IPv6 working but I have to disable gateway monitoring

JKnott

@Napsterbater said in IPv6 working but I have to disable gateway monitoring:

@JKnott said in IPv6 working but I have to disable gateway monitoring:

If the next hop is also a link local address, he won't be able to ping it or any other LL address beyond the local link.

If... Not all devices reply with their LL to ICMP (i.e. traceroute).. Such as pfSense itself. Hence a way to possibly sniff the GUA out.

Also, further testing shows that /128 is not the next hop as I thought, at least not with my ISP. Regardless, the address can still be used for the monitor. I verified this by connecting my notebook computer directly to the modem and running the ip neigh show command, which lists all addresses on the local link. I didn't see that /128 address.

JKnott

@JKnott

I may have to give this a bit more thought (need some more beer). The link local address may be on the next hop, but since it's not with the prefix, it will be sent to the router, using it's MAC address. When I get a chance, I'll have to fire up Wireshark, to see what's actually happening. I find the networking tools in BSD to be limiting, compared to Linux.

chpalmer

Add :1 to the back of your gateway address and monitor that.

lohphat

This post is deleted!

lohphat

@chpalmer That's essentially what worked but I had to use traceroute to find the correct form of the address to monitor.

IPv6 Link Local
    fe80::208:a2ff:fe0d:87ab%mvneta2
IPv6 Address
    2604:2000:cfc0:1b:xxxx:yyyy:zzzz:9d5b
Subnet mask IPv6
    128
Gateway IPv6
    fe80::217:10ff:fe88:285b

The next upstream hop via traceroute was:

2604:2000:cfc0:1b::1

However I can't be assured that I'll get the same IPv6 assignment after the cablemodem reboot; so a manual gateway monitor assignment, although working now, is not the optimal solution in case I get a different /128 after a CPE reboot or my ISP reassigning address space on their side. There needs to be a bit more intelligence in the DHCP6 code.

chpalmer

@lohphat said in IPv6 working but I have to disable gateway monitoring:

However I can't be assured that I'll get the same IPv6 assignment after the cablemodem reboot;

That should not matter.. The address should still only be the same distance away and still monitorable.

lohphat

@chpalmer What if my ISP decides to change the local DHCP6 pool to 2604:2000:cfc0:17... then the hop is not longer valid

JKnott

@lohphat said in IPv6 working but I have to disable gateway monitoring:

@chpalmer What if my ISP decides to change the local DHCP6 pool to 2604:2000:cfc0:17... then the hop is not longer valid

Why not use the Google DNS server? That's not likely to change. Also, I doubt they're likely to change the router addresses.

lohphat

@JKnott As someone who's run IT ops, it a matter of principle for me. I wouldn't want someone using my resources for unintended purposes. A kludge is a kludge -- the right solution needs priority, so I'll deal with the hand I'm dealt until the DHCP6 code gets a little smarter.

Derelict

@lohphat said in IPv6 working but I have to disable gateway monitoring:

@JKnott OK, I'll try that but the original question still stands: why can't the DHCP6 code figure all this out by itself as it can for the DHCP4 WAN interface?
I tried forcing the interface and it still doesn't work with the link local address.

Is this what is not working for you?

Works fine for DHCP6 on Cox.

WAN_DHCP6 fe80::d62c:44ff:fe7d:c819 fe80::d62c:44ff:fe7d:c819%igb5 25.051ms 55.226ms 0.0% Online Interface WAN_DHCP6 Gateway

lohphat

@Derelict I think it's a CPE issue not Spectrum, but that's just a guess.