I've configured a Windows 2012 Server VM, part of a Domain which I also created as a VM, to operate as an internet gateway with IPv4 NAT and thing work fine. Then I took the next step to configure a 6in4 tunnel through Hurricane Electric and was able to successfully connect to IPv6 sites when accessing them directly from the gateway system (i.e. the 6in4 tunnel works correctly). Finally, I attempted to access IPv6 web sites from a third Windows 7 VM but am unable to access any IPv6 sites outside of my own local network. IPv6 ping to the gateway system works fine but IPv6 ping to ipv6.google.com does not.
I use the following "netsh" commands to configure the system:
netsh interface teredo set state disabled
netsh interface ipv6 add v6v4tunnel IP6Tunnel 1.2.3.4 66.220.18.42
netsh interface ipv6 add address IP6Tunnel 2001:ffff:c:ffff::2
netsh interface ipv6 add route ::/0 IP6Tunnel 2001:ffff:c:ffff::1 publish=yes
netsh interface ipv6 set interface IP6Tunnel forwarding=enabled
netsh interface ipv6 add address "Intranet LOM" 2001:ffff:d:ffff::1
netsh interface ipv6 set interface "Intranet LOM" forwarding=enabled advertise=enabled routerdiscovery=enabled advertisedefaultroute=enabled
netsh interface ipv6 set route 2001:ffff:d:ffff::/64 "Intranet LOM" publish=yes
When I capture a network trace on the gateway system I can see the IPv6 ping enter the gateway, the IPv4 encapsulated ping forwarded through the tunnel, and even the IPv4 encapsulated response come back through the tunnel, but the un-encapsulated IPv6 response is dropped by WFP (FilterID: 0x0). This occurs even when all firewalls are disabled (i.e. the dropped frame never shows up in the firewall log file) so I'm thinking forwarding is not enabled correctly in the gateway, even though forwarding does appear to be correctly configured in both directions:
C:\Users\administrator>netsh int ipv4 show interfaces "Internet LOM"
Interface Internet LOM Parameters
----------------------------------------------
IfLuid : ethernet_7
IfIndex : 12
State : connected
Metric : 10
Link MTU : 1500 bytes
Reachable Time : 19000 ms
Base Reachable Time : 30000 ms
Retransmission Interval : 1000 ms
DAD Transmits : 3
Site Prefix Length : 64
Site Id : 1
Forwarding : enabled
Advertising : disabled
Neighbor Discovery : enabled
Neighbor Unreachability Detection : enabled
Router Discovery : dhcp
Managed Address Configuration : enabled
Other Stateful Configuration : enabled
Weak Host Sends : disabled
Weak Host Receives : disabled
Use Automatic Metric : enabled
Ignore Default Routes : disabled
Advertised Router Lifetime : 1800 seconds
Advertise Default Route : disabled
Current Hop Limit : 0
Force ARPND Wake up patterns : disabled
Directed MAC Wake up patterns : disabled
ECN capability : application
C:\Users\administrator>netsh int ipv6 show interfaces IP6Tunnel
Interface IP6Tunnel Parameters
----------------------------------------------
IfLuid : tunnel_8
IfIndex : 18
State : connected
Metric : 10
Link MTU : 1280 bytes
Reachable Time : 25500 ms
Base Reachable Time : 30000 ms
Retransmission Interval : 1000 ms
DAD Transmits : 1
Site Prefix Length : 64
Site Id : 1
Forwarding : enabled
Advertising : disabled
Neighbor Discovery : disabled
Neighbor Unreachability Detection : disabled
Router Discovery : disabled
Managed Address Configuration : disabled
Other Stateful Configuration : disabled
Weak Host Sends : disabled
Weak Host Receives : disabled
Use Automatic Metric : enabled
