SixXS::Sunset 2017-06-06

OpenWRT IPv6 WLAN bridging problems
[us] Shadow Hawkins on Saturday, 07 May 2011 20:36:49
Hi folks, I'm using a TP-LINK TL-WR741N v2.1 running an OpenWRT Backfire build from just a couple of days ago. I have a SixXS tunnel built and working with aiccu and radvd is distributing router advertisements to wired clients. However, I added the Atheros ar71xx wireless interface to the bridge and wireless clients are only receiving IPv4 addresses. I've also tried enabling DHCPv6 but that's apparently not being passed along by radvd despite what I think are the correct settings. I'm already familiar with IPv6 concepts as I deployed one a while back in a lab setting using OpenBSD for router advertisements and Microsoft DHCPv6. However, the configurations in Backfire are unfamiliar to me as I haven't actively used OpenWRT since at least Kamikaze. For now, my iptables rules are not blocking IPv6 traffic until I get this sorted out. Here are some sample config files if anyone would be so kind as to mention if they notice anything amiss. I did notice one thing while cutting & pasting; should I be setting 'option rebind_localhost' to zero in my /etc/config/dhcp since my upstream DHCP server is serving RFC 1918 addresses? I'm not using DHCP on my wan interface so I didn't think that would make a difference -- and I'm not having problems with IPv4 addresses anyhow. -Gary
/etc/config/network config interface loopback option ifnamelo option protostatic option ipaddr127.0.0.1 option netmask255.0.0.0 config interface lan option ifnameeth0 option typebridge option protostatic option ipaddr192.168.1.1 option netmask255.255.255.0 option ip6addr2001:1938:282::1/48 option dns192.168.1.1 option dns2001:1938:282::1 config interface sixxs option proto6in4 option peeraddr 209.197.5.66 option ip6addr2001:1938:81:179::2/64 config interface wan option ifnameeth1 option protostatic option ipaddr192.168.111.49 option netmask255.255.255.0 option gateway192.168.111.1 config switch eth0 option enable_vlan1 config switch_vlan option deviceeth0 option vlan1 option ports"0 1 2 3 4" /etc/config/radvd config interface option interface'lan' option AdvSendAdvert1 option AdvManagedFlag1 option AdvOtherConfigFlag 1 list client'' option ignore0 config prefix option interface'lan' # If not specified, a non-link-local prefix of the interface is used list prefix'2001:1938:282:f00::/64' option AdvOnLink1 option AdvAutonomous1 option AdvRouterAddr1 option ignore0 config route option interface'lan' list prefix'2001:1938:282::1/48' option ignore0 config rdnss option interface'lan' # If not specified, the link-local address of the interface is used list addr'' option ignore1 config dnssl option interface'lan' list suffix'' option ignore1 /etc/config/firewall config 'defaults' option 'syn_flood' '1' option 'input' 'ACCEPT' option 'output' 'ACCEPT' option 'forward' 'REJECT' config 'zone' option 'name' 'lan' option 'input' 'ACCEPT' option 'output' 'ACCEPT' option 'forward' 'ACCEPT' config 'zone' option 'name' 'wan' #option 'input' 'REJECT' option 'input' 'ACCEPT' option 'output' 'ACCEPT' #option 'forward' 'REJECT' option 'forward' 'ACCEPT' option 'masq' '1' option 'mtu_fix' '1' config 'zone' option 'name' 'sixxs' option 'input' 'ACCEPT' option 'output' 'ACCEPT' option 'forward' 'ACCEPT' config 'forwarding' option 'src' 'lan' option 'dest' 'wan' config 'rule' option 'src' 'wan' option 'proto' 'udp' option 'dest_port' '68' option 'target' 'ACCEPT' option 'family' 'ipv4' config 'rule' option 'src' 'wan' option 'proto' 'icmp' option 'icmp_type' 'echo-request' option 'target' 'ACCEPT' config 'rule' option 'src' 'wan' option 'target' 'ACCEPT' option 'proto' 'tcp' option 'dest_port' '22' config rule option 'src' 'wan' option 'proto' '41' option 'target' 'ACCEPT' /etc/config/dhcp6s config 'dhcp6s' 'basic' option 'enabled' '1'# 1 = enabled; 0 = disabled option 'interface' 'lan'# This is the interface the DHCPv6 server will run on option 'config_file' '/etc/dhcp6s.conf'# Config file (as this UCI config doesn't fully support all options) /etc/dhcp6s.conf option domain-name-servers 2001:1938:282::1; interface br-lan { address-pool pool1 86400; }; pool pool1 { range 2001:1938:282:f00:bad::00ff to 2001:1938:282:f00:bad::ffff ; }; /etc/config/dhcp config dnsmasq option domainneeded1 option boguspriv1 option filterwin2k0 # enable for dial on demand option localise_queries1 option rebind_protection 1 # disable