• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

Problems configuring Tunnel

Started by JDH1986JDH, September 24, 2017, 09:15:24 AM

Previous topic - Next topic

JDH1986JDH

Im using just Lan 1 by the way, the Lan 2 is not used at all!

JDH1986JDH


JDH1986JDH

#32
This is what i configured it to!

Edit: It tookt he last 2 zeros off so my address is now fcad:b526:adda:1010::1122

cholzhauer

Right place, wrong address.

The address has to start with 2001:470 to be an HE address.  You can get the range from your tunnel information page.

JDH1986JDH

#34
I tried 2001:470:1f10:301::128 but it failed to be detected!

Edit: I can't find anything about a supposed range except this address had 2/64 at the end of it, i thought that meant 128 bit

This is my settings page


cholzhauer

Your default gateway needs to be your tunnel address

Log into your account and click on your tunnel.  Look under 'routed ipv6 prefixes'

JDH1986JDH

I would have responded quicker but my Ethernet surge protector went nuclear and it took me an hour to figure that out!

JDH1986JDH

Unfortunately my entire computers networking capability went nuclear affter trying to set up the ipv6 and i tried over 20 separate commands to do various things, such as reset winsock and using netsh.

In the end i had to reformat my computer and start from scratch so i am giving up this cert for the time being, i think tryign to set this up caused my operating system to become corrupted somehow... Possibly within the winsock/TCPIP/Networking functions.

But i do appreciate your help and maybe someday i will give this another shot!

cholzhauer

Good luck.

For what it's worth, there is a command to reset  just the IPv6 stack

divad27182

Quote from: cholzhauer on September 25, 2017, 10:14:24 AM
You need to assign an IPv6 address to your LAN connection..you've only assigned one to your tunnel.

Make sure you use an address out of your routed /64, not the tunnel /64

Actually, it is perfectly valid to use the tunnel /64 address, as long as you use your end of it.  It may not be ideal, but it is valid, and if you don't want to setup another /64, then you do not need to.

Indeed, if you can get an IPv6 address out of http://checkip.dns.he.net/ (or any other IPv6 tester), that will do to identify your machine.

JDH1986JDH: You should be aware that later tests are that you have an IPv6 reachable email server, and that it has IPv6 DNS.

cholzhauer

You're right, but HE doesn't delegate dns for the tunnel /64, so you'd run into issues later

It's not worth the hassle, use the routed /64

divad27182

Actually, if you only intend to have one machine there, then the hassle is setting up the routed /64.

I've actually considered doing just this with my laptop.  I haven't, but I might.  Actually, I sort of wish that you could request no routed /64, and a tunnel /126.  Then I wouldn't feel I was wasting resources.

divad27182

#42
And the fact that they DON'T delegate, but DO have well setup DNS, means that JDH1986JDH could just use domain name
JDH1986JDH-1-pt.tunnel.tserv9.chi1.ipv6.he.net
for his server.  Admittedly, if he changes his configuration before completing certification, he might need to do the reset operation and start over.

edit: Not sure if that's his current address.  He later showed one for a different account.

snarked

Re - Reply #40:  True that there's no delegation, but there's the DNS interface at http://dns.he.net, and a tunnel user can get a free account and establish his routed reverse zone(s) there (either as primary or secondary).  In tracing a zone from the DNS root, the HE servers will always get queried at the /32 zone cut, so there's no reason why they shouldn't also have the final query response as well.   Works for me....  (Otherwise agreeing with reply #42).

Reply #41:  No reason not to ignore the routed /64 and simply use the tunnel endpoint /64 for your single device.  The routed /64 is only used for additional devices existing beyond the endpoint.  However, that's probably not going to change HE's design of handing out a /64 routed via every tunnel and every tunnel consuming a full /64 as well.  I agree it may be wasteful in some circumstances.

kcochran

The /64s come out of /48s specifically designated for their purpose for each tunnel server; one for the link-net /64s, one for the routed /64s.  They're effectively allocated anyway, so you may as well use it.