• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

Loss of connectivity 6in4 tunnel

Started by garrigan, December 28, 2021, 04:44:29 PM

Previous topic - Next topic

garrigan

Tunnel ID: 445249

I noticed the loss of IPv6 connectivity near 6:00 pm ET (GMT - 5) 28 December 2021

When I attempt to ping 209.51.161.14 I am not receiving replies.  I did the same from my work computer in Brooklyn and I am not receiving replies to pings for 209.51.161.14.

Thank you

Jim Garrigan
garrigan@hotmail.com

lexort

I'm seeing this too, from two tunnels in Massachusetts.   I am not getting pings back from 209.51.161.14 which until recently has been reliable for years, from VZ FiOS, or from a VPS at panix.

From logs of when an MQTT sender was connected, the trouble started at 0838 EST on December 13, but then it as ok until December 20th, bad until late afternoon on 25th, and then today it was out 1453 to 1529 EST before failing at 1808 EST.

The tunnel status page now shows tserv4.nyc4 as down.

Greg


ziddey

Same. tserv4.nyc4 seems to be having issues since last week. Switched over to Ashburn, VA for the time being. Latency is very good (~8ms to brooklyn), but throughput suffers a bit.

adamjannetta

I am seeing issues as well.  I emailed ipv6@he.net which generated a ticket.

How are you switching tunnels in the meantime? Wouldn't you get completely different address space?

ziddey

Quote from: adamjannetta on December 28, 2021, 09:50:02 PM
I am seeing issues as well.  I emailed ipv6@he.net which generated a ticket.

How are you switching tunnels in the meantime? Wouldn't you get completely different address space?
Yeah different. But the switch was surprisingly painless-- I use dnsmasq and have dhcp-hosts with only host-identifiers, so clients are still assigned dhcpv6 addresses appropriately. I also have it as the auth-server/auth-zone for my domain, so everything switched over smoothly (with rdns heh). Only pain point is host-records / static assignments, but those are very few.

lexort

It just started working, and the tunnel status shows up.

jrcovert

I was told that the nyc4 server was under a denial of service attack, and it took a while to mitigate the problem.

rhansen

Tunnel to NYC still doesn't work for me. https://www.tunnelbroker.net/status.php shows that the NYC tunnel server is up, and I can ping its IPv4 address, but I get no IPv6 return traffic. (When I ping the IPv6 server-side address, tcpdump shows outgoing 6in4 packets with the correct addresses but nothing comes back.)

I tried deleting my NYC tunnel and adding a tunnel to Ashburn, VA, US. That works, so I don't think the problem is on my side.

cholzhauer

Quote from: jrcovert on December 29, 2021, 12:58:31 PM
I was told that the nyc4 server was under a denial of service attack, and it took a while to mitigate the problem.

Did they say when it started? I had some real bad performance last week, so bad that I had to turn off my tunnel.

Shango1980

Quote from: rhansen on December 29, 2021, 02:07:56 PM
I can ping its IPv4 address, but I get no IPv6 return traffic. (When I ping the IPv6 server-side address, tcpdump shows outgoing 6in4 packets with the correct addresses but nothing comes back.)

I'm seeing the exact same thing with a tunnel into Chicago (tserv9.chi), I've got IPv4 pings to and from the public endpoint, but all traffic over my gif interface appears to go silently into the night.

Interestingly, I created a separate tunnel to a Fremont endpoint (tserv29.fmt1) and that also exhibits the same behavior on my local connection.  However, if I move the tunnel client to a system running in the San Jose area it works fine...  I opened support with my local ISP, but they assert there were no local changes and the traffic should be passing.

rhansen

Quote from: Shango1980 on December 30, 2021, 07:28:03 PM
Quote from: rhansen on December 29, 2021, 02:07:56 PM
I can ping its IPv4 address, but I get no IPv6 return traffic. (When I ping the IPv6 server-side address, tcpdump shows outgoing 6in4 packets with the correct addresses but nothing comes back.)

I'm seeing the exact same thing with a tunnel into Chicago (tserv9.chi), I've got IPv4 pings to and from the public endpoint, but all traffic over my gif interface appears to go silently into the night.

I sent an email to ipv6@he.net and they fixed it for me. It turns out the tunnel server had gone out of sync with my configured tunnels, probably when I was messing around with the tunnel config while the NYC server was down.