Skip to content

Instantly share code, notes, and snippets.

@bgrewell

bgrewell/udm-pro-he-ipv6-setup.md

Last active October 27, 2024 19:26
Show Gist options
  • Save bgrewell/591b5ce8809f2bbf0b3999921cecef60 to your computer and use it in GitHub Desktop.
Save bgrewell/591b5ce8809f2bbf0b3999921cecef60 to your computer and use it in GitHub Desktop.
Download ZIP
This gist describes how to setup a hurricane electric (TunnelBroker) IPv6 tunnel on a Ubiquiti Unifi Dream Machine Pro
Raw
udm-pro-he-ipv6-setup.md

Setup IPv6 Tunnel on Unifi Dream Machine Pro

Enable SSH

TODO

Configure To Dream Machine Over SSH

SSH to your UDM

ssh root@<udm ip address>
<enter the password you set when prompted>

Configure the IPv6 Tunnel - You get the addresses from the Tunnel Details page on TunnelBroker

ip tunnel add he-ipv6 mode sit remote <server ipv4 address> local <client ipv4 address> ttl 255
ip link set he-ipv6 up
ip addr add <client ipv6 address> dev he-ipv6
ip route add ::/0 dev he-ipv6
ip -f inet6 addr

Test Connectivity from UDM

ping 2600::

Setup Address Allocation

TODO

@DJBenson
Copy link

There may be something on the SE that is updating those iptables as well that’s different from the UDMP… I’d be interested if that’s the case

Something is definitely overwriting the rules - I just wouldn't know where to start looking for it.

In the above (sorry if I'm mansplaining) I force applied the rules, checked the he-ipv6 interface and the rules were applied and then within seconds they had gone again.

@DJBenson
Copy link

I saw these errors in the logs, not sure if they are relevant;

root@Dream-Machine-Special-Edition:/data/ipv6# ./enable-he-ipv6.sh
add tunnel "sit0" failed: No buffer space available
RTNETLINK answers: File exists
RTNETLINK answers: File exists
<14>May 12 09:56:54 enable-he-ipv6: HE-IPV6 enabled

I updated a couple of my comments above.

Do you want me to take this over to your repo to continue this discussion?

@DJBenson
Copy link

DJBenson commented May 12, 2023
edited
Loading

I think I may be onto something, I use a PPPoE connection to connect to my ISP - I was looking over all the configured interfaces and running the iptables6 command and the only one which resulted in anything like what you posted was the ppp0 interface. Could it be I need to scrape the rules from that interface rather than eth9?

Rules below for comparison;

eth9

root@Dream-Machine-Special-Edition:/data/ipv6# ip6tables-save | grep -i eth9
:UBIOS_WF_IFACE_ETH9 - [0:0]
-A UBIOS_WF_IFACE_ETH9 -j MARK --set-xmark 0x1c0000/0x7e0000
-A UBIOS_WF_IFACE_ETH9 -m mark ! --mark 0x0/0x7e0000 -j CONNMARK --save-mark --nfmask 0x7e0000 --ctmask 0x7e0000
-A UBIOS_WF_IFACE_ETH9 -j RETURN
-A UBIOS_WF_IN_WANS -i he-ipv6 -j UBIOS_WF_IFACE_ETH9

