From nobody Thu Aug 01 15:24:54 2024 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WZXpt2pBhz5SwTc for ; Thu, 01 Aug 2024 15:25:42 +0000 (UTC) (envelope-from cross+freebsd@relay.distal.com) Received: from relay.wiredblade.com (relay.wiredblade.com [168.235.95.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4WZXps0b7pz4V5N for ; Thu, 1 Aug 2024 15:25:40 +0000 (UTC) (envelope-from cross+freebsd@relay.distal.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=relay.distal.com header.s=mail header.b=MSonB6v0; dmarc=none; spf=pass (mx1.freebsd.org: domain of cross+freebsd@relay.distal.com designates 168.235.95.80 as permitted sender) smtp.mailfrom=cross+freebsd@relay.distal.com dkim-signature: v=1; a=rsa-sha256; d=relay.distal.com; s=mail; c=relaxed/relaxed; q=dns/txt; h=From:Subject:Date:Message-ID:To:CC:MIME-Version:Content-Type:Content-Transfer-Encoding:In-Reply-To:References; bh=xRLCqXBa/kU7KPU3LzPvYdqxdjBzOXgveoAZXh6lx+A=; b=MSonB6v0p6C+vxnnrPQzmTszamTF/gj4ZbwlETjnGqMuC7EBLR/EYaGPNYIh6qxpRfGN8WRPmkS37Xft7KD83Mmvm0sasd7Pvhk03i+kiS9aS2/3Q8JTDKF4QqgkmkKK+ZIhJhzyIjdvasomba1YIRnCMV120juoM685PGmEGTivouUVSn3oT0CRHDZiEGqSrDJC8vwM8GMeS4TMp5F5ZAEQkGAmX3UehH6OOEYOoLWsYbey+LK5Y5xBPl wPxbshv/32ewXYkTwNMZl9QTF2gOcULDn5yENH232FU2g20obg9Fn6MLFtfDYHQeuYOqNDbp7kwkYCXuv77JHhzO4cdw== Received: from mail.distal.com (pool-108-48-165-238.washdc.fios.verizon.net [108.48.165.238]) by relay.wiredblade.com with ESMTPSA (version=TLSv1.2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256) ; Thu, 1 Aug 2024 15:25:26 +0000 Received: from smtpclient.apple ( [2001:470:e24c:200:61e1:3348:bac3:1972]) by tristain.distal.com (OpenSMTPD) with ESMTPSA id 31f96699 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO); Thu, 1 Aug 2024 11:25:24 -0400 (EDT) Content-Type: text/plain; charset=utf-8 List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@FreeBSD.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3774.600.62\)) Subject: =?utf-8?Q?Re=3A_=C2=A0DHCPv6_IA=5FPD_-_how-to?= From: Chris Ross In-Reply-To: <190e3ccbd5b.da3f3460134031.7068469154065557677@marples.name> Date: Thu, 1 Aug 2024 11:24:54 -0400 Cc: freebsd-net Content-Transfer-Encoding: quoted-printable Message-Id: References: <190e09e6c1a.11450232913849.654798645277119294@marples.name> <050440F8-B3D8-4B2C-85BD-D5C09C303037@distal.com> <190e3ccbd5b.da3f3460134031.7068469154065557677@marples.name> To: Roy Marples X-Mailer: Apple Mail (2.3774.600.62) X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.20 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FORGED_SENDER(0.30)[cross@distal.com,cross@relay.distal.com]; R_SPF_ALLOW(-0.20)[+a:relay.dynu.com]; R_DKIM_ALLOW(-0.20)[relay.distal.com:s=mail]; MIME_GOOD(-0.10)[text/plain]; RCPT_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; DKIM_TRACE(0.00)[relay.distal.com:+]; DMARC_NA(0.00)[distal.com]; TO_DN_ALL(0.00)[]; TAGGED_FROM(0.00)[freebsd]; FROM_HAS_DN(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; FROM_NEQ_ENVFROM(0.00)[cross@distal.com,cross@relay.distal.com]; ASN(0.00)[asn:3842, ipnet:168.235.92.0/22, country:US]; TO_MATCH_ENVRCPT_SOME(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; MLMMJ_DEST(0.00)[freebsd-net@freebsd.org]; APPLE_MAILER_COMMON(0.00)[]; MIME_TRACE(0.00)[0:+] X-Rspamd-Queue-Id: 4WZXps0b7pz4V5N [Long message, apologies. Thoughts mostly after the log output.] > On Jul 24, 2024, at 04:12, Roy Marples wrote: > dhcpcd can indeed setup the internal networks within the PD for you. > If my answer to Kar's question is not enough, then please let me know. Alright. Time passes, and I have a new system (FreeBSD 14.1) reach to slot in in place of my old router (FreeBSD 11.4). With Roy=E2=80=99s = help off-list, I have a config that I think will work: duid persistent vendorclassid option classless_static_routes option rapid_commit require dhcp_server_identifier slaac private noipv6rs interface vlan0 ipv6only noipv4 noipv4ll ia_pd 0/::/56 vlan1/32 