IPv6 global address on br0

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
Author Message
WCBonner
DD-WRT Novice


Joined: 15 Mar 2009
Posts: 17

PostPosted: Wed Aug 31, 2022 16:58    Post subject: IPv6 global address on br0 Reply with quote
I have had IPv6 working for a while, but occasionally when the router gets reset, it takes several hours or more for things to get back to a stable and working condition.

I'm running using dnsmasq to enable router advertisements for my internal network via the following three lines in my dnsmasq additional options section.
Code:
dhcp-range=::1000,::FFFF,constructor:br0,ra-stateless,5m
ra-param=br0,10,300
enable-ra


The problem seems to be that br0 doesn't get a global scoped IPv6 address soon after vlan2 is assigned a global scoped IPv6 address.

I can run radvdump on the router and see periodic broadcasts from my ISP, which is how DDWRT knows to assign a global address to the vlan2 address.
Code:
root@Netgear-R7000:~# radvdump
#
# radvd configuration generated by radvdump 2.19
# based on Router Advertisement from fe80::22c:c8ff:fe42:24bf
# received by interface vlan2
#

interface vlan2
{
        AdvSendAdvert on;
        # Note: {Min,Max}RtrAdvInterval cannot be obtained with radvdump
        AdvManagedFlag off;
        AdvOtherConfigFlag on;
        AdvReachableTime 0;
        AdvRetransTimer 0;
        AdvCurHopLimit 64;
        AdvDefaultLifetime 1800;
        AdvHomeAgentFlag off;
        AdvDefaultPreference high;
        AdvSourceLLAddress on;
        AdvLinkMTU 1500;

        prefix 2604:4080:1304::/64
        {
                AdvValidLifetime 2592000;
                AdvPreferredLifetime 604800;
                AdvOnLink on;
                AdvAutonomous on;
                AdvRouterAddr off;
        }; # End of prefix definition

}; # End of interface definition


Once DDWRT has assigned a global address to br0, I'll also see the appropriate advertisements on interface br0.

What I don't understand, and am trying to accelerate, is the process that DDWRT assigns the global address on br0.

I've documented my current settings at https://wimsworld.wordpress.com/2022/08/12/ipv6-ddwrt-and-astound-broadband/ with links to more information on how IPv6 addresses are allocated. What I don't know is the process in charge of allocating IPv6 addresses on the interfaces in DDWRT.
Sponsor
WCBonner
DD-WRT Novice


Joined: 15 Mar 2009
Posts: 17

PostPosted: Wed Aug 31, 2022 18:13    Post subject: Reply with quote
Now that my system has recovered it's address on the br0 interface, it has a /60 address allocated vs the /64 address on the vlan2 interface. (I'm adding this just for information, since all I care about is that it's working again.)

Code:
root@Netgear-R7000:~# ip a
1: lo: <LOOPBACK,MULTICAST,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: teql0: <NOARP> mtu 1500 qdisc noop state DOWN qlen 100
    link/void
3: ctf0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
    link/ether 00:23:6a:00:00:00 brd ff:ff:ff:ff:ff:ff
4: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN qlen 1000
    link/ether xx:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff
    inet6 fe80::xxxx:xxxx:xxxx:xxxx/64 scope link
       valid_lft forever preferred_lft forever
5: vlan1@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br0 state UP qlen 1000
    link/ether xx:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff
    inet6 fe80::xxxx:xxxx:xxxx:xxxx/64 scope link
       valid_lft forever preferred_lft forever
6: vlan2@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
    link/ether xx:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff
    inet 24.35.91.xxx/26 brd 24.35.91.191 scope global vlan2
       valid_lft forever preferred_lft forever
    inet6 2604:4080:1304:0:xxxx:xxxx:xxxx:xxxx/64 scope global dynamic flags 100
       valid_lft 2591902sec preferred_lft 604702sec
    inet6 fe80::xxxx:xxxx:xxxx:xxxx/64 scope link
       valid_lft forever preferred_lft forever
7: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master br0 state UNKNOWN qlen 1000
    link/ether xx:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff
    inet6 fe80::xxxx:xxxx:xxxx:xxxx/64 scope link
       valid_lft forever preferred_lft forever
8: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master br0 state UNKNOWN qlen 1000
    link/ether xx:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff
    inet6 fe80::xxxx:xxxx:xxxx:xxxx/64 scope link
       valid_lft forever preferred_lft forever
9: sit0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN qlen 1
    link/sit 0.0.0.0 brd 0.0.0.0
11: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
    link/ether xx:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.1/24 brd 192.168.0.255 scope global br0
       valid_lft forever preferred_lft forever
    inet6 2604:4080:1304:xxxx:xxxx:xxxx:xxxx:xxxx/60 scope global
       valid_lft forever preferred_lft forever
    inet6 fe80::xxxx:xxxx:xxxx:xxxx/64 scope link
       valid_lft forever preferred_lft forever
13: ip6tnl0@NONE: <NOARP> mtu 1452 qdisc noop state DOWN qlen 1
    link/tunnel6 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 brd 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
userrox
DD-WRT Novice


