Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Help with setting up a 6to4 tunnel via TunnelBroker
« previous
next »
Print
Pages: [
1
]
Author
Topic: Help with setting up a 6to4 tunnel via TunnelBroker (Read 2503 times)
SapuSeven
Newbie
Posts: 8
Karma: 0
Help with setting up a 6to4 tunnel via TunnelBroker
«
on:
October 10, 2023, 07:46:58 pm »
Hi there,
I have an issue connecting through a TunnelBroker 6to4 tunnel.
Packets are going out, but nothing comes back - I can see the outgoing packets in the firewall live logs. Also I'm not behind a CGN.
My client is getting a valid IPv6 address from the router and pinging the router itself works.
Configuration images are here:
https://imgur.com/a/GSPXYI6
Values from TunnelBroker:
Server IPv4 Address: red
Server IPv6 Address: green
Client IPv6 Address: blue
Routed /48: yellow
Any ideas on what could be the issue / what to test?
Logged
Maurice
Hero Member
Posts: 1213
Karma: 158
Re: Help with setting up a 6to4 tunnel via TunnelBroker
«
Reply #1 on:
October 10, 2023, 10:26:53 pm »
So gateway monitoring doesn't work either? Do you have a dynamic IPv4 address? Maybe it changed and you need to update it in your tunnelbroker.net account.
Cheers
Maurice
Logged
OPNsense virtual machine images
OPNsense aarch64 firmware repository
Commercial support & engineering available. PM for details (en / de).
SapuSeven
Newbie
Posts: 8
Karma: 0
Re: Help with setting up a 6to4 tunnel via TunnelBroker
«
Reply #2 on:
October 10, 2023, 11:23:24 pm »
No, I have a static IPv4. Also I checked that my IP matches the one configured in TunnelBroker.
Logged
Maurice
Hero Member
Posts: 1213
Karma: 158
Re: Help with setting up a 6to4 tunnel via TunnelBroker
«
Reply #3 on:
October 11, 2023, 12:25:20 am »
And does gateway monitoring work? If not, do you see any inbound 6in4 packets in a packet capture on the parent interface (WAN)?
Logged
OPNsense virtual machine images
OPNsense aarch64 firmware repository
Commercial support & engineering available. PM for details (en / de).
SapuSeven
Newbie
Posts: 8
Karma: 0
Re: Help with setting up a 6to4 tunnel via TunnelBroker
«
Reply #4 on:
October 11, 2023, 03:19:31 am »
Gateway monitoring shows OFFLINE with 100% loss.
I started a packet capture while pinging 2606:4700:4700::1111.
For the TUNNELBROKER interface I can see ping packets going out from my local to the remote tunnel address.
For the WAN address I only see one outgoing packet to the TunnelBroker Server IPv4 Address (red).
(see attached screenshots)
Logged
Maurice
Hero Member
Posts: 1213
Karma: 158
Re: Help with setting up a 6to4 tunnel via TunnelBroker
«
Reply #5 on:
October 11, 2023, 01:07:37 pm »
What you can see in the WAN interface packet capture is a gateway monitoring echo request, which has no response.
Assuming all addresses are configured correctly, you're probably facing an upstream issue. Maybe your ISP filters 6in4?
Logged
OPNsense virtual machine images
OPNsense aarch64 firmware repository
Commercial support & engineering available. PM for details (en / de).
SapuSeven
Newbie
Posts: 8
Karma: 0
Re: Help with setting up a 6to4 tunnel via TunnelBroker
«
Reply #6 on:
October 12, 2023, 07:00:19 pm »
Just wrote to my ISP, they claim they don't block anything.
I double- and triple-checked the GIF config and I'm pretty sure its correct.
What else could there be?
Logged
Maurice
Hero Member
Posts: 1213
Karma: 158
Re: Help with setting up a 6to4 tunnel via TunnelBroker
«
Reply #7 on:
October 12, 2023, 09:56:38 pm »
Since you see outgoing 6in4 packets on the WAN interface but no replies, I really can't think of a lot within OPNsense.
What type of Internet connection do you have? What MTU?
Logged
OPNsense virtual machine images
OPNsense aarch64 firmware repository
Commercial support & engineering available. PM for details (en / de).
SapuSeven
Newbie
Posts: 8
Karma: 0
Re: Help with setting up a 6to4 tunnel via TunnelBroker
«
Reply #8 on:
October 12, 2023, 11:58:57 pm »
Alright, I have an ISP-provided cable modem running in bridge mode.
The OPNsense box is connected to it via a network cable and uses DHCP to get its WAN IP.
Regarding MTU: I'm unfamiliar with that topic. How can I check this?
Logged
Maurice
Hero Member
Posts: 1213
Karma: 158
Re: Help with setting up a 6to4 tunnel via TunnelBroker
«
Reply #9 on:
October 13, 2023, 12:40:59 am »
Go to Interfaces: Diagnostics: Ping, enter the tunnel server's IPv4 address, packet size 1472, do not fragment enabled. If this works your MTU is 1500. Otherwise, reduce the packet size until the ping succeeds.
Logged
OPNsense virtual machine images
OPNsense aarch64 firmware repository
Commercial support & engineering available. PM for details (en / de).
SapuSeven
Newbie
Posts: 8
Karma: 0
Re: Help with setting up a 6to4 tunnel via TunnelBroker
«
Reply #10 on:
October 13, 2023, 01:39:08 am »
Thanks.
With the settings you described, ping works. -> MTU is 1500
Logged
SapuSeven
Newbie
Posts: 8
Karma: 0
Re: Help with setting up a 6to4 tunnel via TunnelBroker
«
Reply #11 on:
October 17, 2023, 11:09:04 pm »
I just remembered that OPNsense is running as a VM inside Proxmox.
Maybe that can cause the issue?
Logged
Maurice
Hero Member
Posts: 1213
Karma: 158
Re: Help with setting up a 6to4 tunnel via TunnelBroker
«
Reply #12 on:
October 17, 2023, 11:56:01 pm »
Shouldn't have an impact unless there's NAT involved at some point. Are you using a bridged configuration in Proxmox?
Logged
OPNsense virtual machine images
OPNsense aarch64 firmware repository
Commercial support & engineering available. PM for details (en / de).
SapuSeven
Newbie
Posts: 8
Karma: 0
Re: Help with setting up a 6to4 tunnel via TunnelBroker
«
Reply #13 on:
October 20, 2023, 01:14:48 pm »
Yes, it's all "Linux Bridge" bound to physical ports
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Help with setting up a 6to4 tunnel via TunnelBroker