Multi-WAN / MULTI-TUNNEL problem



  • Using the latest snapshot:
    2.1-DEVELOPMENT (i386)
    built on Wed Mar 7 22:13:59 CET 2012
    FreeBSD 8.3-RC1

    Tunnels with gateways placed on the second WAN(opt1) never get online status.
    If i change the endpoint of the tunnel and move them to the first WAN there is no problem and the gateways are online almost immediate.

    Before i used the snapshot of 26 november 2011 (Jimp) and there was no problem assigning tunnels to both WAN's


  • Rebel Alliance Developer Netgate

    Not true here. I have two HE.net tunnels, one on my DSL and one on my Cable line, and both show online in gateway status.



  • @jimp:

    Not true here. I have two HE.net tunnels, one on my DSL and one on my Cable line, and both show online in gateway status.

    I have three seperate He.net tunnels running one for each broadband connection for multi-wan setup.  But only one tunnel will come up.  I have deleted the tunnels multiple times and started over but only one tunnel will work at a time.  I have also tried different IPv4 end points on HE.net too to make sure of no conflicts.  So I am at a loss.  Running that lastest build you releast 2.1-DEVELOPMENT (i386)
    built on Sun Feb 26 01:11:47 EST 2012.  If you have a later build than this I would like to try it.


  • Rebel Alliance Developer Netgate

    Usual things to check:

    • Make sure ICMP is allowed (echo request at least) inbound on every WAN, or he.net won't connect the tunnel
    • Make sure the GIF interface is attached to the right physical interface
    • Make sure you use a different he.net broker server for each tunnel. (i.e. one to Chicago, one to NY, etc)


  • @jimp:

    Usual things to check:

    • Make sure ICMP is allowed (echo request at least) inbound on every WAN, or he.net won't connect the tunnel
    • Make sure the GIF interface is attached to the right physical interface
    • Make sure you use a different he.net broker server for each tunnel. (i.e. one to Chicago, one to NY, etc)

    All that you have stated is what I have set up.  I have done all that many times.  Even let another guy log in and check my settings.  So I am at a loss.  Have you tried it or anybody else on your team with multiple broadband connections with each one assigned it's own IPv6 He.net broker tunnel?  Thanks again for your help Jim…


  • Banned

    Have you posted it on redmine??



  • For me it is the same as what joe_cowboy discribes.
    checked, checked and double checked everything.
    Using one HE-tunnel and one SixXS-tunnel.
    The SixXS-tunnel is solid on the wan interface. (endpoint is difficult to change)
    The HE-tunnel will come online if i place it on the wan besides the sixxs but if i move the he to opt2 it never comes online.

    Did some further testing and deleted all tunnels and rebooted.
    Placed one of the tunnels on opt2 and it never comes online.
    To me it looks like opt2 is not allowing tunnels.
    2 (or more) tunnels on WAN is no problem.



  • Might be not allowing proto 41 traffic on your OPT2, add a rule for that from the tunnel broker IP.
    That will also set reply-to on the rules which you need for the tunnel.



  • Where and how do i set this proto41  ???


  • Banned


  • Rebel Alliance Developer Netgate

    @joe_cowboy:

    Have you tried it or anybody else on your team with multiple broadband connections with each one assigned it's own IPv6 He.net broker tunnel?  Thanks again for your help Jim…

    As I mentioned above I have one on each of my WANs (DSL and Cable) and they both show online and I can ping out from each. It's not a general problem, at least not one I can reproduce here. I even have both setup with he.net dyndns updater entries to keep the tunnels up when my IPs change, they both track fine.


Log in to reply