Modify

Opened 3 years ago

Closed 3 years ago

Last modified 3 years ago

#18150 closed defect (worksforme)

additional route6 on interface 'lan': several issues

Reported by: big_cache Owned by: developers
Priority: normal Milestone:
Component: packages Version: Barrier Breaker 14.07
Keywords: Cc:

Description

This ticket refers to IPv6 routing.

The interace lan on my OpenWRT router is connected to subnet A.
Host X in network A acts as a router for subnet B.
There's also host Y in subnet B.
The connection diagram looks like this:

Y <--- (subnet B) ---> X <-- (subnet A) ---> OpenWrt <---> wan

In /etc/config/network there is a route6:

config route6
        option interface 'lan'
        option target 'xxxx:xxxx:xxxx:xxxx::/64' # for subnet B
        option gateway 'fe80::xxxx:xxxx:xxxx:xxxx' # host X
        option onlink '1'

The route shows up in both "ifstatus lan" and in "ip -6 route show"

My issues:

  1. If I change the above link-local address for host X to its global address, the route does not show up in kernel routing table but remains in "ifstatus lan"
  1. Every ICMP echo request sent from host Y to OpenWRT address results in 64 (!!!) echo replies back. I check with tcpdump on OpenWRT itself and on host X.
  1. Every ICMP echo request sent from host Y to outside world (google.com) results in 64 ICMP messages "destination unreachable, unknown unreach code (5)" sent back.

The last two issues I did not see yesterday and I don't think I changed anything since then... There was always one reply, not 64.
Tried rebooting, no luck.

I also tried with firewall both up and down.

I read in Wiki that it's not recommended to use ip6addr option together with ip6assign/ip6hint. I'm only using ip6assign:

config interface 'lan'
        option ifname 'eth0.1'
        option force_link '1'
        option type 'bridge'
        option proto 'static'
        option ipaddr '192.168.1.1'
        option netmask '255.255.255.0'
        option ip6assign '64'
        list ip6class 'sixxs'

From host X I can successfully ping OpenWRT, ping google.com and reach outside network. Outside hosts can reach host X, too.

Attachments (0)

Change History (3)

comment:1 Changed 3 years ago by big_cache

Sorry, there was a loop in routing. No more 64 replies :) Now, I have only 2 issues:

  1. If I change the above link-local address for host X to its global address, the route does not show up in kernel routing table but remains in "ifstatus lan"
  1. Ping6 sent from host Y to outside world (google.com) results in a ICMP error "Destination unreachable: Unknown code 5":

# ping6 google.com
PING google.com(2a00:1450:4010:c08::71) 56 data bytes
From [OpenWRT] icmp_seq=1 Destination unreachable: Unknown code 5
From [OpenWRT] icmp_seq=2 Destination unreachable: Unknown code 5
From [OpenWRT] icmp_seq=3 Destination unreachable: Unknown code 5

Last edited 3 years ago by big_cache (previous) (diff)

comment:2 Changed 3 years ago by cyrus

  • Resolution set to worksforme
  • Status changed from new to closed

This is not a bug but a configuration issue.

Regarding 1
is there an on-link route anywhere matching the gateway i.e. does the router know how to reach the global address of host X itself?

Regarding 2
the router probably doesn't recognize the source address of host Y, i.e. doesn't know to which uplink it should send the packets to, that's why it answers with code 5 = ingress/egress policy failed. You may want to add another route like this.

config route6
    option interface wan6 #or other name of IPv6 uplink interface
    option source xxxx:xxxx:xxxx:xxxx::/64 #subnet B
    option target ::/0
    option gateway 2001:db8::1 #gateway address of your ipv6 uplink

comment:3 Changed 3 years ago by big_cache

I fixed the second problem with the route you provided but the first still remains.
The route to subnet A is present:
xxxx:xxxx:xxxx:xxxx::/64 dev br-lan proto static metric 1024
And networking fully works on host X so I can't guess what's wrong...
I can reach the global address of X from outside as well.

Last edited 3 years ago by big_cache (previous) (diff)

Add Comment

Modify Ticket

Action
as closed .
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.