setting up tunnelbroker (networks)

By Darren Nathanael on Fri, Feb 18, 2022 / Updated at Wed, Nov 15, 2023


lavalink is usually used for discord bot to play music to discord.

If your bot is on alot of servers and alot of people, you need tunnelbroker to prevent youtube rate limiting your ip.

First and formost, we need to install lavalink. if you dont know how to you can check out the lavalink setup guide

Getting TunnelBroker

  • Make a tunnelbroker Account
  • Create a new regular tunnel
  • Enter your IPv4 address and select a nearby region.

You can use to find nearest / lowest ping tunnelbroker server.

  • Request a new /48 by clicking the “Assign /48” button. We can use /64, but is much more likely to be blocked.

Tunnel broker interface

Configuring TunnelBroker

The first thing to do is enable IPv6 Binding in Linux. This enables Lavalink (and other programs) to bind to local addresses that would otherwise be considered illegal:

Some distro doesn’t keep the value of net.ipv6.ip_nonlocal_bind after reboot, so you may need to run that command after reboot to prevent issues.

1# Enable now
2sysctl -w net.ipv6.ip_nonlocal_bind=1
3# Persist for next boot
4echo 'net.ipv6.ip_nonlocal_bind = 1' >> /etc/sysctl.conf

Next you’ll need to configure network interfaces. edit a file on /etc/network/interfaces and add the following:

if /etc/network/interfaces is not found, than maybe you’re using netplan.

1auto he-ipv6
2iface he-ipv6 inet6 v4tunnel
3        address ::2
4        netmask 48
5        endpoint 
6        local 
7        ttl 255
8        gateway ::1
9post-up /sbin/ip -6 route replace local ::/48 dev lo

You will now need to add your IPv6 subnet details, you’ll need to go to tunnelbroker and copy the Server IPv4 address, Client IPv4 address, and Routed IPv6 address.

Then you can add the following to your /etc/network/interfaces file, these should be arrange as shown in the template above.

  • Your remote will be your ‘Server IPv4 address’
  • Your local will be your ‘Client IPv4 address’
  • Your gateway6 will be your ‘Routed IPv6 address’
  • Your addresses will be your ‘Routed IPv6 address’ Remember, you do not need to include any speech marks or apostrophes, we have simply listed them to clearly display what should only be listed. Please look at the sample configuration below, this should look similar but not the same as

after doing all of that you can run ifup he-ipv6 to apply the changes.

If the command fail, reboot the system.

Test your configuration

Before setting up the lavalink, we need to test it to make sure it actually works.

 1# Test that IPv6 works in the first place
 4# Test your tunnel with
 5ping6 -I he-ipv6
 7# If you have the IPv6 block 1234:1234:1234::/48
 8# You should be able to use any of the IPs within that block
 9ping6 -I 1234:1234:1234::
10ping6 -I 1234:1234:1234::1
11ping6 -I 1234:1234:1234:dead::beef
13# Make sure your /48 block appears when running this command
14ip -6 route
15## it should look something like this
16#::1 dev lo proto kernel metric 256 pref medium
17#2001:470:cc7b::/48 dev he-ipv6 proto kernel metric 256 pref medium
18#fdba:17c8:6c94::/64 dev pterodactyl0 proto kernel metric 256 pref medium
19#fe80::/64 dev eth0 proto kernel metric 256 pref medium
20#fe80::/64 dev pterodactyl0 proto kernel metric 256 pref medium
21#fe80::/64 dev vethff50ad0 proto kernel metric 256 pref medium
22#fe80::/64 dev veth5832748 proto kernel metric 256 pref medium
23#default via 2001:470:cc7b::1 dev he-ipv6 proto static metric 1024 pref medium

If theres an error such as “ping: bind icmp socket: Cannot assign requested address” then you need to make sure your configuration file is correct and run

1sysctl -w net.ipv6.ip_nonlocal_bind=1

Add the ratelimit block to your config:

2  server:
3    # ...
4    ratelimit:
5        ipBlocks: ["1234:1234:1234::/48"] # list of ip blocks
6        #excludedIps: ["...", "..."] # ips which should be explicit excluded from usage by lavalink
7        strategy: "RotateOnBan" # RotateOnBan | LoadBalance | NanoSwitch | RotatingNanoSwitch
8        searchTriggersFail: true # Whether a search 429 should trigger marking the ip as failing
9        retryLimit: -1 # -1 = use default lavaplayer value | 0 = infinity | >0 = retry will happen this numbers times

You can read more about the different strategies in

“Help, I’ve tried the steps above but It doesn’t work.” If you’ve followed this entire guide and It doesn’t work, then please contact me on my discord server and I’ll help you out. and also provide the following information:

  • Which distro you are on
  • The network config you wrote based on one of the Tunnelbroker examples
  • A screenshot of the Tunnelbroker website with your tunnel details
  • Your Networks config
  • The output of ip -6 route
  • Don’t say “doesn’t work”. Describe your problem in details

And please don’t censor your IPs. It makes it harder for me to help, I wont attack you.

Thank you for reading, have a great day!