IPv6 support and ICMP being blocked
hypnosis4u2nv
Enthusiast - Level 2

New to FIOS in the NY Area and wanted to know if IPv6 is supported. Also, trying to setup a 4to6 tunnel with Hurricane Electric and the ICMP keeps failing (blocked) even though I have a firewall rule to allow ICMP. I had the tunnel setup working fine with Optimum so I'm wondering if ICMP is being blocked at Verizons end.

Edit: yes, Verizon is blocking ICMP. Now how do I get them to allow them.

1 Solution

Correct answers
My problems
hypnosis4u2nv
Enthusiast - Level 2

My problems were initially caused by both. ICMP being blocked on the IPV4 level gave me issues creating the tunnel. Then I experienced speed and connection issues on some sites that used IPv6, but I traced that down to the firmware my router was using. Once I downgraded to an older firmware, those issues resolved themselves.

View solution in original post

Re: IPv6 support and ICMP being blocked
Edg1
Community Leader
Community Leader

IPv6 seems to be only available in limited areas. 

https://www.dslreports.com/forum/r32136440-Networking-IPv6-working

Appreciate the reply. I wasn't sure since it appears IPv6...
hypnosis4u2nv
Enthusiast - Level 2

Appreciate the reply. I wasn't sure since it appears IPv6 could be all over the place where it works or not.

Still looking for an answer on why ICMP is being blocked since I can't setup the tunnel with my IP address.

Re: IPv6 support and ICMP being blocked
smith6612
Community Leader
Community Leader

Are you running a Double NAT? For example, is the tunnel endpoint on your end sitting behind another router, or is it connected directly to the ONT?

Re: IPv6 support and ICMP being blocked
hypnosis4u2nv
Enthusiast - Level 2

ONT to my Edgerouter.

Re: IPv6 support and ICMP being blocked
smith6612
Community Leader
Community Leader

Is the Hurricane Electric Looking Glass server able to ping and traceroute your Public IP? https://lg.he.net/

What does your router see when you trace-route to the Hurricane Electric tunnel with ICMP packets? There's an issue in many areas with FiOS where ICMP TTL Propagation doesn't work right, and traceroute data doesn't work right. But this shouldn't affect ICMP Ping to an endpoint. 

Traceroute from HE to my IP 1 ms 11 ms <1 ms 100ge14-2.co...
hypnosis4u2nv
Enthusiast - Level 2

Traceroute from HE to my IP

1 ms 11 ms <1 ms 100ge14-2.core1.sjc2.he.net ({edited for privacy})
1 ms <1 ms <1 ms 0.ae12.BR3.SJC7.ALTER.NET (204.255.168.25)
72 ms 81 ms 102 ms HundredGigE3-4-0-0.NYCMNY-LCR-21.verizon-gni.NET (140.222.238.197)
87 ms 111 ms 99 ms ae203-0.NYCMNY-VFTTP-446.verizon-gni.net (100.41.129.101)

Traceroute from Router to HE

x@EdgeRouterX:~$ traceroute {edited for privacy}
traceroute to {edited for privacy} ({edited for privacy}), 30 hops max, 38 byte packets
1 * * *
2 B3446.NYCMNY-LCR-22.verizon-gni.net (100.41.129.102) 16.499 ms B3446.NYCMNY-LCR-21.verizon-gni.net (100.41.129.100) 6.892 ms 7.583 ms
3 * * *
4 0.ae3.BR2.NYC4.ALTER.NET (140.222.1.59) 4.088 ms 0.ae4.BR2.NYC4.ALTER.NET (140.222.1.61) 2.688 ms 0.ae3.BR2.NYC4.ALTER.NET (140.222.1.59) 4.427 ms

0 Likes
I got the tunnel to work by setting IPv4 firewall rules t...
hypnosis4u2nv
Enthusiast - Level 2

I got the tunnel to work by setting IPv4 firewall rules to allow ICMP through whereas the rules were set to allow ICMPv6 before.

Would be nice if FIOS natively supported IPv6.

Re: I got the tunnel to work by setting IPv4 firewall rules t...
ohnx
Newbie

Hi! Were you having issues setting up the tunnel or using it? I'm running into a bit of a strange issue right now in that I can set up the tunnel (ICMP ping works), but after sending a few packets of data over the tunnel, the connection just drops and doesn't work for ~20 minutes. It seems to me that 6in4 is getting blocked for some reason.

0 Likes
My problems
hypnosis4u2nv
Enthusiast - Level 2

My problems were initially caused by both. ICMP being blocked on the IPV4 level gave me issues creating the tunnel. Then I experienced speed and connection issues on some sites that used IPv6, but I traced that down to the firmware my router was using. Once I downgraded to an older firmware, those issues resolved themselves.