Re: IPv6 Prefix Delegation through Network Manager
- From: dag dg <dagofthedofg gmail com>
- To: thaller redhat com
- Cc: networkmanager-list gnome org
- Subject: Re: IPv6 Prefix Delegation through Network Manager
- Date: Sat, 8 Sep 2018 18:06:07 -0500
Thanks again Thomas. Another side note for anyone pulling this thread
from the archive, when set in the ipv6 shared mode, RDNSS(I assume
within network-manager?) pulls its DNS entries from whatever the LAN
interface is configured with. A few hours of wrangling with dnsmasq
trying to "publish" a specific DNS server to my network and still
seeing duplicate entries under "IP6.DNS" led me to that result.
On Fri, Sep 7, 2018 at 5:59 AM Thomas Haller <thaller redhat com> wrote:
On Wed, 2018-09-05 at 19:50 -0500, dag dg via networkmanager-list
wrote:
Thanks Thomas. Going into debug was able to point me in the right
direction. For those stumbling on this like myself, the
"ipv6.method=shared" refers to your *LAN* interface, not your WAN
interface. While this might seem intuitive to some, when I think
"shared" I think of the WAN though that is mostly a holdover from
IPv4
conventions.
In an earlier fit of desperation I had tried setting the LAN
interface
to "shared", but at the time ipv6 ICMP was unintentionally blocked by
the firewall which was preventing the negotiation with my ISP from
happening. I eventually figured it out that it was the firewall when
I
switched to wide-dhcpv6 using the known working config I had used
with
my old router, but I never went back to try setting the LAN interface
to shared.
After switching to debug I was able to see that the errors hinted at
NM trying to find an interface(device) other than my WAN to assign a
range to. The informational level message "no device to obtain a
subnet to share on <interface> from" sort of gives this away but by
itself can appear a bit cryptic, especially if like me you don't
fully
understand how ipv6 works.
I think it would really help out if the documentation had a smidgen
more detail, even if it was just a "for example if you are
configuring
a router for prefix delegation you would want to set your
LAN/local/whatever interface to shared mode". Maybe it's already
supposed to appear obvious but I definitely missed it, for what it's
worth.
Thanks again Thomas and thanks Vladimir; your earlier post was what
made me aware Network Manager began supporting prefix delegation in
the first place.
Hi,
I added a comment about that in `man nm-settings` [1], but it's unclear
that this is sufficiently discoverable. But it's also unclear where
else to document it.
Regarding firewall, at least for ipv4.method=shared, NetworkManager adds some
iptables rules to enable NAT [2]. This has room for improvement. Possibly
firewalld should be informed about the sharing and it's up to firewalld to
do the right thing. Todo.
[1]
https://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=e90e1536c91678dcf34ab496aa750598052e1143
[2]
https://cgit.freedesktop.org/NetworkManager/NetworkManager/tree/src/devices/nm-device.c?id=e90e1536c91678dcf34ab496aa750598052e1143#n10068
So, after all you got it working?? Cool!!
best,
Thomas
~dag
On Wed, Sep 5, 2018 at 8:11 AM Thomas Haller <thaller redhat com>
wrote:
On Tue, 2018-09-04 at 09:29 -0500, dag dg via networkmanager-list
wrote:
There doesn't seem to be much documentation for Network Manager
on
the
prefix delegation support. Any insight would be appreciated.
Hi,
it's not much documented, because there isn't much to configure
about
ipv6.method=shared. It's supposed to just work -- except when it
doesn't.
Could you provide a full logfile with level=TRACE enabled?
See the hints about logging at
https://cgit.freedesktop.org/NetworkManager/NetworkManager/tree/contrib/fedora/rpm/NetworkManager.conf
best,
Thomas
_______________________________________________
networkmanager-list mailing list
networkmanager-list gnome org
https://mail.gnome.org/mailman/listinfo/networkmanager-list
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
