Hurricane Electric's IPv6 Tunnel Broker Forums

Advanced search  

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Author Topic: Tunnel down when no outgoing traffic for some time  (Read 3415 times)

iip

  • Newbie
  • *
  • Posts: 10
Tunnel down when no outgoing traffic for some time
« on: June 27, 2009, 08:30:50 PM »

My tunnel goes down (ipv6 net not reachable from the outside) if there was no outgoing traffic for some time.
Once I send one single ping to the outside all works again well.
Is it a problem or a feature?
Logged

kristiankrohn

  • Newbie
  • *
  • Posts: 31
Re: Tunnel down when no outgoing traffic for some time
« Reply #1 on: June 28, 2009, 02:55:34 AM »

Seems to be a common issue...

My guess would be that you have a stateful firewall on your tunnel endpoint.

Make sure that you allow incoming protocol 41 connections from the HE tunnel endpoint on your IPv4 firewall.

Logged

iip

  • Newbie
  • *
  • Posts: 10
Re: Tunnel down when no outgoing traffic for some time
« Reply #2 on: June 28, 2009, 03:40:41 AM »

LOL ok thx will try that
sounds logical, now that you say it
Logged

snarked

  • Hero Member
  • *****
  • Posts: 774
Re: Tunnel down when no outgoing traffic for some time
« Reply #3 on: June 28, 2009, 12:16:21 PM »

Are you accepting pings (ICMP echo requests) to the TUNNEL IPv6 endpoint address from HE's IPv6 tunnel endpoint address?  These are necessary to keep the tunnel alive when there is no traffic on the routed /64 or /48.

My one routed /64 tunnel has been inactive for 9 months as I now have native IPv6 at the co-location facility I'm in.  However, my server responds to pings on the IPv6 tunnel endpoint address, so I've been able to keep the tunnel as a backup (which was suggested by my co-lo facility staff as native IPv6 is experimental and under test).  [Someday, I plan to transfer the tunnel to my network at home if I can ever get openwrt to work with a Linksys WRT55AG (it works with the WRT54G - the G-only version)].

Keeping an inactive tunnel is not a problem, per other posts from HE on the forums.  They even noticed at one point that I have the pings locked down at the firewall to just the tunnel-server source address.
Logged

iip

  • Newbie
  • *
  • Posts: 10
Re: Tunnel down when no outgoing traffic for some time
« Reply #4 on: June 28, 2009, 09:46:12 PM »

Yep I accepted ICMPv6 all the time on the IPv6 interface, since everyone says that is important with IPv6.
Now that I have a ACCEPT rule for the HE IPv4 tunnel endpoint before the 'state RELATED,ESTABLISHED' in ip(4)tables, all seems to work well.
Logged