> On 2/20/2011 2:46 PM, wes smith wrote: >> I'm trying to complete the cert from http://ipv6.he.net/certification/ >> but run into problems. The next step is to connect to the website >> with an ipv6 addy. I'm using ubuntu server in a vbox that is bridged >> to my ethernet. >> Qwest is my ISP >> Used the conf given on the website >> Allowing protocol 41 on the server >> iptables -t filter -I INPUT -p 41 -j ACCEPT >> iptables -t filter -I OUTPUT -p 41 -j ACCEPT >> >> try to portscan / ping from outside the network and get no response, >> ping6 ipv6.google.com resloves to ipv4???? on my freebsd box ping6 >> resloves to the correct ipv6 addy >> >> root at frogger:~# ping6 ipv6.google.com >> PING ipv6.google.com(iw-in-x93.1e100.net) 56 data bytes >> >> and from the outside >> >> ~ ping6 2001:470:1f10:b8f::2 >> PING6(56=40+8+8 bytes) 2a01:270:0:ffff:ffff:2050:0:2 --> 2001:470:1f10:b8f::2 >> ^C >> I can ping / traceroute my ipv4 addy from outside just fine. Must be a >> protocol 41 / nat problem?? > > Can you ping6 2001:470:1f10:b8f::1 (i.e., what should be the HE side > of your tunnel) with any regularity? I'm attempting to trace to > 2001:470:1f10:b8f::2 to no avail. You're not filtering IPv6 traffic > (with ip6tables), are you? (Wait, if you're behind NAT, is the NAT > device forwarding protocol 41 to whatever computer/device is terminating > the tunnel?) > > I'd be happy to follow up on this; HE has specifically asked me to > help others complete the certification. > http://twitter.com/#!/henet/status/38124125469937665 ;-) > > Jima > (1 of 17 Sages in MN) Okay I put the router on the dmz so everything should be open to the net. My bridge has dd-wrt, but my main router doesnt support dd-wrt and I don't think adding some iptables rules will affect anything added some more rules to the host ip6tables -A INPUT -p icmpv6 -j ACCEPT ip6tables -A FORWARD -j ACCEPT enabled ipv6 forwarding in the kernel