| View previous topic :: View next topic |
| Author |
Message |
222697
n00b
Joined: 07 May 2010
Posts: 51
|
 Posted: Sat May 02, 2015 7:13 am Post subject: [solved] Router Speedport W 724V looses IPv6 conn. |
 |
|
Edit:
Solved with firmware version 09011603.00.012
Edit:
Looks, like this is a problem only for (but not necessary limited to) users of proprietary router "Speedport W 724V" deployed by provider German Telekom, when selecting router connection reset interval >24h (86400 s), with firmware version 09011603.00.009
It's a confirmed bug since other users of the above router reported the same problem.
I have IPv6 connection from provider (Edit: German Telekom) and get IPv6 address via ICMPv6 autoconfiguration (SLAAC), I guess.
Device is eth1
(gentoo world is up to date, Linux 3.14.37-gentoo, x86_64)
I enabled IPv6 privacy extension (see here how: https://forums.gentoo.org/viewtopic-t-1016264.html)
In short:
net.ipv6.conf.all.use_tempaddr = 2
net.ipv6.conf.default.use_tempaddr = 2
net.ipv6.conf.eth1.use_tempaddr = 2
IPv6 address was working (MAC address values replaced by xxxx):
| Code: |
inet6 2003:58:8f19:98cf:e00a:5eb9:e8cb:5c04/64 scope global temporary dynamic
valid_lft 590427sec preferred_lft 71427sec
inet6 2003:58:8f19:98cf:xxxx:xxxx:xxxx:xxxx/64 scope global mngtmpaddr dynamic
valid_lft 604787sec preferred_lft 86387sec
|
But after some hours I lost IPv6 connectivity, because the above addresses got in state deprecated, allthough the preferred lifetime was not reached. Instead, I got some strange new addresses beginning with ::36, which where not working for connectivity:
| Code: |
inet6 ::36:e00a:5eb9:e8cb:5c04/64 scope global temporary dynamic
valid_lft 587590sec preferred_lft 68590sec
inet6 ::36:xxxx:xxxx:xxxx:xxxx/64 scope global mngtmpaddr dynamic
valid_lft 602428sec preferred_lft 84028sec
inet6 2003:58:8f19:98cf:e00a:5eb9:e8cb:5c04/64 scope global temporary deprecated dynamic
valid_lft 12073sec preferred_lft 0sec
inet6 2003:58:8f19:98cf:xxxx:xxxx:xxxx:xxxx/64 scope global deprecated mngtmpaddr dynamic
valid_lft 12073sec preferred_lft 0sec
|
Why did that happen? What are these ::36 addresses?
I needed to reset my provider connection to get a new IPv6 prefix, then the Gentoo box got a new IPv6 management addr and a new privacy extended addr was added, and connectivity was established again.
Do I need to add something in /etc/conf.d/net ? Here is mine
| Code: |
config_eth1="192.168.2.10/24"
routes_eth1="default via 192.168.2.1"
rc_net_eth1_provide="net"
vlans_eth1="9"
config_eth1_9="null"
|
192.168.2.1 is the provider router with the IPv6 network
I allow all incoming, forwarding and outgoing ICMPv6 packets in ip6tables.
Provider router device is Telekom Speedport 724V. Also with dhcpcd I get disfunctional addresses via SLAAC, according to log:
| Code: |
May 3 13:50:05 regen dhcpcd[2854]: version 6.6.7 starting
May 3 13:50:05 regen dhcpcd[2854]: dev: loaded udev
May 3 13:50:05 regen dhcpcd[2854]: DUID 00:01:00:01:1c:d8:xx:xx:xx:xx:xx:xx:xx:xx
May 3 13:50:05 regen dhcpcd[2854]: eth1: IAID xx:xx:xx:xx
May 3 13:50:05 regen dhcpcd[2854]: eth1: soliciting an IPv6 router
May 3 13:50:06 regen dhcpcd[2854]: eth1: Router Advertisement from fe80::1
May 3 13:50:06 regen dhcpcd[2854]: eth1: adding address ::3c:a23:4b0a:xxxx:xxxx/64
May 3 13:50:06 regen dhcpcd[2854]: eth1: adding route to 0:0:0:3c::/64
May 3 13:50:06 regen dhcpcd[2854]: eth1: adding default route via fe80::1
May 3 13:50:06 regen dhcpcd[2854]: eth1: requesting DHCPv6 information
May 3 13:50:35 regen dhcpcd[2854]: timed out
May 3 13:50:35 regen dhcpcd[2854]: forked to background, child pid 2888
|
This time, it got 3c::/64 prefix, not 36::/64
These addresses break my IPv6 connectivity.
