• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

Having trouble with tunnel

Started by DOMBlogger, September 07, 2011, 05:19:48 AM

Previous topic - Next topic

DOMBlogger

Running Ubuntu on lan behind a Linksys router.

Router model: RT31P2 (formerly used with Vonage)

I use the IP from my ISP for my end point.
My local nat network behind router is 192.168.15.x

I use these commands in Ubuntu:

ifconfig sit0 up
ifconfig sit0 inet6 tunnel ::216.218.226.238
ifconfig sit1 up
ifconfig sit1 inet6 add 2001:470:a:721::2/64
route -A inet6 add ::/0 dev sit1

This is the relevant output of /sbin/ifconfig :


eth0      Link encap:Ethernet  HWaddr 00:20:78:1d:7c:df 
          inet addr:192.168.15.24  Bcast:192.168.15.255  Mask:255.255.255.0
          inet6 addr: fe80::220:78ff:fe1d:7cdf/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:583656 errors:0 dropped:0 overruns:0 frame:0
          TX packets:598852 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:356680694 (356.6 MB)  TX bytes:113649063 (113.6 MB)
          Interrupt:10 Base address:0xe800

sit0      Link encap:IPv6-in-IPv4 
          inet6 addr: ::192.168.15.24/96 Scope:Compat
          inet6 addr: ::127.0.0.1/96 Scope:Unknown
          UP RUNNING NOARP  MTU:1480  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

sit1      Link encap:IPv6-in-IPv4 
          inet6 addr: 2001:470:a:721::2/64 Scope:Global
          inet6 addr: fe80::c0a8:f18/64 Scope:Link
          UP POINTOPOINT RUNNING NOARP  MTU:1480  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:5 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:400 (400.0 B)


Yet http://ipv6.he.net/certification/validate-explorer.php reports my IPv4 address.

Could it be the nameservers I am using are IPv4 and are thus only returning the IPv4 address?

I have a server with IPv6 but ping6 does not seem to be able to see it.
Any hints on what my issue is?



cholzhauer

Quote
Could it be the nameservers I am using are IPv4 and are thus only returning the IPv4 address?

Very possible.  What happens when you try and ping those sites?

You can test if your tunnel is up by pinging 2001:470:a:721::1

DOMBlogger

I can not ping it, but I can from my remote web server.

I wonder if the old linksys router I'm behind is the problem, if it does not support IPv4 protocol type of 41.

It looks likes DLink has some affordable routers that allegedly are dual stack ready. If I can't figure it out, I may see if one of those works better, as I suspect it would support tunneling.

cholzhauer

If you can put your IPv6 router in front of the linksys firewall, you would be able to tell for sure

DOMBlogger

I could try plugging my lap top directly into the cable modem. That would let me know.

cholzhauer

As long as your laptop is running the tunnel, yes.

DOMBlogger

I have a Linksys wrt54g - so what I'm going to try is installing the WRT54G_Wolf_W42_Alchemy_6rc1 firmware and put that behind the cable modem and configure that as the tunnel.

DOMBlogger

Linksys router wouldn't take the firmware.

But with laptop attached directly to cable modem, IPv6 works flawlessly.

So the problem with tunneling from my desktop is likely either the linksys voip router (that normally is attached to cable modem) or the linksys 4 port hub in my office.

But it otherwise works. So I need to buy a router that doesn't mangle the tunnel.

cholzhauer

The hub won't be an issue...it has no idea what traffic it's passing

DOMBlogger

OK - that's cool. I don't use vonaga anymore anyway, so replacing that router won't be a problem.
At least I know what the problem is now.

dClauzel

I may have a similar problem on my Mac running Lion : I cannot run the second test because it fails to notice my IPv6 connection :

Your reported Internet Protocol Address is: 82.239.197.205

You do not appear to be using an IPv6 capable connection


My ISP Free provides IPv6 connection, so I don't need a tunnel.

