Back to Help and Support
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
1

Ask

2

Reply

3

Solution

HE.NET ipv6 tunnel through Vodafone WIFI hub

Go to solution
JessicasDad
3: Seeker
3: Seeker

‎01-04-2023 02:42 PM

Hi all,

 

I was just wondering if anyone has managed to get an IPV6 tunnel through he.net working on a FTTH connection via Cityfibre using the standard Vodafone router?

 

I'm using a Raspberry Pi as the tunnel endpoint and am pretty sure I've got the config right. The tunnel says it's up, and I can see IPV6 addresses with the right prefix being assigned to all devices in my LAN, and can successfully IPV6 ping sites like ipv6.google.com from all devices as well.

 

The problem is that web browsing etc doesn't work to IPV6 sites, and all the IPV6 checkers tell me IPV6 is not working.

 

I *think* it's because the Vodafone router uses a broadcom chipset and I'm coming across the 'flow cache' issue as mentioned at https://ttlexpired.co.uk/2016/02/12/ipv6-tunnel-and-failing-tcp-sessions/

 

If that's the case then the only option would seem to be to replace the Vodafone router with something else, but as I'm on Digital Voice as well and ipv6 is a 'nice to have' but not critical, then it's probably not worth the hassle.

 

Am I right, or is there another way I can get it working?

 

Thanks

 

Ross

0 Thanks
1 ACCEPTED SOLUTION

Go to solution
JessicasDad
3: Seeker
3: Seeker
In response to Ripshod

‎13-04-2023 09:51 PM

Thank you very much!

 

I had left the MTU at defaults, but have set it to 1452 at both ends and reconnected the tunnel, and all the tests are now working perfectly!

 

I'll do some more tests, but looks like the MTU was the issue!

 

Thanks again!

View solution in original position

0 Thanks
8 REPLIES 8

Go to solution
CrimsonLiar
16: Advanced member
16: Advanced member

‎01-04-2023 07:27 PM

In this instance, the "flow cache" issue shouldn't come into play because the tunnel is from the raspberry pi to your endpoint and the router shouldn't be interfering!

The problem is more likely to be that you need to set the Raspberry Pi as the gateway for devices you want to connect over IPv6.  In this configuration, though the Raspberry Pi itself still needs to connect to the router's IPv4 gateway, and you'll need to set the IPv6 address, and gateway manually on each device from your Hurricane electric pool (being pedantic there are other methods that automate more, but the initial config gets ever more complex).

*Be aware that some services that detect Hurricane Electric's IPv6 connections as VPN connections may reject your connections - even Instagram can be problematic!

**You'll also either need one of: Static IPv4 address from Vodafone; Set up the RPi to use HE's own DDNS, or use a routine on the RPi to update your WAN address to HE if/when the WAN address changes.

Good luck see how you get along with that and keep us updated!

0 Thanks

Go to solution
JessicasDad
3: Seeker
3: Seeker
In response to CrimsonLiar

‎13-04-2023 08:46 PM

Ok, strange,

 

I've posted a reply twice including configs etc and saying that configuring addresses and other information manually or via radvd stil doesn't work, but the reply has disappeared both times!

 

What am I doing wrong?

 

Thanks

 

Ross

0 Thanks

Go to solution
Ripshod
16: Advanced member
16: Advanced member
In response to JessicasDad

‎13-04-2023 09:17 PM - edited ‎13-04-2023 09:19 PM

There may be security issues with some of the information you're posting. Redact or otherwise obfuscate IPs and MAC address and try again, or make a clear statement to the moderators that no sensitive information is included. Don't lie though, they are good at spotting things you may miss. 

0 Thanks

Go to solution
JessicasDad
3: Seeker
3: Seeker
In response to Ripshod

‎13-04-2023 09:22 PM

Thanks - I didn't think of my posts being moderated, especially as I've not been sent any sort of message to say that's what's happened.

 

I'll try again, but make it clear that all sensitive information is redacted.

 

Thanks

0 Thanks

Go to solution
JessicasDad
3: Seeker
3: Seeker
In response to CrimsonLiar

‎13-04-2023 09:31 PM

Hi,

 

Thanks for replying, and sorry I'm a bit late in responding - took a bit of time to try things but also seems like my replies were possibly being moderated.

 

I've tried both manually configuring addresses etc and also using radvd, and although all machines on the lan get an address in the he.net prefix and can ping google using ipv6, browsing still doesn't work.

 

The various configs are below - I've blanked out part of the IP addresses for security, but left part in as I think they are needed to show I'm using the right prefixes - hope this is ok.

