![]() ![]() ![]() |
|
@Crayphish What router?
Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)
Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.
Crayphish: It's an old PC Engine's APU2 running OpenWRT. It's an older OpenWRT version (19.07), so I might look into a software upgrade before trying again as well.
As others have mentioned ensure that you're also running with a MTU of 1500 for IPoE.
Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)
Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.
michaelmurfy:
Crayphish: It's an old PC Engine's APU2 running OpenWRT. It's an older OpenWRT version (19.07), so I might look into a software upgrade before trying again as well.
As others have mentioned ensure that you're also running with a MTU of 1500 for IPoE.
Didn't modify MTU specifically after the DHCP change since it listed default 1500 anyway, but I'll have another look at that next chance I get, thanks.
It looks like IPoE issue that preventing me from accessing certain sites has been resolved after last night's maintenance.
Moved connection back to IPoE. See how it goes.
So I configured a Debian machine to be my new router, and lo and behold IPv4 worked like a charm with DHCP/IPoE. π₯³ Thanks @quic! π
IPv6 also works fine from the router itself, but not from the client devices on the LAN. Probably due to some misconfiguration on my part. I think it's a DHCPv6-DP issue. Could someone please help me sort this out? Hopefully this could help others setup their own Linux routers with Quic.
Here are my IPv6 addresses on the router:
% ip -6 a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 state UNKNOWN qlen 1000
inet6 ::1/128 scope host noprefixroute
valid_lft forever preferred_lft forever
2: enp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 fe80::1322:33ff:fe44:5566/64 scope link
valid_lft forever preferred_lft forever
3: vlan_wan@enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 2407:8b00:1:2ba:1322:33ff:fe44:5567/64 scope global dynamic mngtmpaddr noprefixroute
valid_lft 3504sec preferred_lft 3504sec
inet6 2407:8b00:1:f0:1322:33ff:fe44:5567/64 scope global dynamic mngtmpaddr noprefixroute
valid_lft 3598sec preferred_lft 3598sec
inet6 fe80::1322:33ff:fe44:5567/64 scope link
valid_lft forever preferred_lft forever
Here are my IPv6 routes:
% ip -6 route
::/64 dev vlan_wan proto ra metric 1024 expires 3595sec pref medium
2407:8b00:1:f0::/64 dev vlan_wan proto ra metric 1024 expires 3595sec pref medium
2407:8b00:1:f1::/64 dev vlan_wan proto ra metric 1024 expires 3595sec pref medium
2407:8b00:1:2ba::/64 dev vlan_wan proto ra metric 1024 expires 3528sec pref medium
fe80::/64 dev enp4s0 proto kernel metric 256 pref medium
fe80::/64 dev vlan_wan proto kernel metric 256 pref medium
default proto ra metric 1024 expires 1795sec pref high
nexthop via fe80::fc03:c4ff:fed2:b98c dev vlan_wan weight 1
nexthop via fe80::fcc5:56ff:fe12:4e3 dev vlan_wan weight 1
As I said, I do have full IPv6 internet access on the router itself, but not on the client devices on the LAN. Here are the addresses on a client Macbook:
% ifconfig en0
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=400<CHANNEL_IO>
ether 11:22:33:44:55:68
inet6 fe80::c26:d52f:2710:ebb2%en0 prefixlen 64 secured scopeid 0x6
inet 192.168.0.2 netmask 0xffffff00 broadcast 192.168.0.255
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
Notice that there's no public IPv6 address here, that's not good. π±
I'm using SystemD-Networkd on the router. The configuration files are:
[NetDev]
Name=vlan_wan
Kind=vlan
[VLAN]
Id=10
[Match]
Name=enp1s0
Type=ether
[Network]
Description=WAN Ethernet port 1
VLAN=vlan_wan
# deactivate untagged traffic
LinkLocalAddressing=no
LLDP=no
EmitLLDP=no
IPv6AcceptRA=no
IPv6SendRA=no
[Match]
Name=vlan_wan
Type=vlan
[Network]
Description=WAN network
DHCP=yes
[DHCPv6]
PrefixDelegationHint=::/56
[Match]
Name=enp2s0
Type=ether
[Network]
Description=LAN Ethernet port 2
Address=192.168.0.1/24
IPv6SendRA=true
IPv6PrefixDelegation=dhcpv6
IPv6DuplicateAddressDetection=1
LinkLocalAddressing=ipv6
[DHCPv6PrefixDelegation]
SubnetId=50
[IPv6SendRA]
OtherInformation=true
That's about it. Other than that I'm using nftables for my firewall (it takes care of filtering for IPv4 and IPv6, and it also takes care of masquerading for IPv4 only). I've ensured that nftables is not the culprit (I just deactivated it for a while, made no difference).
And I'm using isc-dhcp-server as my DHCP server: it serves IP addresses, gateway, DNS, and DNS domain for IPv4, but it only serves DNS and DNS domain for IPv6.
What am I doing wrong? π
Thanks for your help!
Ok, problem solved, IPv6 is working fine now! Here's what I had to change to make it work:
DHCPPrefixDelegation=yes
IPv6AcceptRA=no
[DHCPv6]
WithoutRA=solicit
[DHCPPrefixDelegation]
UplinkInterface=:self
SubnetId=0
Announce=no
[Match]
Name=enp2s0
Type=ether
[Network]
Description=LAN Ethernet port 2
Address=192.168.0.1/24
DHCPPrefixDelegation=yes
IPv6SendRA=yes
IPv6AcceptRA=no
[DHCPPrefixDelegation]
UplinkInterface=vlan_wan
SubnetId=50
Announce=yes
[IPv6SendRA]
OtherInformation=true
Lastly, I had to add two rules to my firewall to allow DHCPv6: accept inbound UDP 546 from vlan_wan, and inbound UDP 547 from enp2s0.
Hope this helps! π
|
![]() ![]() ![]() |