Joined: 11 May 2019
Posts: 16

PostPosted: Sun Sep 04, 2022 1:31    Post subject: Reply with quote
It's interesting seeing the differences on your R7800 vs mine. I have eth0 as my WAN port assignment. I use Xfinity and have DHCPv6 with Prefix Delegation enabled, but I request a /60 because I want to use multiple isolated subnets. I never see a global scoped IPv6 address assigned to eth0. Instead, all four of my bridges br0, br1, br2 and br3 get global IPv6 addresses from a /64. I never have to wait long before the addresses are assigned to bridges. I have a custom DHCPv6 client configuration to apply the prefix to each bridge as follows:-
Code:

interface eth0 {
  send rapid-commit;
  send ia-pd 1;
  request domain-name-servers, domain-name;
};

id-assoc pd 1 {
  prefix ::/60 infinity;
  prefix-interface br0 {
     sla-id 0;
     sla-len 4;
  };
  prefix-interface br1 {
     sla-id 1;
     sla-len 4;
  };
  prefix-interface br2 {
     sla-id 2;
     sla-len 4;
  };
  prefix-interface br3 {
     sla-id 3;
     sla-len 4;
  };
};

I also use dnsmasq to provide router advertisements for my local network
Code:

quiet-ra
quiet-dhcp6
enable-ra
ra-param=*,60,1800
dhcp-range=::100,::400, constructor:br0, slaac, ra-names,12h
dhcp-range=::100,::400, constructor:br1, slaac, ra-names,12h
dhcp-range=::100,::400, constructor:br2, slaac, ra-names,12h
dhcp-range=::100,::400, constructor:br3, slaac, ra-names,12h
WCBonner
DD-WRT Novice


Joined: 15 Mar 2009
Posts: 17

PostPosted: Wed Sep 07, 2022 17:13    Post subject: Reply with quote
I really wish I understood what each setting did to make it consistently work. I rebooted my router to make sure it was running local dhcp parameters I wanted in dnsmasq and it lost its IPv6 lease from the ISP. I still don't know if I've got things set wrong or my ISP has flaky equipment regarding IPv6.

I've tried with either Enable or Disable on the "No Release on Reconnect" option and it doesn't seem to change the contents of the /tmp/dhcp6c.conf file.

Code:
root@Netgear-R7000:~# cat /tmp/dhcp6c.conf
interface vlan2 {
 send ia-pd 0;
 send rapid-commit;
 request domain-name-servers;
 script "/sbin/dhcp6c-state";
};
id-assoc pd 0 {
 prefix-interface br0 {
  sla-id 0;
  sla-len 0;
 };
};
id-assoc na 0 { };


I notice that your custom configuration has "send ia-pd 1;" while mine has "send ia-pd 0;" That's one more parameter I do not understand. I've been trying to make as few changes from default as possible to make understanding the setup easier.

I've figured out that a global address added to my vlan2 interface seems to happen via SLAAC, and is probably happening because I've allowed pinging my external interface on the security->firewall tab by unchecking "Block Anonymous WAN Requests (ping)"

For a while I realized that I could reboot, and the /60 address was getting assigned to the br0 (internal) interface while the vlan2 (external) interface still only had a link local address. Then later the external would get assigned a /64 address. I figured out that the proper operation seems to have the dhcp6c get an /60 block from the ISP and assign it to the br0 interface. When it does that, the ISP seems to set up the route for that block between their link local address and my link local address.

running "ps" I can see the arguments for dhcp6c. Can anyone tell me how to debug what it's doing? The -T option seems to be --test but I don't know what the LL does, or if there's an easy way to restart the process without rebooting the entire router.

