Date: Thu, 01 Aug 2024 17:17:19 +0100 From: Roy Marples <roy@marples.name> To: "Chris Ross" <cross+freebsd@distal.com> Cc: "freebsd-net" <freebsd-net@freebsd.org> Subject: =?UTF-8?Q?Re:_=C2=A0DHCPv6_IA=5FPD_-_how-to?= Message-ID: <1910ebb450b.12aaf64fd662413.1019342414121790584@marples.name> In-Reply-To: <B075D9DF-EAA0-4BD8-B1D7-37F8E2EE3A0F@distal.com> References: <CA0C0E7D-4956-4DB4-A274-D74C84A18529@distal.com> <190e09e6c1a.11450232913849.654798645277119294@marples.name> <050440F8-B3D8-4B2C-85BD-D5C09C303037@distal.com> <190e3ccbd5b.da3f3460134031.7068469154065557677@marples.name> <B075D9DF-EAA0-4BD8-B1D7-37F8E2EE3A0F@distal.com>
next in thread | previous in thread | raw e-mail | index | archive | help
---- On Thu, 01 Aug 2024 16:24:54 +0100 Chris Ross wrote ---=20 >=20 > [Long message, apologies. Thoughts mostly after the log output.] >=20 > > On Jul 24, 2024, at 04:12, Roy Marples roy@marples.name> wrote: > > dhcpcd can indeed setup the internal networks within the PD for you. > > If my answer to Kar's question is not enough, then please let me know. >=20 > Alright. Time passes, and I have a new system (FreeBSD 14.1) reach to > slot in in place of my old router (FreeBSD 11.4). With Roy=E2=80=99s he= lp > off-list, I have a config that I think will work: >=20 > duid > persistent > vendorclassid > option classless_static_routes > option rapid_commit > require dhcp_server_identifier > slaac private > noipv6rs > interface vlan0 > ipv6only > noipv4 > noipv4ll > ia_pd 0/::/56 vlan1/32 vlan2/42 vlan3/52 vlan4/62 vlan5/72 vlan6/82 vl= an7/92 >=20 > I brought the system up as an IPv4 router with no IPv6 configured, > then ran =E2=80=9Cdhcpcd --noconfigure -d -B=E2=80=9D. Output is long, b= ut select > bits (including top and bottom) show: >=20 > =E2=80=94=E2=80=948<=E2=80=94=E2=80=948<=E2=80=94=E2=80=948<=E2=80=94=E2= =80=948<---- > main: control_open: Connection refused > dhcpcd-10.0.8 starting > spawned privileged proxy on PID 43738 > spawned network proxy on PID 43930 > spawned controller proxy on PID 44915 > DUID 00:01:00:01:2e:3e:5e:7f:a4:53:0e:79:b9:82 > sandbox unavailable: capsicum OK, that's bad. This means that the cap_enter(3) failed so your kernel was not built with C= APABILITY_MODE enabled. > lo0: ignoring due to interface type and no config > pflog0: unsupported interface type 0xf6 > ix0: executing: /usr/local/libexec/dhcpcd-run-hooks PREINIT > ix0: executing: /usr/local/libexec/dhcpcd-run-hooks CARRIER > ix1: executing: /usr/local/libexec/dhcpcd-run-hooks PREINIT > vlan0: executing: /usr/local/libexec/dhcpcd-run-hooks PREINIT > vlan0: executing: /usr/local/libexec/dhcpcd-run-hooks CARRIER > vlan1: executing: /usr/local/libexec/dhcpcd-run-hooks PREINIT > vlan1: executing: /usr/local/libexec/dhcpcd-run-hooks CARRIER > vlan2: executing: /usr/local/libexec/dhcpcd-run-hooks PREINIT > vlan2: executing: /usr/local/libexec/dhcpcd-run-hooks CARRIER > vlan3: executing: /usr/local/libexec/dhcpcd-run-hooks PREINIT > [=E2=80=A6] > vlan0: IAID ff:00:00:06 > vlan0: IA type 25 IAID 00:00:00:00 > vlan0: reading lease: /var/db/dhcpcd/vlan0.lease6 > vlan0: rebinding prior DHCPv6 lease > vlan0: delaying REBIND6 (xid 0x329d93), next in 1.0 seconds > vlan0: multicasting REBIND6 (xid 0x329d93), next in 1.1 seconds > vlan0: REPLY6 received