On Wed, 2018-09-05 at 19:50 -0500, dag dg via networkmanager-list wrote:
Thanks Thomas. Going into debug was able to point me in the right direction. For those stumbling on this like myself, the "ipv6.method=shared" refers to your *LAN* interface, not your WAN interface. While this might seem intuitive to some, when I think "shared" I think of the WAN though that is mostly a holdover from IPv4 conventions. In an earlier fit of desperation I had tried setting the LAN interface to "shared", but at the time ipv6 ICMP was unintentionally blocked by the firewall which was preventing the negotiation with my ISP from happening. I eventually figured it out that it was the firewall when I switched to wide-dhcpv6 using the known working config I had used with my old router, but I never went back to try setting the LAN interface to shared. After switching to debug I was able to see that the errors hinted at NM trying to find an interface(device) other than my WAN to assign a range to. The informational level message "no device to obtain a subnet to share on <interface> from" sort of gives this away but by itself can appear a bit cryptic, especially if like me you don't fully understand how ipv6 works. I think it would really help out if the documentation had a smidgen more detail, even if it was just a "for example if you are configuring a router for prefix delegation you would want to set your LAN/local/whatever interface to shared mode". Maybe it's already supposed to appear obvious but I definitely missed it, for what it's worth. Thanks again Thomas and thanks Vladimir; your earlier post was what made me aware Network Manager began supporting prefix delegation in the first place.
Hi, I added a comment about that in `man nm-settings` [1], but it's unclear that this is sufficiently discoverable. But it's also unclear where else to document it. Regarding firewall, at least for ipv4.method=shared, NetworkManager adds some iptables rules to enable NAT [2]. This has room for improvement. Possibly firewalld should be informed about the sharing and it's up to firewalld to do the right thing. Todo. [1] https://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=e90e1536c91678dcf34ab496aa750598052e1143 [2] https://cgit.freedesktop.org/NetworkManager/NetworkManager/tree/src/devices/nm-device.c?id=e90e1536c91678dcf34ab496aa750598052e1143#n10068 So, after all you got it working?? Cool!! best, Thomas
~dag On Wed, Sep 5, 2018 at 8:11 AM Thomas Haller <thaller redhat com> wrote:On Tue, 2018-09-04 at 09:29 -0500, dag dg via networkmanager-list wrote:There doesn't seem to be much documentation for Network Manager on the prefix delegation support. Any insight would be appreciated.Hi, it's not much documented, because there isn't much to configure about ipv6.method=shared. It's supposed to just work -- except when it doesn't. Could you provide a full logfile with level=TRACE enabled? See the hints about logging at
https://cgit.freedesktop.org/NetworkManager/NetworkManager/tree/contrib/fedora/rpm/NetworkManager.conf
best, Thomas_______________________________________________ networkmanager-list mailing list networkmanager-list gnome org https://mail.gnome.org/mailman/listinfo/networkmanager-list
Attachment:
signature.asc
Description: This is a digitally signed message part