• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Main Menu

Unable to access my sites

Started by bgage, June 16, 2015, 06:17:07 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

bgage

June 16, 2015, 06:17:07 AM
I use Incapsula to protect my websites, and they just recently started to support IPv6.  https://www.incapsula.com/blog/ipv6-support-and-ipv6-gateway.html

The strange part is I am unable to access my sites over HE's Tunnel.   I use a Cisco 1841 router with tunnel configuration.  I am able to access any other IPv6 site that I know about without problem.  I pass tests such as: http://test-ipv6.com/    To test in more detail I have created a Windows 7 VM that only has IPv6 support (it does use an internal ipv6 DNS server that resolves to open DNS's IPv4 servers).  And all sites load without any issues.   Google, IPv6 test sites, php.net, yahoo, etc. all load just fine with IE, and Firefox.  Except for my websites over Incapsula.   

When I use my cell phone as a hotspot, (and get an IPv6 address from Verizon) my Incapsula sites seem to load just fine.  It seems to me that Incapsula is blocking HE's IPv6 addresses.

Can any of you that have IPv6 using HE test one of my sites?   http://engageingod.com/  (please verify it's loading over IPv6 and not 4)

Any recommendations are welcome.   If I have posted this on the wrong board please let me know where it should be posted.  Thanks



kriteknetworks

#1
June 16, 2015, 07:14:11 AM
Does this incapsula use cogent?

broquea

#2
June 16, 2015, 08:06:45 AM Last Edit: June 16, 2015, 08:08:50 AM by broquea
from native HE:

Code Select
~$ mtr engageingod.com -r
Start: Tue Jun 16 08:06:10 2015
HOST: ipvsixme                    Loss%   Snt   Last   Avg  Best  Wrst StDev
  1.|-- 2001:470:1:9::1            0.0%    10   10.8   4.4   0.6  11.8   4.4
  2.|-- 10ge7-3.core3.fmt2.he.net  0.0%    10   12.7   3.1   0.5  13.2   5.2
  3.|-- 10ge9-11.core1.lax1.he.ne  0.0%    10   39.1  29.7   9.9  44.2  12.5
  4.|-- 100ge11-1.core1.lax2.he.n  0.0%    10    8.7  22.7   8.7  82.2  29.4
  5.|-- 10ge16-3.core1.phx2.he.ne  0.0%    10   19.1  21.9  18.8  26.9   2.8
  6.|-- 10ge15-3.core1.dal1.he.ne  0.0%    10   38.9  45.3  38.9  69.9  12.4
  7.|-- 10ge1-3.core1.mia1.he.net  0.0%    10   72.0  73.0  72.0  77.6   1.9
  8.|-- 2001:418:0:5000::853       0.0%    10   77.3  78.7  77.2  91.2   4.4
  9.|-- 2a02:e980:17::37           0.0%    10   77.2  77.3  77.2  77.4   0.0


Curl has no issue fetching the site:

Code Select
~$ curl -v6 engageingod.com
* Rebuilt URL to: engageingod.com/
* Hostname was NOT found in DNS cache
*   Trying 2a02:e980:17::37...
* Connected to engageingod.com (2a02:e980:17::37) port 80 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.35.0
> Host: engageingod.com
> Accept: */*
>
< HTTP/1.1 200 OK
< Etag: "bbd-4fbadd63bcd40"
< Last-Modified: Fri, 13 Jun 2014 01:45:49 GMT
< Content-Type: text/html
< Content-Length: 2959
< Date: Tue, 16 Jun 2015 15:08:11 GMT
< Set-Cookie: visid_incap_126960=fkSNK0aMQeSPxXzWnaBKTNs7gFUAAAAAQUIPAAAAAAAN/VMEk2tfXXsX+0GxorqJ; expires=Wed, 14 Jun 2017 15:51:52 GMT; path=/; Domain=.engageingod.com
< Set-Cookie: incap_ses_223_126960=K0bjW0hsmlCSoKghDkIYA9s7gFUAAAAADddFMv13k7dxUVTVvPZKFQ==; path=/; Domain=.engageingod.com
< X-Iinfo: 9-18810642-0 0CNN RT(1434467291325 0) q(0 -1 -1 -1) r(0 -1)
< X-CDN: Incapsula

bgage

#3
June 16, 2015, 07:01:12 PM
I now try it and it loads.   Grrrr... I like the idea of testing with curl.  So I tried on my ubunto box, and tried another one of my sites.  This is what I get:
Code Select

$ curl -v6 www.gagedigital.com
* Rebuilt URL to: www.gagedigital.com/
* Hostname was NOT found in DNS cache
*   Trying 2a02:e980:12::b5...
* Connected to www.gagedigital.com (2a02:e980:12::b5) port 80 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.35.0
> Host: www.gagedigital.com
> Accept: */*
>

(stops at this point, I have to press Ctrl-C to get out)


Does it load for you?   Thanks!


