Hurricane Electric's IPv6 Tunnel Broker Forums

Advanced search  

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Author Topic: Windows Tunnel times out or goes to sleep or something?  (Read 7385 times)

PepperdotNet

  • Newbie
  • *
  • Posts: 4
Windows Tunnel times out or goes to sleep or something?
« on: August 26, 2009, 01:35:12 PM »

First question here, please go easy on me.  ;D

I've setup a couple of tunnels, one to a Windows 7 host and one to a 2008 server. I followed the instructions exactly. The first was to establish "connectivity" for a n00b, and the second was the "we want to send you an email" test. Everything works. Except... if I leave it alone a few minutes, it's no longer reachable from the outside, until I do something on that machine again, i.e. ping an ipv6 host which wakes it back up.

Is there by default a timeout mechanism in the Windows tunnel, and how do I override it? I don't really want to have to setup a scheduled task to ping something every five minutes.
Logged

dataless

  • Newbie
  • *
  • Posts: 26
Re: Windows Tunnel times out or goes to sleep or something?
« Reply #1 on: August 26, 2009, 07:23:37 PM »

I've seen several people with similar problems, I'm wondering if maybe it's due to being behind certain NAT routers.

It might be that after a period of inactivity your router is closing the connection.

There's an article in the SixXS FAQ that mentions this..

http://www.sixxs.net/faq/connectivity/?faq=conntracking

What kind of router do you have?
Logged

jimb

  • Hero Member
  • *****
  • Posts: 805
  • ^^^ Warped picture
Re: Windows Tunnel times out or goes to sleep or something?
« Reply #2 on: August 26, 2009, 10:01:41 PM »

You need to set up a static NAT for IP proto 41 on your NAT firewall, pointing traffic to your tunnel box.  You can only do one per external IP, so if you have two different tunnel routers, you need two external IPs to separately forward proto 41.

If you don't have a static NAT, the firewall will time out the connection/NAT entry if there is no traffic for a while, then packets from the remote HE tunnel server will be dropped by your firewall as unsolicited traffic.

If your tunnel device is at the edge, make sure there's a firewall rule allowing the traffic from the HE tunnel server to the IP of your tunnel router.

EDIT: Unfortunately, some consumer grade routers/firewalls don't give you an option to do an arbitrary IP protocol forward.  They presume that you'll only ever want to forward TCP or UDP ports.  If this is the case for you, then your only choices are to look for some alternative firmware (OpenWRT, Tomato, etc), or to do something like send a ping every X seconds to force the NAT entry to refresh so it doesn't time out (X =  the TTL of your NAT entries on your router).
« Last Edit: August 26, 2009, 10:11:16 PM by jimb »
Logged

kriteknetworks

  • Sr. Member
  • ****
  • Posts: 261
    • aRDy Music
Re: Windows Tunnel times out or goes to sleep or something?
« Reply #3 on: August 27, 2009, 07:29:01 AM »

Or buy a decent router :)
Logged

PepperdotNet

  • Newbie
  • *
  • Posts: 4
Re: Windows Tunnel times out or goes to sleep or something?
« Reply #4 on: August 27, 2009, 11:35:09 AM »

Ah, this makes sense now. I've got Netgear FVX538 and FVS338 routers. They will allow me to forward TCP, UDP or ICMP to an internal host but not an arbirtrary protocol. So it looks like a scheduled task to send some traffic from the inside is my only hope.
Logged

jimb

  • Hero Member
  • *****
  • Posts: 805
  • ^^^ Warped picture
Re: Windows Tunnel times out or goes to sleep or something?
« Reply #5 on: August 27, 2009, 06:49:37 PM »

Or buy a decent router :)
Yeah.  Or if you're like me, use an old PC or laptop and make a linux/iptables router or (or BSD/pf ... or m0n0wall).  Way more features than any consumer router you'll find out there, and free (if you have a spare PC and some nics)!
Logged

Ninho

  • Full Member
  • ***
  • Posts: 138
(Off topic) Display certif badge ?
« Reply #6 on: September 19, 2009, 02:44:56 PM »

@JimB : Praytell how you managed to display your badge in sig on your every post ?

I must be particularly dense, I couldn't for the sake of me find how to (even spying the posts' source code!)

It seems you are the only one who succeeded - or cared to try   ;)

Just vanitas vanitatum (speaking only for myself, of course...)


Logged

broquea

  • Sr. Network Engineer, HE.NET AS6939
  • Administrator
  • Hero Member
  • *****
  • Posts: 1723
Re: (Off topic) Display certif badge ?
« Reply #7 on: September 19, 2009, 03:06:47 PM »

@JimB : Praytell how you managed to display your badge in sig on your every post ?

I must be particularly dense, I couldn't for the sake of me find how to (even spying the posts' source code!)

It seems you are the only one who succeeded - or cared to try   ;)

Just vanitas vanitatum (speaking only for myself, of course...)





SMF code can be used, so you use
Code: [Select]
[img]http://url.to.image[/img]in your signature settings.
Logged

jimb

  • Hero Member
  • *****
  • Posts: 805
  • ^^^ Warped picture
Re: (Off topic) Display certif badge ?
« Reply #8 on: September 19, 2009, 05:10:45 PM »

@JimB : Praytell how you managed to display your badge in sig on your every post ?

I must be particularly dense, I couldn't for the sake of me find how to (even spying the posts' source code!)

It seems you are the only one who succeeded - or cared to try   ;)

Just vanitas vanitatum (speaking only for myself, of course...)
Yep.  Just a BBCODE image tag in my signature:
Code: [Select]
[img]http://ipv6.he.net/certification/create_badge.php?pass_name=jimb&badge=3[/img]Has to be a non-flash badge.
Logged

Ninho

  • Full Member
  • ***
  • Posts: 138
Re: (Off topic) Display certif badge ?
« Reply #9 on: September 20, 2009, 01:41:30 AM »

Yep.  Just a BBCODE image tag in my signature:
Has to be a non-flash badge.

Well, I thought I tried that, but didn't work (hung at "Fetching Preview", and when posted all the same, image was not there!)

Let's try once more (direct insertion, not a premade signature) :

Code: [Select]
[img]http://ipv6.he.net/certification/create_badge.php?pass_name=Ninho&badge=3[/img]



At long last  !!!! Noting, still, this prevents the Preview option from working...
« Last Edit: September 20, 2009, 01:48:23 AM by Ninho »
Logged