OpenWRT IPv6 WLAN bridging problems
Shadow Hawkins on Saturday, 07 May 2011 20:36:49
Hi folks,
I'm using a TP-LINK TL-WR741N v2.1 running an OpenWRT Backfire build from just a couple of days ago. I have a SixXS tunnel built and working with aiccu and radvd is distributing router advertisements to wired clients. However, I added the Atheros ar71xx wireless interface to the bridge and wireless clients are only receiving IPv4 addresses. I've also tried enabling DHCPv6 but that's apparently not being passed along by radvd despite what I think are the correct settings. I'm already familiar with IPv6 concepts as I deployed one a while back in a lab setting using OpenBSD for router advertisements and Microsoft DHCPv6. However, the configurations in Backfire are unfamiliar to me as I haven't actively used OpenWRT since at least Kamikaze.
For now, my iptables rules are not blocking IPv6 traffic until I get this sorted out. Here are some sample config files if anyone would be so kind as to mention if they notice anything amiss. I did notice one thing while cutting & pasting; should I be setting 'option rebind_localhost' to zero in my /etc/config/dhcp since my upstream DHCP server is serving RFC 1918 addresses? I'm not using DHCP on my wan interface so I didn't think that would make a difference -- and I'm not having problems with IPv4 addresses anyhow.
-Gary
/etc/config/network
config interface loopback
option ifnamelo
option protostatic
option ipaddr127.0.0.1
option netmask255.0.0.0
config interface lan
option ifnameeth0
option typebridge
option protostatic
option ipaddr192.168.1.1
option netmask255.255.255.0
option ip6addr2001:1938:282::1/48
option dns192.168.1.1
option dns2001:1938:282::1
config interface sixxs
option proto6in4
option peeraddr 209.197.5.66
option ip6addr2001:1938:81:179::2/64
config interface wan
option ifnameeth1
option protostatic
option ipaddr192.168.111.49
option netmask255.255.255.0
option gateway192.168.111.1
config switch eth0
option enable_vlan1
config switch_vlan
option deviceeth0
option vlan1
option ports"0 1 2 3 4"
/etc/config/radvd
config interface
option interface'lan'
option AdvSendAdvert1
option AdvManagedFlag1
option AdvOtherConfigFlag 1
list client''
option ignore0
config prefix
option interface'lan'
# If not specified, a non-link-local prefix of the interface is used
list prefix'2001:1938:282:f00::/64'
option AdvOnLink1
option AdvAutonomous1
option AdvRouterAddr1
option ignore0
config route
option interface'lan'
list prefix'2001:1938:282::1/48'
option ignore0
config rdnss
option interface'lan'
# If not specified, the link-local address of the interface is used
list addr''
option ignore1
config dnssl
option interface'lan'
list suffix''
option ignore1
/etc/config/firewall
config 'defaults'
option 'syn_flood' '1'
option 'input' 'ACCEPT'
option 'output' 'ACCEPT'
option 'forward' 'REJECT'
config 'zone'
option 'name' 'lan'
option 'input' 'ACCEPT'
option 'output' 'ACCEPT'
option 'forward' 'ACCEPT'
config 'zone'
option 'name' 'wan'
#option 'input' 'REJECT'
option 'input' 'ACCEPT'
option 'output' 'ACCEPT'
#option 'forward' 'REJECT'
option 'forward' 'ACCEPT'
option 'masq' '1'
option 'mtu_fix' '1'
config 'zone'
option 'name' 'sixxs'
option 'input' 'ACCEPT'
option 'output' 'ACCEPT'
option 'forward' 'ACCEPT'
config 'forwarding'
option 'src' 'lan'
option 'dest' 'wan'
config 'rule'
option 'src' 'wan'
option 'proto' 'udp'
option 'dest_port' '68'
option 'target' 'ACCEPT'
option 'family' 'ipv4'
config 'rule'
option 'src' 'wan'
option 'proto' 'icmp'
option 'icmp_type' 'echo-request'
option 'target' 'ACCEPT'
config 'rule'
option 'src' 'wan'
option 'target' 'ACCEPT'
option 'proto' 'tcp'
option 'dest_port' '22'
config rule
option 'src' 'wan'
option 'proto' '41'
option 'target' 'ACCEPT'
/etc/config/dhcp6s
config 'dhcp6s' 'basic'
option 'enabled' '1'# 1 = enabled; 0 = disabled
option 'interface' 'lan'# This is the interface the DHCPv6 server will run on
option 'config_file' '/etc/dhcp6s.conf'# Config file (as this UCI config doesn't fully support all options)
/etc/dhcp6s.conf
option domain-name-servers 2001:1938:282::1;
interface br-lan {
address-pool pool1 86400;
};
pool pool1 {
range 2001:1938:282:f00:bad::00ff to 2001:1938:282:f00:bad::ffff ;
};
/etc/config/dhcp
config dnsmasq
option domainneeded1
option boguspriv1
option filterwin2k0 # enable for dial on demand