Maybe the router is buggy?
I now extended the preferred lifetime of the privacy extended addresses to be 1h higher then the connection reset interval (currently I selected 4 days) of the provider, and the valid lifetime 2h higher.
Last edited by 222697 on Thu Jul 30, 2015 7:21 pm; edited 10 times in total |
|
| Back to top |
|
 |
UberLord
Retired Dev
Joined: 18 Sep 2003
Posts: 6835
Location: Blighty
|
|
| Back to top |
|
|
222697
n00b
Joined: 07 May 2010
Posts: 51
|
| Posted: Sun May 03, 2015 4:44 pm Post subject: |
|
|
| slaac stable private address is enabled in dhcpcd.conf, and I want that. |
|
| Back to top |
|
|
UberLord
Retired Dev
Joined: 18 Sep 2003
Posts: 6835
Location: Blighty
|
|
| Back to top |
|
|
222697
n00b
Joined: 07 May 2010
Posts: 51
|
| Posted: Mon May 04, 2015 4:58 pm Post subject: |
|
|
Hm, it is really the Telekom router that advertises this strange subnet, see screenshot.
"Nutzbarer Adressbereich für LAN" is in English "Usable address range for LAN".
IPv6 for LAN? What does that mean.
Screenshot from Telekom Router Speedport W 724V section IP address information
After reconnecting the router to get new IP address / prefix, it looks better:
Screenshot after router reset
Then rebooting my Gentoo box, it get no IPv6 connection / address via SLAAC. Don't know why.
When then starting dhcpcd manually, I get four different IPv6 addresses in the correct 2003:... subnet.
Two of kind "scope global mngtmpaddr noprefixroute dynamic" and two of kind "scope global temporary dynamic"
Why isn't the box getting SLAAC via ICMPv6 ? Can I force it somehow, without dhcpcd ? Would like to stay at IPv6 builtin privacy extended SLAAC.
Anything else needed to be allowed in ip6tables beside of ICMPv6 ?
Here the ICMPv6 tcpdump:
| Code: |
# tcpdump -i eth1 icmp6
error : ret -1
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth1, link-type EN10MB (Ethernet), capture size 262144 bytes
19:51:36.415454 IP6 fe80::1 > ff02::1: ICMP6, neighbor advertisement, tgt is fe80::1, length 32
19:51:44.423045 IP6 fe80::1 > ff02::1: ICMP6, neighbor advertisement, tgt is fe80::1, length 32
19:51:47.087409 IP6 fe80::1 > ff02::1: ICMP6, router advertisement, length 56
19:51:52.428754 IP6 fe80::1 > ff02::1: ICMP6, neighbor advertisement, tgt is fe80::1, length 32
19:52:00.437215 IP6 fe80::1 > ff02::1: ICMP6, neighbor advertisement, tgt is fe80::1, length 32
19:52:08.444755 IP6 fe80::1 > ff02::1: ICMP6, neighbor advertisement, tgt is fe80::1, length 32
19:52:16.452346 IP6 fe80::1 > ff02::1: ICMP6, neighbor advertisement, tgt is fe80::1, length 32
19:52:24.461079 IP6 fe80::1 > ff02::1: ICMP6, neighbor advertisement, tgt is fe80::1, length 32
19:52:29.463856 IP6 fe80::1 > ff02::1: ICMP6, router advertisement, length 56
19:52:32.464786 IP6 fe80::1 > ff02::1: ICMP6, neighbor advertisement, tgt is fe80::1, length 32
19:52:40.474060 IP6 fe80::1 > ff02::1: ICMP6, neighbor advertisement, tgt is fe80::1, length 32
19:52:48.481913 IP6 fe80::1 > ff02::1: ICMP6, neighbor advertisement, tgt is fe80::1, length 32
|
|
|
| Back to top |
|
|
UberLord
Retired Dev
Joined: 18 Sep 2003
Posts: 6835
Location: Blighty
|
|
| Back to top |
|
|
222697
n00b
Joined: 07 May 2010
Posts: 51
|
| Posted: Tue May 05, 2015 4:35 am Post subject: |
|
|
Thanks for the tip.
