Broadband Tech > IPv6 > IPv6 is too hard

IPv6 is too hard

Oh, and here is my ipv6 routing table:


ip -6 route show
2001:470:ZZZZ:ZZZZ::/64 via :: dev he-ipv6 metric 256 mtu 1472 advmss 1412
2001:470:ZZZZ:ZZZZ::/64 dev br0 metric 256 mtu 1500 advmss 1440
fe80::/64 dev eth0 metric 256 mtu 1500 advmss 1440
fe80::/64 dev eth2 metric 256 mtu 1500 advmss 1440
fe80::/64 dev eth3 metric 256 mtu 1500 advmss 1440
fe80::/64 dev br0 metric 256 mtu 1500 advmss 1440
fe80::/64 dev eth1 metric 256 mtu 1500 advmss 1440
fe80::/64 via :: dev he-ipv6 metric 256 mtu 1472 advmss 1412
ff00::/8 dev eth0 metric 256 mtu 1500 advmss 1440
ff00::/8 dev eth2 metric 256 mtu 1500 advmss 1440
ff00::/8 dev eth3 metric 256 mtu 1500 advmss 1440
ff00::/8 dev br0 metric 256 mtu 1500 advmss 1440
ff00::/8 dev eth1 metric 256 mtu 1500 advmss 1440
ff00::/8 dev he-ipv6 metric 256 mtu 1472 advmss 1412
default dev he-ipv6 metric 1024 mtu 1472 advmss 1412



--
"Life is like this long line, except at the end there ain't no merry-go-round." - Arthur on The King of Queens
~ Project Hope ~

reply to timcuth
I really don't know much about DD-WRT but I see no reason why the wireless clients couldn't get an address provided the infrastructure is there on the server and client (the router and laptops). Can you link to the HE.net thread and maybe we can take a look at what they wanted you to do and we can try to explain it.

Sure: »www.tunnelbroker.net/forums/inde···c=1826.0

Thanks,
Tim

I don't think IPv6 is too hard, but the information you have posted so far is not giving the complete picture.

To start with, br0 is a software bridge. It connects (just like a switch) ethernet interfaces together and tries to be smart about it (caching mac addresses and forwarding frames only to the interface where the destination host resides).

To find out which of the interfaces inside your router are connected with the br0 bridge, please issue the command: brctl show

I don't know for sure what interface ra0 is, but it is possible that it is your wireless interface. If that is the case and if it is not a member of the br0 bridge group then you need an additional entry in your radvd.conf file to also announce IPv6 on the ra0 interface. Of course then ra0 needs to get its own IPv6 address in a different IPv6 subnet.
--
Got some spare cpu cycles ? Join Team Helix or Team Starfire!

leibold , it looks like you have solved the puzzle.


brctl show
bridge name bridge id STP enabled interfaces
br0 8000.00223f1af525 no eth0
eth2
eth3


Please explain more about giving ra0 its own IPv6 address, especially the part about "in a different IPv6 subnet".

Thank you,
Tim

--
"Life is like this long line, except at the end there ain't no merry-go-round." - Arthur on The King of Queens
~ Project Hope ~

You can get a /48 address block from HE (if you don't have one already). This allows you to create 64K networks (although you may only need one or two). You could make your wireless network one network, your wired network another network, and do away with bridging alltogether (I think...in theory). That would mean though that everything is routed; you would never have anything on the wired network talk directly to WiFi, and vice-versa. Everything would always traverse the routing code. I would GUESS this isn't too much of a constraint though. You are then subnetting your address block.

For example, my address block is 2001:470:e107::/48, but my LAN is 2001:470:e107:2001::/64, and that's the prefix I advertise with radvd(8). It's that fourth word which basically defines the network number within my address block...in this case, "0x2001". (I'm a fan of "2001: A Space Odyssey"). And in my case, I'm only using one subnet so far, but I could set up more networks (perhaps numbered "2010" or "2061" ) on my router's other Ethernet interfaces. The basic decision the Linux kernel (usually) makes is, based on destination address, out what interface do I shove this packet, or do I consume it myself? (Or in the ip6tables case, do I drop it, reflect it, reply with an ICMPv6, log it, etc.)

Trouble is, I can only hint at some advice because while I may have Linux experience (on which DD-WRT is based), I do not have DD-WRT itself. Just sayin....

I would try Wireshark on your WiFi clients, and see if the RAs are making it "over the air"
--
English is a difficult enough language to interpret correctly when its rules are followed, let alone when a writer chooses not to follow those rules.

Jeopardy! replies and randomcaps REALLY suck!

reply to timcuth
Ok. I think I am about ready to just give up on this. I like to keep things simple and, so far, I have never had to use more than one subnet. I was hoping to be able to keep it that way and have both wired and wireless hosts together in the same seamless LAN. I feel like it is currently that way for IPv4. I'm not sure I understand why it can't also be that way for IPv6.

Thanks for your help, everyone. I may just try to solve it by buying an Apple Airport Extreme.

Tim
--
"Life is like this long line, except at the end there ain't no merry-go-round." - Arthur on The King of Queens
~ Project Hope ~

It's not a requirement, I don't think. It's just a suggestion to keep things separate. At the very least, radvd can be told to hand out different addresses for different interfaces, potentially making diagnostics (e.g. Wireshark) easier/less complicated. For example, ra0 can have one network, and eth0 another.

Somehow I doubt it, but it is also possible the bridging interface kernel code doesn't handle v6. The other thing I can think of is the ipv6/conf/*/forwarding pseudofiles. Perhaps if ipv6/conf/ra0/forwarding is not 1, it won't quite work (won't feed the packets into br0?)
--
English is a difficult enough language to interpret correctly when its rules are followed, let alone when a writer chooses not to follow those rules.

Jeopardy! replies and randomcaps REALLY suck!

reply to timcuth
New idea: This would take some time and a little money, but I think it should be able to handle things better.

Get rid of the little Netgear router. Well, change it from a router to a wireless access point. Add another NIC to my old PC. Change it into a gateway server by setting it up to run Untangled. The old NIC would handle the WAN and the new NIC would handle the LAN. Then would come a switch, then all my wired hosts and the Netgear configured as an access point. Wouldn't this do a better job of managing all the complications? Would everything get IPv6?

Or, am I just going in farther over my head?

Thanks,
Tim
--
"Life is like this long line, except at the end there ain't no merry-go-round." - Arthur on The King of Queens
~ Project Hope ~

For simpler, you could...

1) Get a D-Link DIR-825 whose stock firmware will handle IPv6. Not sure how the D-Link compares to the AirPort as far as IPv6 support, but I am happy with the the DIR-825's current IPv6 support.

2) Add the ra0 interface to the bridge - br0.

Ok, I found the command with Google. It did not work:

brctl addif br0 ra0
interface ra0 does not exist!
 

DD-WRT probably has some type of configuration file that needs to be modified, as the command will have to executed on every reboot to add the interfaces to the bridge.

reply to timcuth

reply to timcuth

Thanks. I was trying to figure out what is the wireless interface on the router, myself, last night. About the only thing I determined is that my tiny Linux OS (dd-wrt) does not have the iwconfig command. It does have eth1, eth2, and eth3 interfaces, though. I am wondering if one of those could be the wireless interface?

Yes, wireless IPv4 is working fine.

Anyway, today is busy with family holiday activities. I won't be able to get back to it until this evening at the earliest.

Again, thank you everyone for your help and advice.

Tim
--
"Life is like this long line, except at the end there ain't no merry-go-round." - Arthur on The King of Queens
~ Project Hope ~

reply to leibold
I found an extra minute or so to try to gather some info (actually, the wife is bending my ear right now):

ip addr list
1: lo: <LOOPBACK,MULTICAST,UP> mtu 16436 qdisc noqueue 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
    inet6 ::1/128 scope host 
2: teql0: <NOARP> mtu 1500 qdisc noop 
    link/void 
3: eth0: <BROADCAST,MULTICAST,PROMISC,UP> mtu 1500 qdisc pfifo_fast 
    link/ether 00:22:3f:1a:f5:25 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::222:3fff:fe1a:f525/64 scope link 
4: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast 
    link/ether 00:22:3f:1a:f5:26 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::222:3fff:fe1a:f526/64 scope link 
5: eth2: <BROADCAST,MULTICAST,PROMISC,UP> mtu 1500 qdisc pfifo_fast 
    link/ether 00:22:3f:1a:f5:27 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::222:3fff:fe1a:f527/64 scope link 
6: eth3: <BROADCAST,MULTICAST,PROMISC,UP> mtu 1500 qdisc pfifo_fast 
    link/ether 00:22:3f:1a:f5:28 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::222:3fff:fe1a:f528/64 scope link 
7: sit0@NONE: <NOARP> mtu 1480 qdisc noop 
    link/sit 0.0.0.0 brd 0.0.0.0
8: br0: <BROADCAST,MULTICAST,PROMISC,UP> mtu 1500 qdisc noqueue 
    link/ether 00:22:3f:1a:f5:25 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.1/24 brd 192.168.1.255 scope global br0
    inet 169.254.255.1/16 brd 169.254.255.255 scope global br0:0
    inet6 2001:470:8:b57::1/64 scope global 
    inet6 fe80::222:3fff:fe1a:f525/64 scope link 
9: ppp0: <POINTOPOINT,MULTICAST,UP> mtu 1492 qdisc pfifo_fast 
    link/ppp 
    inet 68.209.199.199 peer 70.159.240.22/32 brd 68.209.199.199 scope global ppp0
10: he-ipv6@NONE: <POINTOPOINT,NOARP,UP> mtu 1472 qdisc noqueue 
    link/sit 68.209.199.199 peer 216.66.22.2
    inet6 2001:470:7:b57::2/64 scope global 
    inet6 fe80::44d1:c7c7/128 scope link 
 

