Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.

ForumsTelecom New Zealand, XT Network, Yahoo!XtraIs Xtra filtering proto 41 (IPv6) which is used by 6to4 tunnels?


4 posts

Wannabe Geek
Topic # 112958 29-Dec-2012 14:12 Send private message

Has anyone had any success setting up 6to4 from a home Xtra broadband connection?

I've been playing around with Linux & Mac boxes (behind NAT) and a Cisco router (which is assigned the public IPv4 addr) and a dual-stacked (telehoused outside Xtra's nw) Linux box but all my testing seems to suggest that Xtra are filtering protocol 41 - even though my traceroute attempts with raw GRE also fail but which I know to work because of the functioning VPN using it.

I can ping 192.88.99.1 (and traceroutes appear to go to .au...) from home (...traceroute from my colo'd box reaches fx.net.nz in Wgtn) and I've even tried using my colo'd box as a relay but the IPv4 traffic doesn't seem to make it there.

The one thing that would give me certainty which I can't do is put a Linux box in the place of the Cisco router to see if any proto 41 traffic makes to the the public IPv4 address but then if they are filtering this outbound traffic then it's unlikely inbound would get through.

Any ideas/knowledge on this subject please?

Filter this topic showing only the reply marked as answer Create new topic
2380 posts

Uber Geek

Trusted
Subscriber
  Reply # 738329 29-Dec-2012 14:35 Send private message

Try to connect your computer directly onto the public IPv4 address (ie maybe get a bridging modem and connect the PPP session from your computer). I suspect one of your devices is filtering it out - GRE doesn't do well with NAT.





124 posts

Master Geek
  Reply # 738346 29-Dec-2012 15:08 Send private message

I have a working 6to4 setup on Xtra, so it does work. An ACL on the Cisco will tell you if you are getting packets.

Does the Cisco support ipv6? That might be an easier way to go.

904 posts

Ultimate Geek

Trusted
Telecom NZ
  Reply # 738523 30-Dec-2012 10:41 Send private message

I can say uncategorically that Telecom doesn't filter any traffic apart from TCP port 25 (SMTP) to stop computers infected with viruses sending bulkloads of spam.  You can opt out of that filter by contacting the broadband helpdesk.

So I suspect it's something wrong with your configuration... And as others said can't you configure the 6to4 tunnel on your router?  As long as you have new enough IOS then you should be away.  I configured a 6to4 on a old Cisco 1721... Just needed enough ram and new enough IOS.




I work for Telecom, but as always my views are my own.



4 posts

Wannabe Geek
Reply # 738824 31-Dec-2012 11:01 Send private message

Thanks guys (why doesn't this site email me to say someone replied like fb does?! - I only read your replies because I came here to post an update.)

I managed to get it going (sometimes it pays to sleep on a problem huh), some weirdness with using traceroute -P 41 going on I suspect, _and_ some weirdness pinging/tracerouting from the Cisco itself (an 877 w/ current 12.4/15.x so yes it supports IPv6 & 6to4, duh) - ping & traceroute are only working to/from the inside nw, I cannot use any of the router's 6to4 addresses as an endpoint to ping from outside.

It's also working flawlessly with my GRE multipoint VPN (I was concerned that I'd have to drop this to make 6to4 work due to a comment in some Cisco docs).
(I don't know why someone suggested GRE has issues with NAT, I can PPTP through it just fine, unless your foreign endpoint is handing out addresses in the same range as your internal subnet - that's not good, tried changing your internal nw range?).

Very pleased, just a shame my nearest relay is in Aussie.

2380 posts

Uber Geek

Trusted
Subscriber
  Reply # 738827 31-Dec-2012 11:11 Send private message

When will Telecom be offering native IPv6?





1332 posts

Uber Geek
  Reply # 738853 31-Dec-2012 13:12 Send private message

Jamey: Thanks guys (why doesn't this site email me to say someone replied like fb does?! - I only read your replies because I came here to post an update.)



It does if you want it to. This can be configured globally in your profile, for just one topic, there is a check box right next to the "Post Reply" button.

Filter this topic showing only the reply marked as answer Create new topic



Twitter »
Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when new jobs are posted to our jobs board:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:




News »
Amazon brings Kindle Fire to 170 countries, expand app store to more than 200 countries
Posted 24-May-2013 14:41

Gen-i and SAP partner in mobile business
Posted 23-May-2013 09:23

Ericsson to close down telecom cable manufacturing
Posted 23-May-2013 08:46

FaceToFace Communications and StarLeaf bring unique cloud-based videoconferencing to Australia and New Zealand
Posted 22-May-2013 09:12

IBM Watson finds a new job: customer services
Posted 22-May-2013 08:37

Microsoft unveils Xbox One
Posted 22-May-2013 08:11


Trending now »
Hot discussions in our forums right now:

Fecked up religious people strike again :-(
Created by Mark, last reply by BurningBeard on 25-May-2013 00:03 (84 replies)
Pages... 4 5 6

Cannabis is illegal yet we have really strong 'legal highs' ?
Created by qwerty7, last reply by freitasm on 23-May-2013 23:20 (74 replies)
Pages... 3 4 5

Xbox One
Created by DjShadow, last reply by Kingy on 24-May-2013 13:48 (68 replies)
Pages... 3 4 5

A new project coming to Geekzone
Created by freitasm, last reply by l43a2 on 24-May-2013 23:02 (342 replies)
Pages... 21 22 23

Troublesome transition to VDSL
Created by oseiler, last reply by michaelmurfy on 24-May-2013 13:57 (18 replies)
Pages... 2

HTC One (2013) owners' discussion
Created by Dingbatt, last reply by wlfkfgkwlaktka on 24-May-2013 15:49 (1564 replies)
Pages... 103 104 105

Monolithic Cement Sheet cladding mid 80s house - "leaky home" or not?
Created by joker97, last reply by mattwnz on 24-May-2013 23:46 (15 replies)

Warning - Users with Tenda ADSL modem
Created by Psi, last reply by Psi on 24-May-2013 22:01 (44 replies)
Pages... 2 3


Geekzone Jobs »
Most recent NZ jobs in technology:

Organisational Change Analyst
Posted 24-May-2013 19:28

Dedicated Java Developer/ Technical lead
Posted 24-May-2013 18:28

Account Manager - IT/Telco
Posted 24-May-2013 18:28

Commercial Java Developer
Posted 24-May-2013 18:28

Senior DB2 Database Administrator
Posted 24-May-2013 18:28

Technical BA
Posted 24-May-2013 18:28

OSS Systems Engineer
Posted 24-May-2013 18:28


Geekzone Live »
Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Updates »
Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.