2

I have a PPPoE link and some addresses. IPv4 addresses work fine. IPv6 not at all. I found out I had to add +ipv6 in ppp/options. If I ping ff02::1%ppp0 I only get replies from two fe80:: addresses, one was automatically assigned to the interface and the other one is reported as peer by ip address. The routable address I assigned doesn't play.

I found a traceroute test on the Internet. It cannot reach the address that my ISP assigned me, 2a02:29e1:300:e900::1. It shows some loops, which, if it were IPv4, I'd definitely classify as router misconfiguration. My ISP says there are no anomalies on their IPv6, which is on the same BRAS as mine. I asked again and they reassured me everything is fine on their side, and they cannot help me on a custom configuration. (Custom because I avoided installing a router). I tried and installed radvd but it doesn't seem to do anything interesting —indeed, radvdump shows continuous work on another interface, which has no routable IPv6 address, although I tried to disable it by setting AdvSendAdvert off.

When I try traceroute, I get no response. I issue, for example, sudo traceroute -6 -n -i ppp0 -I 2a02:29e0:404::172:162. tcpdump -i ppp0 ip6 shows only echo requests going out. I use -I because I allow ICMP access. Yet, after attempting traceroute, ip6tables-save -c reports an increased amount of dropped input packets:

:INPUT DROP [259:20898]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [374:39007]
[0:0] -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
[0:0] -A INPUT -p tcp -m conntrack --ctstate NEW -m multiport --dports 80,443 -j ACCEPT
[371:25320] -A INPUT -p ipv6-icmp -j ACCEPT

My only previous experience with IPv6 was using a tunnel. It had been enough to assign the addresses and it worked without problems. As something must be wrong with routing, here's radvd's config:

interface ppp0
{
    IgnoreIfMissing off;
    AdvSendAdvert on;
    prefix 2a02:29e1:300:e900::/64
    {
    };
};

interface eth1r
{
    AdvSendAdvert off;
};

Is it the right tool at all?

Edit: IPv6 routes:

north:~$ ip -6 r l
2a02:29e1:300:e900::/64 dev ppp0 proto kernel metric 256 pref medium
fe80::f3:6aec dev ppp0 proto kernel metric 256 pref medium
fe80::51c9:88dc:1c75:9a51 dev ppp0 proto kernel metric 256 pref medium
fe80::/64 dev eth0r.100 proto kernel metric 256 pref medium
fe80::/64 dev eth0r proto kernel metric 256 pref medium
fe80::/64 dev eth1r proto kernel metric 256 pref medium
fe80::/64 dev eth2r proto kernel metric 256 pref medium
default dev ppp0 metric 1024 pref medium

Here eth0r.100 is the 802.1Q interface which starts ppp0. eth1r is a backup natted wan which should stay IPv4-only. eth2r is a lan, which could use IPv6 eventually (perhaps radvd can be useful in that case?).

As for the routing loop, the traceroute test mentioned above runs from ten cities around the world, and none of them reaches my interface; all of them fall into the same loop reported by Bib, around the following five nodes:

2a00:6d42::1:0:1:36       Aruba S.p.A. (sometimes ???)
2a00:6d42:0:2:5::12            "             "
2a02:29e1::a              Seflow s.r.l. (my ISP)
2a02:29e0:109:ff00::5          "
2a02:29e0:255::2               "
2001:7f8:c5::a503:1034:1  Samer Abdel-Hafez (sometimes ???)

The bottom one, from Amsterdam, points back to Aruba and the loop starts over again.

Can that be caused by a lack of advertising on my side?

But then, how could I be able to advertise anything if I don't get any IPv6 reply from ppp0?

Ale
  • 157
  • 1
  • 6
  • `radvd` is for the "server". Remove it, set just PPPoE and please add the output of `ip -6 r l` (list ipv6 routes) to your question. For PPP you need the local and remote addresses, ask the provider. – Eduardo Trápani Apr 13 '23 at 19:33
  • There is a routing loop somewhere. Find a site which will traceroute back to you. I see (sorry for the formatting) ` 50 2a02:29e1::a (2a02:29e1::a) 45.886 ms 45.873 ms 45.861 ms 51 2a02:29e0:109:ff00::5 (2a02:29e0:109:ff00::5) 42.705 ms 42.717 ms 43.521 ms 52 2a02:29e0:255::2 (2a02:29e0:255::2) 42.697 ms 42.910 ms 43.470 ms 53 aruba.minap.it (2001:7f8:c5::a503:1034:1) 46.606 ms 46.343 ms 46.744 ms 54 * 2a00:6d42::1:0:1:36 (2a00:6d42::1:0:1:36) 46.791 ms 46.959 ms ..loop in some broken form.. ` – Bib Apr 13 '23 at 21:08
  • Question edited here, as a reply to the comments above. – Ale Apr 14 '23 at 08:02
  • Late, but... you have to go back to your isp and get them to check... properly... – Bib Apr 27 '23 at 11:17

1 Answers1

0

I switched from radvd to bird, as I thought I needed a routing protocol. I asked on the mailing list, and Arnaud Houdelette-Langlois replied as follows:

The ISP-side router needs to know that it must route the /64s to your router.

Most of the time this is done via DHCPv6/PD (PD stands for Prefix-Delegation).

Indeed, I sent a DHCP request through the PPP interface and routing began to work. The first one of my ISP's nodes, 2a02:29e1::a, sent to my server. The delegation lasted for 24 hours, then it resumed looping. It needs to be renewed.

I rolled my own program to send the required packets. Albeit I managed to keep it within a single file, it is 1500+ lines, a bit too long to post it here. You can find it here. Note that DHCPv6 forbids the client from indicating the prefix that it's asking for delegation for. The server has to recognize the client by packet origin, and reply with the prefix that had been agreed upon out of band. I still cannot see the advantage of using DHCP over configuring static routes.

Ale
  • 157
  • 1
  • 6