 

The various configs etc are :

On the Raspberry PI :

he-ipv6 in /etc/network/interfaces.d

auto he-ipv6
iface he-ipv6 inet6 v4tunnel
        address 2001:xxx:1f1c:yyy::2
        netmask 64
        endpoint aaa.bbb.ccc.ddd
        local aaa.bbb.ccc.ddd
        ttl 255
        gateway 2001:xxx:1f1c:yyy::1

up ip addr add 2001:xxx:1f1d:yyy::1/64 dev wlan0

ifconfig wlan0

wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet aaa.bbb.ccc.ddd netmask 255.255.255.0  broadcast aaa.bbb.ccc.255
        inet6 fe80::7b20:a60f:cd65:73cc  prefixlen 64  scopeid 0x20<link>
        inet6 2001:xxx:1f1d:yyy::1  prefixlen 64  scopeid 0x0<global>
        ether aa:bb:cc:dd:ee:ff  txqueuelen 1000  (Ethernet)

radvd.conf

interface wlan0
{
  IgnoreIfMissing on;
  AdvManagedFlag off;
  AdvSendAdvert on;
  MinRtrAdvInterval 3;
  MaxRtrAdvInterval 10;
  AdvOtherConfigFlag on;
  AdvLinkMTU 1480;
  prefix 2001:xxx:1f1d:yyy::/64
  {
  AdvOnLink on;
  AdvAutonomous on;
  AdvRouterAddr on;
  };
};

route -6

localhost/128                  [::]                       U    256 2     0 lo
tunnel588721.tunnel.tserv1.lon2.ipv6.he.net/128 [::]      U    1024 1    0 he-ipv6                                                           
2001:xxx:1f1c:yyy::/64         [::]                       Un   256 2     0 he-ipv6                                                                       
2001:xxx:1f1d:yyy::/64         [::]                       U    256 1     0 wlan0
fe80::/64                      [::]                       Un   256 1     0 he-ipv6                                                                           
fe80::/64                      [::]                       U    256 1     0 wlan0
[::]/0               tunnel588721.tunnel.tserv1.lon2.ipv6.he.net UGH 1024 4     0 he-ipv6                                                                             
localhost/128                  [::]                       Un   0   5     0 lo
2001:xxx:1f1c:yyy::/128        [::]                       Un   0   3     0 he-ipv6                                                                             
tunnel588721-pt.tunnel.tserv1.lon2.ipv6.he.net/128 [::]   Un   0   5     0 he-ipv6                                                                           
2001:xxx:1f1d:yyy::/128        [::]                       Un   0   3     0 wlan0
2001:xxx:1f1d:yyy::1/128       [::]                       Un   0   3     0 wlan0
fe80::/128                     [::]                       Un   0   3     0 he-ipv6                                                                           
fe80::/128                     [::]                       Un   0   3     0 wlan0
fe80::c0a8:424d/128            [::]                       Un   0   5     0 he-ipv6                                                                             
fe80::7b20:a60f:cd65:73cc/128  [::]                       Un   0   4     0 wlan0
ff00::/8                       [::]                       U    256 1     0 he-ipv6                                                                             
ff00::/8                       [::]                       U    256 5     0 wlan0
[::]/0                         [::]                       !n   -1  1     0 lo

Windows 11 client:

ipconfig

Wireless LAN adapter WiFi:

   Connection-specific DNS Suffix  . : broadband
   IPv6 Address. . . . . . . . . . . : 2001:xxx:1f1d:yyy:e4de:254f:6be3:6bbc
   Temporary IPv6 Address. . . . . . : 2001:xxx:1f1d:yyy:c063:996f:d09b:1ca8
   Link-local IPv6 Address . . . . . : fe80::xxxx:yyyy:907:2ce9%2
   IPv4 Address. . . . . . . . . . . : aaa.bbb.ccc.ddd
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : fe80:xxxx:yyyy:cd65:73cc%2
                                       aaa.bbb.ccc.250
route -6 print

 If Metric Network Destination      Gateway
  2    291 ::/0                     fe80::xxxx:yyyy:cd65:73cc
  1    331 ::1/128                  On-link
  2    291 2001:xxx:1f1d:yyy::/64   On-link
  2    291 2001:xxx:1f1d:yyy:c063:996f:d09b:1ca8/128
                                    On-link
  2    291 2001:xxx:1f1d:yyy:e4de:254f:6be3:6bbc/128
                                    On-link
  2    291 fe80::/64                On-link
  2    291 fe80::xxxx:yyyy:907:2ce9/128
                                    On-link
  1    331 ff00::/8                 On-link
  2    291 ff00::/8                 On-link

0 Thanks

Go to solution
Ripshod
16: Advanced member
16: Advanced member
In response to JessicasDad

‎13-04-2023 09:35 PM - edited ‎13-04-2023 09:36 PM

I'll look deeper later, but just a hunch for now. What MTU are you using for the tunnel? For PPPoE it needs to be 1452 on both ends because of overheads.

0 Thanks

Go to solution
JessicasDad
3: Seeker
3: Seeker
In response to Ripshod

‎13-04-2023 09:51 PM

Thank you very much!

 

I had left the MTU at defaults, but have set it to 1452 at both ends and reconnected the tunnel, and all the tests are now working perfectly!

 

I'll do some more tests, but looks like the MTU was the issue!

 

Thanks again!

0 Thanks

Go to solution
JessicasDad
3: Seeker
3: Seeker
In response to JessicasDad

‎06-05-2023 10:40 PM

Forgot to come back and confirm this was the answer :Sad_face:

 

Sorry!