• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

Trying to build my own tunnel endpoint... failing... help?

Started by johnstray2001, August 13, 2016, 07:36:48 AM

Previous topic - Next topic

johnstray2001

Hi everybody!

I am trying to create my own tunnel endpoint on a VPS in Australia (because there is no HE pops here, which makes for very high latency).

Unfortunately, I only have the one /64 available to my VPS to use: 2400:c400:626:3020:: /64

My VPS is running CentOS 7 minimal and has been configured with the following:


ip tunnel add sit1 mode sit ttl 255 remote 49.176.248.239 local 103.1.205.83
ip link set dev sit1 up
ip -6 addr add 2400:c400:626:3020::3/64 dev sit1 # There is a reason for choosing :3 explained later
ip -6 route add 2400:c400:626:3020::/64 dev sit1 metric 1


On the client side, I am using an ASUS DSL-AC68U VDSL modem/router. It has a configuration page specifically for tunnels (handy!). It has been configured as follows:

[b]Basic Config[/b]
Connection type: Tunnel 6in4
Server IPv4 Address: 103.1.205.83
Client IPv6 Address: 2400:c400:626:3020::2
IPv6 Prefix Length: 64
Server IPv6 Address: 2400:c400:626:3020::3
Tunnel MTU: 1480
Tunnel TTL: 255

[b]IPv6 Lan Setting[/b]
LAN IPv6 Address: 2400:c400:626:3020::1 # Can't modify this. Auto chosen from lan prefix
LAN Prefix Length: 64
LAN IPv6 Prefix: 2400:c400:626:3020::

[b]IPv6 DNS Setting[/b]
IPv6 DNS Server 1: 2001:4860:4860::8888
IPv6 DNS Server 2: 2001:4860:4860::8844
IPv6 DNS Server 3: ~blank~

[b]Auto Configuration Setting[/b]
Enable Router Advertisement: Enable


So far bidirectional communication has been established between the VPS and the Router. They can both ping each other.

Using the Routers built-in testing tools (ping, traceroute, nslookup) i tried to ping ipv6.google.com but did not receive any replies.

On the VPS, I ran tcpdump on sit1 and that showed the incoming traffic from the router, but nothing going back out to the router (except the ping to-from the vps).

I've eliminated the possibility of firewalls being in the way by disabling the on both ends.

I suspect that this is a routing issue on the VPS side.

Can someone point me in the right direction on how to solve this? I would be greatly appreciative.

Thanks in advance for your help.

johnstray2001


ajl0

This is what I'm using:

(on the server)

HOME_IP=`dig +short <my_dyndns_hostname>`
ip tunnel add tun-6in4 mode sit ttl 64 remote $HOME_IP local <vps wan ip>
ip link set tun-6in4 up mtu 1480
ip addr add 2606:df00:.../64 dev tun-6in4
/sbin/ip -6 route add 2606:df00:.../64 via 2606:df00:... dev tun-6in4

What VPS provider are you using? & is it a routed v6 prefix?