Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

IPv6 tunnel broken #15

Open
jowerner opened this issue Aug 24, 2020 · 1 comment
Open

IPv6 tunnel broken #15

jowerner opened this issue Aug 24, 2020 · 1 comment

Comments

@jowerner
Copy link
Contributor

Since cloud providers don't support IPv6 out of box, our images configure a tunnel, where IPv6 traffic is transported via IPv4. However, it looks like this tunnel does not work any longer.

The support for the IPv6 tunnel is completely broken since the switch to Ubuntu 18.04. See below for the log output of the ipv6tunnel service:

ubuntu@ip-10-0-1-23:/etc/network$ more /var/log/syslog |grep ipv6
Aug 24 11:07:24 ip-10-0-1-23 ipv6tunnel[978]: Setup IPv6 6to4 ...
Aug 24 11:07:25 ip-10-0-1-23 ipv6tunnel[978]: Public IPv6 address using 6to4 will be: 2002:3da:f847::dead:beef:dead:beef
Aug 24 11:07:25 ip-10-0-1-23 ipv6tunnel[978]: configuring network interface
Aug 24 11:07:25 ip-10-0-1-23 ipv6tunnel[978]: bash: /etc/network/interfaces.d/tun6to6.cfg: No such file or directory
Aug 24 11:07:25 ip-10-0-1-23 ipv6tunnel[978]: starting tun6to4 device...
Aug 24 11:07:25 ip-10-0-1-23 ipv6tunnel[978]: sudo: ifup: command not found

Consequently, IPv6 will not work at all:

ubuntu@ip-10-0-1-23:/etc/network$ curl -6 example.org
curl: (7) Couldn't connect to server

With older images based on Ubuntu 16.04, the tunnel setup succeeded:

ubuntu@ip-10-0-1-186:~$ more /var/log/syslog |grep ipv6
Aug 24 11:50:39 ip-10-0-1-186 ipv6tunnel[1088]: Setup IPv6 6to4 ...
Aug 24 11:50:40 ip-10-0-1-186 ipv6tunnel[1088]: Public IPv6 address using 6to4 will be: 2002:22ed:63::dead:beef:dead:beef
Aug 24 11:50:40 ip-10-0-1-186 ipv6tunnel[1088]: configuring network interface
Aug 24 11:50:40 ip-10-0-1-186 ipv6tunnel[1088]: sudo: unable to resolve host ip-10-0-1-186
Aug 24 11:50:40 ip-10-0-1-186 ipv6tunnel[1088]: starting tun6to4 device...
Aug 24 11:50:40 ip-10-0-1-186 ipv6tunnel[1088]: sudo: unable to resolve host ip-10-0-1-186

However, the request to the test server timed out nevertheless:

ubuntu@ip-10-0-1-186:~$ curl -6 example.org
curl: (7) Failed to connect to example.org port 80: Connection timed out

We could surely fix the tunnel setup for Ubuntu 18.04, but it is not clear yet whether the tunnel approach works reliably at all.
@jowerner
Copy link
Contributor Author

Here is one post stating that IPv6 tunnels are not possible in Google Compute Engine: https://stackoverflow.com/questions/31066205/how-to-allow-protocol-41-6in4-through-the-gce-firewall

Although the talk is about a "6in4" tunnel, it should apply to the "6to4" tunnel we use as well as both tunnels use protocol version 41 which is blocked.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jowerner