IPv6 with DHCP6 on top of PPPoE and VLAN

Started by carbas, August 06, 2024, 01:39:39 PM

Previous topic - Next topic
Print
Go Down Pages 1 2 3 4
User actions
August 06, 2024, 08:09:06 PM #15
Ok first things first...

# pgrep mpd5

One instance should be running.

# grep pppoe.iface /var/etc/mpd_wan.conf

Should find the correct VLAN.

Then mpd5/PPPoE is in charge of connecting to the ISP.

If that doesn't happen, use IPv4 connectivity will not start running DHCPv6 because IPv4 from the PPPoE point of view is not up!

You can check the PPPoE logs:

# opnsense-log ppps

Then also Orange is a PITA as we know from France where they want very very specific sending options and perhaps even VLAN priority. You need to emulate all of this in order to get full connectivity and my guess is you're not there yet.


Cheers,
Franco
August 06, 2024, 09:52:23 PM #16
Quote# pgrep mpd5

One instance should be running.
It is.
Quote# grep pppoe.iface /var/etc/mpd_wan.conf

Should find the correct VLAN.
LGTM

QuoteYou can check the PPPoE logs:

# opnsense-log ppps
It looks that connection is established, but only IPv6 config recived. This is expected behaviour.

QuoteThen also Orange is a PITA as we know from France where they want very very specific sending options and perhaps even VLAN priority. You need to emulate all of this in order to get full connectivity and my guess is you're not there yet.
Fortunately polish HQ is not as much PITA as french. They don't stack problems for people wanting use own HW.

