As a period of time until Google supports its own IPv6 in the Google Compute Engine , I would like to configure the 6in4 tunnel (IP protocol 41) .
I added a firewall rule to allow protocol 41 on my VM network:
Name Source tag / IP range Allowed protocols / ports Target tags allow-6in4 216.66.xxx.xxx 41 Apply to all targets
And configured the tunnel in /etc/network/interfaces :
auto 6in4 iface 6in4 inet6 v4tunnel address 2001:470:xxxx:xxxx::2 netmask 64 endpoint 216.66.xxx.xxx gateway 2001:470:xxxx:xxxx::1 ttl 64 up ip link set mtu 1280 dev $IFACE
And ping6 2001:470:xxxx:xxxx::1 and confirmed that the outgoing traffic is 6in4:
$ sudo tcpdump -pni eth0 host 216.66.xxx.xxx tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 22:52:03.732841 IP 10.240.xxx.xxx > 216.66.xxx.xxx: IP6 2001:470:xxxx:xxxx::2 > 2001:470:xxxx:xxxx::1: ICMP6, echo request, seq 1, length 64 22:52:04.740726 IP 10.240.xxx.xxx > 216.66.xxx.xxx: IP6 2001:470:xxxx:xxxx::2 > 2001:470:xxxx:xxxx::1: ICMP6, echo request, seq 2, length 64 22:52:05.748690 IP 10.240.xxx.xxx > 216.66.xxx.xxx: IP6 2001:470:xxxx:xxxx::2 > 2001:470:xxxx:xxxx::1: ICMP6, echo request, seq 3, length 64
I temporarily changed the endpoint to an address where I can run tcpdump, and confirmed that the packets did not arrive at the destination. I even tried NAT on my own if GCE didnโt do this for 6in4 packets, but no luck ( iptables -t nat -A POSTROUTING -p ipv6 -j SNAT --to-source 130.211.xxx.xxx ).
Has anyone got a 6in4 tunnel to run on a GCE VM? Are there any magic settings that I missed somewhere?
source share