Ignore Default Routes : disabled
Advertised Router Lifetime : 1800 seconds
Advertise Default Route : disabled
Current Hop Limit : 0
Force ARPND Wake up patterns : disabled
Directed MAC Wake up patterns : disabled
ECN capability : application
Link-Layer Address : 1.2.3.4
Remote Link-Layer Address : 66.220.18.42
C:\Users\administrator>netsh int ipv4 show interfaces "Intranet LOM"
Interface Intranet LOM Parameters
----------------------------------------------
IfLuid : ethernet_11
IfIndex : 13
State : connected
Metric : 10
Link MTU : 1500 bytes
Reachable Time : 42000 ms
Base Reachable Time : 30000 ms
Retransmission Interval : 1000 ms
DAD Transmits : 3
Site Prefix Length : 64
Site Id : 1
Forwarding : enabled
Advertising : disabled
Neighbor Discovery : enabled
Neighbor Unreachability Detection : enabled
Router Discovery : dhcp
Managed Address Configuration : enabled
Other Stateful Configuration : enabled
Weak Host Sends : disabled
Weak Host Receives : disabled
Use Automatic Metric : enabled
Ignore Default Routes : disabled
Advertised Router Lifetime : 1800 seconds
Advertise Default Route : disabled
Current Hop Limit : 0
Force ARPND Wake up patterns : disabled
Directed MAC Wake up patterns : disabled
ECN capability : application
C:\Users\administrator>netsh int ipv6 show interfaces "Intranet LOM"
Interface Intranet LOM Parameters
----------------------------------------------
IfLuid : ethernet_11
IfIndex : 13
State : connected
Metric : 10
Link MTU : 1500 bytes
Reachable Time : 36500 ms
Base Reachable Time : 30000 ms
Retransmission Interval : 1000 ms
DAD Transmits : 1
Site Prefix Length : 64
Site Id : 1
Forwarding : enabled
Advertising : enabled
Neighbor Discovery : enabled
Neighbor Unreachability Detection : enabled
Router Discovery : enabled
Managed Address Configuration : enabled
Other Stateful Configuration : enabled
Weak Host Sends : disabled
Weak Host Receives : disabled
Use Automatic Metric : enabled
Ignore Default Routes : disabled
Advertised Router Lifetime : 1800 seconds
Advertise Default Route : enabled
Current Hop Limit : 0
Force ARPND Wake up patterns : disabled
Directed MAC Wake up patterns : disabled
ECN capability : application
Routing also seems correct to me:
C:\Users\administrator>netshnetsh>int
netsh interface>ipv6
netsh interface ipv6>show route
Publish Type Met Prefix Idx Gateway/Interface Name
------- -------- --- ------------------------ --- ------------------------
Yes Manual 256 ::/0 18 2001:FFFF:c:FFFF::1
No System 256 ::1/128 1 Loopback Pseudo-Interface 1
No System 256 2001:FFFF:c:FFFF::/64 18 IP6Tunnel
No System 256 2001:FFFF:c:FFFF::2/128 18 IP6Tunnel
Yes System 256 2001:FFFF:d:FFFF::/64 13 Intranet LOM
No System 256 2001:FFFF:d:FFFF::/128 13 Intranet LOM
No System 256 2001:FFFF:d:FFF::1/128 13 Intranet LOM
No System 256 2001:FFFF:d:FFF:68f7:1a9a:18ed:f8c3/128 13 Intranet LOM
No System 256 2001:FFFF:d:FFF:dfa7:58f:af75:82cc/128 13 Intranet LOM
No System 256 fe80::/64 13 Intranet LOM
No System 256 fe80::/64 18 IP6Tunnel
No System 256 fe80::5efe:192.168.2.1/128 17 isatap.{F6AF95CA-3C9A-4637-A3F3-5681B1D5EF2D}
No System 256 fe80::200:5efe:68.4.231.178/128 14 isatap.oc.cox.net
No System 256 fe80::68f7:1a9a:18ed:f8c3/128 13 Intranet LOM
No System 256 fe80::e194:5746:1d97:7acf/128 18 IP6Tunnel
No System 256 ff00::/8 1 Loopback Pseudo-Interface 1
No System 256 ff00::/8 13 Intranet LOM
No System 256 ff00::/8 18 IP6Tunnel
What could the problem be?