Bug #6451
closedIPv6 GIF tunnels to HE broken since 2.3-RELEASE
0%
Description
I've just confirmed that since upgrading from 2.2.x to 2.3-RELEASE (and subsequently to 2.3.x-whatever's current) none of my firewalls that had working IPv6 GIF tunnels to HE have, well, working tunnels to HE any more.
I can only confirm this for 32-bit, since none of the 64-bit instances have/need a tunnel.
I see GIF packets leaving the firewall WAN interface, but nothing coming back. Typically, in my experience, this is because of malformed or incorrect packets reaching HE, but since I no longer have a 2.2 instance to compare pcaps against, I'm having difficulty narrowing down the problem.
Marking as high priority, because in one case (the one that made me notice this!) the only way I can get NTP service is over IPv6. (Thanks, stupid "business grade" ISP for "protecting" me from NTP attacks...)
Hopefully I'm just doing something wrong or missed something in the release notes.
Files