|
AYIYA and Amazon EC2
![[si]](/s/countries/si.gif) Shadow Hawkins on Monday, 28 March 2011 18:19:48
Hi!
I have successfully set up a dynamic AYIYA tunnel with AICCU on my Amazon EC2 instance. I can successfully ping Google over IPv6 and inbound connections (web server) are also working.
However, inbound packets seem to be dropped after some time of no traffic between the PoP and the server. Since Amazon only allows you to run instances behind their NAT, I thought this was the problem. I did however forward the 5072/udp and to my instance.
I ran tcpdump and saw that the PoP send UDP packets not to the 5072/udp on server side but rather a random OS-provided port that AICCU uses as a source port for its outbound communication:
(I visited a webpage over IPv6 during this extract of tcpdump)
16:09:41.290214 IP ip-10-226-123-153.eu-west-1.compute.internal.55401 > iedub02.sixxs.net.ayiya: UDP, length 44
16:09:46.351244 IP iedub02.sixxs.net.ayiya > ip-10-226-123-153.eu-west-1.compute.internal.55401: UDP, length 116
16:09:46.351440 IP ip-10-226-123-153.eu-west-1.compute.internal.55401 > iedub02.sixxs.net.ayiya: UDP, length 116
16:09:46.408430 IP iedub02.sixxs.net.ayiya > ip-10-226-123-153.eu-west-1.compute.internal.55401: UDP, length 104
16:09:46.409454 IP iedub02.sixxs.net.ayiya > ip-10-226-123-153.eu-west-1.compute.internal.55401: UDP, length 487
16:09:46.413621 IP ip-10-226-123-153.eu-west-1.compute.internal.55401 > iedub02.sixxs.net.ayiya: UDP, length 104
16:09:46.419052 IP ip-10-226-123-153.eu-west-1.compute.internal.55401 > iedub02.sixxs.net.ayiya: UDP, length 1324
16:09:46.419083 IP ip-10-226-123-153.eu-west-1.compute.internal.55401 > iedub02.sixxs.net.ayiya: UDP, length 258
16:09:46.419098 IP ip-10-226-123-153.eu-west-1.compute.internal.55401 > iedub02.sixxs.net.ayiya: UDP, length 104
16:09:46.478174 IP iedub02.sixxs.net.ayiya > ip-10-226-123-153.eu-west-1.compute.internal.55401: UDP, length 104
16:09:46.478805 IP iedub02.sixxs.net.ayiya > ip-10-226-123-153.eu-west-1.compute.internal.55401: UDP, length 104
16:09:46.479556 IP iedub02.sixxs.net.ayiya > ip-10-226-123-153.eu-west-1.compute.internal.55401: UDP, length 104
16:09:46.479623 IP ip-10-226-123-153.eu-west-1.compute.internal.55401 > iedub02.sixxs.net.ayiya: UDP, length 104
Since Amazon seems to run a stateful NAT, my packets get dropped after some time (~30 seconds), until AICCU pings the PoP with a 48 byte UDP packet.
This wouldn't be a problem if I used AYIYA mainly for a client role but since it is a server, it is problematic when I have traffic originating from elsewhere.
My question is - is it possible to define a source port in AICCU configuration so that I don't need to forward ever UDP port to my server? I am also interested in your experiences with IPv6 tunneling and Amazon AWS.
Thank you very much!
AYIYA and Amazon EC2
Since Amazon seems to run a stateful NAT, my packets get dropped after some time (~30 seconds), until AICCU pings the PoP with a 48 byte UDP packet.
That is one of the many many reason why NATs are annoying as you can't change the NAT, only thing you could do is ping the PoP endpoint once in a while.
There are other users who reported even weirder issues with Amazon's NAT though, thus don't expect it to be a full fix.
Best fix: Demand IPv6 from Amazon.
|
![[ch]](/s/countries/ch.gif)
on Tuesday, 03 May 2011 16:02:03
Posting is only allowed when you are