Open lemoer opened 3 years ago
CC: @AiyionPrime @Manawyrm @CodeFetch @1977er
From what I've read apple has integrated several techniques to aggressively enforce fast recovery of the network including RFC4436 and several "optimizations" of DHCP. Among them a technique which first tries to renew old leases when reconnecting with a still-valid lease. That's also why Apple tries to increase the lease lifetime by first accepting whatever lease is given to it and then renewing the lease after a short time with a much higher lease time even though it's existing lease is still valid. Still everything that Apple does is conformant with the DHCP standard and should still work with the reference implementation of DHCP.
Therefore ISC is flawed and I think we should just switch to Kea DHCP as it is the successor. I've prepared a role for using Kea DHCP with our existing infrastructure yesterday and will test it on SN06.
I was talking to @lemoer recently about https://github.com/sargon/ddhcpd Gluon packages for ddhcpd: https://github.com/sargon/gluon-sargon
This might be a worthwhile candidate for a new DHCP server solution as well. It can operate without any centralized DHCP server at all (and it can handle very small lease times because it's running locally).
Freifunk Kiel uses it pretty successfully on all their nodes. In any case: Every replacement of ISC DHCP is welcome :+1:
I think we should get rid of isc dhcpd sooner or later; and kea appears to be a solid option. ddhcpd is nice but would require a larger test imo.
@AiyionPrime Unfortunately I've just found out that Debian ships version 1.1.0, because there is no good maintainer... So I'm just reading about how to get dnsmasq running instead.
@AiyionPrime I'm in the Mumble.
@AiyionPrime You are offline.
Since the switch to KEA we have not observed any iOS problems.
The issue on Android 10 is still visible. It seems like, it's not even an dhcp issue. I am not sure yet, what happens in the stages iii. and vi. ("Checking quality of your internet connection..." and "Connected without internet")
I could not yet find out which android service is checks the connection here.
Few more observations:
The checks are implemented and explained here: https://android.googlesource.com/platform/frameworks/base/+/refs/heads/master/services/core/java/com/android/server/connectivity/NetworkDiagnostics.java#77
I found one bug and fixed it in b01261b .
However now where the dns resolution is successful, there is still some work left. The connection still takes quite a while. The UI still shows "Checking quality of your internet connection..." and "Connected without internet" for some seconds (not notably faster than before).
I guess, now this must be due to the other checks described in NetworkDiagnostics.java. Maybe one of them is still failing.
By the description in NetworkDiagnostics.java, I would expect to see icmp6 echo requests coming from the android device. Contrary to that expectation, I do not see them.
I think the reason might be, that the address resolution already fails. At least, I see unanswered icmp6 neighbor solicitations querying for the supernode ipv6 addresses originating from the android device. Oddly their source IP is ::
. Not sure, whether this is valid icmpv6.
Inspecting the router with a private wifi might help, in order to see, how a 'normal' router handles those requests.
If I stop using "randomized mac" in android, it starts to work. Connection check is successful in less than 4 seconds.
Some observation on the neighbor solicitation here:
::
.ff02::1
(mac: 33:33:00:00:00:01
).However, I still do not see any icmpv6 echo requests, as I would expect them from the description in NetworkDiagnostics.java (see link above).
TODO:
Raising a new issue:
The source IP of the neighbor solicitations from android is still ::.
Wikipedia says:
Die einzig mögliche Option ist die Link-Layer-Adresse des Senders. Um bei Protokollerweiterungen keine Probleme zu bekommen, müssen alle unbekannten Optionen ignoriert werden.
I think it does use ::
during duplicate address detection.
The destination address does not necessarily be an address the smartphone gave itself; ipv6 loves to detect duplicates. and checks for them before every? assignment of a given address to a new interface.
There was an unrelated issue with my router beeing offline; this produced an interesting behaviour on an iPad, tough. After the device realizes there's no internet behind a certain wifi, it ignores it for a short period of time and does not list it anymore.
We have several issues regarding DHCP performance, which degrade the user experience a lot.
Server Issues:
Observed Apple iOS behaviour:
On Android 10, I also see other problem:
connectivitycheck.gstatic.com/AAAA
, which seems to be a check whether this network has a captive portal.ssh root@192.168.178.174 tcpdump -n -w - -i client0 ether host ea:b2:67:43:20:f0 | wireshark -i - -k