Code:
dhcp6c -c /tmp/dhcp6c.conf -T LL vlan2


My network assignments currently look like this, and IPv6 is definitely not working on my LAN.

Code:
root@Netgear-R7000:~# ip -oneline addr
1: lo    inet 127.0.0.1/8 brd 127.255.255.255 scope host lo\       valid_lft forever preferred_lft forever
1: lo    inet6 ::1/128 scope host \       valid_lft forever preferred_lft forever
4: eth0    inet6 fe80::b27f:b9ff:fe83:658f/64 scope link \       valid_lft forever preferred_lft forever
5: vlan1    inet6 fe80::b27f:b9ff:fe83:658f/64 scope link \       valid_lft forever preferred_lft forever
6: vlan2    inet 24.35.91.163/26 brd 24.35.91.191 scope global vlan2\       valid_lft forever preferred_lft forever
6: vlan2    inet6 2604:4080:1304:0:b27f:b9ff:fe83:6590/64 scope global dynamic flags 100 \       valid_lft 2591996sec preferred_lft 604796sec
6: vlan2    inet6 fe80::b27f:b9ff:fe83:6590/64 scope link \       valid_lft forever preferred_lft forever
7: eth1    inet6 fe80::b27f:b9ff:fe83:6591/64 scope link \       valid_lft forever preferred_lft forever
8: eth2    inet6 fe80::b27f:b9ff:fe83:659e/64 scope link \       valid_lft forever preferred_lft forever
11: br0    inet 192.168.0.1/24 brd 192.168.0.255 scope global br0\       valid_lft forever preferred_lft forever
11: br0    inet6 fe80::b27f:b9ff:fe83:6591/64 scope link \       valid_lft forever preferred_lft forever


If I manually add the /60 address that was previously working to my br0 interface with the command "ip -6 addr add 2604:4080:1304:8010:b27f:b9ff:fe83:6591/60 dev br0" dnsmasq will start sending router advertisments on br0, and my clients will set up their global addresses based on that, but the ISP won't be routing the block to me, so things don't really work correctly.
Per Yngve Berg
DD-WRT Guru


Joined: 13 Aug 2013
Posts: 6855
Location: Romerike, Norway

PostPosted: Wed Sep 07, 2022 20:19    Post subject: Reply with quote
Change the Prefix Length from 64 to 60.

The first 64 prefix from that block will be assigned to br0.

This is correct:

interface eth0 {
send rapid-commit;
send ia-pd 1;
request domain-name-servers, domain-name;
};

id-assoc pd 1 {
prefix ::/60 infinity;
prefix-interface br0 {
sla-id 0;
sla-len 4;
};
prefix-interface br1 {
sla-id 1;
sla-len 4;
};
prefix-interface br2 {
sla-id 2;
sla-len 4;
};
prefix-interface br3 {
sla-id 3;
sla-len 4;
};
};
WCBonner
DD-WRT Novice


Joined: 15 Mar 2009
Posts: 17

PostPosted: Thu Sep 08, 2022 5:09    Post subject: Reply with quote
Per Yngve Berg wrote:
Change the Prefix Length from 64 to 60.


I made the single change of going from 64 to 60 in the web interface. It immediately dropped my running IPv6 global address and I noticed my clients getting a huge number of router advertisements.

Code:
Sep  7 22:02:24 WimPi4-Dev dhcpcd[564]: eth0: Router Advertisement from fe80::b27f:b9ff:fe83:6591
Sep  7 22:02:24 WimPi4-Dev dhcpcd[564]: wlan0: Router Advertisement from fe80::b27f:b9ff:fe83:6591


I checked the router status and the dhcpdc file had gone from what I showed earlier in the thread to this:
Code:
root@Netgear-R7000:~# cat /tmp/dhcp6c.conf
interface vlan2 {
 send ia-pd 0;
 send rapid-commit;
 request domain-name-servers;
 script "/sbin/dhcp6c-state";
};
id-assoc pd 0 {
 prefix-interface br0 {
  sla-id 0;
  sla-len 4;
 };
};
id-assoc na 0 { };


I don't know what the sla-len 4 difference means. It was the only obvious difference.

