[AusNOG] Fwd: Internode IPv6 Support

Mark Smith markzzzsmith at gmail.com
Mon Oct 19 16:40:14 EST 2015 

On 19 Oct 2015 3:39 pm, "David Beveridge" <dave at bevhost.com> wrote:
>
>
>
<snip>
> 14:33:22 dhcp,debug,packet send pppoe-out1-internode -> ff02::1:2%85
> 14:33:22 dhcp,debug,packet type: solicit
> 14:33:22 dhcp,debug,packet transaction-id: 2677d5
> 14:33:22 dhcp,debug,packet  -> clientid:  00030001 4c5e0c6b a452
> 14:33:22 dhcp,debug,packet  -> oro: 23
> 14:33:22 dhcp,debug,packet  -> elapsed_time: 3
> 14:33:22 dhcp,debug,packet  -> ia_pd:
> 14:33:22 dhcp,debug,packet    t1: 1800
> 14:33:22 dhcp,debug,packet    t2: 2880
> 14:33:22 dhcp,debug,packet    id: 0x12
>

You're not getting DHCPv6 Advertise messages in response to your Solicit
messages. DHCPv6 will be timing out.

It is likely that Internode are sending them, so I think it is more likely
you device is dropping them. You might want to do a packet capture on
incoming packets to confirm that they're being sent.

DHCPv6 uses UDP ports 546 and 547, clients listen on 546, servers and
relays listen on 547, so you'll need to allow incoming UDP port 546.

There might be an issue with a stateful firewall - DHCPv6 clients use
multicast destination addresses to reach DHCPv6 servers or relays
(ff02::1:2), where as the response will be a unicast. Some stateful
firewalls don't understand that the transaction to allow is multicast out,
matching unicast in (which in the case of DHCPv6, packets are matched up
using the transaction-id field), and therefore would drop the unicast in.
For example, Linux ip6tables suffers from this (or used to last I looked),
and would need a dhcpv6 specific handling module that would match up
transaction packets when their destination address is of a different type.






> [dave at EagleFarm] /log> /ping fe80::224:14ff:fe9a:bc00
interface=pppoe-out1-internode
>   SEQ HOST                                     SIZE TTL TIME  STATUS

>     0 fe80::224:14ff:fe9a:bc00                   56  64 2ms   echo reply

>     1 fe80::224:14ff:fe9a:bc00                   56  64 2ms   echo reply

>     2 fe80::224:14ff:fe9a:bc00                   56  64 2ms   echo reply

>     3 fe80::224:14ff:fe9a:bc00                   56  64 1ms   echo reply

>     4 fe80::224:14ff:fe9a:bc00                   56  64 3ms   echo reply

>     5 fe80::224:14ff:fe9a:bc00                   56  64 1ms   echo reply

>     6 fe80::224:14ff:fe9a:bc00                   56  64 2ms   echo reply

>     sent=7 received=7 packet-loss=0% min-rtt=1ms avg-rtt=1ms max-rtt=3ms
>
> [dave at EagleFarm] /log> /ipv6 dhcp-client print
> Flags: D - dynamic, X - disabled, I - invalid
>  #    INTERFACE              STATUS        PREFIX
             EXPIRES-AFTER
>  0    pppoe-out1-internode   searching...
>
>>
>> _______________________________________________
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>
>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20151019/0b6f646e/attachment.html>

More information about the AusNOG mailing list