Here is full PPPoE log for reference. I think the "LCP: protocol IPCP was rejected" is the important one, but still, IMHO this is expected as I we want to establish IPv6-only connection.
Code Select
<30>1 2024-08-06T21:37:08+02:00 router.home.local ppp 53486 - [meta sequenceId="37"] process 53486 started, version 5.9
<30>1 2024-08-06T21:37:08+02:00 router.home.local ppp 53486 - [meta sequenceId="38"] web: web is not running
<30>1 2024-08-06T21:37:08+02:00 router.home.local ppp 53486 - [meta sequenceId="39"] [wan] Bundle: Interface ng0 created
<30>1 2024-08-06T21:37:08+02:00 router.home.local ppp 53486 - [meta sequenceId="40"] [wan_link0] Link: OPEN event
<30>1 2024-08-06T21:37:08+02:00 router.home.local ppp 53486 - [meta sequenceId="41"] [wan_link0] LCP: Open event
<30>1 2024-08-06T21:37:08+02:00 router.home.local ppp 53486 - [meta sequenceId="42"] [wan_link0] LCP: state change Initial --> Starting
<30>1 2024-08-06T21:37:08+02:00 router.home.local ppp 53486 - [meta sequenceId="43"] [wan_link0] LCP: LayerStart
<30>1 2024-08-06T21:37:08+02:00 router.home.local ppp 53486 - [meta sequenceId="44"] [wan_link0] PPPoE: Connecting to ''
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="45"] PPPoE: rec'd ACNAME "wro_bng1_re0"
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="46"] [wan_link0] PPPoE: connection successful
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="47"] [wan_link0] Link: UP event
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="48"] [wan_link0] LCP: Up event
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="49"] [wan_link0] LCP: state change Starting --> Req-Sent
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="50"] [wan_link0] LCP: SendConfigReq #1
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="51"] [wan_link0]   PROTOCOMP
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="52"] [wan_link0]   MRU 1492
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="53"] [wan_link0]   MAGICNUM 0x03551bda
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="54"] [wan_link0] LCP: rec'd Configure Request #201 (Req-Sent)
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="55"] [wan_link0]   MRU 1540
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="56"] [wan_link0]   AUTHPROTO CHAP MD5
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="57"] [wan_link0]   MAGICNUM 0x18516f9f
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="58"] [wan_link0] LCP: SendConfigAck #201
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="59"] [wan_link0]   MRU 1540
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="60"] [wan_link0]   AUTHPROTO CHAP MD5
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="61"] [wan_link0]   MAGICNUM 0x18516f9f
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="62"] [wan_link0] LCP: state change Req-Sent --> Ack-Sent
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="63"] [wan_link0] LCP: rec'd Configure Ack #1 (Ack-Sent)
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="64"] [wan_link0]   PROTOCOMP
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="65"] [wan_link0]   MRU 1492
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="66"] [wan_link0]   MAGICNUM 0x03551bda
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="67"] [wan_link0] LCP: state change Ack-Sent --> Opened
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="68"] [wan_link0] LCP: auth: peer wants CHAP, I want nothing
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="69"] [wan_link0] LCP: LayerUp
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="70"] [wan_link0] CHAP: rec'd CHALLENGE #162 len: 32
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="71"] [wan_link0]   Name: "JUNOS"
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="72"] [wan_link0] CHAP: Using authname "XXXXXXX@neostrada.pl/ipv6"
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="73"] [wan_link0] CHAP: sending RESPONSE #162 len: 46
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="74"] [wan_link0] CHAP: rec'd SUCCESS #162 len: 49
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="75"] [wan_link0]   MESG: session created in USS with key in new format
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="76"] [wan_link0] LCP: authorization successful
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="77"] [wan_link0] Link: Matched action 'bundle "wan" ""'
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="78"] [wan_link0] Link: Join bundle "wan"
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="79"] [wan] Bundle: Status update: up 1 link, total bandwidth 64000 bps
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="80"] [wan] IPCP: Open event
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="81"] [wan] IPCP: state change Initial --> Starting
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="82"] [wan] IPCP: LayerStart
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="83"] [wan] IPV6CP: Open event
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="84"] [wan] IPV6CP: state change Initial --> Starting
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="85"] [wan] IPV6CP: LayerStart
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="86"] [wan] IPCP: Up event
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="87"] [wan] IPCP: state change Starting --> Req-Sent
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="88"] [wan] IPCP: SendConfigReq #1
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="89"] [wan]   IPADDR 0.0.0.0
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="90"] [wan]   COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="91"] [wan] IPV6CP: Up event
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="92"] [wan] IPV6CP: state change Starting --> Req-Sent
<30>1 2024-08-06T21:37:09+02:00 router.home.local ppp 53486 - [meta sequenceId="93"] [wan] IPV6CP: SendConfigReq #1
<30>1 2024-08-06T21:37:10+02:00 router.home.local ppp 53486 - [meta sequenceId="94"] [wan] IPV6CP: rec'd Configure Request #244 (Req-Sent)
<30>1 2024-08-06T21:37:10+02:00 router.home.local ppp 53486 - [meta sequenceId="95"] [wan] IPV6CP: SendConfigAck #244
<30>1 2024-08-06T21:37:10+02:00 router.home.local ppp 53486 - [meta sequenceId="96"] [wan] IPV6CP: state change Req-Sent --> Ack-Sent
<30>1 2024-08-06T21:37:10+02:00 router.home.local ppp 53486 - [meta sequenceId="97"] [wan_link0] LCP: rec'd Protocol Reject #202 (Opened)
<30>1 2024-08-06T21:37:10+02:00 router.home.local ppp 53486 - [meta sequenceId="98"] [wan_link0] LCP: protocol IPCP was rejected
<30>1 2024-08-06T21:37:10+02:00 router.home.local ppp 53486 - [meta sequenceId="99"] [wan] IPCP: protocol was rejected by peer
<30>1 2024-08-06T21:37:10+02:00 router.home.local ppp 53486 - [meta sequenceId="100"] [wan] IPCP: state change Req-Sent --> Stopped
<30>1 2024-08-06T21:37:10+02:00 router.home.local ppp 53486 - [meta sequenceId="101"] [wan] IPCP: LayerFinish
<30>1 2024-08-06T21:37:10+02:00 router.home.local ppp 53486 - [meta sequenceId="102"] [wan] IPV6CP: rec'd Configure Ack #1 (Ack-Sent)
<30>1 2024-08-06T21:37:10+02:00 router.home.local ppp 53486 - [meta sequenceId="103"] [wan] IPV6CP: state change Ack-Sent --> Opened
<30>1 2024-08-06T21:37:10+02:00 router.home.local ppp 53486 - [meta sequenceId="104"] [wan] IPV6CP: LayerUp
<30>1 2024-08-06T21:37:10+02:00 router.home.local ppp 53486 - [meta sequenceId="105"] [wan]   5a9c:fcff:fe00:0c17 -> 2a8a:1cff:fea1:dfc3
<30>1 2024-08-06T21:37:10+02:00 router.home.local ppp 53486 - [meta sequenceId="106"] [wan] IFACE: Up event
<30>1 2024-08-06T21:37:10+02:00 router.home.local ppp 53486 - [meta sequenceId="107"] [wan] IFACE: Rename interface ng0 to pppoe0
August 07, 2024, 06:49:53 AM #17
> IPCP: protocol was rejected by peer

Well, unfortunately this is the problem with PPPoE in the mix, because once the IPv4 connectivity is up the rc.newwanip script takes care of starting the DHCPv6 (because it doesn't make sense before PPPoE device is created). Since there is no IPv4 the PPPoE linkup script is not called so rc.newwanip is not called either.

Call this a shortcoming of the code. I'm not sure how to solve this gracefully (i.e. without stuffing new settings that nobody understands into the PPPoE WAN IPv6 mode).

We could add the same start code to IPv6 equivalent rc.newwanipv6 (or the PPPoE linkup script) but I'm entirely unsure what the best approach is to avoid race conditions by doing it which could break IPv6 for a lot of people with PPPoE at the moment.