I went back to the 64 in the webui and things started working again properly.
HalfBit
DD-WRT Guru


Joined: 04 Sep 2009
Posts: 776
Location: AR, USA

PostPosted: Wed Oct 26, 2022 19:08    Post subject: Reply with quote
I'm still trying to understand the IPv6 configuration myself. However, I do know that the Prefix Length + sla-len needs to equal 64.

My ISP is Cox, and they typically issue at /64 prefix delegation. I specifically request a /56, so that gives me 8 bits for the sla-len(gth).

Here's my config in case it helps others:
Code:
interface vlan2 {
     send ia-pd 1; #prefix delegation request
     send ia-na 0; #dhcpv6 request
     script "/sbin/dhcp6c-state";
};
id-assoc pd 1 {
     prefix ::/56 infinity;
     prefix-interface br0 {
          sla-id 1;
         sla-len 8;
     };
     prefix-interface wl0.1 {
          sla-id 10;   
         sla-len 8;
     };
     prefix-interface wl0.2 {
          sla-id 15;   
         sla-len 8;
     };       
     prefix-interface br1 {
          sla-id 20;   
         sla-len 8;
     };       
     prefix-interface wl1.1 {
          sla-id 30;   
         sla-len 8;
     };       
     prefix-interface wl1.2 {
          sla-id 35;   
         sla-len 8;
     };       
     prefix-interface br2 {
          sla-id 40;   
         sla-len 8;
     }; 
};
id-assoc na 0 { };


Based on the config above, the br0 network receives a 2xxx:xxxx:xxxx:xx01:: prefix--0x01 matches the above"
Code:
sla-id 1;


On the same token, the br1 network receives a 2xxx:xxxx:xxxx:xx14:: prefix--0x14 equals 20 as defined by
Code:
sla-id 20;


For the br2 network, it receives 2xxx:xxxx:xxxx:xx28:: prefix--0x28 equals 40 as defined by
Code:
sla-id 40;


Hopefully that clears some of it up for you.

_________________
R7000 Nighthawk - DD-WRT v3.0-r50308
R7000 Nighthawk - DD-WRT v3.0-r50308
~~~~~~~~~~Dismantled for learning opportunities~~~~~~~~~~
WRT54Gv2
WRT54Gv8.2
~~~~~~~~~~Other Settings~~~~~~~~~
https://nextdns.io/?from=2d3sq39x
https://pi-hole.net/
https://github.com/DNSCrypt/dnscrypt-proxy
WCBonner
DD-WRT Novice


Joined: 15 Mar 2009
Posts: 17

PostPosted: Tue Nov 01, 2022 4:05    Post subject: Reply with quote
HalfBit wrote:

Here's my config in case it helps others:
Code:
interface vlan2 {
     send ia-pd 1; #prefix delegation request
     send ia-na 0; #dhcpv6 request
     script "/sbin/dhcp6c-state";
};
id-assoc pd 1 {
     prefix ::/56 infinity;
     prefix-interface br0 {
          sla-id 1;
         sla-len 8;
     };
     prefix-interface wl0.1 {
          sla-id 10;   
         sla-len 8;
     };
     prefix-interface wl0.2 {
          sla-id 15;   
         sla-len 8;
     };       
     prefix-interface br1 {
          sla-id 20;   
         sla-len 8;
     };       
     prefix-interface wl1.1 {
          sla-id 30;   
         sla-len 8;
     };       
     prefix-interface wl1.2 {
          sla-id 35;   
         sla-len 8;
     };       
     prefix-interface br2 {
          sla-id 40;   
         sla-len 8;
     }; 
};
id-assoc na 0 { };



Do you have the Custom Configuration button selected, and the config section you mentioned listed there?

I had my system running fine for the past two months, and rebooted and it's not getting an IPv6 address on the internal (br0) network.

