SixXS::Sunset 2017-06-06

Unable to keep tunnel open
[nl] Shadow Hawkins on Monday, 27 April 2009 09:58:38
I've set up a ipv6 tunning using aiccu on a FC7 ppc box. The tunnel works fine an I'm already running SABnzbd on some ipv6 newsservers. The tunnel won't stay open however when the data transfers stops. I'll just end up with 100% loss. It'll also stay open when I continuously ping any ipv6 address, but I have to set quite a high interval; ping6 -i 30 ipv6.google.com will keep the tunnel open, setting it to 40 seconds however won't keep the tunnel open. The machine is behind a 3com router but I don't think that is causing problem. It doesn't do any SNAT itself. It seems there is some sort of timeout somewhere, does anyone have any suggestions where I might find this? [gonzo@imac ~]# ip -6 route 2001:1af8:fe00:10e::/64 dev sixxs metric 256 expires 21328131sec mtu 1280 advmss 1220 hoplimit 4294967295 fe80::/64 dev eth0 metric 256 expires 19808216sec mtu 1500 advmss 1440 hoplimit 4294967295 fe80::/64 dev sixxs metric 256 expires 21328131sec mtu 1280 advmss 1220 hoplimit 4294967295 default via 2001:1af8:fe00:10e::1 dev sixxs metric 1024 expires 21328131sec mtu 1280 advmss 1220 hoplimit 4294967295
Unable to keep tunnel open
[ch] Jeroen Massar SixXS Staff on Monday, 27 April 2009 10:01:50
FAQ: My tunnel goes down after some idletime. My tunnelendpoint also is a NAT/Connection Tracker
Unable to keep tunnel open
[nl] Shadow Hawkins on Monday, 27 April 2009 10:50:49
Ah, I forgot to mention that this box does not do any routing.... [gonzo@imac ~]# iptables -L -t nat Chain PREROUTING (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Other suggestions are welcome :)
Unable to keep tunnel open
[ch] Jeroen Massar SixXS Staff on Monday, 27 April 2009 10:58:34
Doesn't matter, if you have connection tracking compiled into your kernel, the behavior mentioned in that FAQ item happens.
Unable to keep tunnel open
[nl] Shadow Hawkins on Monday, 27 April 2009 11:12:32
Oke, the FAQ does not mention that. I did already add the NOTRACK to the raw table but that does not accomplish anything.
Unable to keep tunnel open
[ch] Jeroen Massar SixXS Staff on Monday, 27 April 2009 11:27:08
That is because the connection tracking might also happens in the next box, aka your '3com router'.
Unable to keep tunnel open
[nl] Shadow Hawkins on Monday, 27 April 2009 17:56:23
It took me some time to realize that, indeed... thanks for that insight.
Unable to keep tunnel open
[nl] Shadow Hawkins on Monday, 27 April 2009 10:56:59
And I allready tried to add the NOTRACK in the 'raw' table. [gonzo@imac ~]# iptables -L -t raw Chain PREROUTING (policy ACCEPT) target prot opt source destination NOTRACK ipv6 -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination

Please note Posting is only allowed when you are logged in.
Static Sunset Edition of SixXS
©2001-2017 SixXS - IPv6 Deployment & Tunnel Broker