• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

Tunnel Not Working Asus Rt-AC87u

Started by wirespeed, June 14, 2017, 01:25:42 PM

Previous topic - Next topic

wirespeed

I've had this working in the past when I had a different ISP and everything went flawlessly. Unfortunately the last time I configured the tunnel was several years ago, so perhaps I'm forgetting something.

I recently updated to AT&T Fiber which resulted in a different external IPv4 address. I have configured the new external IPv4 address within the Tunnel Details page. AT&T fiber actually supports IPv6, but I've configured their router to essentially bridge to my Asus Router (DMZ+), and I've turned off the AT&T router's LAN IPv6 advertisement. I don't believe that's causing any issues.

I also have a L3 switch hanging off of the Asus LAN side with multiple /64s on VLANs. I can get anywhere in the internal network via IPv6, but for the sake of this discussion I will keep things as simple as possible.

I have:
Internet -> At&T Router -> Asus Router -> Clients

My tunnel details from HE are:
IPv6 Tunnel Endpoints
Server IPv4 Address:66.220.18.42
Server IPv6 Address:2001:470:c:10b2::1/64
Client IPv4 Address:107.216.140.202
Client IPv6 Address:2001:470:c:10b2::2/64
Routed IPv6 Prefixes
Routed /64:2001:470:d:10b2::/64
Routed /48:2001:470:f557::/48

Within my Asus Router, I have configured:
Connection Type: Tunnel 6in4
Server IPv4 address: 66.220.18.42
Client IPv6 Address: 2001:470:c:10b2::2
IPv6 Prefix Length: 64
Server IPv6 Address: 2001:470:c:10b2::1
Tunnel MTU: 0
Tunnel TTL: 255
LAN IPv6 Address: 2001:470:f557::1
LAN Prefix Length: 64
LAN IPv6 Prefix: 2001:470:f557::

Within the client (OS X), I have the link local and two IPv6 address from SLAAC (secured/temporary) both with the correct prefix: 2001:470:f557::<Interface Identifier>
From the client I can ping6, the Asus internal and external IPv6 addresses (2001:470:f557::1/2001:470:c:10b2::2), but I cannot ping the 'Server IPv6 address' (2001:470:c:10b2::1). I can also ping the Server IPv4 address (66.220.18.42) and traceroute to it. Obviously if I cannot ping6 the server IPv6 address, DNS and getting to the IPv6 Internet is meaningless.

I can log into the Asus router via SSH because it's running a modded DD-WRT. The interface addresses are showing correctly, and I can ping my eternal interface... I cannot ping6 the server IPv6 address (::1) from the Asus Router.

I've also configured DDNS for the Asus router. It's enabled, the server is set to www.tunnelbroker.net in the dropdown, the username is correct and the password is correct. I don't think this part of the configuration is related at this point, but it's configured and if I make a change to this and apply it (with the correct credentials), I get the message: Registration is successful.

At this point, I'm not sure what else to do. I was unable to find any Asus configuration guidelines that said to use anything else. I tried to give you guys as much information as possible. Any suggestions are appreciated!

Thanks.


cholzhauer

I stopped reading when I saw MTU= 0

I think you had better address that first.