Code:
root@Netgear-R7000:~# cat /tmp/dhcp6c.conf
interface vlan2 {
 send ia-pd 0;
 send rapid-commit;
 request domain-name-servers;
 script "/sbin/dhcp6c-state";
};
id-assoc pd 0 {
 prefix-interface br0 {
  sla-id 0;
  sla-len 0;
 };
};
id-assoc na 0 { };
root@Netgear-R7000:~# ip -oneline addr
1: lo    inet 127.0.0.1/8 brd 127.255.255.255 scope host lo\       valid_lft forever preferred_lft forever
1: lo    inet6 ::1/128 scope host \       valid_lft forever preferred_lft forever
4: eth0    inet6 fe80::b27f:b9ff:fe83:658f/64 scope link \       valid_lft forever preferred_lft forever
5: vlan1    inet6 fe80::b27f:b9ff:fe83:658f/64 scope link \       valid_lft forever preferred_lft forever
6: vlan2    inet 24.35.91.163/26 brd 24.35.91.191 scope global vlan2\       valid_lft forever preferred_lft forever
6: vlan2    inet6 2604:4080:1304:0:b27f:b9ff:fe83:6590/64 scope global dynamic flags 100 \       valid_lft 2591992sec preferred_lft 604792sec
6: vlan2    inet6 fe80::b27f:b9ff:fe83:6590/64 scope link \       valid_lft forever preferred_lft forever
7: eth1    inet6 fe80::b27f:b9ff:fe83:6591/64 scope link \       valid_lft forever preferred_lft forever
8: eth2    inet6 fe80::b27f:b9ff:fe83:659e/64 scope link \       valid_lft forever preferred_lft forever
11: br0    inet 192.168.0.1/24 brd 192.168.0.255 scope global br0\       valid_lft forever preferred_lft forever
11: br0    inet6 fe80::b27f:b9ff:fe83:6591/64 scope link \       valid_lft forever preferred_lft forever


This is the same configuration that has been running, which leads me to believe that my problem simply has to do with timing of sending the IA-PD request on the vlan2 interface. My ISP was giving me a /60 prefix and dnsmasq was properly sending out router advertisments with that data until I rebooted my router, and then when it wasn't working, decided to update to the latest firmware.

Code:
DD-WRT v3.0-r50755 std (c) 2022 NewMedia-NET GmbH
Release: 10/31/22
Board: Netgear R7000


Is there a way to monitor or restart the IPv6 DHCP Client program on DDWRT without restarting the entire device?
WCBonner
DD-WRT Novice


Joined: 15 Mar 2009
Posts: 17

PostPosted: Tue Nov 01, 2022 21:00    Post subject: Reply with quote
HalfBit wrote:

Here's my config in case it helps others:
Code:
interface vlan2 {
     send ia-pd 1; #prefix delegation request
     send ia-na 0; #dhcpv6 request
     script "/sbin/dhcp6c-state";
};
id-assoc pd 1 {
     prefix ::/56 infinity;
     prefix-interface br0 {
          sla-id 1;
         sla-len 8;
     };
     prefix-interface wl0.1 {
          sla-id 10;   
         sla-len 8;
     };
     prefix-interface wl0.2 {
          sla-id 15;   
         sla-len 8;
     };       
     prefix-interface br1 {
          sla-id 20;   
         sla-len 8;
     };       
     prefix-interface wl1.1 {
          sla-id 30;   
         sla-len 8;
     };       
     prefix-interface wl1.2 {
          sla-id 35;   
         sla-len 8;
     };       
     prefix-interface br2 {
          sla-id 40;   
         sla-len 8;
     }; 
};
id-assoc na 0 { };



Once again, I seem to have wasted too much time on IPv6 without getting a firm understanding of what is broken on my system. Looking at your configuration I've recognized a few things after reading lots of man pages, but mostly: https://www.freebsd.org/cgi/man.cgi?query=dhcp6c.conf.

The line "send ia-pd 1;" is your request to the upstream dhcp6 server for a Prefix Delegation, while the line "send ia-na 0;" is a second request for a Non-temporary Address. Assuming that all of your traffic goes from your DDWRT box to your ISP router, I don't believe the Non-Temporary Address would ever be used unless you are remotely connecting to the DDWRT box itself from the internet using IPv6.

What appears to be happening on my machine is that the vlan2 interface is assigning a global address using SLAC from the router advertisement from my ISP that's visible on vlan2 and the br0 is never getting assigned a global address. I really don't care about having a global address on my vlan2 interface, because it should be a simple hop between neighbors using the link scoped addresses of my router and my isp router.