if upstream must serve RFC1918 addresses option rebind_localhost 1 # enable for RBL checking and similar services #list rebind_domain example.lan # whitelist RFC1918 responses for domains #option local'/lan/' #option domain'lan' option expandhosts1 option nonegcache0 option authoritative1 option readethers1 option leasefile'/tmp/dhcp.leases' #option resolvfile'/tmp/resolv.conf' list server'192.168.111.1' #option nonwildcard1 #list interfacebr-lan config dhcp lan option interfacelan option start 100 option limit150 option leasetime24h # ifconfig -a 6in4-sixxs Link encap:IPv6-in-IPv4 inet6 addr: fe80::c0a8:6f31/128 Scope:Link inet6 addr: 2001:1938:81:179::2/64 Scope:Global UP POINTOPOINT RUNNING NOARP MTU:1280 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) br-lan Link encap:Ethernet HWaddr 54:E6:FC:A7:50:E4 inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::56e6:fcff:fea7:50e5/64 Scope:Link inet6 addr: 2001:1938:282::1/48 Scope:Global UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:250481 errors:0 dropped:0 overruns:0 frame:0 TX packets:453971 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:14412143 (13.7 MiB) TX bytes:681229981 (649.6 MiB) eth0 Link encap:Ethernet HWaddr 54:E6:FC:A7:50:E5 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:16925 errors:0 dropped:0 overruns:0 frame:0 TX packets:13581 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:1787263 (1.7 MiB) TX bytes:3550278 (3.3 MiB) Interrupt:5 eth1 Link encap:Ethernet HWaddr 54:E6:FC:A7:50:E4 inet addr:192.168.111.49 Bcast:192.168.111.255 Mask:255.255.255.0 inet6 addr: fe80::56e6:fcff:fea7:50e4/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:548260 errors:0 dropped:0 overruns:0 frame:0 TX packets:259194 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:689508157 (657.5 MiB) TX bytes:19487363 (18.5 MiB) Interrupt:4 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:660 errors:0 dropped:0 overruns:0 frame:0 TX packets:660 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:57383 (56.0 KiB) TX bytes:57383 (56.0 KiB) mon.wlan0 Link encap:UNSPEC HWaddr 54-E6-FC-A7-50-E4-00-47-00-00-00-00-00-00-00-00 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:68554 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:20400456 (19.4 MiB) TX bytes:0 (0.0 B) sit0 Link encap:IPv6-in-IPv4 NOARP MTU:1480 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) sixxs Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet6 addr: 2001:1938:81:179::2/64 Scope:Global inet6 addr: fe80::1838:81:179:2/64 Scope:Link UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1280 Metric:1 RX packets:362 errors:0 dropped:0 overruns:0 frame:0 TX packets:362 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:500 RX bytes:37648 (36.7 KiB) TX bytes:37648 (36.7 KiB) wlan0 Link encap:Ethernet HWaddr 54:E6:FC:A7:50:E4 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:249958 errors:0 dropped:0 overruns:0 frame:0 TX packets:455410 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:17853590 (17.0 MiB) TX bytes:690317248 (658.3 MiB)
OpenWRT IPv6 WLAN bridging problems
[ch] Jeroen Massar SixXS Staff on Saturday, 07 May 2011 21:17:48
However, I added the Atheros ar71xx wireless interface to the bridge and
wireless clients are only receiving IPv4 addresses.
First try doing a tcpdump or wireshark without putting the interface in promisc (-p option for tcpdump), then check if you actually see the RAs coming in. If you don't see them, try with promisc on. If you then see the packets, you can permanently set promisc on using "ifconfig ethX promisc" or "ip link set ethX promisc on". Try the tcpdump/wireshark on both the client and router side, because both might have an issue with it. Some useful tricks to look at is for instance the neighbor tables with "ip -6 nei sho" or some kind of command in netsh under windows. DHCP will not resolve any multicast issues you might be having btw, as it still requires RA to function. DHCPv6 just gives out the last 64bits, the first 64bit come from RA.
OpenWRT IPv6 WLAN bridging problems
[us] Shadow Hawkins on Monday, 09 May 2011 07:32:59
I finally sorted it... I guess you can't bridge more than two interfaces in OpenWRT -- or at least on my platform. I put both the LAN and WLAN in routed mode and now it works. Phew!

Please note Posting is only allowed when you are logged in.

Static Sunset Edition of SixXS
©2001-2017 SixXS - IPv6 Deployment & Tunnel Broker