Code Select

$ mtr  www.gagedigital.com -r
Start: Tue Jun 16 20:53:24 2015
HOST: ****************     Loss%   Snt   Last   Avg  Best  Wrst StDev
  1.|-- 2001:470:****:****::1      0.0%    10    1.9   2.1   1.7   3.4   0.3
  2.|-- bgage-1.tunnel.tserv9.chi  0.0%    10   39.8  41.4  39.6  46.2   2.0
  3.|-- ge3-4.core1.chi1.he.net    0.0%    10   39.8  41.5  35.8  46.5   4.3
  4.|-- xe-0.equinix.chcgil09.us. 10.0%    10   37.1  38.0  34.8  44.3   2.8
  5.|-- 2001:418:0:5000::735       0.0%    10   61.3  61.8  57.8  67.3   2.9
  6.|-- 2a02:e980:12::b5           0.0%    10   44.7  37.0  34.6  44.7   2.8

broquea

#4
June 16, 2015, 11:18:53 PM
Your first site loaded fine over ipv6 in a browser.

Your second one appears to be timing out. MTR tests cleanly, however udp traceroute6 and also tracepath6 fail to reach the destination.

bgage

#5
June 17, 2015, 04:06:43 AM
Thanks broguea for your testing, just want to verify you are seeing the problem on your side with gagedigital.com also then?  The page is not loading correct?

what do you think could be causing the issue?

The First tests below are with HE IPv6 Addresses:    Notice the page does not load and tracepath6 and traceroute6 do not finish.
Code Select
$ curl -v6 www.gagedigital.com
* Rebuilt URL to: www.gagedigital.com/
* Hostname was NOT found in DNS cache
*   Trying 2a02:e980:12::b5...
* Connected to www.gagedigital.com (2a02:e980:12::b5) port 80 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.35.0
> Host: www.gagedigital.com
> Accept: */*
>
^C
$ traceroute6  www.gagedigital.com
traceroute to xqzsl.x.incapdns.net (2a02:e980:12::b5) from 2001:470:****:****:c11b:4137:63a0:3aae, 30 hops max, 24 byte packets
1  2001:470:****:****::1 (2001:470:****:****::1)  2.3 ms  2.063 ms  1.923 ms
2  bgage-1.tunnel.tserv9.chi1.ipv6.he.net (2001:470:1f10:1d4::1)  45.556 ms  40.623 ms  43.162 ms
3  ge3-4.core1.chi1.he.net (2001:470:0:6e::1)  43.005 ms  48.418 ms  36.567 ms
4  xe-0.equinix.chcgil09.us.bb.gin.ntt.net (2001:504:0:4::2914:1)  38.583 ms  43.103 ms  34.108 ms
5  * * *
6  * * *
7  * * *
8  * * *
9  * * *
10  * * *
11  * *^C
$ tracepath6 www.gagedigital.com
1?: [LOCALHOST]                        0.035ms pmtu 1500
1:  2001:470:****:****::1                                 3.751ms
1:  2001:470:****:****::1                                 4.068ms
2:  2001:470:****:****::1                                 3.696ms pmtu 1480
2:  bgage-1.tunnel.tserv9.chi1.ipv6.he.net               42.684ms
3:  ge3-4.core1.chi1.he.net                              49.973ms
4:  xe-0.equinix.chcgil09.us.bb.gin.ntt.net              39.583ms
5:  no reply
6:  no reply
7:  no reply
^C


But once I use Verizon IPv6 addresses the page loads and but traceroute6 and tracepath6 still fail.
Code Select
$ curl -v6 www.gagedigital.com
* Rebuilt URL to: www.gagedigital.com/
* Hostname was NOT found in DNS cache
*   Trying 2a02:e980:11::b5...
* Connected to www.gagedigital.com (2a02:e980:11::b5) port 80 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.35.0
> Host: www.gagedigital.com
> Accept: */*
>
< HTTP/1.1 200 OK
< Date: Wed, 17 Jun 2015 10:54:31 GMT
* Server Apache is not blacklisted
< Server: Apache
< Expires: Thu, 19 Nov 1981 08:52:00 GMT
< Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
< Pragma: no-cache
< Set-Cookie: SessionID=bbc793e558151e79872f; path=/
< Content-Type: text/html; charset=UTF-8
< Set-Cookie: visid_incap_126956=/ph7woXWTdW2UiM2BMgMKeZRgVUAAAAAQUIPAAAAAAAJWokjeWA24rRMsVtwhwUI; expires=Thu, 15 Jun 2017 14:34:50 GMT; path=/; Domain=.gagedigital.com
< Set-Cookie: incap_ses_210_126956=A16WBKsuhx6BKcUqWBfqAuZRgVUAAAAAePYrMZ+/qxEEjqkP3TDqHg==; path=/; Domain=.gagedigital.com
< Set-Cookie: ___utmvmsOulMkc=PmygysdDgoy; path=/; Max-Age=900
< Set-Cookie: ___utmvasOulMkc=tDVVTim; path=/; Max-Age=900
< Set-Cookie: ___utmvbsOulMkc=DZf
<     XbfOZale: Ctz; path=/; Max-Age=900
< X-Iinfo: 5-25838203-25838205 NNNN CT(41 -1 0) RT(1434538470419 16) q(0 0 0 0) r(2 2)
< X-CDN: Incapsula
< Transfer-Encoding: chunked
<
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
(site loads correctly)