ppp0

root@Dream-Machine-Special-Edition:/data/ipv6# ip6tables-save | grep -i ppp0
-A UBIOS_WF_PRE_JUMP -i ppp0 -j RETURN
:UBIOS_WF_IFACE_PPP0 - [0:0]
-A UBIOS_FORWARD_TCPMSS -o ppp0 -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1432
-A UBIOS_FORWARD_TCPMSS -i ppp0 -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1432
-A UBIOS_WF_GROUP_1_SINGLE -m mark --mark 0x0/0x7e0000 -m dyn_random --prob-name "ppp0-wf-group-1-single" -j MARK --set-xmark 0x1a0000/0x7e0000
-A UBIOS_WF_IFACE_PPP0 -j MARK --set-xmark 0x1a0000/0x7e0000
-A UBIOS_WF_IFACE_PPP0 -m mark ! --mark 0x0/0x7e0000 -j CONNMARK --save-mark --nfmask 0x7e0000 --ctmask 0x7e0000
-A UBIOS_WF_IFACE_PPP0 -j RETURN
-A UBIOS_WF_IN_WANS -i ppp0 -j UBIOS_WF_IFACE_PPP0
-A UBIOS_FORWARD_IN_USER -i ppp0 -m comment --comment 00000001095216663481 -j UBIOS_WAN_PF_IN_USER
-A UBIOS_FORWARD_IN_USER -i ppp0 -m comment --comment 00000001095216663482 -j UBIOS_WAN_IN_USER
-A UBIOS_FORWARD_OUT_USER -o ppp0 -m comment --comment 00000001095216663481 -j UBIOS_WAN_PF_OUT_USER
-A UBIOS_FORWARD_OUT_USER -o ppp0 -m comment --comment 00000001095216663482 -j UBIOS_WAN_OUT_USER
-A UBIOS_FWD_IN_GEOIP_PRECHK -i ppp0 -j UBIOS_IN_GEOIP
-A UBIOS_FWD_OUT_GEOIP_PRECHK -o ppp0 -j UBIOS_OUT_GEOIP
-A UBIOS_INPUT_GEOIP_PRECHK -i ppp0 -j UBIOS_IN_GEOIP
-A UBIOS_INPUT_USER_HOOK -i ppp0 -m comment --comment 00000001095216663481 -j UBIOS_WAN_LOCAL_USER

Should have said this is the "old" version of the script - the new version doesn't correctly detect the ppp0 interface as it's prefixed with a number;

root@Dream-Machine-Special-Edition:/data/ipv6# WAN_IFACE=$(ip route get 8.8.8.8 | awk '{ printf $5 }')
root@Dream-Machine-Special-Edition:/data/ipv6# echo $WAN_IFACE
201.ppp0

@DJBenson
Copy link

It looks like something is failing causing the firewall rules to be re-applied;

