HE Tunnel broke with Ubuntu 17.02 upgrade

[KNBu5ZMdbR]

I upgraded my Ubuntu 16.10 server to 17.02 and now it won't route IPv6.   Does anyone know if there's a setting that I should tweak to get things going again?

The server has been running and regularly upgraded for several years.  It's configured per the Debian/Ubuntu sample configuration in the Tunnel Details page.  I'm also running with just ACCEPT in ip6tables, no rules to discard packets.

When I ping the Server IPv6 Address (from the Tunnel Details page) I get
> icmp_seq=1 Destination unreachable: Address unreachable

I can ping the Client (local) IPv6 Address and also hosts local to my network.   For some reason, packets don't seem to be leaving my server over the tunnel.

The routing table ("route -n -6") looks good and

> net.ipv6.conf.all.forwarding=1

is set in /etc/sysctl.conf.

Any ideas?

[cholzhauer]

What if you temporarily turned off IPTables?

[KNBu5ZMdbR]

I think it's no longer a service and can't be stopped.  Here are the settings I have:


$ sudo ip6tables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

[KNBu5ZMdbR]

Ok.   I figured it out.  The Example Configurations page says:

> NOTE: When behind a firewall appliance that passes protocol 41, use the IPv4 address you get from your appliance's DHCP
> service instead of the IPv4 endpoint you provided to our broker.

when I removed the "local" line entirely, ifup'd and ifdown'd the interface and started radvd, things worked again.

Phew.  I'm crazy about IPv6 and use it all over the place, even my printer is addressed by ipv6.  So I'm lost without it.