Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

How does the HE tunnel broker prevent abuse?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

How does the HE tunnel broker prevent abuse?

jerry_mejerry_me Member
in General

I don't know exactly how to prevent these problems, since it is free, such as uninterrupted downloads and uploads all day long, seedboxes, spam, copyrighted content.

The tunnel capacity is always limited, will there be a speed limit to prevent serious abuse.

Comments

  • KousakaKousaka Member

    HE is a large carrier so they can deal with more issues than a small VPS provider

  • yoursunnyyoursunny Member, IPv6 Advocate

    Hurricane Electric AS6939 is one of the largest IPv6 transit networks.
    They are almost a Tier 1 network for IPv6 except they don't peer with Cogent.

    Uninterrupted downloads and uploads all day long isn't a problem for them, because this is what transit networks are designed for.
    If you download from a customer of AS6939, Hurricane Electric receives payment from that customer.

    On the IPv4 side where your tunnels run, AS6939 purchases transit from Telia/AS1299 to reach NTT/AS2914, Cogent/AS174, and Tata/AS6453.
    When you tunnel from these networks, Hurricane Electric would pay for your downloads.

    In 2020, Oracle Cloud Tokyo lacked IPv6 and was single-home NTT.
    It had >150ms latency to every TunnelBroker location including Tokyo and Singapore.
    Such high latency and low speeds force users to give up eventually.

    Thanked by 11ask_seek_knock FrankZ Xrmaddness xms lentro bulbasaur idleparty skorupion tux dahartigan Not_Oles
  • deankdeank Member, Troll

    When you are big enough, you can pushup others.

    Thanked by 3yoursunny FrankZ tux
  • mcgreemcgree Member

    As far as I know, HE is IPv6 Tier-1 and don't need to pay more than the hardware cost to use its network, but if you need to use other upstream or get a better experience, it's probably better to use the IPv6 provided by your ISP?

  • FrankZFrankZ Veteran

    Regarding spam port 25 is blocked for all but the oldest members.

  • Daniel15Daniel15 Veteran

    There's also some networks that are blocked. Last I checked, Cloudflare were blocked for their free tunnels, at least for inbound connections. https://forums.he.net/index.php?topic=3805.0

    Thanked by 1Not_Oles
  • jerry_mejerry_me Member

    @Daniel15 said:
    There's also some networks that are blocked. Last I checked, Cloudflare were blocked for their free tunnels, at least for inbound connections. https://forums.he.net/index.php?topic=3805.0

    I verified in both regions that Cloudflare is not currently blocking HE IPv6.

    Thanked by 1Not_Oles
  • yoursunnyyoursunny Member, IPv6 Advocate
    edited January 2022

    @Daniel15 said:
    There's also some networks that are blocked. Last I checked, Cloudflare were blocked for their free tunnels, at least for inbound connections. https://forums.he.net/index.php?topic=3805.0

    You cannot point AAAA record with orange cloud to TunnelBroker IP.
    That's blocked on Hurricane Electric side for unexpained reason.
    Whether you have free or paid Cloudflare site is irrelevant.

    Running cloudflared on the origin server, making an outbound connection to Cloudflare infrastructure, could still work.
    At least I haven't heard that's blocked.
    P.S. cloudflared is also useful for hosting a website behind CGNAT or dynamic IP.

    Accessing Cloudflare hosted sites as a client definitely works.

    Thanked by 1Not_Oles
  • jerry_mejerry_me Member

    @yoursunny said:

    @Daniel15 said:
    There's also some networks that are blocked. Last I checked, Cloudflare were blocked for their free tunnels, at least for inbound connections. https://forums.he.net/index.php?topic=3805.0

    You cannot point AAAA record with orange cloud to TunnelBroker IP.
    That's blocked on Hurricane Electric side for unexpained reason.
    Whether you have free or paid Cloudflare site is irrelevant.

    Running cloudflared on the origin server, making an outbound connection to Cloudflare infrastructure, could still work.
    At least I haven't heard that's blocked.
    P.S. cloudflared is also useful for hosting a website behind CGNAT or dynamic IP.

    Accessing Cloudflare hosted sites as a client definitely works.

    I used the CFP panel to add the AAAA records and it worked fine.

    You can also try:

    https://cdn.wzfou.com/

  • yoursunnyyoursunny Member, IPv6 Advocate
    edited January 2022

    @jerry_me said:

    @yoursunny said:

    @Daniel15 said:
    There's also some networks that are blocked. Last I checked, Cloudflare were blocked for their free tunnels, at least for inbound connections. https://forums.he.net/index.php?topic=3805.0

    You cannot point AAAA record with orange cloud to TunnelBroker IP.
    That's blocked on Hurricane Electric side for unexpained reason.
    Whether you have free or paid Cloudflare site is irrelevant.

    Running cloudflared on the origin server, making an outbound connection to Cloudflare infrastructure, could still work.
    At least I haven't heard that's blocked.
    P.S. cloudflared is also useful for hosting a website behind CGNAT or dynamic IP.

    Accessing Cloudflare hosted sites as a client definitely works.

    I used the CFP panel to add the AAAA records and it worked fine.

    You can add AAAA records, but the website will not work as soon as you turn on orange cloud because traffic is blocked by Hurricane Electric.

    You can also try:

    https://cdn.wzfou.com/

    This is phishing website stealing Cloudflare API keys.

    Thanked by 4allnetstore Not_Oles Logano TimboJones
Sign In or Register to comment.