Cheers,
Franco
August 07, 2024, 06:51:56 AM #18
PS: This is more or less part of https://github.com/opnsense/core/issues/7446 although it would make the cleanup a feature by adding more modes. ;(
August 07, 2024, 09:14:07 AM #19
I've got this setup working with OPNsense, including GIF tunnel for ipv4. It works, until OPNSense reboot, and then  I have to manually change LAN settings from track interface to slaac and track interface again, in order to bring back ipv6 connectivity.

Check your LAN settings and try the above trick. This should give you ipv6 there.

P.S. How did you figure out AFTR?
August 07, 2024, 09:25:52 AM #20
QuoteP.S. How did you figure out AFTR?
Its is provided by DHCPv6 server. Option 64.
August 07, 2024, 09:29:33 AM #21
So does the LAN config change trick work for you?

Also, I noticed that your dhcp6c.conf is pointing to vlan rather than pppoe interface. Are you confident about PPPoE configuration? I Did you create the PPPoE interface yourself, or was it created during WAN setup?
August 07, 2024, 09:33:56 AM #22
> Also, I noticed that your dhcp6c.conf is pointing to vlan rather than pppoe interface. Are you confident about PPPoE configuration? I Did you create the PPPoE interface yourself, or was it created during WAN setup?

Well, it was explained.


Cheers,
Franco
August 07, 2024, 09:44:31 AM #23
No it doesn't and, I guess, it can't work as I do not recive IPv6 prefix at all from DHCPv6 so there is nothing to track for LAN interface.
I don't get anything from DHCPv6 because DHCP6c isn't configured and started for PPPoE interface.
As I understand it happens because IPv4 configuration is not set by PPPoE as this is IPv6-only connection from ISP perspective (I have two separate PPPoE credentials from ISP - one is IPv4-only, second is IPv6-only + DS-lite).
August 07, 2024, 09:56:42 AM #24
But DSlite does give you an IPv4 address. A CGNAT one, but an address.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
August 07, 2024, 10:01:49 AM #25
QuoteWell, unfortunately this is the problem with PPPoE in the mix, because once the IPv4 connectivity is up the rc.newwanip script takes care of starting the DHCPv6 (because it doesn't make sense before PPPoE device is created). Since there is no IPv4 the PPPoE linkup script is not called so rc.newwanip is not called either.

Call this a shortcoming of the code. I'm not sure how to solve this gracefully (i.e. without stuffing new settings that nobody understands into the PPPoE WAN IPv6 mode).

We could add the same start code to IPv6 equivalent rc.newwanipv6 (or the PPPoE linkup script) but I'm entirely unsure what the best approach is to avoid race conditions by doing it which could break IPv6 for a lot of people with PPPoE at the moment.

So in simple words I understand it would require breaking changes in interface configuration logic, something like:

  • "IPv4 Configuration type" set as disabled
  • New option for "IPv6 Configuration type" like "PPPoEv6 + DHCPv6" available if the former one is disabled
Do I understand it correctly?
August 07, 2024, 10:02:35 AM #26
In this case apparently not, which is fatal for acquiring DHCPv6 through PPPoE.


Cheers,
Franco
August 07, 2024, 10:05:34 AM #27
Well... I might be OPNsense noob myself, but as I said I managed to get this working for Orange PL. with Use IPv4 connectivity" selected on WAN. This leads me to conclusion that there is some other configuration difference that breaks it.
August 07, 2024, 10:08:22 AM #28
Quote from: carbas on August 07, 2024, 10:01:49 AM

  • "IPv4 Configuration type" set as disabled
  • New option for "IPv6 Configuration type" like "PPPoEv6 + DHCPv6" available if the former one is disabled
Do I understand it correctly?

Correct, but the implications of further complicating IPv4/IPv6 mode interaction isn't something we should aim for.

PPPoEv6 is in fact ipv6cp set, just as DHCPv6 and SLAAC do. PPPoE is ipcp but also the base of what PPPoE needs in order to generate a configuration at all. You can clearly see IPv6 was added later but never really restructured PPPoE and now the point of breakage is here.

Maybe we can get away with latching on to PPPoEv6 (with IPv4 mode set to anything other than PPPoE) for mpd5 configuration and activate IPv6 when the PPPoE IPv6 comes in instead.

It will still require a cleanup of "IPv4 connectivity" behaviour but it sounds like the most elegant way forward.


Cheers,
Franco
August 07, 2024, 10:17:42 AM #29 Last Edit: August 07, 2024, 10:33:30 AM by carbas
QuoteBut DSlite does give you an IPv4 address. A CGNAT one, but an address.
Not from the router perspective. In DS-lite there is GIF tunnel with IPv6 endpoints and then router encapsulates IPv4 traffic into it. The GIF tunnel has the well-known IPv4 address (usually 192.0.0.2 and 192.0.0.1 on AFTR side) and IPv4 traffic is routed through it from LAN without NAT (AFTR does the NAT ).
At least if I understood correctly RFC6333  ;)
Print
Go Up Pages 1 2 3 4
User actions