• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

Tunnels talking to each other

Started by xan, December 30, 2008, 09:40:18 PM

Previous topic - Next topic

xan

I've got four tunnels, which generally work great.  Two are to home routers, which dole out addresses from the /64, and two are to servers.

They all can get to various IPv6 hosts (ipv6.google.com, www.kame.net) with no problem.  There are six possible connections between the four networks, and five of those connections work great.  But there's one pair of tunnels that can't talk with each other.

Ping fails.  TCP connections actually succeed, but only after waiting a loooong time.

Here's a trace from an autoconfigured machine on the 2001:470:1f0f:41e::/64 network to 2001:470:1f04:9dc::2:

traceroute to 2001:470:1f04:9dc::2 (2001:470:1f04:9dc::2), 30 hops max, 40 byte packets
1  2001:470:1f0f:41e::1 (2001:470:1f0f:41e::1)  0.823 ms  1.952 ms  2.453 ms
2  2001:470:1f0e:41e::1 (2001:470:1f0e:41e::1)  66.509 ms  70.611 ms  75.823 ms
gige-g2-14.core1.dal1.he.net (2001:470:0:78::1)  76.376 ms  76.520 ms  77.360 ms
10gigabitethernet1-2.core1.lax1.he.net (2001:470:0:3a::1)  109.156 ms  109.640 ms  110.471 ms
10gigabitethernet1-3.core1.pao1.he.net (2001:470:0:34::1)  117.231 ms  117.637 ms  128.805 ms
gige-g1-4.core1.fmt2.he.net (2001:470:0:30::1)  120.205 ms  119.935 ms  119.250 ms
1g-bge0.tserv3.fmt2.ipv6.he.net (2001:470:0:45::2)  119.886 ms  108.530 ms  113.776 ms
8  * * *
9  * * *
10  * * *
11  * * *

etc etc.

It fails on multiple machines on the 2001:470:1f0f:41e::/64 network, including a laptop that works on the other network.  Is there something I'm doing wrong on the router?  Thanks.


EDIT - Correction: I believe the TCP connection eventually works because it's giving up on IPv6 and uses IPv4.

piojan

Mayby routing is set unusualy on one of the machines.
On linux you could also use tcpdump to see the packets (icmp/pings).

traceroute to 2001:470:1f04:9dc::2 (2001:470:1f04:9dc::2) from 2001:470:1f0a:555::2, 30 hops max, 16 byte packets
1  piojan.tunnel.tserv6.fra1.ipv6.he.net (2001:470:1f0a:555::1)  40.616 ms  62.044 ms  42.475 ms
2  gige-g2-4.core1.fra1.he.net (2001:470:0:69::1)  40.076 ms  38.641 ms  38.211 ms
3  10gigabitethernet1-4.core1.ams1.he.net (2001:470:0:47::1)  45.991 ms  45.146 ms  48.077 ms
4  10gigabitethernet1-4.core1.lon1.he.net (2001:470:0:3f::1)  56.606 ms  69.582 ms  53.465 ms
5  10gigabitethernet2-3.core1.nyc4.he.net (2001:470:0:3e::1)  132.348 ms  122.665 ms  147.345 ms
6  10gigabitethernet3-1.core1.sjc2.he.net (2001:470:0:33::1)  202.463 ms  201.972 ms  201.818 ms
7  gige-g1-2.core1.fmt2.he.net (2001:470:0:31::1)  218.203 ms  217.286 ms  203.21 ms
8  1g-bge0.tserv3.fmt2.ipv6.he.net (2001:470:0:45::2)  206.112 ms  205.73 ms  204.395 ms
9  xan-2-pt.tunnel.tserv3.fmt2.ipv6.he.net (2001:470:1f04:9dc::2)  203.199 ms  204.047 ms  204.066 ms

$ traceroute6 2001:470:1f0f:41e::1
traceroute to 2001:470:1f0f:41e::1 (2001:470:1f0f:41e::1) from 2001:470:1f0a:555::2, 30 hops max, 16 byte packets
1  piojan.tunnel.tserv6.fra1.ipv6.he.net (2001:470:1f0a:555::1)  59.547 ms  42.831 ms  45.995 ms
2  gige-g2-4.core1.fra1.he.net (2001:470:0:69::1)  47.696 ms  47.525 ms  38.488 ms
3  10gigabitethernet1-4.core1.ams1.he.net (2001:470:0:47::1)  46.449 ms  50.519 ms  45.914 ms
4  10gigabitethernet1-4.core1.lon1.he.net (2001:470:0:3f::1)  72.409 ms  80.611 ms  54.833 ms
5  10gigabitethernet2-3.core1.nyc4.he.net (2001:470:0:3e::1)  122.449 ms  123.404 ms  123.934 ms
6  10gigabitethernet2-3.core1.ash1.he.net (2001:470:0:36::1)  129.149 ms  128.759 ms  128.877 ms
7  10gigabitethernet1-1.core1.dal1.he.net (2001:470:0:3b::1)  164.752 ms  163.938 ms  163.506 ms
8  1g-bge0.tserv8.dal1.ipv6.he.net (2001:470:0:78::2)  164.493 ms  171.376 ms  183.524 ms
9  2001:470:1f0f:41e::1 (2001:470:1f0f:41e::1)  229.076 ms  237.332 ms  232.594 ms

norcalttora

I had this problem as well and it turned out that routes were broken. I filed a support ticket and it was fixed a few minutes later. I was also told that one of my tunnels was on a really old tunnel server that dropping off causing this problem (it was the third time I had filed the ticket). I ended up moving to another tunnel server (delete tunnel, add new tunnel) and that is working.