IPv6 tunnel from behind an ISP-level NAT

Previously, at a different location, I set up a Hurricane Electric IPv6 tunnel, which worked fine, allowed me to access IPv6 only sites and test the native IPv6 connections on my remote servers.

However, I'm now in a new location where the only practical internet access is via a 3G mobile phone network. This network gives me NAT'd addresses like 10.104.NNN.NNN. The dynamic IPv4 address that it reaches the internet with is shared between hundreds/thousands of users of the mobile network. As that IPv4 address doesn't route to (just) me and is unpingable, I can't use a Hurricane Electric tunnel with it.

Sixxs's AYIYA tunnel looks like it could be a work-around, but they refused my application for a tunnel without giving a reason (which is fair enough, for a free service).

So, from behind a large-scale NAT network (that I have no control over and can't open ports for), is there any other tunnel technology, and tunnel provider, that is usable? I'm running Ubuntu Linux 12.04.

I do have a remote VPS that has native Ipv6, so I'd consider tunnelling to that, if there's a technology I could install at both ends, if I'm not able to use a tunnel provider. The server is also Ubuntu 12.04.

A workaround for short tests of the IPv6 connection of sites would be the sixxs gateway, but long-term a tunnel would be better. The ISP here isn't likely to change their NAT anytime soon, nor is there any viable alternative, so something that works through that is what I'm looking for.

Rob Hoare

Posted 2012-12-26T08:39:52.327

Reputation: 153

2gogoNET and AICCU are both gone now. This needs a new answer. – Omnifarious – 2018-06-01T04:39:11.703

You can easily use a sixxs ayiya tunnel with this setup, and it's almost certainly your best bet. I have no idea why they would have denied your application, perhaps if you ask them very nicely they can explain it? – Michael Hampton – 2013-01-04T00:22:27.403

No, if Sixxs want to deny without giving a reason then I move on, it's a hobby project for them so they have the right to do that. I think the main trigger was I wanted to use the tunnel from a different country to the country I first registered with (if I was in the first country, I wouldn't need them, this is just for travel). Rather than denying the tunnel request they closed the previously validated account for just asking. Freenet on gogoNet is good enough for short tests instead. – Rob Hoare – 2013-01-04T00:45:35.497

Answers

Have you tried the tunnels provided by gogoNET? If you register an account, you'll have a address block allocated to you per tunnel server.

You may have to compile the client yourself if you distribution don't have it as a package.

billc.cn

Posted 2012-12-26T08:39:52.327

Reputation: 6 821

gogo6/gogoNET has been shutdown in April 2016. https://community.spiceworks.com/topic/1581511-looks-like-gogo6-is-officially-dead

– Anshu Prateek – 2017-06-05T11:47:16.297

Thank you, that works. I had looked at gogonet previously but couldn't work out what they were selling/offering, this time I found the freenet part. Had to sign up without knowing if they had a Linux client (the download page is hidden for non-signed in users!). Once past all that, and a separate freenet signup, and a few poorly documented bits in the conf file that needed Google searches - got there! Gogoc is in the Ubuntu repositories, so no compiling needed. Adds about 40mS to my ping times (compared to IPv4) but very usable. It chooses the v6udpv4 mode. Thanks again. – Rob Hoare – 2012-12-27T00:40:17.807

Update: after running for a good few hours gogoc ending up using 100% of one CPU (took me a while to find the culprit, "top -n 1" finally showed it). So it's not something I could run on a routine basis, no stable enough, but OK for quick tests. – Rob Hoare – 2012-12-28T21:38:15.483

Wikipedia has this article : List of IPv6 tunnel brokers, which should always stay reasonably up-to-date.

There are not too many IPv6 tunnel brokers currently still in operation who support 6in4. Below are the only two I found that operate not only in restricted geographical locations. See the Wikipedia article for the others.