Indeed, when I look at the network :

# ifconfig
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
options=3<RXCSUM,TXCSUM>
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
stf0: flags=0<> mtu 1280
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 9000
options=2b<RXCSUM,TXCSUM,VLAN_HWTAGGING,TSO4>
ether 00:16:cb:a0:3f:b9
inet6 fe80::216:cbff:fea0:3fb9%en0 prefixlen 64 scopeid 0x4
inet6 2a01:e35:2efc:5cd0:216:cbff:fea0:3fb9 prefixlen 64 autoconf
inet6 2a01:e35:2efc:5cd0:69af:de12:fe60:a22d prefixlen 64 autoconf temporary
inet 192.168.1.42 netmask 0xffffff00 broadcast 192.168.1.255
media: 1000baseT <full-duplex,flow-control>
status: active
en1: flags=8823<UP,BROADCAST,SMART,SIMPLEX,MULTICAST> mtu 1500
ether 00:19:e3:0c:3f:4a
media: autoselect (<unknown type>)
status: inactive
fw0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 2030
lladdr 00:17:f2:ff:fe:7b:96:a8
media: autoselect <full-duplex>
status: inactive


My setup works fine : I can reach Google

# ping6 -c 1 google.fr
PING6(56=40+8+8 bytes) 2a01:e35:2efc:5cd0:69af:de12:fe60:a22d --> 2a00:1450:4001:c01::67
16 bytes from 2a00:1450:4001:c01::67, icmp_seq=0 hlim=55 time=39.498 ms

--- google.fr ping6 statistics ---
1 packets transmitted, 1 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 39.498/39.498/39.498/0.000 ms


and I am hosting a public web server on another computer exclusively over IPv6.

$ ifconfig
eth1      Link encap:Ethernet  HWaddr aa:00:04:00:0a:04 
          inet adr:192.168.1.32  Bcast:192.168.1.255  Masque:255.255.255.0
          adr inet6: 2a01:e35:2efc:5cd0:a800:4ff:fe00:a04/64 Scope:Global
          adr inet6: fe80::a800:4ff:fe00:a04/64 Scope:Lien
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:137573279 errors:0 dropped:0 overruns:0 frame:0
          TX packets:158706104 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 lg file transmission:1000
          RX bytes:83282219901 (77.5 GiB)  TX bytes:118917848353 (110.7 GiB)
          Interruption:20

$ curl https://serveur.lt-p.net/~ltp/stats_irc/PiratePads.html | head
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 11544  100 11544    0     0   172k      0 --:--:-- --:--:-- --:--:--  176k
<!DOCTYPE html>
<html lang="fr">

<head>
        <meta http-equiv="content-type" content="text/html; charset=UTF-8">
        <title>Liste automatique des pads utilisés par le Parti Pirate</title>
        <meta name="author" content="Damien Clauzel, Damien@Clauzel.nom.fr">
        <meta name="description" content="Pour son travail, le Parti Pirate utilise des piratepads; leur liste est compilée automatiquement ici.">
        <meta name="keywords" content="Parti Pirate, politique, éditeur collaboratif, etherpad, piratepad">
</head>


So, basically my IPv6 support is fine. The mac is running a dual stack IPv4/IPv6, and it looks like the test only pays attention to the IPv4 one.

Any idea ?

mtindle

dClauzel, on OSX it might be connecting via IPv4 even though you have IPv6 connectivity simply because it's faster in your case.  Lion especially does connection tracking to remember which was faster.  Many browsers are also implementing "happy eyeballs" which tries to connect over v4 if it's faster even if it has a v6 option as well.

Our test currently only tests on a dual stacked domain which OSX probably has cached as a v4 domain.   We're going to update the site soon to test against a v6 only domain soon, but in the meantime, you can try temporarily disabling IPv4 on your computer to force it to load the page on IPv6.

DOMBlogger

I noticed Opera on Linux was connecting via IPv4 where Firefox grabbed IPv6 - same box (CentOS 5.x). Not sure if Opera just doesn't do IPv6 or if it just prefers IPv4 as I did not try an IPv6 only site.

dClauzel

Quote from: mtindle on September 13, 2011, 08:27:14 PM
Our test currently only tests on a dual stacked domain which OSX probably has cached as a v4 domain.   We're going to update the site soon to test against a v6 only domain soon, but in the meantime, you can try temporarily disabling IPv4 on your computer to force it to load the page on IPv6.
OK, I will try this. Thanks.