6to4 tunnel on tg582n
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- Fibre Broadband
- :
- Re: 6to4 tunnel on tg582n
6to4 tunnel on tg582n
12-10-2014 6:47 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
What considerations do I need to make to get a 6to4 tunnel to work through my tg582n, the tutorial said that icmp pings need to be enabled, done that.
I've set the tunnel up against my ip per the instructions on https://tunnelbroker.net/ and used this tutorial http://www.raspberrypi.org/forums/viewtopic.php?f=36&t=88054 my mac seems to gain an ip address from the raspberry but no sign of a live connection on the raspberry or my macbook.
Any pointers greatly appreciated
Re: 6to4 tunnel on tg582n
13-10-2014 10:33 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Might not be much specific we can advise you re what you're trying to do here but I've asked our products team in case there is and will let you know if we're able to advise anything.
Re: 6to4 tunnel on tg582n
13-10-2014 2:39 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: 6to4 tunnel on tg582n
13-10-2014 3:09 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: 6to4 tunnel on tg582n
13-10-2014 4:27 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: 6to4 tunnel on tg582n
13-10-2014 6:59 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: 11110_110 should the tg582n allow an ipv6 tunnel to work with 8cm0 or not. So if i create a tunnel then pump the address into my mac will/should the tunnel work ?
I have the TG582n with the current standard Plusnet issue v8.4.4.j.
Just for fun I've created a tunnel at tunnelbroker.net and applied their config to a Win7 machine. Works a treat.
Re: 6to4 tunnel on tg582n
14-10-2014 3:46 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: 6to4 tunnel on tg582n
14-10-2014 7:50 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Plusnet, Does your supplied TG582n Router with "8CM0" pass protocol 41, Very simple question.
Re: 6to4 tunnel on tg582n
14-10-2014 9:26 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Traffic should pass through as long as the connection was established from you, unsolicited packets might be dropped though. You might need to poke a hole through the firewall to get things working fully. (CLI commands required)
Re: 6to4 tunnel on tg582n
14-10-2014 10:33 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
FYI no packets pass through the router what so ever. It is a simple question, does the router pass proto 41 or not ?
Regards Gary
Re: 6to4 tunnel on tg582n
15-10-2014 1:39 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
First thing to try is take the Pi out of the equation and set up the tunnel directly on the Mac (the tunnel broker example setup should suffice for the time being). If you can get that functioning ok then you'll have to look more closely at the Pi configuration.
Re: 6to4 tunnel on tg582n
15-10-2014 1:41 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: 11110_110 i'm running 8cm0 which is heavily config'd and running very stable.
I don't know what config you have that you want to retain.... but an option would be to upgrade to the later firmware [8.4.4.j] which from my experiment does seem to pass protocol 41
So far as answering your direct question re protocol 41 on your current firmware you could raise a ticket to PN who supplied the router asking that very question. It doesn't look like anyone here knows the answer.
Re: 6to4 tunnel on tg582n
15-10-2014 3:15 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
well i guess it was one of those times, and seeing as I'm man enough to own up to it, my problem was a very simple one.
auto he-ipv6
iface he-ipv6 inet6 v4tunnel
address 2001:470:247:eee::2
netmask 64
endpoint 216.66.80.26
local 146.82.47.62
ttl 255
gateway 2001:470:247:eee::1
Seeing as I'm on a Lan, I'll let you decide what i might of missed. Proto 41 seems all good to me MrToast, thanks again for your input
Now i just need to look at the firewall on the other box as it seems to be blocking ipv6-dns for some reason or other.
http://ipv6-test.com/speedtest/
Re: 6to4 tunnel on tg582n
15-10-2014 9:46 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Glad you got it working. Not sure why IPv6 DNS is being blocked, it should be pretty much the same as IPv4 just an aaaa record, unless it's not accessing the IPv6 address of the DNS server?
Re: 6to4 tunnel on tg582n
16-10-2014 2:37 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
open-dns didn't seem to resolve on it's own, or not as I expected it to anyway, website tests seem hit-n-miss through the project above.
The same tests on a none firewalled box with just a normal tunnel were fine. So something isn't quite right with the project overall somewhere.
OpenDns ipv6 ip's
2620:0:ccc::2
2620:0:ccd::2
Copy of the firewall rules.