2023-05-12T11:59:17+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:18+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:19+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:21+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:22+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:24+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:25+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:27+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:28+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:30+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:31+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:33+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:34+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:36+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:37+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:38+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:40+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:42+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:43+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:45+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:46+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:47+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:49+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:51+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Trying to migrate config due to inconsistency (invalid config .versionDetail: must be between 9 and 9: .interfaces) to resolve following issue: invalid config: configuration syntax is invalid: IDSIPSSignaturesMode must be an object: .services.idsIps.signatures
2023-05-12T11:59:51+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Starting config .versionFormat 'v2' migration for /tmp/udapi-fastapply-82b6_d6fc_82b7_c253.cfg.tmp
2023-05-12T11:59:51+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.firewall/filter from 1 to 2
2023-05-12T11:59:51+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.firewall/filter from 2 to 3
2023-05-12T11:59:51+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.firewall/mangle from 1 to 2
2023-05-12T11:59:51+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.firewall/mangle from 2 to 3
2023-05-12T11:59:51+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.firewall/mangle from 3 to 4
2023-05-12T11:59:51+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.firewall/nat from 1 to 2
2023-05-12T11:59:51+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.firewall/nat from 2 to 3
2023-05-12T11:59:51+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.firewall/pbr from 1 to 2
2023-05-12T11:59:51+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.firewall/pbr from 2 to 3
2023-05-12T11:59:51+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.firewall/pbr from 3 to 4
2023-05-12T11:59:51+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.interfaces from 8 to 9
2023-05-12T11:59:51+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.qos/ip from 1 to 2
2023-05-12T11:59:51+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.routes/ospf from 2 to 3
2023-05-12T11:59:51+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.routes/ospf/areas from 2 to 3
2023-05-12T11:59:51+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.services/ddns from 1 to 2
2023-05-12T11:59:51+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.services/dnsForwarder from 2 to 3
2023-05-12T11:59:51+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.services/idsIps from 1 to 2
2023-05-12T11:59:52+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.services/igmpSnooping from 1 to 2
2023-05-12T11:59:52+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.services/l2tpServer from 1 to 2
2023-05-12T11:59:52+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.services/wanFailover from 4 to 5
2023-05-12T11:59:52+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.system from 1 to 2
2023-05-12T11:59:52+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.system from 2 to 3
2023-05-12T11:59:52+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.system from 3 to 4
2023-05-12T11:59:52+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.vpn/ipsec/site-to-site from 1 to 2
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.vpn/ipsec/site-to-site from 2 to 3
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.vpn/openvpn/peers from 1 to 2
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.vpn/openvpn/peers from 2 to 3
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.vpn/openvpn/peers from 3 to 4
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.qos from 1 to 2
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.vpn/openvpn/raws from 2 to 3
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.vpn/wireguard/clients from 0 to 1
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.vpn/wireguard/clients from 1 to 2
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.vpn/wireguard/site-to-sites from 1 to 2
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.vpn/wireguard/site-to-sites from 2 to 3
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.vpn/wireguard/servers from 1 to 2
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.services/dohProxy from 0 to 1
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.services/stunnel from 0 to 1
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrating config .versionDetail.routes/access-lists from 0 to 1
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Finished config .versionFormat 'v2' migration of /tmp/udapi-fastapply-82b6_d6fc_82b7_c253.cfg.tmp
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: config-migrate-helper: Migrated config is valid
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: service: vvv Apply new configuration
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: service:  *                    [interfaces]: configuring
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: service:  *                 [routes/static]: disabling
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: service:  *                   [routes/ospf]: disabling
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: service:  *                   [peripherals]: disabling
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: service:  *                        [system]: configuring
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 245 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 246 nexthops for route ::/0 dev he-ipv6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: service:  *      [services/radius-profiles]: configuring
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: service:  *                      [services]: configuring
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: svc-redirector-service:         +(services):    Keep running service redirector
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: svc-arp-inspection-service:     +(services):    Keep stopped service arpInspection
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: svc-dhcp-server-service:        +(services):    Keep running service dhcpServers-net_IoT_br100_192-168-100-0-24
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: svc-dhcp-server-service:        +(services):    Keep running service dhcpServers-net_Security_br101_192-168-101-0-24
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: svc-dhcp-server-service:        +(services):    Keep running service dhcpServers-net_Guest_br102_192-168-102-0-24
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: svc-dhcp-server-service:        +(services):    Keep running service dhcpServers-net_Management_br103_192-168-103-0-24
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: svc-dhcp-server-service:        +(services):    Keep running service dhcpServers-net_Default_br0_192-168-1-0-24
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: svc-dhcp-server-service:        +(services):    Keep running service dhcpServers-net_Default_br0_192-168-1-0-24_IPV6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: svc-dhcp-server-service:        +(services):    Keep running service dhcpServers-net_Management_br103_192-168-103-0-24_IPV6
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: svc-dns-forwarder-service:      +(services):    Keep running service dnsForwarder
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: svc-dpi-service:                +(services): Restart running service dpi
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: svc-geoip-filtering-service:    +(services):    Keep running service geoipFiltering
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: svc-ids-ips-service:            +(services):    Keep running service idsIps
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: svc-igmp-snooping-snoopd:       +(services):    Keep running service igmpSnooping
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: svc-l2tp-server:                +(services):    Keep running service l2tpServer
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: svc-lldp:                       +(services):    Keep running service lldp
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: svc-mdns-service:               +(services):    Keep running service mdns
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: svc-ntp-client-timesyncd:       +(services):    Keep running service ntpClient
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: svc-radius-server-service:      +(services):    Keep running service radiusServer
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: svc-system-log-syslog-ng:       +(services):    Keep stopped service systemLog
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: svc-unifi-network:              +(services):    Keep running service unifiNetwork
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: svc-utm-service:                +(services):    Keep running service utm
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: svc-wan-failover:               +(services):    Keep running service wanFailover
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: svc-wifiman:                    +(services):    Keep running service wifiman
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: service:  *                 [firewall/sets]: configuring
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: service:  *                  [firewall/nat]: configuring
2023-05-12T11:59:53+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: service:  *               [firewall/filter]: configuring
2023-05-12T11:59:54+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: service:  *               [firewall/mangle]: configuring
2023-05-12T11:59:54+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: service:  *                           [qos]: configuring
2023-05-12T11:59:54+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: service:  *                         [vlans]: disabling
2023-05-12T11:59:54+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: service:  *        [bridge-firewall/broute]: configuring
2023-05-12T11:59:54+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: service:  *           [bridge-firewall/nat]: configuring
2023-05-12T11:59:54+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: service: ^^^ Apply new configuration done
2023-05-12T11:59:54+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: process: Got process exit event for process redirector
2023-05-12T11:59:55+01:00 Dream-Machine-Special-Edition ubios-udapi-server[1333]: netlink: Multipath routes not supported, got 246 nexthops for route ::/0 dev he-ipv6