Code:
root@Netgear-R7000:~# radvdump
#
# radvd configuration generated by radvdump 2.19
# based on Router Advertisement from fe80::22c:c8ff:fe42:24bf
# received by interface vlan2
#

interface vlan2
{
        AdvSendAdvert on;
        # Note: {Min,Max}RtrAdvInterval cannot be obtained with radvdump
        AdvManagedFlag off;
        AdvOtherConfigFlag on;
        AdvReachableTime 0;
        AdvRetransTimer 0;
        AdvCurHopLimit 64;
        AdvDefaultLifetime 1800;
        AdvHomeAgentFlag off;
        AdvDefaultPreference high;
        AdvSourceLLAddress on;
        AdvLinkMTU 1500;

        prefix 2604:4080:1304::/64
        {
                AdvValidLifetime 2592000;
                AdvPreferredLifetime 604800;
                AdvOnLink on;
                AdvAutonomous on;
                AdvRouterAddr off;
        }; # End of prefix definition

}; # End of interface definition


In the DDWRT IPv6 web interface, I've got a prefix length of 64 entered, and DHCPv6 Client Deamon Custom Configuration disabled, which produces the following configuration:
Code:
root@Netgear-R7000:~# cat /tmp/dhcp6c.conf
interface vlan2 {
 send ia-pd 0;
 send rapid-commit;
 request domain-name-servers;
 script "/sbin/dhcp6c-state";
};
id-assoc pd 0 {
 prefix-interface br0 {
  sla-id 0;
  sla-len 0;
 };
};
id-assoc na 0 { };

When I changed the prefix length to 60, the sla-len value in the configuration was changed to 4 and nothing else was changed. When I changed the prefix to 56 it was changed to 8.

Reading https://dnsmasq.org/docs/dnsmasq-man.html I came across
Quote:
If a --dhcp-range is only being used for stateless DHCP and/or SLAAC, then the address can be simply ::

--dhcp-range=::,constructor:eth0

which led me to simplify my dnsmasq Additional Options to:
Code:
enable-ra
ra-param=br0,60,1800
dhcp-range=::,constructor:br0,ra-stateless,ra-names,30m


I still don't have IPv6 working. I think my problem is related to something broken at my ISP, or at least the communication between the dhcp6c process on my router and the dhcp6 server process on the ISP. If there's a way to monitor the dhcpv6 messages from my ddrwt to the ISP, I'd appreciate a pointer.
HalfBit
DD-WRT Guru


Joined: 04 Sep 2009
Posts: 776
Location: AR, USA

PostPosted: Wed Nov 02, 2022 2:06    Post subject: Reply with quote
IPv6 tab settings:
IPv6 - Enabled (obviously)
IPv6 Type - IPv6 with Prefix Delegation
Prefix Length - 56
Static DNS 1 & 2 - 2620:119:35::35 and 2620:119:53::53 (OpenDNS/Umbrella IP addresses)
Avoid DHCP6 client release on reconnect - Disabled
Dhcp6c custom - Enabled (config previously posted)
Dhcp6s - Disabled
Radvd - Disabled

DNSMasq custom config for IPv6:
Code:
# -=:=- IPv6, DHCP and RA configuration
#dhcp-range=br0, ::1000, ::3000, constructor:br0, ra-stateless, 4h
dhcp-range=br0, ::10, ::1ff, constructor:br0, ra-names, slaac, 64, 24h

#dhcp-range=br1, ::1000, ::3000, constructor:br1, ra-stateless, 4h
dhcp-range=br1, ::10, ::1ff, constructor:br1, ra-names, slaac, 64, 24h

#dhcp-range=br2, ::1000, ::3000, constructor:br2, ra-stateless, 4h
dhcp-range=br2, ::10, ::1ff, constructor:br2, ra-names, slaac, 64, 24h

dhcp-option=option6:dns-server,[2600:880X:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX],[fe80::XXXX:XXXX:XXXX:XXXX]
ra-param=*,60,1800
enable-ra
quiet-ra
quiet-dhcp
quiet-dhcp6

I've been testing between
Code:
#dhcp-range=br0, ::1000, ::3000, constructor:br0, ra-stateless, 4h

and
Code:
dhcp-range=br0, ::10, ::1ff, constructor:br0, ra-names, slaac, 64, 24h

As far as I can tell, the former wasn't working, and the latter is. Now clients get an address within the range between <the prefix delegation from ISP>::10, and <the prefix delegation from ISP>::1ff.

Again, still learning myself.

