search

HenriWahl / dhcpy6d

MAC address aware DHCPv6 server written in Python
https://dhcpy6d.de
GNU General Public License v2.0
93 stars 27 forks source link

No WAN IPv6 address in Native Mode (ASUS, TP-Link, Mikrotik routers) #64

Open Nowatel opened 2 months ago

Nowatel commented 2 months ago

Hi,

We have a problem with configuration on Asus and TP-Link in Native mode - it's not working since WAN interface doesn't get the ipv6 address and it sets the same address for both LAN and WAN from prefix. Everything is fine on clients like Windows/Linux etc.

Our configuration:

really_do_it = yes identification = mac identification_mode = match_all dns_ignore_client = yes advertise = addresses prefixes

[class_klient] advertise = addresses prefixes nameserver = 2a01:8a60:1::1 call_up = /usr/local/dhcpy6dup.sh

t1 = 600 t2 = 900

Sample mysql client settings:

426d | 24:4B:FE:0C:05:48 | klient | 2a01:8a60:1::426d | 2a01:8a60:1:426d::/64 | 1 | NULL | NULL

Asus Native mode configuration:

ip -6 r 2a01:8a60:1:426d::/64 dev br0 proto kernel metric 256 pref medium fe80::/64 dev eth0 proto kernel metric 256 pref medium fe80::/64 dev br0 proto kernel metric 256 pref medium default via fe80::215:17ff:fe68:57ea dev eth0 proto ra metric 1024 expires 1773sec hoplimit 64 pref medium

ip -6 a 1: lo: <LOOPBACK,MULTICAST,UP,LOWER_UP> mtu 65536 inet6 ::1/128 scope host valid_lft forever preferred_lft forever 12: eth0: <BROADCAST,MULTICAST,ALLMULTI,UP,LOWER_UP> mtu 1500 qlen 1000 inet6 fe80::264b:feff:fe0c:548/64 scope link valid_lft forever preferred_lft forever 13: eth1: <NO-CARRIER,BROADCAST,MULTICAST,ALLMULTI,UP> mtu 1500 qlen 1000 inet6 fe80::264b:feff:fe0c:548/64 scope link tentative valid_lft forever preferred_lft forever 14: eth2: <BROADCAST,MULTICAST,ALLMULTI,UP,LOWER_UP> mtu 1500 qlen 1000 inet6 fe80::264b:feff:fe0c:548/64 scope link valid_lft forever preferred_lft forever 15: eth3: <BROADCAST,MULTICAST,ALLMULTI,UP,LOWER_UP> mtu 1500 qlen 1000 inet6 fe80::264b:feff:fe0c:548/64 scope link valid_lft forever preferred_lft forever 16: eth4: <NO-CARRIER,BROADCAST,MULTICAST,ALLMULTI,UP> mtu 1500 qlen 1000 inet6 fe80::264b:feff:fe0c:548/64 scope link tentative valid_lft forever preferred_lft forever 17: eth5: <BROADCAST,MULTICAST,ALLMULTI,UP,LOWER_UP> mtu 1500 qlen 1000 inet6 fe80::264b:feff:fe0c:548/64 scope link valid_lft forever preferred_lft forever 1 42: br0: <BROADCAST,MULTICAST,ALLMULTI,UP,LOWER_UP> mtu 1500 inet6 2a01:8a60:1:426d::1/64 scope global valid_lft forever preferred_lft forever inet6 fe80::264b:feff:fe0c:548/64 scope link valid_lft forever preferred_lft forever

Asus Static mode - works ok:

ip -6 r 2a01:8a60:1::1 dev eth0 metric 1 pref medium 2a01:8a60:1::/64 dev eth0 proto kernel metric 256 pref medium 2a01:8a60:1:426d::/64 dev br0 proto kernel metric 256 pref medium

fe80::/64 dev eth0 proto kernel metric 256 pref medium fe80::/64 dev br0 proto kernel metric 256 pref medium default via 2a01:8a60:1::1 dev eth0 metric 1 pref medium

