I just got 50 Mbps symmetric fiber from AT&T and it includes a /56 of IPv6 addresses, replacing a much slower ADSL line. I never tried to get IPv6 working on the old connection. I'm using CentOS 7 as a gateway and it's worked great for several versions for IPv4. I'm not seeing any IPv6 default route on the WAN interface. I suspect I'm not getting route announcements. I think I have all the IPv6 variables in ifcfg-em2 set right. But I do notice that the accept_ra file in proc for that interface has value 1, not 2. Changing it to 2 doesn't change anything, though. No route appears. While I wait for an answer to my trouble ticket, is there some way to verify that I'm not receiving any RA packets? Is there a way to force a solicitation for one? Is there a tcpdump invocation I can use to watch for them? Are there log messages that will tell me when an RA has been seen and added to the routing table or ignored?
I struggled with this under CentOS 7. I think there is a bug. You can run /usr/sbin/radvdump to print out RAs. Leave it running for some minutes. I had this in my /etc/sysctl.d/50-net6.conf (on C7): # # IPv6 Forwarding # net.ipv6.conf.all.forwarding = 1 net.ipv6.conf.default.forwarding = 1 net.ipv6.conf.all.accept_ra = 1 net.ipv6.conf.default.accept_ra = 1 # # Fix bug to received RAs from Router # Disable forwarding on enp4s0f1 interface so we still get RAs # net.ipv6.conf.enp4s0f1.forwarding = 0 #net.ipv6.conf.enp4s0f1.accept_ra = 1 where enp4s0f1 is the WAN interface. Note that ipv6 forwarding still works. I used my C7 as a firewall/gateway. I am running 8.1 now. Alan -- Alan McRae On 29/04/2020 06:54, Kenneth Porter wrote:> I just got 50 Mbps symmetric fiber from AT&T and it includes a /56 of > IPv6 addresses, replacing a much slower ADSL line. I never tried to > get IPv6 working on the old connection. I'm using CentOS 7 as a > gateway and it's worked great for several versions for IPv4. > > I'm not seeing any IPv6 default route on the WAN interface. I suspect > I'm not getting route announcements. I think I have all the IPv6 > variables in ifcfg-em2 set right. But I do notice that the accept_ra > file in proc for that interface has value 1, not 2. Changing it to 2 > doesn't change anything, though. No route appears. > > While I wait for an answer to my trouble ticket, is there some way to > verify that I'm not receiving any RA packets? Is there a way to force > a solicitation for one? Is there a tcpdump invocation I can use to > watch for them? Are there log messages that will tell me when an RA > has been seen and added to the routing table or ignored? > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos
Once upon a time, Kenneth Porter <shiva at sewingwitch.com> said:> I just got 50 Mbps symmetric fiber from AT&T and it includes a /56 > of IPv6 addresses, replacing a much slower ADSL line. I never tried > to get IPv6 working on the old connection. I'm using CentOS 7 as a > gateway and it's worked great for several versions for IPv4. > > I'm not seeing any IPv6 default route on the WAN interface. I > suspect I'm not getting route announcements. I think I have all the > IPv6 variables in ifcfg-em2 set right. But I do notice that the > accept_ra file in proc for that interface has value 1, not 2. > Changing it to 2 doesn't change anything, though. No route appears. > > While I wait for an answer to my trouble ticket, is there some way > to verify that I'm not receiving any RA packets? Is there a way to > force a solicitation for one? Is there a tcpdump invocation I can > use to watch for them? Are there log messages that will tell me when > an RA has been seen and added to the routing table or ignored?I haven't touched AT&T's IPv6, but the typical way WAN IPv6 works is: - gateway sends a router solicitation and gets a router advertisement with "stateful config" set, which tells gateway to do DHCPv6 (but default route comes from RA) - gateway does DHCPv6 to get a WAN IP - after that completes, gateway does DHCPv6 for prefix delegation If you are running NetworkManager, then IIRC the accept_ra flag doesn't matter, because NM manages everything rather than have the kernel handle autoconfiguration (because NM needs to know what's going on with IPs). As for watching, "tcpdump -p -i <interface> -v ip6" should show everything (and since you don't have any routing yet, you don't really need to filter out anything else!). You could filter "ip6 and multicast", because RAs and DHCPv6 (and ND, neighbor discovery, the counterpart to ARP) are all multicast. -- Chris Adams <linux at cmadams.net>
On 4/28/2020 3:17 PM, Chris Adams wrote:> - gateway sends a router solicitation and gets a router advertisement > with "stateful config" set, which tells gateway to do DHCPv6 (but > default route comes from RA)I'm not seeing any outbound IPv6 traffic from my CentOS 7 box on the WAN interface. I do see RA's emitting from the LAN interface, from radvd. Is there some setting in NM tells it to send solicitations? Is there some way to push one manually?