#!/bin/sh## Test your ipv6 firewall rule set using:# http://ipv6.chappell-family.com/ipv6tcptest/index.php# Thank you Tim for providing this test tool.## Ver. 2.0 (RHO and Logging, speciall ICMP Blocking)# 29.12.2012## DefinitionsIP6TABLES='/sbin/ip6tables'# change LAN and IPv6 WAN interface name according your requirementsWAN_IF='he-ipv6'LAN_IF='eth0'SUBNETPREFIX='2001:470:aa7e::/48'# First Flush and delete all:$IP6TABLES -F INPUT$IP6TABLES -F OUTPUT$IP6TABLES -F FORWARD$IP6TABLES -F$IP6TABLES -X# DROP all incomming traffic$IP6TABLES -P INPUT DROP$IP6TABLES -P OUTPUT DROP$IP6TABLES -P FORWARD DROP# Filter all packets that have RH0 headers:$IP6TABLES -A INPUT -m rt --rt-type 0 -j DROP$IP6TABLES -A FORWARD -m rt --rt-type 0 -j DROP$IP6TABLES -A OUTPUT -m rt --rt-type 0 -j DROP# Allow anything on the local link$IP6TABLES -A INPUT -i lo -j ACCEPT$IP6TABLES -A OUTPUT -o lo -j ACCEPT# Allow anything out on the internet$IP6TABLES -A OUTPUT -o $WAN_IF -j ACCEPT# Allow established, related packets back in$IP6TABLES -A INPUT -i $WAN_IF -m state --state ESTABLISHED,RELATED -j ACCEPT# Allow the localnet access us:$IP6TABLES -A INPUT -i $LAN_IF -j ACCEPT$IP6TABLES -A OUTPUT -o $LAN_IF -j ACCEPT# Allow Link-Local addresses$IP6TABLES -A INPUT -s fe80::/10 -j ACCEPT$IP6TABLES -A OUTPUT -s fe80::/10 -j ACCEPT# Allow multicast$IP6TABLES -A INPUT -d ff00::/8 -j ACCEPT$IP6TABLES -A OUTPUT -d ff00::/8 -j ACCEPT# Paranoia setting on ipv6 interface$IP6TABLES -I INPUT -i $WAN_IF -p tcp --syn -j DROP$IP6TABLES -I FORWARD -i $WAN_IF -p tcp --syn -j DROP$IP6TABLES -I INPUT -i $WAN_IF -p udp -j DROP$IP6TABLES -I FORWARD -i $WAN_IF -p udp -j DROP# Allow forwarding on ipv6 interface$IP6TABLES -A FORWARD -m state --state NEW -i $LAN_IF -o $WAN_IF -s $SUBNETPREFIX -j ACCEPT$IP6TABLES -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT# Allow dedicated ICMPv6 packettypes, do this in an extra chain because we need it everywhere$IP6TABLES -N AllowICMPs# Destination unreachable$IP6TABLES -A AllowICMPs -p icmpv6 --icmpv6-type 1 -j ACCEPT# Packet too big$IP6TABLES -A AllowICMPs -p icmpv6 --icmpv6-type 2 -j ACCEPT# Time exceeded$IP6TABLES -A AllowICMPs -p icmpv6 --icmpv6-type 3 -j ACCEPT# Parameter problem$IP6TABLES -A AllowICMPs -p icmpv6 --icmpv6-type 4 -j ACCEPT# Echo Request (protect against flood)$IP6TABLES -A AllowICMPs -p icmpv6 --icmpv6-type 128 -m limit --limit 5/sec --limit-burst 10 -j ACCEPT# Echo Reply$IP6TABLES -A AllowICMPs -p icmpv6 --icmpv6-type 129 -j ACCEPT## Allow ICMPs$IP6TABLES -A INPUT -p icmpv6 -j AllowICMPs$IP6TABLES -A FORWARD -p icmpv6 -j AllowICMPs$IP6TABLES -A OUTPUT -p icmpv6 -j AllowICMPs
I'm quite impressed with the project out of the box, but it needs somebody to try it out and compare results really to see how it performs.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- Fibre Broadband
- :
- Re: 6to4 tunnel on tg582n