IPv6

Hi

After long time using SIXXS I plan to change to native IPv6.
I set-up the interfaces like this:
LAN:
IPv6 mode: DHCP-PD
IPv6 Prefix Delegation: 1/56
IPv6 RA:  Send IPv6 router advertisements

WAN:
IPv6 mode: DHCP

Now I do not have any IPv6 gateway on the WAN interface - but I get this error in the log
rtadvd[279]: <ra_input> received RA from fe80::221:a0ff:fe56:e819 on non-advertising interface(vr1) <-- WAN
(Clients do get an IPv6 address but of course no IPv6 connection)
Why does this happen - the expected behavior should be that m0n0wall uses this information...?

Thank you & regards


Specs:
Version    1.34
built on Mon Nov 12 13:17:17 CET 2012
Platform    PC Engines ALIX

Are you sure your ISP will give you a routed /56?

Try Prefix Delegation: 0/64 instead and see if that changes anything.

I'm running m0n0wall 1.8.1b540 and my System Log is flooded with messages like you are seeing. This is a known behavior and a fix will be forthcoming.

Dear Fred

First thank you for your quick answer.
I now changed the IPv6 Prefix delegation to 0/64 (although my ISP speaks of a /56 subnet: http://www.iway.ch/glasfaseranschluss-privatkunden/fiber-economy-fuer-privatkunden/luzern-ewl.aspx).

What I realized after taking one step back is that I didn't set any DHCPv6 DUID (which is bold in the form; but I haven't been provided with any).

Below you'll find all System Log events after booting (so no kernel messages) - maybe this helps getting the quirk?
Apr 15 17:44:21   rtadvd[279]: <ra_input> received RA from fe80::221:a0ff:fe56:e819 on non-advertising interface(vr1)
Apr 15 17:41:03   rtadvd[279]: <ra_input> received RA from fe80::221:a0ff:fe56:e819 on non-advertising interface(vr1)
Apr 15 17:40:48   dhclient: bound to a.b.c.97 -- renewal in 3343 seconds.
Apr 15 17:40:48   dhcp6c[296]: client6_script: child: exec failed: Permission denied
Apr 15 17:40:46   dhcp6c[271]: dhcp6_ctl_authinit: failed to open /usr/local/etc/dhcp6cctlkey: No such file or directory
Apr 15 17:40:46   dhcp6c[268]: client6_script: child: exec failed: Permission denied
Apr 15 17:40:46   dhcp6c[267]: client6_script: child: exec failed: Permission denied
Apr 15 17:40:43   dhclient: New Routers: a.b.c.1
Apr 15 17:40:43   dhclient: New Broadcast Address (vr1): a.b.c.127
Apr 15 17:40:43   dhclient: New Subnet Mask (vr1): 255.255.255.128
Apr 15 17:40:43   dhclient: New IP Address (vr1): a.b.c.97
Apr 15 17:40:43   dhclient: New Broadcast Address: a.b.c.127
Apr 15 17:40:43   dhclient: New Network Number: a.b.c.0
Apr 15 17:40:43   dhclient: DHCPACK from x.y.z.3
Apr 15 17:40:43   dhclient: DHCPREQUEST on vr1 to 255.255.255.255 port 67
Apr 15 17:40:43   dhclient: DHCPOFFER from x.y.z.3
Apr 15 17:40:42   dhclient: DHCPDISCOVER on vr1 to 255.255.255.255 port 67 interval 8
Apr 15 17:40:38   dhcp6c[189]: client6_script: child: exec failed: Permission denied
Apr 15 17:40:36   dhcp6c[123]: client6_send: transmit failed: Can't assign requested address

Thank you very much for your assistance!

I wish I could be of more help, but I am out of ideas. Perhaps your ISP needs to enable IPv6 on your account or can help otherwise.

Additionally, we are both running different versions of m0n0wall, and there are undoubtedly differences between them that complicate debugging.

Is there any chance you can upgrade to m0n0wall 1.8.1?

I sure can
I just need some time to upgrade (as I'd like to be at home when I upgrade from embedded to pc-serial)...
[EDIT] Shall I restore the config - or better start from scratch?

Regards

You can reuse your config file. I don't know of any reason why it shouldn't work. You might want to look over the various screens to be sure it all came through.

[after]

I realized that I need a few days because I lost my CF card reader and it seems as if I can't upgrade directly from embedded-1.34.img to the current image (via webinterface) --> the Alix board just rebooted with the old firmware
[EDIT] sometimes I guess it would better if I was in bed instead of trying stuff - reading everyword helps here:
images cannot be uploaded directly to current 1.33 installations because the MFS that they allocate for firmware uploads is too small (only 10 MB). You can work around this by running the following commands via /exec.php after you've clicked the "Enable firmware upload" button:
Sorry[/EDIT]
Thank you

It is possible to upgrade from 1.34 to 1.8x via the GUI but special treatment is needed. From the web site:

images cannot be uploaded directly to current 1.33 installations because the MFS that they allocate for firmware uploads is too small (only 10 MB). You can work around this by running the following commands via /exec.php after you've clicked the "Enable firmware upload" button:
            umount /ftmp
            /sbin/mdmfs -s 16m md1 /ftmp
         
If you are upgrading an embedded installation, rename the generic-pc-serial image to 'embedded' before uploading it.

thanks!
so IPv6 has still no gateway
EDIT: SORRY now it has?
I'll get into serious testing before posting again; sorry Fred!

Sounds like you are getting closer?

Sounds like you are getting closer?

WAN works now - awesome!
...
and so does LAN:
tracert -d www.six.heise.de

Tracing route to www.six.heise.de [2a02:2e0:3fe:100::6]
over a maximum of 30 hops:

  1    <1 ms    <1 ms    <1 ms  2001:8e0:?:20d:b9ff:fe1e:51bc
  2     6 ms     4 ms     3 ms  2001:8e0:::1
  3     8 ms     1 ms     1 ms  2001:8e0:?:2002::1
  4     2 ms     2 ms    11 ms  2001:7f8:24::3
  5     2 ms     3 ms     3 ms  2001:1620:2::d2
  6     8 ms     8 ms     7 ms  2001:1620:2::8e
  7    19 ms    16 ms    23 ms  2001:1620:2::99
  8    17 ms    19 ms    24 ms  2001:1620:2::36
  9    31 ms    20 ms    23 ms  2001:1620:2::2d
 10    19 ms    19 ms    19 ms  2001:7f8::3012:0:2
 11    18 ms    21 ms    18 ms  2a02:2e0:10:1:c::2
 12    19 ms    20 ms    19 ms  2a02:2e0:1::22
 13    19 ms    19 ms    19 ms  2a02:2e0:3fe:100::6

Sounds like you are all set.

So, are you using /64 or /56 on LAN?

/56 it is.
Thank you very much for your support - I donated something little to the project.

Yer welcome, glad I could help.

I am sure your donation will be appreciated.