<div dir="ltr"><p dir="ltr"><br>
On 19 Oct 2015 3:39 pm, "David Beveridge" <<a href="mailto:dave@bevhost.com" target="_blank">dave@bevhost.com</a>> wrote:<br>
><br>
><br>
><br><snip><br>
> 14:33:22 dhcp,debug,packet send pppoe-out1-internode -> ff02::1:2%85 <br>
> 14:33:22 dhcp,debug,packet type: solicit <br>
> 14:33:22 dhcp,debug,packet transaction-id: 2677d5 <br>
> 14:33:22 dhcp,debug,packet -> clientid: 00030001 4c5e0c6b a452 <br>
> 14:33:22 dhcp,debug,packet -> oro: 23 <br>
> 14:33:22 dhcp,debug,packet -> elapsed_time: 3 <br>
> 14:33:22 dhcp,debug,packet -> ia_pd: <br>
> 14:33:22 dhcp,debug,packet t1: 1800 <br>
> 14:33:22 dhcp,debug,packet t2: 2880 <br>
> 14:33:22 dhcp,debug,packet id: 0x12 <br>
></p>
<p dir="ltr">You're not getting DHCPv6 Advertise messages in response to your Solicit messages. DHCPv6 will be timing out.</p>
<p dir="ltr">It is likely that Internode are sending them, so I think it is more likely you device is dropping them. You might want to do a packet capture on incoming packets to confirm that they're being sent.<br></p>
<p dir="ltr">DHCPv6 uses UDP ports 546 and 547, clients listen on 546, servers and relays listen on 547, so you'll need to allow incoming UDP port 546.</p><p>There might be an issue with a stateful firewall - DHCPv6 clients use multicast destination addresses to reach DHCPv6 servers or relays (ff02::1:2), where as the response will be a unicast. Some stateful firewalls don't understand that the transaction to allow is multicast out, matching unicast in (which in the case of DHCPv6, packets are matched up using the <span style="color:rgb(0,0,0);font-size:13.3333px">transaction-id field)</span>, and therefore would drop the unicast in. For example, Linux ip6tables suffers from this (or used to last I looked), and would need a dhcpv6 specific handling module that would match up transaction packets when their destination address is of a different type.</p><p dir="ltr"><br><br><br><br><br></p>
<p dir="ltr">> [dave@EagleFarm] /log> /ping fe80::224:14ff:fe9a:bc00 interface=pppoe-out1-internode<br>
> SEQ HOST SIZE TTL TIME STATUS <br>
> 0 fe80::224:14ff:fe9a:bc00 56 64 2ms echo reply <br>
> 1 fe80::224:14ff:fe9a:bc00 56 64 2ms echo reply <br>
> 2 fe80::224:14ff:fe9a:bc00 56 64 2ms echo reply <br>
> 3 fe80::224:14ff:fe9a:bc00 56 64 1ms echo reply <br>
> 4 fe80::224:14ff:fe9a:bc00 56 64 3ms echo reply <br>
> 5 fe80::224:14ff:fe9a:bc00 56 64 1ms echo reply <br>
> 6 fe80::224:14ff:fe9a:bc00 56 64 2ms echo reply <br>
> sent=7 received=7 packet-loss=0% min-rtt=1ms avg-rtt=1ms max-rtt=3ms <br>
><br>
> [dave@EagleFarm] /log> /ipv6 dhcp-client print<br>
> Flags: D - dynamic, X - disabled, I - invalid <br>
> # INTERFACE STATUS PREFIX EXPIRES-AFTER <br>
> 0 pppoe-out1-internode searching... <br>
> <br>
>><br>
>> _______________________________________________<br>
>> AusNOG mailing list<br>
>> <a href="mailto:AusNOG@lists.ausnog.net" target="_blank">AusNOG@lists.ausnog.net</a><br>
>> <a href="http://lists.ausnog.net/mailman/listinfo/ausnog" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
>><br>
><br>
><br>
> _______________________________________________<br>
> AusNOG mailing list<br>
> <a href="mailto:AusNOG@lists.ausnog.net" target="_blank">AusNOG@lists.ausnog.net</a><br>
> <a href="http://lists.ausnog.net/mailman/listinfo/ausnog" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
><br>
</p>
</div>