New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
FS#1501 - DS-Lite is broken on snapshot with some models #6556
Comments
dedeckeh: It would be helpfull if you add the network config which you're using. |
TimB87: Hey, this is my /etc/config/network config interface 'loopback' config globals 'globals' config interface 'lan' config interface 'wan' config interface 'wan6' config switch config switch_vlan config switch_vlan I haven't configured my network, just installed dslite package via opkg and rebooted (which works fine on the same router with 17.01.4). odhcp6c and dnsmasq was a rough guess. I really have no idea, I can just say that it looks like it is having a connection.. |
dedeckeh: I'm unable to reproduce the issue on a TPLink TL-WDR4300 |
TimB87: Hey Hans, many thanks for looking into it! I did a fresh flash of the newest snapshot, installed dslite and luci and then rebooted, same behavior - then replaced the script with yours - again the same behavior. I installed tmux to follow the logread when doing a network restart. I don't see much, but: Wed Apr 25 03:03:19 2018 daemon.err odhcp6c[1944]: Failed to send RS (Address not available) Edit: in Luci it now says that dslite-wan is disconnected. Plus I'm stupid. Forgot to chmod +x the script after replacing it. It still says: Edit #2: It is fetching the correct AFTR server by itself, like it's supposed to. |
dedeckeh: Hi, Thanks for the logs, can you add the output of ifstatus wan6 ? |
TimB87: Sure, here you go https://pastebin.com/nkzy4QKV |
dedeckeh: Can you repeat the test but make odhcpd more verbose by setting the loglevel to 7 (uci set dhcp.odhcpd.loglevel=7) ? Can you also add the output of ip route show and ip addr show ? |
TimB87: Good morning :) Sure. I just flashed the latest snapshot (built yesterday) and installed ds-lite (+luci), disabled masquerading of the firewall and set the loglevel to 7 with uci like you said, then rebooted. Those are the logs: Thank you and have a nice Sunday! |
TimB87: Hey Hans, I am sorry, I didn't commit the changes with uci. Best regards, |
jpdribbler: I just tried dslite again using the latest build from https://forum.lede-project.org/t/build-for-netgear-r7800/316 and beside dslite i was not able to get an ipv6 at all (DHCPv6). Probably not helpful without logs but fyi :) Thanks Hans for checking. |
dedeckeh: The logs don't show any obvious issue as the wan6_4 dslite interface is coming up and the required IPv4/6 routes are in place. To trouble shoot it further I would like to launch an IPv4 ping to 8.8.8.8 from a lan device.
|
TimB87: Hey Hans, first of, on my windows 10 client, I ran ping -t 8.8.8.8. Kernel Log https://pastebin.com/0W3SMqqA Of course, the ping is not able to reach anything saying 'Request timed out.' On a side note, for what it's worth, my provider switched me to Dual Stack yesterday (I have no idea why they are suddenly able to, but I won't protest). While DHCPv4 and v6 now work flawlessly, it seems that I can still use an AFTR to get another v4 address - I tested that with 17.01.4 - so I will still be able to deliver logs. Thanks for taking your time and have a great weekend, Tim |
dedeckeh: Thanks for providing the requested traces; unfortunately I can't find any indication to the observed problem as the iptables packet counters show the expected values while the interface status is as expected. |
TimB87: Sure, this is again with the most current snapshot, WAN unmanaged and dslite configured. root@OpenWrt: Please see the attached capture. Thanks :) |
dedeckeh: The pcap capture shows the IPv4 ping is encapsulated as an IPv6 packet and sent on the wire. |
TimB87: Hey Hans, please see the attached pcap capture, as well as some commands on console & Process/Kernel logs. Best regards, P.S.: I had to use eth1, I think 17.01.4 uses other vlan settings? |
dedeckeh: The 17.01.4-ping.output traces confirm the problem is triggered by the extra IPv6 Destination Option header which is present in IPv6 packet containing the IPv4 ping packet. |
TimB87: Hey Hans, well I could at least try it but I am not sure if they will reply to this. What exactly can I tell them? "The linux kernel changed it's ipv6 behavior and now sends a destination option header which get's rejected by the AFTR resulting in ds-lite to fail to operate"? |
dedeckeh: Hi, At the moment there's no way to change this behavior on the device. You could ask the ISP why the AFTR is unable to process IPv6 packets having a destination option header containing Tunnel Encapsulation Limit (RFC2473) which results into ds-lite connectivity issues as ICMPv6 packets are returned indicating unrecognized next header type. |
TimB87: Hi Hans, I have just sent an Email to my provider (Unity Media) and now I wait for their response. In my experience they respond rather slow to emails, but I'll try to keep this bug report updated as soon as I get an response. Thanks a lot for the big help! Best regards, |