ip route show
70.159.240.22 dev ppp0  scope link 
70.159.240.22 dev ppp0  proto kernel  scope link  src 68.209.199.199 
192.168.1.0/24 dev br0  proto kernel  scope link  src 192.168.1.1 
169.254.0.0/16 dev br0  proto kernel  scope link  src 169.254.255.1 
127.0.0.0/8 dev lo  scope link 
default via 70.159.240.22 dev ppp0
 

iwconfig
-sh: iwconfig: not found
 

Interface 1 'lo' is your loopback interface (used when computers talk to themselves)
Interface 2 'teql' is a link equalizing network interface (useful when you have two network links to the same destination)
Interfaces 3-6 'eth' are regular ethernet interfaces
Interface 7 'sit' is the Simple IPv6 Transition interface (it does the protocol 41 encapsulation needed for 6in4 and 6to4 tunnels)
Interface 8 'br' is the interface for a bridge group (based on the brctl show output we know that eth0, eth2 and eth3 are members of the br0 bridge group while eth1 is not)
Interface 9 'ppp' is a point to point tunnel interface (it appears your ISP is using PPPoE)
Interface 10 'he-ipv6' is your 6in4 tunnel

br0 is clearly the LAN side of your router (with eth0, eth2 and eth3 as LAN interfaces).
ppp0 is the WAN side of your router (and most likely using interface eth1).

What is still not clear to me is which interface your wireless connection is. Based on the dd-wrt documentation I would have expected to see either a 'ath#' (Atheros), 'wl#' (Broadcom) or 'ra#' (Ralink) interface. Actually it should be wl0 and wl1since your router is supposed to have dual broadcom wifi radios.

Lets check whether any of the eth# devices are your wireless interfaces:

wl status
wl -i eth0 status
wl -i eth1 status (unlikely, but let's make sure)
wl -i eth2 status
wl -i eth3 status

Instead of the 'status' command you can also use the 'cap' command which will list the device capabilities.

A more indirect way to figure out which of your eth devices connects where is to use IPv6 neighbor discovery from your linux client.
First connect it to the wired ports on the router and run:

ip -6 neigh show

Then disconnect the wired connection and use the wireless connection to the router. Again run:

ip -6 neigh show

See if the IPv6 addresses shown in the neighbor discovery match one of the IPv6 local link addresses on the router interfaces.

Have a great 4th of July weekend and watch your ears
--
Got some spare cpu cycles ? Join Team Helix or Team Starfire!

wl status
SSID: "HaHa3981JokerNSSID"
Mode: ManagedRSSI: 0 dBmnoise: 0 dBmChannel: 6
BSSID: 00:22:3F:1A:F5:27Capability: ESS ShortSlot 
Supported Rates: [ 1(b) 2(b) 5.5(b) 6 9 11(b) 12 18 24 36 48 54 ]
 

wl -i eth0 status
wl:-i eth0 status ->wl driver adapter not found
 

wl -i eth1 status
wl:-i eth1 status ->wl driver adapter not found
 

wl -i eth2 status
SSID: "HaHa3981JokerNSSID"
Mode: ManagedRSSI: 0 dBmnoise: 0 dBmChannel: 6
BSSID: 00:22:3F:1A:F5:27Capability: ESS ShortSlot 
Supported Rates: [ 1(b) 2(b) 5.5(b) 6 9 11(b) 12 18 24 36 48 54 ]
 

wl -i eth3 status
SSID: "dd-wrt"
Mode: ManagedRSSI: 0 dBmnoise: 0 dBmChannel: 1
BSSID: 00:22:3F:1A:F5:28Capability: ESS ShortSlot 
Supported Rates: [ 1(b) 2(b) 5.5(b) 6 9 11(b) 12 18 24 36 48 54 ]
 

ip -6 neigh show
2001:470:8:b57:52e5:49ff:fe3a:4505 dev br0 lladdr 50:e5:49:3a:45:05 STALE
fe80::52e5:49ff:fe3a:4505 dev br0 lladdr 50:e5:49:3a:45:05 STALE
 

ip -6 neigh show
(returned to prompt with no other output)