IPv6 Tunnels broken yet again (this time on the NVG589 modem)

The U-verse forum thread to which they are referring is probably this one:

http://forums.att.com/t5/Features-and-How-To/UVerse-and-IPv6-Tunneling-with-3800-HGV-B/td-p/3511251/

---

@my thoughts wrote:
Meaning no RG currently has access to protocol 41, ...

---

This is still not true.  Our 6in4 tunnels were working fine until Friday February 14th at around 1am.  My Hurricane Electric tunnel had been up and working fine for the 6+ months I'd had U-verse service.

In addition, as I already explained, the gateway is using protocol 41 right now for AT&T's Rapid Deployment, confirmed by the contents of the NAT sessions table.

It was apparently known before that 2Wire gateways weren't allowing protocol 41 traffic through (I never had a 2Wire gateway, unlike others in this thread who switched to the NVG589 just for this purpose), but this is now clearly being filtered further inside AT&T's network, not at the gateway.

---

@my thoughts wrote:
For example, while extending IPv6 capabilities through a software update made to U-verse gateway devices, we discovered an issue with the software code that temporarily prevents us from continuing our IPv6 deployment for those devices and may disrupt third party IPv6 tunneling capabilities for some U-verse customers until we are able to update the software. Our IPv4 routing is unaffected and the deployment of IPv6 functionality will resume as soon as the corrective measures have been deployed.

---

Um.  Huh?  This seems to say that you know you broke it, and you're going to stop moving forward until you fix it.  ...?

agree with tdd, while this might be the best reason you can come up with, its still not acceptable. The security concerns outlined in the referenced RFC are:

a) vague (i.e. not actionable)

b) affect endpoints only, not intermediate transport networks

c) are not in any way timely (i.e. that rfc was written 7 years ago), but our tunnels only stopped working last week.

So, to summarize your statement, you found some flimsy RFC citing vague security concerns regarding tunnels, that anyone who has the wherewithall to support their own tunnel already knows about, and used it as an excuse to disable private tunnels entirely, while convieniently excempting your own 6rd tunnels from those same security concerns.  You've broken our networks in the guise of saving us from ourselves, without providing us any additional security.  Thats unacceptable.  Please provide us with a contact point to lodge an official complaint regarding this behavior.

Can you post a link with directions to file such a complaint?

http://www.fcc.gov/complaints

I filed my complaint before the Verizon ruling that heralded the beginning of the end of the open Internet (I am so dramatic!), but I filled out the online form under Broadband, Billing/Service/Availability.

A large portion of the form is dedicated to billing disputes, so I left those blank and filled in item (5) with some text about how AT&T's behavior is a clear violation of the "no blocking" open Internet rules, as set forth here:

http://www.fcc.gov/openinternet

Done, thank you, I've filed an FCC complaint there, I'll keep everyone apprised of how that turns out.

So the story goes like this...Last year on my home network I lost IPv6 Internet connectivity due to a firmware upgraded to my Motorola 3800 RG (ISP supplied router) which was filtering Protocol 41. In order to continue service with my ISP I upgraded my connection to a new 45Mbit "Power Tier" which came with a new Motorola NVG589 RG that no longer filtered Protocol 41. Great! Since the upgrade (about 3-4 months) I have been operating 2 IPv6 tunnels dual homed to SixXS and HE and have not had anymore interuption until Feburay 14th when once again my IPv6 access was disabled.  This time its not a firmware upgrade of my RG but rather a filter of some sort on the upstream provider (AT&T Uverse).  My only choice now is to change my ISP or wait out my FCC complaint to be resolved I wonder which will happen first...CAN YOU HEAR ME NOW AT&T!?!?

My story is exactly the same as just about everybody elses. I upgraded to the "power" service (for more money) when it became available in my neighborhood last week. I got the shiny new NVG589 that I promptly put into cascade mode and sent my static /29 to a Cisco 2901 on my home network. Net result? It's faster (when line 1 and line 2 will bond properly, which is iffy), but still no gif tunnel to OCCAID for my IPv6 tunnel. I am not going to subject myself to the pain of dealing with AT&T for anything more technical than a billing problem, so I have gone straight to the FCC complaint site as well. We'll see what happens.

Meanwhile, the "security" excuse is terminally laughable.

I've since given up.  AT&T is just useless here.  They have no interest in fixing this.  I've dropped my service with them and filed an FCC complaint.  I'm using Time Warner Cables 50 Mb/s service now for the time being.  Its shared media, so latency jitter is a bit higher than AT&T was, but nothing is blocked which is great.  In a year I'll let go of TWC as Google fiber is coming to my area.