Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


HE.net IPV6 Tunnel
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

HE.net IPV6 Tunnel

CoreyCorey Member
edited February 2013 in General

So with this HE.net IPV6 tunnel offering, we could offer ipv6 addresses to our customers over a tunnel without our provider having native ipv6 support right? Is this stable and effective? Who all here does this?

Comments

  • jarjar Patron Provider, Top Host, Veteran
    edited February 2013

    Works fine. I did it in Denver. It's not of much value without being native but it works, doesn't cost you anything.

  • @jarland said: Works fine. I did it in Denver. It's not of much value without being native but it works, doesn't cost you anything.

    What do you mean by 'not much value' ? You can still use these on your interfaces just like a native ipv6 setup right?

  • I would rather do this my self then have a provider do it, if a provider has to use a free service like this to offer IPV6 that has some major limitations such as the IPs being blacklisted due to spam issues etc then don't offer IPv6.

  • @Taylor said: I would rather do this my self then have a provider do it, if a provider has to use a free service like this to offer IPV6 that has some major limitations such as the IPs being blacklisted due to spam issues etc then don't offer IPv6.

    What do you mean? All ips can be blacklisted due to spam issues.

  • jarjar Patron Provider, Top Host, Veteran

    People just aren't that interested in IPv6 if its not routed to the datacenter. A tunnel is fine and all but no matter what the ping is going to be higher.

  • I would say it "works", rather than it's stable or effective. It might be both of the latter some/most of the time, but the bottom line is it is not what you would call an "enterprise" grade solution.

    As long as your customers understand and are ok with that . . . . some IPv6 connectivity is probably better than none.

  • jarjar Patron Provider, Top Host, Veteran
    edited February 2013

    Good part about it is that it takes all of 5 minutes to setup. I just wouldn't advertise it heavily.

  • it's not much value because you're at the mercy of potentially overloaded tunnel servers. for example before hostigation went native, hostigation -> he.net VA tunnel server added 200ms to all traffic.

  • SpiritSpirit Member
    edited February 2013

    @Corey

    http://www.lowendtalk.com/discussion/comment/151962#Comment_151962

    @rm_ said: I'd still say tunneled v6 can:

    1) reflect badly on the provider; besides the "not the real thing" objection, basing your whole v6 connectivity for your PAYING CUSTOMERS upon some other unrelated company's FREE SERVICE does not look professional at all;
    2) cause connectivity issues; a third party tunnel server is one more point of failure, besides, ask around how's HE.net reliability on some of the tservs, the answer may surprise you not in a good way;
    3) harm demand for native IPv6; a tunnel being perceived by many as "good enough" could cause the provider to stop persuading the DC to offer native v6.

    If you decide to offer HE IPv6 tunnel you can expect some services blocked, unless you use BGP tunnel with own IPs or make Sage cert which shouldn't be too hard and even then some things because too much of abuse in past wont work.

    -!- Please wait while we process your connection.
    -!- You (*@2001:470:0:0:0:0:0:0/32) are banned from this server: All he.net tunnels klined - too many abuses
    -!- ERROR Closing Link: Spirit[unknown@2001:470:d6a2:0:0:0:0:0] (K-lined: All he.net tunnels klined - too many abuses

  • I think @Francisco use HE's ipv6 tunnel

  • gbshousegbshouse Member, Host Rep

    HE.NET's works nice, we have used it multiple times with Amazon EC2 and other providers without native IPv6.

  • TheLinuxBugTheLinuxBug Member
    edited February 2013

    I actively use he.nets ipv6 tunnel on all my vps servers that do not have native ipv6. I do prefer to setup my own tunnel if its not native, as it gives me a full /64 and full control over it. It does have some pitfalls as have already been mentioned in this thread, and you will find all NEW tunnels are restricted until you make Sage or bgp tunnnel as was mentioned above. Older users who have their /64 grandfathered won't be limited the same. However, as people usually setup new networks as they setup servers, all new networks are limited.

    The only positive I see to having the provider setup the tunnel is HOPEFULLY they have passed the Sage Cert and they have gotten a lot of these restrictions removed. I say that, and I know there are a few LEB providers providing tunnel ipv6 that haven't. (It is a bit annoying to say the least)

    It is nice to setup a vps and not have to setup the tunnel and bug support to enable /dev/tun and ipv6 modules on occasions. Some less informed providers will not even allow you to enable ipv6 modules (OneProvider) to begin with. If I have to choose between ipv6 tunneled,having it, or not being able to use it at all, I would prefer some type of connectivity over none.

    my 2 cents.

    Cheers!

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    @dnwk said: I think @Francisco use HE's ipv6 tunnel

    Partially.

    We use a BGP tunnel for the time being which means users won't have to renumber whenever Rob gets native in place.

    Francisco

  • rm_rm_ IPv6 Advocate, Veteran
    edited February 2013

    @dnwk said: I think @Francisco use HE's ipv6 tunnel

    AFAIK they use a BGP tunnel, which differs a lot from the regular ones: you use not the 2001:470:: addressing from HE, but your own IPv6 allocation instead, it just gets routed via HE. It's better in that you don't have to renumber (change IPs) later, when you get native routing from your DC. But it's an option only for those who already have their own AS and IPv6 from ARIN/RIPE/etc.

  • rds100rds100 Member
    edited February 2013

    The good thing about BGP tunnels is that you can setup two (or more) of these to different tunnel servers, and if one of the tunnel servers dies for whatever reason, the routing is automatically switched over to the other.
    Yes, we did this too to get ipv6 routed initially, until we could get native ipv6 transits from our upstreams. I still keep the he.net tunnels alive as a kind of very last resort backup, just don't route any traffic there.

  • Yea, we had the BGP tunnels from HE in use with our own space as well (In Iceland, Hongkong) but switches to a provider that gives us a BGP session now (in London) for Isle of Man and Iceland, and native v6 in HK (routed by the ISP).

    Only location left without native/near native v6 is Chile, which has a suboptimal 100ms+ tunnel to the US HE servers.

Sign In or Register to comment.