Alright so I got a tunnel <prefix>/64 from sixxs a while ago, and it worked. Installed aiccu (heartbeat deprecated), gave it plaintext password (whose idea?), connectivity works from this machine, I can ping, browse and all that. Installed radvd, and entered the my <prefix>/64 as "prefix" in it's config. Other hosts on my LAN got stateless addresses, <prefix><address>. Routes got set up automagicly too. Now if I ping6 www.sixxs.net (or tunnel endpoint) from this machine, it all works nicely: tcpdump -n -i eth<external> host <pop> from the NAT/ipv4 firewall (yet another machine): <external> to <pop>( <prefix>::2 to <sixxs.net> ) (encap) <pop> to <external>( <sixxs.net> to <prefix>::2 ) (encap) But if I ping from another machine on the LAN, I don't get a responce: tcpdump (same) <external> to <pop>( <prefix><address> to <sixxs.net> ) (encap) (no responce) --- So the question is basically should the tunnel prefix/64 work as a subnet? or more like why would the pop whose tunnel endpoint is <prefix>::1 route traffic to <prefix>::2 nicely but not to <prefix><something else> ? Perhaps I misunderstood something about tunnels and subnets I can get from sixxs and in fact I need to request a subnet separately? thanx