1
24.1 Production Series / ipv6 - tunnelbroker - connectivity issues
« on: February 29, 2024, 12:31:55 pm »
I have setup, in a few of my vlans, some time ago ipv6 through tunnelbroker.
It's been working fine until now. Still I can ping WAN hosts, unbound resolves AAAA queries:
With exception of my OpenvPN road warrior connection. When I connect via VPN, all is ok.
FW has of course ipv6 enabled and respective vlan also has rule allowing all "IN" ip4+ip6 traffic - as same as group openvpn interface. How to troubleshoot it???
EDIT:
It seems like I can think better when I write post :-). I had/have caching (squid, icap) enabled on couple of vlans. And this was filtering out my ipv6. Is it possible to configure caching for ipv6?
It's been working fine until now. Still I can ping WAN hosts, unbound resolves AAAA queries:
Quote
% dig google.com AAAABut any tests I do via browsers (Safari, Chrome), fail miserably. For example, https://test-ipv6.com/, says there's no ipv6 address discovered.
; <<>> DiG 9.10.6 <<>> google.com AAAA
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4210
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;google.com. IN AAAA
;; ANSWER SECTION:
google.com. 40 IN AAAA 2a00:1450:401b:804::200e
;; Query time: 2 msec
;; SERVER: X001:XXX:XXXX:4::1#53(X001:XXX:XXXX:4::1)
;; WHEN: Thu Feb 29 12:00:35 CET 2024
;; MSG SIZE rcvd: 67
With exception of my OpenvPN road warrior connection. When I connect via VPN, all is ok.
FW has of course ipv6 enabled and respective vlan also has rule allowing all "IN" ip4+ip6 traffic - as same as group openvpn interface. How to troubleshoot it???
EDIT:
It seems like I can think better when I write post :-). I had/have caching (squid, icap) enabled on couple of vlans. And this was filtering out my ipv6. Is it possible to configure caching for ipv6?