_________________
R7000 Nighthawk - DD-WRT v3.0-r50308
R7000 Nighthawk - DD-WRT v3.0-r50308
~~~~~~~~~~Dismantled for learning opportunities~~~~~~~~~~
WRT54Gv2
WRT54Gv8.2
~~~~~~~~~~Other Settings~~~~~~~~~
https://nextdns.io/?from=2d3sq39x
https://pi-hole.net/
https://github.com/DNSCrypt/dnscrypt-proxy
WCBonner
DD-WRT Novice


Joined: 15 Mar 2009
Posts: 17

PostPosted: Wed Nov 02, 2022 18:15    Post subject: Reply with quote
The biggest problem I've got is that when IPv6 isn't assigning global addresses on the local hosts, my Raspian Linux boxes don't seem able to access the shares on my windows server. I don't want to make any registry changes on the windows machines, and haven't been able to find a solution to that problem beyond getting IPv6 working correctly.

I've not found anyone knowledgeable in tech support at my ISP about IPv6. Sometimes they even say they don't support it. I think my problems when IPv6 are not working are based on flaky hardware on the ISP end of things. They seem to have IPv6 router advertisements working correctly which is great for SLAAC, but the DHCPv6 responding to IA-PD requests with prefixes is much more unreliable. My understanding of networking would mean that when it gives out a prefix, it also configures a route for that prefix to the link local address.

Yesterday, after I was tired of my local network not working, I manually gave my br0 interface the address it had last been using when everything was working.

Code:
ip -6 addr add 2604:4080:1304:8010:b27f:b9ff:fe83:6591/60 dev br0


Almost immediately DDWRT started sending router advertisements on br0 and the local hosts allocated global addresses.

Code:
root@Netgear-R7000:~# radvdump
#
# radvd configuration generated by radvdump 2.19
# based on Router Advertisement from fe80::b27f:b9ff:fe83:6591
# received by interface br0
#

interface br0
{
        AdvSendAdvert on;
        # Note: {Min,Max}RtrAdvInterval cannot be obtained with radvdump
        AdvManagedFlag off;
        AdvOtherConfigFlag on;
        AdvReachableTime 0;
        AdvRetransTimer 0;
        AdvCurHopLimit 64;
        AdvDefaultLifetime 1800;
        AdvHomeAgentFlag off;
        AdvDefaultPreference medium;
        AdvLinkMTU 1500;
        AdvSourceLLAddress on;

        prefix 2604:4080:1304:8010::/64
        {
                AdvValidLifetime 1800;
                AdvPreferredLifetime 1800;
                AdvOnLink on;
                AdvAutonomous on;
                AdvRouterAddr off;
        }; # End of prefix definition


        RDNSS fe80::b27f:b9ff:fe83:6591
        {
                AdvRDNSSLifetime 1800;
        }; # End of RDNSS definition

}; # End of interface definition


What's interesting, is that they can also communicate over the internet using IPv6. What that tells me is that the ISP is still routing the /60 prefix to my router. At some times when I've been fighting this problem in the past I could assign the global address to the local interface and it would fix my local problems, but I could not reach devices on the internet via IPv6.

I don't understand why IPv6 doesn't seem to support subnetting with a /68 instead of going with a smaller mask at /60 when the default address seems to be using a /64 mask. Or dynamic routing using SLAAC. Maybe I'm thinking of masking off the wrong end of the address to separate the network from the host? Either way, it seems to me that if the router manages to get a /64 address itself using SLAAC, that's half of the 128 bit address space being directed to it.
the-joker
DD-WRT Developer/Maintainer


Joined: 31 Jul 2021
Posts: 2146
Location: All over YOUR webs

PostPosted: Wed Nov 02, 2022 19:07    Post subject: Reply with quote
Make sure you're running the latest http://ftp.dd-wrt.com/dd-wrtv2/downloads/betas/2022/11-02-2022-r50786/ which includes the upstream un-merged patch we talked about on GitHub, if it applies.

We nned to know what the feedback is on radvd anyway since that bug report is yours and we need to let upstream know whats what.

_________________
Saving your retinas from the burn!🔥
DD-WRT Inspired themes for routers
DD-WRT Inspired themes for the phpBB Forum
DD-WRT Inspired themes for the SVN Trac & FTP site
Join in for a chat @ #style_it_themes_public:matrix.org or #style_it_themes:discord

DD-WRT UI Themes Bug Reporting and Discussion thread

Router: ANus RT-AC68U E1 (recognized as C1)
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum