On 2/20/2011 2:46 PM, wes smith wrote: > I'm trying to complete the cert from http://ipv6.he.net/certification/ > but run into problems. The next step is to connect to the website > with an ipv6 addy. I'm using ubuntu server in a vbox that is bridged > to my ethernet. > Qwest is my ISP > Used the conf given on the website > Allowing protocol 41 on the server > iptables -t filter -I INPUT -p 41 -j ACCEPT > iptables -t filter -I OUTPUT -p 41 -j ACCEPT > > try to portscan / ping from outside the network and get no response, > ping6 ipv6.google.com resloves to ipv4???? on my freebsd box ping6 > resloves to the correct ipv6 addy > > root at frogger:~# ping6 ipv6.google.com > PING ipv6.google.com(iw-in-x93.1e100.net) 56 data bytes > > and from the outside > > ~ ping6 2001:470:1f10:b8f::2 > PING6(56=40+8+8 bytes) 2a01:270:0:ffff:ffff:2050:0:2 --> 2001:470:1f10:b8f::2 > ^C > I can ping / traceroute my ipv4 addy from outside just fine. Must be a > protocol 41 / nat problem?? Can you ping6 2001:470:1f10:b8f::1 (i.e., what should be the HE side of your tunnel) with any regularity? I'm attempting to trace to 2001:470:1f10:b8f::2 to no avail. You're not filtering IPv6 traffic (with ip6tables), are you? (Wait, if you're behind NAT, is the NAT device forwarding protocol 41 to whatever computer/device is terminating the tunnel?) I'd be happy to follow up on this; HE has specifically asked me to help others complete the certification. http://twitter.com/#!/henet/status/38124125469937665 ;-) Jima (1 of 17 Sages in MN)