search

Xceptance / XLT-Packer

Packer scripts to build cloud machine images for Xceptance LoadTest.
MIT License
4 stars 0 forks source link

IPv6 tunnel broken #15

Open jowerner opened 4 years ago

jowerner commented 4 years ago

Since cloud providers don't support IPv6 out of box, our images configure a tunnel, where IPv6 traffic is transported via IPv4. However, it looks like this tunnel does not work any longer.

The support for the IPv6 tunnel is completely broken since the switch to Ubuntu 18.04. See below for the log output of the ipv6tunnel service:

ubuntu@ip-10-0-1-23:/etc/network$ more /var/log/syslog |grep ipv6
Aug 24 11:07:24 ip-10-0-1-23 ipv6tunnel[978]: Setup IPv6 6to4 ...
Aug 24 11:07:25 ip-10-0-1-23 ipv6tunnel[978]: Public IPv6 address using 6to4 will be: 2002:3da:f847::dead:beef:dead:beef
Aug 24 11:07:25 ip-10-0-1-23 ipv6tunnel[978]: configuring network interface
Aug 24 11:07:25 ip-10-0-1-23 ipv6tunnel[978]: bash: /etc/network/interfaces.d/tun6to6.cfg: No such file or directory
Aug 24 11:07:25 ip-10-0-1-23 ipv6tunnel[978]: starting tun6to4 device...
Aug 24 11:07:25 ip-10-0-1-23 ipv6tunnel[978]: sudo: ifup: command not found

Consequently, IPv6 will not work at all:

ubuntu@ip-10-0-1-23:/etc/network$ curl -6 example.org
curl: (7) Couldn't connect to server

With older images based on Ubuntu 16.04, the tunnel setup succeeded:

ubuntu@ip-10-0-1-186:~$ more /var/log/syslog |grep ipv6
Aug 24 11:50:39 ip-10-0-1-186 ipv6tunnel[1088]: Setup IPv6 6to4 ...
Aug 24 11:50:40 ip-10-0-1-186 ipv6tunnel[1088]: Public IPv6 address using 6to4 will be: 2002:22ed:63::dead:beef:dead:beef
Aug 24 11:50:40 ip-10-0-1-186 ipv6tunnel[1088]: configuring network interface
Aug 24 11:50:40 ip-10-0-1-186 ipv6tunnel[1088]: sudo: unable to resolve host ip-10-0-1-186
Aug 24 11:50:40 ip-10-0-1-186 ipv6tunnel[1088]: starting tun6to4 device...
Aug 24 11:50:40 ip-10-0-1-186 ipv6tunnel[1088]: sudo: unable to resolve host ip-10-0-1-186

However, the request to the test server timed out nevertheless:

ubuntu@ip-10-0-1-186:~$ curl -6 example.org
curl: (7) Failed to connect to example.org port 80: Connection timed out

We could surely fix the tunnel setup for Ubuntu 18.04, but it is not clear yet whether the tunnel approach works reliably at all.

jowerner commented 4 years ago

Here is one post stating that IPv6 tunnels are not possible in Google Compute Engine: https://stackoverflow.com/questions/31066205/how-to-allow-protocol-41-6in4-through-the-gce-firewall

Although the talk is about a "6in4" tunnel, it should apply to the "6to4" tunnel we use as well as both tunnels use protocol version 41 which is blocked.