I see part of my problem. I was confusing a tunnel with host. I was thinking a tunnel needed to be created for each host, but that is not the case. I am able to scan my computers ports, so it appears all are reachable from the internet. The thing that concerns me is
Yes I noticed that before, and I guess I didn't explain it well enough. You only need ONE 6in4 tunnel to route IPv6 traffic from hosts for an entire LAN, or even a set of many LANs connected by other routers to the IPv6 internet. You set the tunnel up on the host/box/node/appliance you chose as your IPv6 router, and all other hosts send IPv6 traffic
through this router, which routes the traffic down the tunnel to HE's tunnel server, and receives return traffic to your LAN through the same tunnel. Each host on your LAN does
not have a separate tunnel.
>>Not sure why, but I can't ping or trace your host from outside. Tunnel appears to be down.
Is it possible it's a problem on my end? It's strange that I can see them open from the HE port scanner but nowhere else. Have you run into this before?
Actually it's working now. I can't ping your windows box because it's probably dropping pings (firewall). But an nmap scan reveals port 80 and port 3389 (rdp) open, and I can connect:
{root@gtoojimb/pts/3}~# nmap -6 -P0 -sT -T3 2001:470:1f05:6db:4f6:430e:50ff:4f1d
Starting Nmap 5.00 ( http://nmap.org ) at 2009-12-08 22:12 PST
Interesting ports on 2001:470:1f05:6db:4f6:430e:50ff:4f1d:
Not shown: 998 filtered ports
PORT STATE SERVICE
80/tcp open http
3389/tcp open ms-term-serv
nc -6 -n -v 2001:470:1f05:6db:4f6:430e:50ff:4f1d 3389
(UNKNOWN) [2001:470:1f05:6db:4f6:430e:50ff:4f1d] 3389 (ms-wbt-server) open
nc -6 -n 2001:470:1f05:6db:4f6:430e:50ff:4f1d 80
lakjdsf
HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Wed, 09 Dec 2009 06:13:09 GMT
Connection: close
Content-Length: 326
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid Verb</h2>
<hr><p>HTTP Error 400. The request verb is invalid.</p>
</BODY></HTML>
EDIT: OK now it's down again. Not sure what's going on:
nc -6 -v -n 2001:470:1f05:6db:4f6:430e:50ff:4f1d 3389
(UNKNOWN) [2001:470:1f05:6db:4f6:430e:50ff:4f1d] 3389 (ms-wbt-server) : No route to hostIt could be that your tunnel is flapping if you didn't completely get rid of the tunnel interfaces on your windows boxes. As I said before, if one of those 2008 boxes sends a 6in4 packet out, it will "override" the NAT entry on your edge router, and then all tunnel traffic will be sent to the windows box instead of the 615, until the 615 sends another 6in4 packet, yadda yadda. If your edge router allows you to configure a static NAT for protocol 41, configure one and point it to the DIR-615. Then it won't matter.