vlan2/42 vlan3/52 vlan4/62 vlan5/72 vlan6/82 = vlan7/92 I brought the system up as an IPv4 router with no IPv6 configured, then ran =E2=80=9Cdhcpcd --noconfigure -d -B=E2=80=9D. Output is long, = but select bits (including top and bottom) show: =E2=80=94=E2=80=948<=E2=80=94=E2=80=948<=E2=80=94=E2=80=948<=E2=80=94=E2=80= =948<---- main: control_open: Connection refused dhcpcd-10.0.8 starting spawned privileged proxy on PID 43738 spawned network proxy on PID 43930 spawned controller proxy on PID 44915 DUID 00:01:00:01:2e:3e:5e:7f:a4:53:0e:79:b9:82 sandbox unavailable: capsicum lo0: ignoring due to interface type and no config pflog0: unsupported interface type 0xf6 ix0: executing: /usr/local/libexec/dhcpcd-run-hooks PREINIT ix0: executing: /usr/local/libexec/dhcpcd-run-hooks CARRIER ix1: executing: /usr/local/libexec/dhcpcd-run-hooks PREINIT vlan0: executing: /usr/local/libexec/dhcpcd-run-hooks PREINIT vlan0: executing: /usr/local/libexec/dhcpcd-run-hooks CARRIER vlan1: executing: /usr/local/libexec/dhcpcd-run-hooks PREINIT vlan1: executing: /usr/local/libexec/dhcpcd-run-hooks CARRIER vlan2: executing: /usr/local/libexec/dhcpcd-run-hooks PREINIT vlan2: executing: /usr/local/libexec/dhcpcd-run-hooks CARRIER vlan3: executing: /usr/local/libexec/dhcpcd-run-hooks PREINIT [=E2=80=A6] vlan0: IAID ff:00:00:06 vlan0: IA type 25 IAID 00:00:00:00 vlan0: reading lease: /var/db/dhcpcd/vlan0.lease6 vlan0: rebinding prior DHCPv6 lease vlan0: delaying REBIND6 (xid 0x329d93), next in 1.0 seconds vlan0: multicasting REBIND6 (xid 0x329d93), next in 1.1 seconds vlan0: REPLY6 received from fe80::3e8a:b0ff:fe3e:4dce vlan0: renew in 3600, rebind in 5760, expire in 7200 seconds vlan0: writing lease: /var/db/dhcpcd/vlan0.lease6 vlan0: executing: /usr/local/libexec/dhcpcd-run-hooks REBIND6 [=E2=80=A6] vlan6: executing: /usr/local/libexec/dhcpcd-run-hooks BOUND vlan5: DAD completed for 192.168.123.46 vlan5: leased 192.168.123.46 for 3105 seconds vlan5: renew in 1552 seconds, rebind in 2716 seconds vlan5: writing lease: /var/db/dhcpcd/vlan5.lease vlan5: executing: /usr/local/libexec/dhcpcd-run-hooks BOUND vlan2: DAD completed for 172.31.83.42 vlan2: leased 172.31.83.42 for 755 seconds vlan2: renew in 377 seconds, rebind in 660 seconds vlan2: writing lease: /var/db/dhcpcd/vlan2.lease vlan2: executing: /usr/local/libexec/dhcpcd-run-hooks BOUND ix0: ARP probing 169.254.156.162 (2 of 3), next in 1.8 seconds ix1: ARP probing 169.254.188.53 (2 of 3), next in 1.7 seconds ps_bpf_recvmsg: Network is down vlan1: ARP probing 169.254.156.162 (3 of 3), next in 2.0 seconds ix0: ARP probing 169.254.156.162 (3 of 3), next in 2.0 seconds ix1: ARP probing 169.254.188.53 (3 of 3), next in 2.0 seconds ps_bpf_recvmsg: Network is down vlan1: using IPv4LL address 169.254.156.162 zsh: segmvlan3ation fault sudo dhcpcd --noconfigure -d -B =E2=80=94=E2=80=94=E2=80=948<=E2=80=94=E2=80=94=E2=80=948<=E2=80=94-=E2=80= =948<---- I=E2=80=99m sure there are =E2=80=9Cstupid user tricks=E2=80=9D here. I = think the primary problem is that it=E2=80=99s using more than the one interface I want it to. It also looks like it=E2=80=99s picking up IPv4 addresses from the local ISC dhcpd on all of the other interfaces. I=E2=80=99m glad it wasn=E2=80=99t trying to configure them! Then, of course, the SEGV. So, first I guess I need to tell it to not try interfaces other than the one I want. For my case. However there are a few things I think may want to be worked on: 1. The SEGV, obviously 2. It seems to be trying things on ix1, despite no carrier. I understand keeping an eye on it, but not sending DISCOVER and ARP et al. 3. It seems it shouldn=E2=80=99t accept a DHCP address from it=E2=80=99s local address. I question if it should try to _get_ an address if there=E2=80=99s already an address, but. Maybe this is a dhcpd problem, where it shouldn=E2=80=99t respond to requests from the local address? Thanks all, sorry for the long message. - Chris