ip -6 a 1: lo: <LOOPBACK,MULTICAST,UP,LOWER_UP> mtu 65536 inet6 ::1/128 scope host valid_lft forever preferred_lft forever 12: eth0: <BROADCAST,MULTICAST,ALLMULTI,UP,LOWER_UP> mtu 1500 qlen 1000 inet6 2a01:8a60:1::426d/64 scope global valid_lft forever preferred_lft forever inet6 fe80::264b:feff:fe0c:548/64 scope link valid_lft forever preferred_lft forever 47: br0: <BROADCAST,MULTICAST,ALLMULTI,UP,LOWER_UP> mtu 1500 inet6 2a01:8a60:1:426d::/64 scope global valid_lft forever preferred_lft forever inet6 fe80::264b:feff:fe0c:548/64 scope link valid_lft forever preferred_lft forever

Asus Native WITHOUT DHCP-PD disabled also works ok:

image 109: br0: <BROADCAST,MULTICAST,ALLMULTI,UP,LOWER_UP> mtu 1500 inet6 2a01:8a60:1:426d::1/64 scope global valid_lft forever preferred_lft forever inet6 fe80::264b:feff:fe0c:548/64 scope link valid_lft forever preferred_lft forever 12: eth0: <BROADCAST,MULTICAST,ALLMULTI,UP,LOWER_UP> mtu 1500 qlen 1000 inet6 2a01:8a60:1::426d/128 scope global valid_lft forever preferred_lft forever inet6 fe80::264b:feff:fe0c:548/64 scope link valid_lft forever preferred_lft forever

ip -6 r 2a01:8a60:1::426d dev eth0 proto kernel metric 256 pref medium 2a01:8a60:1:426d::/64 dev br0 proto kernel metric 256 pref medium default via fe80::215:17ff:fe68:57ea dev eth0 proto ra metric 1024 expires 1704sec hoplimit 64 pref medium

Why it's not working on these routers?

HenriWahl commented 2 months ago

What is this native mode?

Nowatel commented 2 months ago

From what I've read: Native mode is applicable when the router directly obtains a public IPv6 address, and the router automatically assigns IPv6 addresses to online devices. Native mode: The router will assign a public IPv6 address to each device connected to this router automatically.

It's functionality:

image

So as I understand It's typical a DHCP-PD with Router Advertisement

Out tests and dhcpy6 logs:

OK - PC WINDOWS 10 2024-05-10 15:27:46,368 dhcpy6d INFO REQUEST | transaction: e5fa56 | answer: normal | client_llip: fe80:0000:0000:0000:db31:659c:456b:c8c3 | counter: 2 | duid: 000100012d03404228dfebf93fc6 | fqdn: DESKTOP-TCRKNMP | hostname: desktop-tcrknmp | ia_options: [3] | iaid: 28047bcb | interface: eth0 | last_message_received_type: 3 | mac: 04:7b:cb:5b:33:76 | options_request: [17, 23, 24, 39] | vendor_class_data: MSFT 5.0 | vendor_class_en: 311

IPv6 Address. . . . . . . . . . . : 2a01:8a60:1::46c0 IPv6 Address. . . . . . . . . . . : 2a01:8a60:1:0:ae59:29ff:77cd:af56 Link-local IPv6 Address . . . . . : fe80::db31:659c:456b:c8c3%23 Default Gateway . . . . . . . . . : fe80::389b:97ff:fead:54e2%23 fe80::215:17ff:fe68:57ea%23

OK - ROUTER DLINK DIR_X1530

2024-05-10 13:38:30,691 dhcpy6d INFO REQUEST | transaction: 4684e5 | addresses: 2a01:8a60:0001:0000:0000:0000:0000:67e8 | answer: normal | client_llip: fe80:0000:0000:0000:ca78:7dff:fe6b:b748 | counter: 1 | duid: 00030001c8787d6bb748 | fqdn: DIR_X1530_RT8198D_DEUR | hostname: dir_x1530_rt8198d_deur | ia_options: [3, 25] | iaid: 00000001 | interface: eth0 | last_message_received_type: 3 | mac: c8:78:7d:6b:b7:48 | options_request: [21, 22, 23, 24, 12, 31, 56, 64, 67, 82, 83, 94, 95, 96]

IPv6 address 2a01:8a60:1::67e8/64 Gateway IPv6 address fe80::389b:97ff:fead:54e2 Primary IPv6 DNS server 2a01:8a60:1::1 Secondary IPv6 DNS server 2001:4860:4860::8844

NOT OK - ROUTER ASUS RT-N56U NATIVE with PD

2024-05-10 15:14:57,222 dhcpy6d INFO REQUEST | transaction: b0f375 | addresses: 2a01:8a60:0001:0000:0000:0000:0000:67ef | answer: normal | client_llip: fe80:0000:0000:0000:02e0:6cff:fe6a:5a41 | counter: 1 | duid: 000300015404a6d3b179 | ia_options: [3, 25] | iaid: 000a5a41 | interface: eth0 | last_message_received_type: 3 | mac: 00:e0:6c:6a:5a:41 | options_request: [23, 24, 82, 83]

      IPv6 Connection Type: Native with DHCP-PD
          WAN IPv6 Address: 2a01:8a60:1:0:2e0:6cff:fe6a:5a41/64
          WAN IPv6 Gateway: fe80::389b:97ff:fead:54e2
          LAN IPv6 Address: 2a01:8a60:1:67ef::1/64

LAN IPv6 Link-Local Address: fe80::5604:a6ff:fed3:b179 DHCP-PD: Enabled LAN IPv6 Prefix: 2a01:8a60:1:67ef::/64 DNS Servers: 2a01:8a60:1::1

NOT OK - ROUTER ASUS RT-N56U NATIVE without PD 2024-05-10 15:17:45,844 dhcpy6d INFO REQUEST | transaction: 066171 | addresses: 2a01:8a60:0001:0000:0000:0000:0000:67ef | answer: normal | client_llip: fe80:0000:0000:0000:02e0:6cff:fe6a:5a41 | counter: 1 | duid: 000300015404a6d3b179 | ia_options: [3] | iaid: 00000001 | interface: eth0 | last_message_received_type: 3 | mac: 00:e0:6c:6a:5a:41 | options_request: [23, 24, 82, 83]

      IPv6 Connection Type: Native
          WAN IPv6 Address: 2a01:8a60:1::67ef
          WAN IPv6 Gateway: fe80::389b:97ff:fead:54e2
          LAN IPv6 Address: 2a01:8a60:1:67ef::1/64

LAN IPv6 Link-Local Address: fe80::5604:a6ff:fed3:b179 DHCP-PD: Disabled LAN IPv6 Prefix: 2a01:8a60:1:67ef::/64 DNS Servers: 2a01:8a60:1::1

NOT OK - ROUTER ASUS RT-N56U passthrough 2024-05-10 15:19:15,075 dhcpy6d INFO REQUEST | transaction: e80b21 | addresses: 2a01:8a60:0001:0000:0000:0000:0000:67ef | answer: normal | client_llip: fe80:0000:0000:0000:02e0:6cff:fe6a:5a41 | counter: 1 | duid: 000300015404a6d3b179 | ia_options: [3] | iaid: 00000001 | interface: eth0 | last_message_received_type: 3 | mac: 00:e0:6c:6a:5a:41 | options_request: [23, 24, 82, 83]

      IPv6 Connection Type: Passthrough
          WAN IPv6 Address: 2a01:8a60:1::67ef
          WAN IPv6 Gateway: fe80::389b:97ff:fead:54e2
          LAN IPv6 Address: 2a01:8a60:1:0:2e0:6cff:fe6a:5a41/64

LAN IPv6 Link-Local Address: fe80::5604:a6ff:fed3:b179 LAN IPv6 Prefix: 2a01:8a60:1::/64 DNS Servers: 2a01:8a60:1::1

HenriWahl commented 2 months ago

Is the provided configuration in your post the whole config or is there more configured? If so, can you please provide it here or by mail?

Nowatel commented 2 months ago

regarding ipv6 it's the whole config - these are simple soho routers... I don't think that binary config for any of them would be usefull for you. Perhaps we could give you an access to the test environment for such a router (via VPN)? Would you be interested to look it up?

HenriWahl commented 2 months ago

For a first look and that I can try to debug can you send me the dhcpy6d-config you are using?