@telnetdoogie
Copy link

Yeah let's open an issue, if you don't mind posting your logs etc here

@RoxyBoxxy
Copy link

Does anybody have any wired issues using this?, everytime i use it some websites load and some just dont connect like if i enable this and put ipv6 on my pc tunnelbroker.com will not load but some websites do get a ipv6 connection, i have tried lowering the ttl and mtu but still same issue, doing a ping -6 google.com loses some packets also

@telnetdoogie
Copy link

telnetdoogie commented Jun 5, 2023
edited
Loading

Does anybody have any wired issues using this?

You doing any load balancing?

To narrow things down I'd start with the ping packet loss... are you perhaps having an issue with connectivity to tunnelbroker?
ipv6 aside for now, do you have any packet loss on ipv4?

Try PacketLossTest.com - I usually run the "1080P Game Stream" approximation to really exercise things.

You could also test and look for [ipv4] packet loss between your router and the HE <server ipv4 address> in your config.

@RoxyBoxxy
Copy link

RoxyBoxxy commented Jun 5, 2023
edited
Loading

Does anybody have any wired issues using this?

You doing any load balancing?

To narrow things down I'd start with the ping packet loss... are you perhaps having an issue with connectivity to tunnelbroker? ipv6 aside for now, do you have any packet loss on ipv4?

Try PacketLossTest.com - I usually run the "1080P Game Stream" approximation to really exercise things.

I dont do any load balancing this is my ping from my udm, i have 0% packet loss on ipv4

