• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

Pings beyond tunnel endpoint go out, doesn't come back (Stockholm)

Started by leifnel, May 23, 2018, 02:39:58 AM

Previous topic - Next topic

leifnel

I suddenly discovered my 4G provider stopped using CGNAT, so I set up a tunnel to stockholm.

I'm running on pfSense, I have currently no deny rules, and have setup everything to allow (Naturally will change that later ;-) )

I can ping the server endpoint (IPv4+IPv6) from inside, so the tunnel appears to be up, however I can not ping any further.

With tcpdump on the GIF interface, I can see pfsense xxx:2 pinging the server xxx:1 and the reply coming back
If I ping anything else (or try anything else, like http or ssh) I see packets from pfsense xxx:2 to the destination, but nothing coming back

If I traceroute from outside to client (xxx:2), last jump is  tserv1.sto1.he.net, 2001:470:0:11e::2, then  no reply from next hop.
If I traceroute from outside to server (xxx:1), I get there. (I have a VPS in France)

To me it seems like a routing problem at sto1.he.net, but what do I know?

leifnel

I changed tunnel to Berlin, and it worked right out of the box.

So something seemed tohave gone wrong in Stockholm, and Berlin seems to be nearer anyway.