Hurricane Electric's IPv6 Tunnel Broker Forums

Please login or register.

Login with username, password and session length
Advanced search  

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Author Topic: HE Tunnel broke with Ubuntu 17.02 upgrade  (Read 93 times)

KNBu5ZMdbR

  • Newbie
  • *
  • Posts: 14
    • View Profile
HE Tunnel broke with Ubuntu 17.02 upgrade
« on: April 19, 2017, 08:34:57 PM »

I upgraded my Ubuntu 16.10 server to 17.02 and now it won't route IPv6.   Does anyone know if there's a setting that I should tweak to get things going again?

The server has been running and regularly upgraded for several years.  It's configured per the Debian/Ubuntu sample configuration in the Tunnel Details page.  I'm also running with just ACCEPT in ip6tables, no rules to discard packets.

When I ping the Server IPv6 Address (from the Tunnel Details page) I get
> icmp_seq=1 Destination unreachable: Address unreachable

I can ping the Client (local) IPv6 Address and also hosts local to my network.   For some reason, packets don't seem to be leaving my server over the tunnel.

The routing table ("route -n -6") looks good and

> net.ipv6.conf.all.forwarding=1

is set in /etc/sysctl.conf.

Any ideas?
Logged

cholzhauer

  • Hero Member
  • *****
  • Posts: 2549
    • View Profile
Re: HE Tunnel broke with Ubuntu 17.02 upgrade
« Reply #1 on: April 20, 2017, 05:40:53 AM »

What if you temporarily turned off IPTables?
Logged

KNBu5ZMdbR

  • Newbie
  • *
  • Posts: 14
    • View Profile
Re: HE Tunnel broke with Ubuntu 17.02 upgrade
« Reply #2 on: April 20, 2017, 09:05:43 AM »

I think it's no longer a service and can't be stopped.  Here are the settings I have:


$ sudo ip6tables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
Logged

KNBu5ZMdbR

  • Newbie
  • *
  • Posts: 14
    • View Profile
Re: HE Tunnel broke with Ubuntu 17.02 upgrade
« Reply #3 on: April 20, 2017, 03:24:12 PM »

Ok.   I figured it out.  The Example Configurations page says:

> NOTE: When behind a firewall appliance that passes protocol 41, use the IPv4 address you get from your appliance's DHCP
> service instead of the IPv4 endpoint you provided to our broker.

when I removed the "local" line entirely, ifup'd and ifdown'd the interface and started radvd, things worked again.

Phew.  I'm crazy about IPv6 and use it all over the place, even my printer is addressed by ipv6.  So I'm lost without it.
Logged