from fe80::3e8a:b0ff:fe3e:4dce > vlan0: renew in 3600, rebind in 5760, expire in 7200 seconds > vlan0: writing lease: /var/db/dhcpcd/vlan0.lease6 > vlan0: executing: /usr/local/libexec/dhcpcd-run-hooks REBIND6 > [=E2=80=A6] > vlan6: executing: /usr/local/libexec/dhcpcd-run-hooks BOUND > vlan5: DAD completed for 192.168.123.46 > vlan5: leased 192.168.123.46 for 3105 seconds > vlan5: renew in 1552 seconds, rebind in 2716 seconds > vlan5: writing lease: /var/db/dhcpcd/vlan5.lease > vlan5: executing: /usr/local/libexec/dhcpcd-run-hooks BOUND > vlan2: DAD completed for 172.31.83.42 > vlan2: leased 172.31.83.42 for 755 seconds > vlan2: renew in 377 seconds, rebind in 660 seconds > vlan2: writing lease: /var/db/dhcpcd/vlan2.lease > vlan2: executing: /usr/local/libexec/dhcpcd-run-hooks BOUND > ix0: ARP probing 169.254.156.162 (2 of 3), next in 1.8 seconds > ix1: ARP probing 169.254.188.53 (2 of 3), next in 1.7 seconds > ps_bpf_recvmsg: Network is down > vlan1: ARP probing 169.254.156.162 (3 of 3), next in 2.0 seconds > ix0: ARP probing 169.254.156.162 (3 of 3), next in 2.0 seconds > ix1: ARP probing 169.254.188.53 (3 of 3), next in 2.0 seconds > ps_bpf_recvmsg: Network is down > vlan1: using IPv4LL address 169.254.156.162 > zsh: segmvlan3ation fault sudo dhcpcd --noconfigure -d -B eek, that's worse! Fixed here: https://github.com/NetworkConfiguration/dhcpcd/commit/c6a8fa1e6= a68e46e89fef0f953f4c7bf4915e257 You can work around the issue by adding noipv4ll to your config. > I=E2=80=99m sure there are =E2=80=9Cstupid user tricks=E2=80=9D here. I= think the > primary problem is that it=E2=80=99s using more than the one interface > I want it to. It also looks like it=E2=80=99s picking up IPv4 addresses > from the local ISC dhcpd on all of the other interfaces. I=E2=80=99m > glad it wasn=E2=80=99t trying to configure them! Yes. You can limit what interfaces dhcpcd works with using a combination of allo= winterfaces and denyinterfaces directives as described in dhcpcd.conf(5). Or you can give the explicit list of interfaces on the command line. If onl= y one interface, you should use the -M option until dhcpcd-11 is finished. If PD needs any interfaces you have denied, they will be activated solely f= or PD. > Then, of course, the SEGV. So, first I guess I need to tell > it to not try interfaces other than the one I want. For my > case. However there are a few things I think may want to > be worked on: >=20 > 1. The SEGV, obviously > 2. It seems to be trying things on ix1, despite no carrier. > I understand keeping an eye on it, but not sending DISCOVER > and ARP et al. > 3. It seems it shouldn=E2=80=99t accept a DHCP address from it=E2=80=99s > local address. I question if it should try to _get_ an > address if there=E2=80=99s already an address, but. Maybe this > is a dhcpd problem, where it shouldn=E2=80=99t respond to requests > from the local address? >=20 1. Fixed with the referenced commit. Please apply to your version. 2. I don't see any carrier stuff as you snipped parts of the log. Email to = me privately no matter how large. Good you enabled debugging. 3. I don't understand the question or problem? Can you try to rephrase? Thanks Roy
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1910ebb450b.12aaf64fd662413.1019342414121790584>