option localise_queries1
option rebind_protection 1 # disable if upstream must serve RFC1918 addresses
option rebind_localhost 1 # enable for RBL checking and similar services
#list rebind_domain example.lan # whitelist RFC1918 responses for domains
#option local'/lan/'
#option domain'lan'
option expandhosts1
option nonegcache0
option authoritative1
option readethers1
option leasefile'/tmp/dhcp.leases'
#option resolvfile'/tmp/resolv.conf'
list server'192.168.111.1'
#option nonwildcard1
#list interfacebr-lan
config dhcp lan
option interfacelan
option start 100
option limit150
option leasetime24h
# ifconfig -a
6in4-sixxs Link encap:IPv6-in-IPv4
inet6 addr: fe80::c0a8:6f31/128 Scope:Link
inet6 addr: 2001:1938:81:179::2/64 Scope:Global
UP POINTOPOINT RUNNING NOARP MTU:1280 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
br-lan Link encap:Ethernet HWaddr 54:E6:FC:A7:50:E4
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::56e6:fcff:fea7:50e5/64 Scope:Link
inet6 addr: 2001:1938:282::1/48 Scope:Global
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:250481 errors:0 dropped:0 overruns:0 frame:0
TX packets:453971 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:14412143 (13.7 MiB) TX bytes:681229981 (649.6 MiB)
eth0 Link encap:Ethernet HWaddr 54:E6:FC:A7:50:E5
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:16925 errors:0 dropped:0 overruns:0 frame:0
TX packets:13581 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1787263 (1.7 MiB) TX bytes:3550278 (3.3 MiB)
Interrupt:5
eth1 Link encap:Ethernet HWaddr 54:E6:FC:A7:50:E4
inet addr:192.168.111.49 Bcast:192.168.111.255 Mask:255.255.255.0
inet6 addr: fe80::56e6:fcff:fea7:50e4/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:548260 errors:0 dropped:0 overruns:0 frame:0
TX packets:259194 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:689508157 (657.5 MiB) TX bytes:19487363 (18.5 MiB)
Interrupt:4
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:660 errors:0 dropped:0 overruns:0 frame:0
TX packets:660 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:57383 (56.0 KiB) TX bytes:57383 (56.0 KiB)
mon.wlan0 Link encap:UNSPEC HWaddr 54-E6-FC-A7-50-E4-00-47-00-00-00-00-00-00-00-00
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:68554 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:20400456 (19.4 MiB) TX bytes:0 (0.0 B)
sit0 Link encap:IPv6-in-IPv4
NOARP MTU:1480 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
sixxs Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet6 addr: 2001:1938:81:179::2/64 Scope:Global
inet6 addr: fe80::1838:81:179:2/64 Scope:Link
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1280 Metric:1
RX packets:362 errors:0 dropped:0 overruns:0 frame:0
TX packets:362 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:37648 (36.7 KiB) TX bytes:37648 (36.7 KiB)
wlan0 Link encap:Ethernet HWaddr 54:E6:FC:A7:50:E4
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:249958 errors:0 dropped:0 overruns:0 frame:0
TX packets:455410 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:17853590 (17.0 MiB) TX bytes:690317248 (658.3 MiB)
OpenWRT IPv6 WLAN bridging problems
Jeroen Massar on Saturday, 07 May 2011 21:17:48 However, I added the Atheros ar71xx wireless interface to the bridge and wireless clients are only receiving IPv4 addresses.
First try doing a tcpdump or wireshark without putting the interface in promisc (-p option for tcpdump), then check if you actually see the RAs coming in.
If you don't see them, try with promisc on. If you then see the packets, you can permanently set promisc on using "ifconfig ethX promisc" or "ip link set ethX promisc on".
Try the tcpdump/wireshark on both the client and router side, because both might have an issue with it.
Some useful tricks to look at is for instance the neighbor tables with "ip -6 nei sho" or some kind of command in netsh under windows.
DHCP will not resolve any multicast issues you might be having btw, as it still requires RA to function. DHCPv6 just gives out the last 64bits, the first 64bit come from RA.
OpenWRT IPv6 WLAN bridging problems
Shadow Hawkins on Monday, 09 May 2011 07:32:59
I finally sorted it... I guess you can't bridge more than two interfaces in OpenWRT -- or at least on my platform. I put both the LAN and WLAN in routed mode and now it works. Phew!
Posting is only allowed when you are logged in. |