LinuxfarmerHH: MeToo LEDE Reboot SNAPSHOT r5264-94491a1571 / LuCI Master (git-17.309.31241-676ce11) /etc/config/network config interface 'wan6' config switch Heavy CPU load on the router, the connection lost 2/3 of throughput and deliver pings around 150ms, but IPv4 and IPv6 are running. Sat Jun 2 09:34:19 2018 daemon.notice netifd: wan6_4 (12540): Command failed: Unknown error Is there any kind of older ds-lite version that works better? |
TimB87: Hi Eric, this seems very much unrelated to this bug as your v4 connection is established. On topic: My provider has not written me back so far, and I think they will try to ignore the problem as long as nobody yells to loud. I'll try and give them a call and try to get somebody talking :) Best regards, |
dedeckeh: Hi Tim, Meanwhile I'm working on a solution to make the inclusion of the Tunnel Encapsulation Limit configurable (https://git.openwrt.org/?p=openwrt/staging/dedeckeh.git;a=commit;h=45b0ad3bad35eac55d6436861dc82f55e7786def) to fix your connectivity issue; I will let you know when I've pushed the commits into master. Hans |
TimB87: Hey Hans, thanks a lot! master is the most current builds, right? Ok, give me a ping as soon as it's in or I could set up a build environment for openwrt, if you want me to test patches! Have a great weekend, best regards |
dedeckeh: Hi Tim, I've pushed the patches to master to make the inclusion of the Tunnel Encapsulation Limit configurable; specific for your case encaplimit_dslite needs to be set to ignore in the wan6 network section (uci set network.wan6.encaplimit_dslite=ignore; uci commit). Hans |
TimB87: Good morning Hans, sorry I didn't find the time to test during the week. Things that I noticed:
My provider so far has only written me a letter saying they tried to contact me (I don't see anything..). Thanks a lot and best regards, Tim |
dedeckeh: Hi Tim, It's not clear to me what you mean when changing to dslite protocol the firewall settings are erased for that connection. Hans |
tahiro86j: Good morning Hans, from Japan... |
TimB87: Hi Hans, please see those two attached screenshots. I made them just now with the newest snapshot, speedtest is from http://ipv6-test.com/speedtest/ WAN is not in the 'WAN Firewall Zone' anymore, and I can not change it (via Luci), the according fields are completely blank. Best regards, |
dedeckeh: Hi Tim, Can you attach your /etc/config/network ? |
TimB87: Hi Hans, you are right, I did it differently this way, sorry. I got my mind around things. I reflashed the latest snapshot and tried with setting wan to unmanaged: wan is still not in the firewall wan zone. I attached two new screenshots. Best regards, Edit: I added another screenshot to be clear about luci, there is no option to assign it to the according firewall zone anymore (for both, unmanaged and manual ds-lite setup). |
dedeckeh: Hi Tim, The network config having wan proto dslite cannot work; you cannot have an automatic wan6_4 dslite interface together with a wan interface having proto dslite (see also https://bugs.openwrt.org/index.php?do=details&task_id=1574) |
TimB87: Hi Hans, actually I had wan set to unmanaged and not ds-lite so it would automatically set itself up in my second run yesterday. Best regards, |
dedeckeh: Hi Tim I propose to close this bug report and log the dslite performance issue in a separate record. I assume you have been testing this on a Linksys WRT 3200 ACM ? |
TimB87: Hi Hans, I agree on moving to another bug report, since the initial problem is solved, and I am willing to do some more testing for it - maybe it's another provider specific specialty? I'll open a new report after this post. So far, thank you very much for your work! Have a nice weekend, P.S.: Ok, change of plans, some script just ate my post on commiting, I'll add a bug report tomorrow O:) |
TimB87:
Hey everybody,
my provider forces me to use ds-lite to get connection to the v4 internet.
I first tried openwrt on an old Linksys E4200, which worked with any version - but the router ran with around 50% cpu utilization at all times and it was very slow.
After updating to an Linksys WRT 3200 ACM, 17.01.4 works great!
Newest trunk though doesn't.
It also does not work on WRT 1900 ACS v2 and Netgear R7800 according to various forum posts.
I already gathered some information about it on the openwrt Forum -> https://forum.openwrt.org/viewtopic.php?id=73755
What else can I provide to make future versions work?
To mee, it seems like there is a problem with odhcp6c and maybe dnsmasq? Plus the script always produces "command not found" errors (even on the e4200), so maybe the script does not work flawlessly?
Thanks for your help!
Best regards,
Tim
The text was updated successfully, but these errors were encountered: