NetworkConfiguration / dhcpcd

DHCP / IPv4LL / IPv6RA / DHCPv6 client.
https://roy.marples.name/projects/dhcpcd
BSD 2-Clause "Simplified" License
348 stars 112 forks source link

no default IPv6 route upon rebooting the host #182

Open perkelix opened 1 year ago

perkelix commented 1 year ago

On a my gateway, rebooting the host often results in dhcpcd delegating the IPv6 prefix without having a default IPv6 route. Acquiring a default route requires manually running 'rdics6' onto the outside interface.

allowinterfaces enp4s0 require domain_name_servers slaac private noipv4ll duid waitip 4 6 interface enp4s0 ia_pd 0 br0

Feb 02 10:01:24 p8h61 dhcpcd[573]: dhcpcd-9.4.1 starting Feb 02 10:01:24 p8h61 dhcpcd[588]: DUID < redacted > Feb 02 10:01:27 p8h61 dhcpcd[588]: enp4s0: waiting for carrier Feb 02 10:01:27 p8h61 dhcpcd[588]: enp4s0: carrier acquired Feb 02 10:01:27 p8h61 dhcpcd[588]: enp4s0: IAID < redacted > Feb 02 10:01:27 p8h61 dhcpcd[588]: enp4s0: IA type 25 IAID 00:00:00:00 Feb 02 10:01:27 p8h61 dhcpcd[588]: enp4s0: carrier lost Feb 02 10:01:29 p8h61 dhcpcd[588]: enp4s0: carrier acquired Feb 02 10:01:29 p8h61 dhcpcd[588]: enp4s0: IAID < redacted > Feb 02 10:01:29 p8h61 dhcpcd[588]: enp4s0: IA type 25 IAID 00:00:00:00 Feb 02 10:01:30 p8h61 dhcpcd[588]: enp4s0: soliciting an IPv6 router Feb 02 10:01:31 p8h61 dhcpcd[588]: enp4s0: soliciting a DHCPv6 lease Feb 02 10:01:31 p8h61 dhcpcd[588]: br0: activating for delegation Feb 02 10:01:31 p8h61 dhcpcd[588]: br0: IAID < redacted > Feb 02 10:01:31 p8h61 dhcpcd[588]: enp4s0: soliciting a DHCP lease Feb 02 10:01:31 p8h61 dhcpcd[588]: enp4s0: Router Advertisement from fe80::bb Feb 02 10:01:31 p8h61 dhcpcd[588]: enp4s0: no global addresses for default route Feb 02 10:01:32 p8h61 dhcpcd[588]: enp4s0: offered 87.92.178.209 from 62.241.198.74 Feb 02 10:01:32 p8h61 dhcpcd[588]: enp4s0: probing address 87.92.178.209/17 Feb 02 10:01:33 p8h61 dhcpcd[588]: enp4s0: ADV 2001:14ba:a054:2500::/56 from fe80::bb Feb 02 10:01:33 p8h61 dhcpcd[588]: enp4s0: REPLY6 received from fe80::bb Feb 02 10:01:33 p8h61 dhcpcd[588]: enp4s0: renew in 1800, rebind in 2880, expire in 3600 seconds Feb 02 10:01:33 p8h61 dhcpcd[588]: lo: adding reject route to 2001:14ba:a054:2500::/56 Feb 02 10:01:33 p8h61 dhcpcd[588]: enp4s0: delegated prefix 2001:14ba:a054:2500::/56 Feb 02 10:01:33 p8h61 dhcpcd[588]: br0: adding address 2001:14ba:a054:2507::1/64 Feb 02 10:01:33 p8h61 dhcpcd[588]: br0: adding route to 2001:14ba:a054:2507::/64 Feb 02 10:01:43 p8h61 dhcpcd[588]: enp4s0: leased 87.92.178.209 for 3600 seconds Feb 02 10:01:43 p8h61 dhcpcd[588]: enp4s0: adding route to 87.92.128.0/17 Feb 02 10:01:43 p8h61 dhcpcd[588]: enp4s0: adding default route via 87.92.128.1 Feb 02 10:07:00 p8h61 dhcpcd[588]: enp4s0: adding default route via fe80::bb

The last line is the result of running 'rdisc6' manually after the host has booted.

$ ip -6 r ::1 dev lo proto kernel metric 256 pref medium 2001:14ba:a054:2507::/64 dev br0 proto dhcp metric 1007 pref medium unreachable 2001:14ba:a054:2500::/56 dev lo proto dhcp metric 1001 pref medium fe80::/64 dev enp4s0 proto kernel metric 256 pref medium fe80::/64 dev br0 proto kernel metric 256 pref medium default via fe80::bb dev enp4s0 proto ra metric 1002 pref medium

rsmarples commented 1 year ago

dhcpcd is supposed to find any non local address being added and then allow default routes. It only listens to address status changes and running rdisc should not affect this. Interesting issue. We have this policy because CPE nodes have handed out default routes with no routable address. This bit me once on holiday which prompted me to do something about it. A quick test shows it still works, even using a bridge interface. Not sure why it isn't working for you.

The relevant code is here: https://github.com/NetworkConfiguration/dhcpcd/blob/master/src/ipv6.c#L1302

perkelix commented 1 year ago

The key problem is this:

Feb 02 10:01:31 p8h61 dhcpcd[588]: enp4s0: no global addresses for default route

$ ip -6 r ::1 dev lo proto kernel metric 256 pref medium 2001:14ba:a054:2507::/64 dev br0 proto dhcp metric 1007 pref medium unreachable 2001:14ba:a054:2500::/56 dev lo proto dhcp metric 1001 pref medium fe80::/64 dev enp4s0 proto kernel metric 256 pref medium fe80::/64 dev br0 proto kernel metric 256 pref medium

Because of this, the delegated prefix is unroutable. It only becomes routable once I've done 'rdisc enp4s0':

Feb 02 10:07:00 p8h61 dhcpcd[588]: enp4s0: adding default route via fe80::bb

$ ip -6 r ::1 dev lo proto kernel metric 256 pref medium 2001:14ba:a054:2507::/64 dev br0 proto dhcp metric 1007 pref medium unreachable 2001:14ba:a054:2500::/56 dev lo proto dhcp metric 1001 pref medium fe80::/64 dev enp4s0 proto kernel metric 256 pref medium fe80::/64 dev br0 proto kernel metric 256 pref medium default via fe80::bb dev enp4s0 proto ra metric 1002 pref medium

rsmarples commented 1 year ago

What's the output of ip -6 a before and after?

perkelix commented 1 year ago

Same result before and after:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 state UNKNOWN qlen 1000 inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: enp4s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000 inet6 fe80::8de2:b50d:1b1f:76e9/64 scope link stable-privacy valid_lft forever preferred_lft forever 7: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000 inet6 2001:14ba:a06f:6207::1/64 scope global dynamic noprefixroute valid_lft 3235sec preferred_lft 3235sec inet6 fe80::acf2:30c6:70d7:9b25/64 scope link stable-privacy valid_lft forever preferred_lft forever

perkelix commented 1 year ago

I'm still scratching my head over this one.

I'm also baffled by the carrier loss at the beginning. This, too, happens systematically when dhcpcd is first launched upon (re)booting the host. There never is any carrier loss afterwards, or if dhcpcd is reloaded later.

perkelix commented 1 year ago

I think that I've figured it out:

When PD is used, dhcpcd needs to set 2 flags on the delegating interface:

echo 1 > /proc/sys/net/ipv6/conf/enp4s0/forwarding echo 2 > /proc/sys/net/ipv6/conf/enp4s0/accept_ra

As kernel notes tell, if forwarding is set (it should be, if we're delegating a prefix), RA reception is disabled unless accept_ra is explicitly set at 2.

Once I explicitly set those 2 manually via /etc/sysctl.conf, the default route got added systematically at every boot.

perkelix commented 1 year ago

I'm still wondering why or where dhcpcd disables this.