[AusNOG] Can't bring up 6in4 tunnel (IPv6) because public IP changing on Optus ADSL

Mark Andrews marka at isc.org
Tue Feb 2 09:57:21 EST 2016 

In message <CAFDgZgVft=pJTHhLzEn+AhQQFbUgEjup-5CHK4zqxrKysTyz0w at mail.gmail.com>, Tom Storey writes:
> Is the PPP session dropping by any chance? I think I had something
> like this a year or two ago and it turned out to be a buggy JunOS
> version, I had to roll back to a previous version.
>
> I have successfully brought up a he.net tunnel with an SRX110, so its
> definitely possible and there should be no unexpected behaviour when
> everything is running fine.

Additionally HE is setup to authenicate and reconfigure the tunnel
using the observed IPv4 address so this will work through NAT from
a DMZ host so you don't need to know know your public IPv4 address.

I've configured HE tunnels to use RFC 1918 address locally and as
long as the packets goes through the NAT both ways it works.

Obviously it is better if you only reconfigure on a renumber event
but you could just re-authenticate every 15 minutes from cron.

Mark

> On 1 February 2016 at 06:05, Goran Aleksic <goran.aleksic at gmail.com>
> wrote:
> > HI all,
> >
> > I've got Optus ADSL and dynamic public IP.
> > Needed 6-in-4 tunnel (IPv6 encapsulated into IPv4 tunnel), tried using
> > Hurricane Electric IPv6 provider, as I saw positive reviews.
> > I got Juniper SRX 110 modem and have implemented configuration as
> stated on
> >
> http://forums.juniper.net/t5/SRX-Services-Gateway/HE-IPv6-tunnel-with-flow
> -based-IPv6-in-10-4/td-p/69338/highlight/true/page/3
> >
> > Issue is  my public IP (on at-1/0/0.0 interface) keeps changing every
> time
> > I attempt the tunnel.
> > This is a twofold problem:
> > 1. on Hurricane Electric page, you need to specify one endpoint of the
> > tunnel, i.e. your public IP
> > 2. In configuration of ip-0/0/0.0 interface (tunnel interface) on
> Juniper
> > SRX, you need to specify your tunnel source IP (a public IP). There
> doesn't
> > seem to be a trick like with Cisco, to use ip unnumbered and imply IP
> > address from your WAN interface...
> >
> > Why would an attempt to establish a IPv4 tunnel to another host trigger
> my
> > public IP to be changed?
> >
> > I'm wondering if anyone has experienced the same or similar issue?
> >
> > Thanks,
> >
> > Alex
> >
> > _______________________________________________
> > AusNOG mailing list
> > AusNOG at lists.ausnog.net
> > http://lists.ausnog.net/mailman/listinfo/ausnog
> >
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

More information about the AusNOG mailing list