• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

How to test for ISP dropping Protocol 41 traffic?

Started by wrtpoona, January 25, 2019, 12:37:42 AM

Previous topic - Next topic

wrtpoona

I moved to a new location and my he.net tunnel receives no data (OpenWRT current).
There's just a single ISP serving this neighborhood and it is not my old ISP on which he.net worked fine.

OpenWRT he.net config:
config interface 'wan6'
option proto '6in4'
option peeraddr '209.51.161.14'
option ip6prefix '2001:470:8c1f::/48'
option tunnelid '***748'
option username '*******'
option password '********'
option mtu '1424'
option ip6addr '2001:470:1f06:8df::2'
option defaultroute '1'


iptables rules are in place to allow Proto 41:
root@apu:~# iptables-save | grep 41
-A INPUT -p ipv6 -m comment --comment Allow-Protocol-41 -j ACCEPT
-A OUTPUT -p ipv6 -m comment --comment Allow-Protocol-41 -j ACCEPT
-A zone_wan_input -s 209.51.161.14/32 -p ipv6 -m comment --comment "!fw3: Allow-Protocol-41" -j ACCEPT

root@apu:~# ip tunnel show
sit0: ipv6/ip remote any local any ttl 64 nopmtudisc 6rd-prefix 2002::/16
6in4-wan6: ipv6/ip remote 209.51.161.14 local ***.***.208.191 ttl 64 6rd-prefix 2002::/16


The log shows the link as up, but only a few packets are sent, but zero are received:
Fri Jan 25 13:52:03 2019 daemon.notice netifd: Interface 'wan6' is setting up now
Fri Jan 25 13:52:03 2019 daemon.notice netifd: Interface 'wan6' is now up
Fri Jan 25 13:52:03 2019 daemon.notice netifd: tunnel '6in4-wan6' link is up
Fri Jan 25 13:52:03 2019 user.notice firewall: Reloading firewall due to ifup of wan6 (6in4-wan6)


I've tried changing MTU to 1480 and 1280, no cigar.
How would I test if this new ISP is silently dropping Protocol 41?

cholzhauer

You'd have to run something like Wireshark to see what's going on.

Have you tried it without the firewall?

kriteknetworks