net.ipv6.conf.eth1.autoconf was 0.
echo 1 >/proc/sys/net/ipv6/conf/eth1/autoconf
did not help, but
emerge --depclean dhcpcd
(which was not running)
and rebooting did the trick, it seems. After Rebooting eth1 got autoconfigured. Unfortunateley, ignoring my privacy extension lifetime settings that I set in /etc/sysctl.d/40-ipv6.conf and seems to be needed to prevent my buggy router going crazy (at least I want to set the preferred lifetime higher than the router connection reset interval). The values are set:
| Code: |
cat /proc/sys/net/ipv6/conf/eth1/temp_prefered_lft
349200
cat /proc/sys/net/ipv6/conf/eth1/temp_valid_lft
352800
|
But the interface has the default values:
| Code: |
4: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 1000
inet6 2003:58:8f1a:e05d:e9fa:2409:16c5:c32d/64 scope global temporary dynamic
valid_lft 352143sec preferred_lft 86392sec
inet6 2003:58:8f1a:e05d:xxxx:xxxx:xxxx:xxxx/64 scope global mngtmpaddr dynamic
valid_lft 604792sec preferred_lft 86392sec
|
Man, this is a nerving story. I guess, eth1 is autoconfigured before the temp_ settings are modified via sysctl. WTF.
Edit: No, also after deleting the IPv6 addresses with "ip addr del" manually, they get autoconfigured shortly afterwards with the same default temp_ values again. |
|
| Back to top |
|
|
UberLord
Retired Dev
Joined: 18 Sep 2003
Posts: 6835
Location: Blighty
|
| Posted: Tue May 05, 2015 8:24 am Post subject: |
|
|
| 1970 wrote: | Unfortunateley, ignoring my privacy extension lifetime settings that I set in /etc/sysctl.d/40-ipv6.conf and seems to be needed to prevent my buggy router going crazy (at least I want to set the preferred lifetime higher than the router connection reset interval). The values are set:
| Code: |
cat /proc/sys/net/ipv6/conf/eth1/temp_prefered_lft
349200
cat /proc/sys/net/ipv6/conf/eth1/temp_valid_lft
352800
|
But the interface has the default values:
| Code: |
4: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 1000
inet6 2003:58:8f1a:e05d:e9fa:2409:16c5:c32d/64 scope global temporary dynamic
valid_lft 352143sec preferred_lft 86392sec
inet6 2003:58:8f1a:e05d:xxxx:xxxx:xxxx:xxxx/64 scope global mngtmpaddr dynamic
valid_lft 604792sec preferred_lft 86392sec
|
Man, this is a nerving story. I guess, eth1 is autoconfigured before the temp_ settings are modified via sysctl. WTF.
Edit: No, also after deleting the IPv6 addresses with "ip addr del" manually, they get autoconfigured shortly afterwards with the same default temp_ values again. |
It's not clear, but those are maximum values, not forced values.
The lifetime of the address is based on the lifetime of the prefix address offered.
See RFC 4941 section 3.3.1
_________________
Use dhcpcd for all your automated network configuration needs
Use dhcpcd-ui (GTK+/Qt) as your System Tray Network tool |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
