Show Posts
1
23.7 Legacy Series / HE Tunnelbroker traffic disappears
« on: August 26, 2023, 08:05:43 pm »
I'm just starting to roll out v6 in my home/work lab and since ATT only gives out a single /64, I'm resorting to HE tunnelbroker for a /48.
Followed the various online instructions to setup the tunnel but I'm not able to ping the remote tunnel address or Google DNS. Packet capture on the gif0 and wan interfaces show request/replies coming and going to both addresses, but the CLI, UI, and an internal host don't see any return traffic. I've got the FW wide open for v6 traffic with no change, bogons6 are not blocked, Allow IPv6 is enabled, and anything else I could think of that might be blocking these flows.
Is there something I'm missing? Google searching hasn't found any similar situations, so I'm guessing there's something small I've overlooked.
My environment consists of:
* ATT DSL with an Arris BGW210 - IPv6 is disabled as I originally though the modem was blocking 6to4 tunnels
* 27.3.2 running in proxmox. WAN and LAN interfaces are bridged. IPv4 connectivity works as expected. HE Tunnelbroker configured, up, and active v6 gateway.
* A backup 27.3.2 running on a different but identical proxmox. No HA yet, just a failover OSPF route for now
* Each proxmox/fw is connected to a managed Aruba switch, running OSPF and OSPFv3 with link-local and global addresses from the HE assigned prefix.
Followed the various online instructions to setup the tunnel but I'm not able to ping the remote tunnel address or Google DNS. Packet capture on the gif0 and wan interfaces show request/replies coming and going to both addresses, but the CLI, UI, and an internal host don't see any return traffic. I've got the FW wide open for v6 traffic with no change, bogons6 are not blocked, Allow IPv6 is enabled, and anything else I could think of that might be blocking these flows.
Is there something I'm missing? Google searching hasn't found any similar situations, so I'm guessing there's something small I've overlooked.
My environment consists of:
* ATT DSL with an Arris BGW210 - IPv6 is disabled as I originally though the modem was blocking 6to4 tunnels
* 27.3.2 running in proxmox. WAN and LAN interfaces are bridged. IPv4 connectivity works as expected. HE Tunnelbroker configured, up, and active v6 gateway.
* A backup 27.3.2 running on a different but identical proxmox. No HA yet, just a failover OSPF route for now
* Each proxmox/fw is connected to a managed Aruba switch, running OSPF and OSPFv3 with link-local and global addresses from the HE assigned prefix.