan.broker.freenet6.net) 56 data bytes
From ix-5-0-1.6bb1.MTT-Montreal.ipv6.as6453.net icmp_seq=1 Time exceeded: Hop limit
From ix-5-0-1.6bb1.MTT-Montreal.ipv6.as6453.net icmp_seq=2 Time exceeded: Hop limit
From ix-5-0-1.6bb1.MTT-Montreal.ipv6.as6453.net icmp_seq=3 Time exceeded: Hop limit
From ix-5-0-1.6bb1.MTT-Montreal.ipv6.as6453.net icmp_seq=4 Time exceeded: Hop limit
From ix-5-0-1.6bb1.MTT-Montreal.ipv6.as6453.net icmp_seq=5 Time exceeded: Hop limit
^C
--- tech-issimo.com ping statistics ---
5 packets transmitted, 0 received, +5 errors, 100% packet loss, time 4004ms

jan101

Let me understand this. DNS resolved tech-issimo.com with an IPv6 address. So when you ping tech-issimo.com, you are pinging the IPv6 address. It is actually go to gogo6 server first to get encapsulated in ipv4, then to my PC. Correct?

Can you ping 2001:05c0:1000:000b::2b1c, my remote end-point?

We don't think we block icmp. Can you ping 75.151.254.137? That is the public IP address that I NAT to,

cholzhauer

#8
Quote
Can you ping 2001:05c0:1000:000b::2b1c, my remote end-point?


$ ping6 2001:05c0:1000:000b::2b1c
PING6(56=40+8+8 bytes) 2001:470:c27d:18::11 --> 2001:5c0:1000:b::2b1c
^C
--- 2001:05c0:1000:000b::2b1c ping6 statistics ---
19 packets transmitted, 0 packets received, 100.0% packet loss


Quote
So when you ping tech-issimo.com, you are pinging the IPv6 address


ping6 tech-issimo.com
PING6(56=40+8+8 bytes) 2001:470:c27d:18::11 --> 2001:5c0:1000:b::2b1d
^C
--- tech-issimo.com ping6 statistics ---
4 packets transmitted, 0 packets received, 100.0% packet loss


Those addresses don't match...are you sure you have DNS configured correctly?

Quote
It is actually go to gogo6 server first to get encapsulated in ipv4, then to my PC. Correct?

Correct...once it hits the tunnel interface of your server, the IPv4 packets are stripped off and the IPv6 packets are forwarded to their destination.

Quote
We don't think we block icmp. Can you ping 75.151.254.137? That is the public IP address that I NAT to,


$ ping 75.151.254.137
PING 75.151.254.137 (75.151.254.137): 56 data bytes
64 bytes from 75.151.254.137: icmp_seq=0 ttl=243 time=51.074 ms
64 bytes from 75.151.254.137: icmp_seq=1 ttl=243 time=50.213 ms
64 bytes from 75.151.254.137: icmp_seq=2 ttl=243 time=50.286 ms
^C
--- 75.151.254.137 ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 50.213/50.524/51.074/0.390 ms

jan101

2001:5c0:1000:b::2b1c is the ipv6 address for gogo6 server
2001:5c0:1000:b::2b1d is my local ipv6 address assigned to me by gogo6. This is also what I use for my webserver.

But you cannot even ping gogo6 server. Not sure what is going on?

cholzhauer


jan101

I did try to move to HE tunnel from my house and it did not work because the ISP public IP address is not pingable. I will try to setup the HE tunnel again once I get back to the office.