Posted: Fri May 23, 2025 11:41 Post subject: Created a 6to4 tunnel. Can't access the tunnel
I have created a 6to4static tunnel on the MR7500, but for some reason I cannot get traffic to or from the WAN using IPv6. I can ping devices inside the lan with IPv6 using addresses acquired using RADVD. I cannot ping anything outside the WAN, nor can I ping anything inside the LAN from the WAN.
Suggestions?
On a side note I thought I read a post several weeks back that mentioned Native Ipv6 works, but DHCPv6 & 6to4medices, but now I am not able to find that post.
Joined: 07 Jan 2025 Posts: 151 Location: Bethel Park, PA, USA
Posted: Fri May 23, 2025 19:46 Post subject:
It's been a while since I used Hurricane since my ISP finally got IPV6, but I still remember a few things. You might want to post a screenshot of your settings. Are you using DHCPv6 and RADVD, or are you using DNSMasq for IPv6 distribution? _________________ Formerly dpp3530 Linksys MR7350
Gateway, 2 wired APs, NSS-ECM , Clock 1440MHz
VAPs on wlan0 and wlan1 for guest/IOT devices
IPv4 & IPv6 (Prefix Delegation)
Static Leases & DHCP
SmartDNS (using NextDNS, Cloudflare), DNSMasq
Wireguard and OpenVPN server
2.4GHz: dd-wrt, N/G-Mixed, ACK Timing 1350, WPA3 SAE & WPA2 w/AES
5GHz: dd-wrt, AX/AC/N Mixed, ACK Timing 1350, WPA3 SAE & WPA2 w/AES
Verizon Fios, 500/500Mbps
First of all I'm using HE.NET to experiment with in a college course. My ISP has native IPv6 but it's not a safe/privacy minded implementation. Once a device is assigned a public IPv6 address on their network it can never be changed. Even using randomized MAC you still get the same IPv6 address. How? IDK? I would like to know how they manage that. UUID maybe?
I tried several builds starting at r60771 and up.
6to4 static tunnels can be created and connect to the server, but you cannot get any traffic into or out of the tunnel on the client end. The server sees the tunnel as active, the server can ping the client IPv4 device address, but there is no response through the tunnel. All clients that are IPv6 capable are getting a PUBLIC IPv6 address in my block of IP's. I could ping all of those clients using the public IPv6 within the LAN. I could not ping anything outside the WAN, nor can I ping in from the WAN.
I rolled back to r60742(pre-DSA), without resetting the config, and the tunnel came up and works as expected. No changes to the config. Swapped partitions that has r60771 and tunnel failed to work again.
Below is my 6to4 config that works with r60742 and earlier, but does not work with r60771 and later. I am not worried about the tunnel IP addresses in the image since I already deleted that tunnel.
Joined: 07 Jan 2025 Posts: 151 Location: Bethel Park, PA, USA
Posted: Sat May 24, 2025 12:43 Post subject:
For curiosity, I fired up the old Hurricane tunnel on my MR7350, which has always had DSA. I got the same results you did. My clients are getting IPs but they can't ping anything outside the network and test-ipv6.com fails. _________________ Formerly dpp3530 Linksys MR7350
Gateway, 2 wired APs, NSS-ECM , Clock 1440MHz
VAPs on wlan0 and wlan1 for guest/IOT devices
IPv4 & IPv6 (Prefix Delegation)
Static Leases & DHCP
SmartDNS (using NextDNS, Cloudflare), DNSMasq
Wireguard and OpenVPN server
2.4GHz: dd-wrt, N/G-Mixed, ACK Timing 1350, WPA3 SAE & WPA2 w/AES
5GHz: dd-wrt, AX/AC/N Mixed, ACK Timing 1350, WPA3 SAE & WPA2 w/AES
Verizon Fios, 500/500Mbps