*$ traceroute6  www.gagedigital.com
traceroute to xqzsl.x.incapdns.net (2a02:e980:11::b5) from 2600:100a:b129:a447:c11b:4137:63a0:3aae, 30 hops max, 24 byte packets
1  2600:100a:b129:a447:0:26:80cb:101 (2600:100a:b129:a447:0:26:80cb:101)  7.003 ms  3.296 ms  3.1 ms
2  2600:100a:b129:a447:0:26:80cb:140 (2600:100a:b129:a447:0:26:80cb:140)  74.766 ms  63.675 ms  59.816 ms
3  * * *
4  2001:4888:3c:2010:325:2a1:0:1 (2001:4888:3c:2010:325:2a1:0:1)  174.751 ms  100.074 ms  61.85 ms
5  2001:4888:3c:200e:325:25:: (2001:4888:3c:200e:325:25::)  70.785 ms  80.594 ms  64.133 ms
6  2001:4888:3c:2000:325:2a1:: (2001:4888:3c:2000:325:2a1::)  67.765 ms  61.9 ms  68.215 ms
7  2001:4888:3c:2005:325:1:: (2001:4888:3c:2005:325:1::)  81.175 ms  68.454 ms  67.027 ms
8  2001:4888:3c:2005:325:1:: (2001:4888:3c:2005:325:1::)  63.975 ms  64.366 ms  66.968 ms
9  2001:4888:3c:1001:325:24:: (2001:4888:3c:1001:325:24::)  68.952 ms  68.94 ms  58.807 ms
10  2600:806:41f::5 (2600:806:41f::5)  62.01 ms  64.729 ms  72.056 ms
11  0.lo0.BR1.IAD8.ALTER.NET (2600:803::17)  98.862 ms  86.53 ms  88.806 ms
12  * * ae-10.r06.asbnva02.us.bb.gin.ntt.net (2001:418:0:4000::49)  222.519 ms
13  ae-3.r22.asbnva02.us.bb.gin.ntt.net (2001:418:0:2000::3bd)  96.54 ms  83.819 ms  79.949 ms
14  ae-4.r20.dllstx09.us.bb.gin.ntt.net (2001:418:0:2000::11)  95.11 ms  97.944 ms  96.773 ms
15  ae-1.r01.dllstx04.us.bb.gin.ntt.net (2001:418:0:2000::da)  110.121 ms  109.87 ms  110.09 ms
16  * * *
17  * * *
18  *^C
$ tracepath6 www.gagedigital.com
1?: [LOCALHOST]                        0.032ms pmtu 1500
1:  2600:100a:b129:a447:0:26:80cb:101                     5.842ms
1:  2600:100a:b129:a447:0:26:80cb:101                     3.300ms
2:  2600:100a:b129:a447:0:26:80cb:101                     5.580ms pmtu 1428
2:  2600:100a:b129:a447:0:26:80cb:140                   354.936ms
3:  no reply
4:  2001:4888:3c:2010:325:2a1:0:1                       202.419ms asymm  3
5:  2001:4888:3c:200e:325:25::                           91.888ms
6:  2001:4888:3c:2000:325:2a1::                          77.152ms asymm  5
7:  2001:4888:3c:2005:325:1::                            98.384ms asymm  6
8:  2001:4888:3c:2005:325:1::                            92.621ms asymm 10
9:  2001:4888:3c:1001:325:24::                           77.507ms asymm  8
10:  2600:806:41f::5                                      88.196ms
11:  0.lo0.BR1.IAD8.ALTER.NET                            114.961ms asymm 10
12:  ae-10.r06.asbnva02.us.bb.gin.ntt.net                171.984ms asymm 11
13:  ae-3.r22.asbnva02.us.bb.gin.ntt.net                 114.087ms asymm 12
14:  ae-4.r20.dllstx09.us.bb.gin.ntt.net                 132.303ms asymm 12
15:  ae-1.r01.dllstx04.us.bb.gin.ntt.net                 137.672ms asymm 12
16:  no reply
17:  no reply
18:  no reply
19:  no reply
20:  no reply
21:  no reply
22:  no reply
23:  no reply
24:  no reply
25:  no reply
Print
Go Up Pages1
User actions