Skip to content

Instantly share code, notes, and snippets.

@rys
Last active August 17, 2024 18:04
Show Gist options
  • Save rys/fba04fafac8dd1a67e62 to your computer and use it in GitHub Desktop.
Save rys/fba04fafac8dd1a67e62 to your computer and use it in GitHub Desktop.
HE.net Tunnelbroker IPv6 tunnel on EdgeOS
# this assumes WAN is eth0 and LAN is switch0. Please adjust for your own setup
configure
# Tunnel first
edit interfaces tunnel tun0
set encapsulation sit
set local-ip xxx.xxx.xxx.xxx # your WAN IP
set remote-ip xxx.xxx.xxx.xxx # HE.net Server IPv4 Address
set address xxxx:xxxx:xxxx:xxxx::2/64 # Client IPv6 Address
set description "HE.NET IPv6 Tunnel"
exit
set protocols static interface-route6 ::/0 next-hop-interface tun0
commit
# Use DHCPv6 to set some client config parameters
edit service dhcpv6-server shared-network-name SWITCH0_V6POOL
set subnet xxxx:xxxx:xxxx:xxxx::/64 domain-search xxxx # your local domain
set subnet xxxx:xxxx:xxxx:xxxx::/64 name-server xxxx:xxxx:xxxx:xxxx::2
top
commit
# Set the LAN IPv6 address
set interfaces switch switch0 address xxxx:xxxx:xxxx:xxxx::1/64 # 1st IP in the routed /64
# Set the DHCPv6 options to assign interface parameters only, not addresses
set interfaces switch switch0 dhcpv6-options parameters-only
# Setup Router Advertisement
edit interfaces switch switch0 ipv6
set dup-addr-detect-transmits 1
set router-advert cur-hop-limit 64
set router-advert default-preference high
set router-advert link-mtu 0
set router-advert managed-flag false
set router-advert max-interval 600
set router-advert other-config-flag true
set router-advert prefix xxxx:xxxx:xxxx:xxxx::/64 autonomous-flag true # Routed /64
set router-advert prefix xxxx:xxxx:xxxx:xxxx::/64 on-link-flag true
set router-advert prefix xxxx:xxxx:xxxx:xxxx::/64 valid-lifetime 2592000
set router-advert reachable-time 0
set router-advert retrans-timer 0
set router-advert send-advert true
top
commit
# Save everything
save
@leonid-k
Copy link

leonid-k commented Oct 9, 2020

EdgeRouter 12 v2.0.8-hotfix.1, most of all working,
"edit service dhcpv6-server shared-network-name SWITCH0_V6POOL" my router doesn't like, everything else is working.
Thank you so much

@mmhorda
Copy link

mmhorda commented Feb 3, 2021

Hi. I tried your configuration. It seems partially working. I get IPv6s on my local devices BUT I cannot ping or visit ipv6 resources.

ping -6 google.com

Pinging google.com [2a00:1450:4014:80d::200e] with 32 bytes of data:
Request timed out.
Request timed out.

Do you know how to fix that?

@rys
Copy link
Author

rys commented Feb 3, 2021

Hi. I tried your configuration. It seems partially working. I get IPv6s on my local devices BUT I cannot ping or visit ipv6 resources.

ping -6 google.com

Pinging google.com [2a00:1450:4014:80d::200e] with 32 bytes of data:
Request timed out.
Request timed out.

Do you know how to fix that?

Do you have a traceroute you could share to see how far the IPv6 traffic is getting?

@mmhorda
Copy link

mmhorda commented Feb 4, 2021

Hey. Thanks for prompt reply.
I have fixed it. not sure how. I think i had it wrong set in this part:

Set the LAN IPv6 address

set interfaces switch switch0 address xxxx:xxxx:xxxx:xxxx::1/64 # 1st IP in the routed /64

messing around this has fixed the problem.

@rys
Copy link
Author

rys commented Feb 4, 2021

Great!

@leonid-k
Copy link

leonid-k commented Apr 7, 2021

just small clarification, in my router there are 12 ports, where only 8 ports are connected to single switch, therefore I defined bridge for 11 ports (except WAN) and used this configuration, but where is written " interfaces switch switch0" changed to "interfaces bridge br0", logically it it the same and it is working.

BTW, stopped usage Tunnelbroker since I got IPv6 from my internet provider.

@Makaveli101
Copy link

Makaveli101 commented Apr 12, 2021

Hi got it working thank you so much,

just in case I haven't messed up this section:

set router-advert prefix xxxx:xxxx:xxxx:xxxx::/64 autonomous-flag true # Routed /64
set router-advert prefix xxxx:xxxx:xxxx:xxxx::/64 on-link-flag true (is this the routed /64? or client ipv6 address)
set router-advert prefix xxxx:xxxx:xxxx:xxxx::/64 valid-lifetime 2592000 (is this the routed /64? or client ipv6 address)

are they ALL the routed /64? or client ipv6 address?

EDIT: nevermind looks like they are all the Routed /64

Currently using it with ISP Virgin Media and it's confirmed that they throttle protocol 41.
this is how bad it is: http://img2.ipv6-test.com/speedtest/result/2021/04/12/846f902c12feef60789a7a8ca0bc3ff3.png

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment