Hurricane Electric's IPv6 Tunnel Broker Forums

Advanced search  

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Author Topic: Configuring for a newbie  (Read 5296 times)

jamescoyle1

  • Newbie
  • *
  • Posts: 7
Configuring for a newbie
« on: January 22, 2014, 06:33:21 PM »

Okay, so I got my tunnel configured and all the tests say I'm ready to go..BUT since I really don't know what I'm doing yet I want to be sure I've got everything configured correctly. Attached at the pertinent screen shots. My biggest question is whether the Network System Preference has to be manually configured in a way similar to the manual configuration on the Airport. I'd be grateful for any help with this. Thanks.
Logged

cholzhauer

  • Hero Member
  • *****
  • Posts: 2706
Re: Configuring for a newbie
« Reply #1 on: January 22, 2014, 06:35:38 PM »

Whatever you did looks right
Logged

jamescoyle1

  • Newbie
  • *
  • Posts: 7
Re: Configuring for a newbie
« Reply #2 on: January 22, 2014, 06:40:00 PM »

Thanks!
Logged

broquea

  • Sr. Network Engineer, HE.NET AS6939
  • Administrator
  • Hero Member
  • *****
  • Posts: 1722
Re: Configuring for a newbie
« Reply #3 on: January 22, 2014, 06:42:29 PM »

Usually the IPv6 lan address should end with ::1 not :: but otherwise looks like a sane config. Also, no native on your comcast connection? Do their recursors allow non-comcast IPv6 address space to access them?
Logged

jamescoyle1

  • Newbie
  • *
  • Posts: 7
Re: Configuring for a newbie
« Reply #4 on: January 22, 2014, 07:43:37 PM »

I really don't know enough to provide an intelligent answer. I think the missing digit was because I didn't know what to enter...  Also, I'm ostensibly trying to use Open DNS for my iPv4 access...perhaps that's why things may look a little strange to you...thanks for the input.
Logged

kasperd

  • Founder, Netiter ApS
  • Hero Member
  • *****
  • Posts: 952
Re: Configuring for a newbie
« Reply #5 on: January 22, 2014, 11:48:20 PM »

I'm ostensibly trying to use Open DNS for my iPv4 access...
Given their history of injecting their own IP address into DNS replies, where they should not have done so, I suggest using another provider. I'd much rather use DNS servers provided by HE or Google.
Logged

jamescoyle1

  • Newbie
  • *
  • Posts: 7
Re: Configuring for a newbie
« Reply #6 on: January 23, 2014, 12:41:23 AM »

Pardon my ignorance, by why is that a bad thing?
Logged

kasperd

  • Founder, Netiter ApS
  • Hero Member
  • *****
  • Posts: 952
Re: Configuring for a newbie
« Reply #7 on: January 23, 2014, 02:29:54 AM »

Pardon my ignorance, by why is that a bad thing?
If you try to resolve a domain name, which does have an A (or AAAA) record, and they inject their own IP address instead of the correct one, that means your traffic will be sent through the OpenDNS server, instead of directly to the correct server.

That means a slower connection, and OpenDNS will be able to log and/or modify the traffic. And one would guess they do either log or modify the traffic, as otherwise there wouldn't be any point in them injecting their own IP address in the first place.

When they inject their own IP address on a nonexisting domain (or an existing domain with no such record in the first place), they can break applications, which rely on getting a correct response. For example when using domain names, which are not fully qualified, there are multiple possible variations of the name to resolve. The order in which they are resolved depends on a few different factors, but the exact order is not important in order to see the problem. When an application is resolving the possible variations one by one, until it finds the one, which does exist, you can get broken behaviour by a DNS server inserting fake responses on queries for non-existing names.
Logged

jamescoyle1

  • Newbie
  • *
  • Posts: 7
Re: Configuring for a newbie
« Reply #8 on: January 23, 2014, 05:03:39 PM »

Thanks. You made it clear for me.  I've switched to the Comcast entries.
Logged

jamescoyle1

  • Newbie
  • *
  • Posts: 7
Re: Configuring for a newbie
« Reply #9 on: January 23, 2014, 05:07:52 PM »

Usually the IPv6 lan address should end with ::1 not :: but otherwise looks like a sane config. Also, no native on your comcast connection? Do their recursors allow non-comcast IPv6 address space to access them?

The Airport config example says "Routed \64 connection without \64 suffix" - Hence I left the "64" off at the end. Please correct me if I'm in error.

Thanks.
Logged

jamescoyle1

  • Newbie
  • *
  • Posts: 7
Re: Configuring for a newbie
« Reply #10 on: January 24, 2014, 06:47:16 PM »

Still wondering what I should be entering for DNS.  Currently, I'm trying to use Comcast's which is I think 2001:558:feed:1 & 2.  Their web site shows FEED rather than "feed,' - I don't know whether that's case sensitive or not. Should I instead be using the DNS settings suggested here?

I've noticed that since configuring everything that Safari is considerably slower (although I haven't really noticed it as much in Chrome and Firefox).

Logged

kasperd

  • Founder, Netiter ApS
  • Hero Member
  • *****
  • Posts: 952
Re: Configuring for a newbie
« Reply #11 on: January 25, 2014, 05:47:35 AM »

Currently, I'm trying to use Comcast's which is I think 2001:558:feed:1 & 2.  Their web site shows FEED rather than "feed,' - I don't know whether that's case sensitive or not.
It is not case sensitive. However the address you wrote is not syntactically correct. Perhaps you forgot a : somewhere. It looks like 2001:558:feed::1 is a DNS resolver, but it does not accept requests from HE IPv6 addresses, so if you try to use that through your tunnel, don't expect it to work.

Instead I recommend trying this list of anycast DNS resolvers:
  • 2001:470:20::2
  • 2001:4860:4860::8844
  • 2001:4860:4860::8888
The first is from HE the other two are from Google.
Logged