PING google.com(lhr25s33-in-x0e.1e100.net (2a00:1450:4009:81f::200e)) 56 data bytes
64 bytes from lhr25s33-in-x0e.1e100.net (2a00:1450:4009:81f::200e): icmp_seq=1 ttl=120 time=14.4 ms
64 bytes from lhr25s33-in-x0e.1e100.net (2a00:1450:4009:81f::200e): icmp_seq=2 ttl=120 time=14.5 ms
64 bytes from lhr25s33-in-x0e.1e100.net (2a00:1450:4009:81f::200e): icmp_seq=3 ttl=120 time=58.2 ms
64 bytes from lhr25s33-in-x0e.1e100.net (2a00:1450:4009:81f::200e): icmp_seq=4 ttl=120 time=14.4 ms
64 bytes from lhr25s33-in-x0e.1e100.net (2a00:1450:4009:81f::200e): icmp_seq=5 ttl=120 time=14.7 ms
64 bytes from lhr25s33-in-x0e.1e100.net (2a00:1450:4009:81f::200e): icmp_seq=6 ttl=120 time=14.4 ms
64 bytes from lhr25s33-in-x0e.1e100.net (2a00:1450:4009:81f::200e): icmp_seq=7 ttl=120 time=14.2 ms
64 bytes from lhr25s33-in-x0e.1e100.net (2a00:1450:4009:81f::200e): icmp_seq=8 ttl=120 time=14.3 ms
64 bytes from lhr25s33-in-x0e.1e100.net (2a00:1450:4009:81f::200e): icmp_seq=9 ttl=120 time=14.3 ms
64 bytes from lhr25s33-in-x0e.1e100.net (2a00:1450:4009:81f::200e): icmp_seq=10 ttl=120 time=14.3 ms
64 bytes from lhr25s33-in-x0e.1e100.net (2a00:1450:4009:81f::200e): icmp_seq=12 ttl=120 time=14.3 ms
64 bytes from lhr25s33-in-x0e.1e100.net (2a00:1450:4009:81f::200e): icmp_seq=13 ttl=120 time=14.6 ms
64 bytes from lhr25s33-in-x0e.1e100.net (2a00:1450:4009:81f::200e): icmp_seq=14 ttl=120 time=58.7 ms
64 bytes from lhr25s33-in-x0e.1e100.net (2a00:1450:4009:81f::200e): icmp_seq=15 ttl=120 time=14.6 ms
64 bytes from lhr25s33-in-x0e.1e100.net (2a00:1450:4009:81f::200e): icmp_seq=16 ttl=120 time=14.4 ms
64 bytes from lhr25s33-in-x0e.1e100.net (2a00:1450:4009:81f::200e): icmp_seq=17 ttl=120 time=88.2 ms
64 bytes from lhr25s33-in-x0e.1e100.net (2a00:1450:4009:81f::200e): icmp_seq=18 ttl=120 time=14.6 ms
64 bytes from lhr25s33-in-x0e.1e100.net (2a00:1450:4009:81f::200e): icmp_seq=19 ttl=120 time=14.0 ms
64 bytes from lhr25s33-in-x0e.1e100.net (2a00:1450:4009:81f::200e): icmp_seq=20 ttl=120 time=14.4 ms
64 bytes from lhr25s33-in-x0e.1e100.net (2a00:1450:4009:81f::200e): icmp_seq=21 ttl=120 time=14.5 ms
64 bytes from lhr25s33-in-x0e.1e100.net (2a00:1450:4009:81f::200e): icmp_seq=22 ttl=120 time=14.3 ms
64 bytes from lhr25s33-in-x0e.1e100.net (2a00:1450:4009:81f::200e): icmp_seq=23 ttl=120 time=13.9 ms
64 bytes from lhr25s33-in-x0e.1e100.net (2a00:1450:4009:81f::200e): icmp_seq=24 ttl=120 time=15.0 ms
^C
--- google.com ping statistics ---
24 packets transmitted, 23 received, 4.16667% packet loss, time 23035ms
rtt min/avg/max/mdev = 13.914/21.442/88.213/18.864 ms

@telnetdoogie
Copy link

@RoxyBoxxy which tunnel server are you currently using?

@RoxyBoxxy
Copy link

UK London 216.66.88.98

@RoxyBoxxy
Copy link

RoxyBoxxy commented Jun 6, 2023
edited
Loading

Okay so i found a fix, this is what i did

Set the he-ipv6 mtu to 1422

ip link set mtu 1422 dev he-ipv6

Delete the route to br0

ip route del <HE IPv6 client address>/64 dev br0

Then re added it using this

ip route add <HE IPv6 client address>/64 dev br0 mtu 1280

http://test-ipv6.com/index.html.en_US gives me 10/10

for some reason the udm set a route with a metric of 256 but the default for the default is 1024 so large packets failed

This is before

<HE IPv6 client address>/64 dev br0 proto kernel metric 256 pref medium
default dev he-ipv6 metric 1024 mtu 1422 pref medium

@telnetdoogie
Copy link

Glad you got that figured out and thanks for sharing!! Are you using pppoe for your WAN?

@RoxyBoxxy
Copy link

Yes i am using ppp0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment