I have IPv6 on a linux machine and my network and it works. Now I want to set up DHCP for it. I set up the isc-dhcp-server and configured the subnet.
Another linux machine (both debian 7) acts as test-client and gets the IP, but not in the range configured, and, much worse, gets a /64 subnet and not a /80.
Since the IP pool available on the router is already a subset of the /64 assigned to another upstream-machine, I need a smaller subnet. I cannot allow it to be /64.
Config of dhcp server:
subnet6 2a01:4f8:202:6106:acda::/80 {
range6 2a01:4f8:202:6106:acda:f000::/84;
option dhcp6.name-servers 2a01:4f8:202:6106::2;
prefix6 2a01:4f8:202:6106:acda:c000:: 2a01:4f8:202:6106:acda:f000:: /84;
}
ifconfig output on client:
debian#arm:~$ sudo ifconfig
[sudo] password for debian:
eth0 Link encap:Ethernet HWaddr c8:a0:30:ae:48:24
inet addr:192.168.0.104 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::caa0:30ff:feae:4824/64 Scope:Link
inet6 addr: 2a01:4f8:202:6106:acda:ff2f:452c:b7b5/64 Scope:Global
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:185 errors:0 dropped:0 overruns:0 frame:0
TX packets:201 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:18222 (17.7 KiB) TX bytes:23159 (22.6 KiB)
Interrupt:56
A windows-7 machine also connected does not get an IPv6 address at all.
config of the radvd on the server (in case it matters)
interface eth0 {
AdvSendAdvert on;
prefix 2a01:4f8:202:6106:acda::/80 {
AdvOnLink on;
AdvAutonomous on;
AdvRouterAddr on;
};
route 2000::/3
{
};
};
What's wrong? Why is this not working? Is the bad subnet-size a bug in the server? Or the client?
Result of the bad subnet-size is that for example the nameserver, 2a01:4f8:202:6106::2 , in the 64-bit range, is not reachable. The client thinks it should be on the lan segment and tries to get the link-local IPv6 and the ethernet MAC of it and fails. It needs to go via the router. When I set the subnet manually to /80 everything works fine.
First of course the general warning: using non-/64 subnet sizes will break things. Your ISP should really give you a decent amount of address space to work with, like a /48 or a /56. You can then route /64s out of that wherever you want.
Then you have to look at how your ISP gives you your current /64. If they route it to a LAN that is connected to your server's eth0 interface then there is nothing much you can do except bridging or proxy-ND because you have to make it look like everything is directly connected to that LAN. Both methods have their own complications.
If you are bridging to a LAN managed by your ISP then you shouldn't run anything like radvd or dhcpd because you'll interfere with your ISP.
If you are using proxy-ND or your ISP routes the /64 to your server (so you have a different IPv6 address on your server's interface to the ISP and the ISP routes the /64 to that interface) then you should indeed run radvd and dhcpd but only on the internal interface, not towards your ISP.
Back to your RA+DHCPv6 setup because that part of your question is easy to answer. There are three things wrong with your radvd setup (so, yes, it matters a lot :)
First you cannot do SLAAC (StateLess Address Auto Configuration) on anything except a /64 so you'll have to turn AdvAutonomous off. Then you have to tell the clients that a managed (stateful) DHCPv6 server is available so turn the AdvManagedFlag on. And the route 2000::/3 is also unnecessary. You are advertising that you are the default gateway and this more-specific doesn't add anything useful.
interface eth1 {
AdvSendAdvert on;
AdvManagedFlag on;
prefix 2a01:4f8:202:6106:acda::/80 {
AdvOnLink on;
AdvAutonomous off;
AdvRouterAddr on;
};
};
Related
I have run into issue with running JVM processes on Docker after upgrading library due to development reasons to new version (Corda 4), as up to now I was setting the program (node) running in a Docker container to listen on all interfaces (0.0.0.0) while running in host mode on AWS EC2, which would bind it to all network interfaces, listening on all interfaces and using that forward.
Now in latest, 4, they have coded in https://github.com/corda/corda/blob/061db8b1a1ac1fa9f1a063caf7ce4f009aa283db/node/src/main/kotlin/net/corda/node/internal/Node.kt#L322 preventing this feature.
This in conjunction with https://docs.corda.net/corda-configuration-file.html
In practice the ArtemisMQ messaging services bind to all local addresses on the specified port. However, note that the host is the included as the advertised entry in the network map. As a result the value listed here must be externally accessible when running nodes across a cluster of machines. If the provided host is unreachable, the node will try to auto-discover its public one.
This results in having to specify the public IP in the node configuration, which it then tries to bind to, but it cannot as EC2 does not have the public ip visible as a direct network interface, just an internal routing interface(NIC) which at a later stage in their stack gets translated to public IP.
AWS EC2 instance ifconfig:
br-9121696521bd Link encap:Ethernet HWaddr 02:42:56:7C:6A:27
inet addr:172.18.0.1 Bcast:172.18.255.255 Mask:255.255.0.0
...
docker0 Link encap:Ethernet HWaddr 02:42:78:C3:69:1B
inet addr:172.17.0.1 Bcast:172.17.255.255 Mask:255.255.0.0
...
eth0 Link encap:Ethernet HWaddr 02:5F:BE:63:67:82
inet addr:10.0.0.56 Bcast:10.0.0.255 Mask:255.255.255.0
...
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
...
veth0c214d6 Link encap:Ethernet HWaddr BE:2A:29:08:94:B3
inet6 addr: fe80::bc2a:29ff:fe08:94b3/64 Scope:Link
...
veth2b54799 Link encap:Ethernet HWaddr 66:81:E9:01:91:10
inet6 addr: fe80::6481:e9ff:fe01:9110/64 Scope:Link
...
veth60fffa5 Link encap:Ethernet HWaddr 7A:FE:10:33:A9:80
inet6 addr: fe80::78fe:10ff:fe33:a980/64 Scope:Link
...
vethe4f9a9a Link encap:Ethernet HWaddr EE:C7:CB:C8:25:85
inet6 addr: fe80::ecc7:cbff:fec8:2585/64 Scope:Link
Outcome:
Corda now forces me to set in node.conf p2pAddress which is then published to NMS, and used by other nodes to communicate with it.
I cannot set EC2 public IP as Corda attempts to "bind" to the NIC with that hostname, which is not exposed directly to EC2
I cannot set it to 0.0.0.0 to make it bind to all nics and listen to all incoming routes as they hardcoded in core Node.kt to stop node if 0.0.0.0 provided
I can only set to ip visible in container/host which are not visible outside -> node unreachable
I have looked at trying to fool Docker network stack into representing its local ip to that of the external ip as it is virtual network layer, but it only provides subnetting ability to existing NIC (10.0.x.x IP) or in loopback ip ranges ( 192.168.x.x or 10.x.x or 172.x.x.x)
This post Running corda nodes in different machines also exemplifies precisely my issue and the solution i came to as well, which they closed off in 4.0
Question/Possibilities
Option 1 (AWS/Docker):
Spoof Public IP to be visible in EC2 as actual NIC IP via Docker IPAM/Pipeworks or Linux specific via IP masquerading with a virtual interface ?
Option 2(Corda specific):
Change configuration to somehow accept 0.0.0.0 or make detectPublicIp be more inteligent and use NMS to discover its own IP. I expected it to have this intelligence but I later discovered it just looks on at available NIC's. It fails with AMQ224000 error.
From my understanding Corda 4.0 is unable to run on public cloud providers (Azure/AWS/GC) due to it requiring NIC with Public IP to be present, element which Azure/AWS/GC do not have available, could somebody from Corda team correct me if I am wrong ?
If I understand correctly, the internal Artemis server cannot bind as it's using(by default) the p2pAddress which now has to be a valid public one. You can override this by providing a messagingServerAddress as well. See https://docs.corda.net/corda-configuration-file.html?highlight=messagingserveraddress for a bit more details.
I have a script that is trying to receive IPv6 packets, but it fails to receive any.
First off, here is my ethernet configuration from ifconfig.
eth1 Link encap:Ethernet HWaddr f8:b1:56:9a:cf:ef
inet addr:192.168.1.90 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::fab1:56ff:fe9a:cfef/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:751359199 errors:38 dropped:10874 overruns:0 frame:35
TX packets:23407 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1033523557150 (1.0 TB) TX bytes:2002869 (2.0 MB)
Interrupt:20 Memory:ef400000-ef420000
I have two network cards, but am using one for internet and one for testing. The second card is connect to a device that sends ethernet packets. I am configuring that device to send IPv6 packets to address fe80::fab1:56ff:fe9a:cfef and port 46780 (however, I can configure it to send to any IPv6 address and any port). I wrote a python script to receive these packets, but I either get an error, or my script doesn't find the packets. I confirmed these packets through wireshark, and through using a raw python socket.
Here is a list of things I have tried and the various errors/problems I encounter.
If I bind to address "::1", I am able to bind to the address. However, I never receive any IPv6 packets.
I tried using socket.getaddrinfo() and then use the returned information and bind to that, however when I try to do so I get the error "Invalid argument"
info = socket.getaddrinfo(host_ipv6_addr, port_num, socket.AF_INET6,
socket.SOCK_DGRAM, 0, socket.AI_PASSIVE)
rtp_socket.bind(info[0][4])
socket.getaddrinfo returns [(10, 2, 17, '', ('fe80::fab1:56ff:fe9a:cfef', 46780, 0, 0))]
If I try to bind directly to my IPv6 address, I also received "Invalid argument". However, when I changed the scope from 0 to 5, I instead received the error "Cannot assign request address".
rtp_socket.bind( (host_ipv6_addr, port_num, 0, 5))
Any insight would be greatly appreciated. I'm guessing at this point that I don't have my ethernet card setup properly or something.
UPDATE:
Using Michael Hampton's answer, I solved my problem by using the information from socket.getaddrinfo with the IP address being "fe80::fab1:56ff:fe9a:cfef%eth1" and sticking the results into rtp_socket.bind(). The scope ID went from 0 to 3.
You're trying to bind to a link-local address but you have forgotten to include the scope ID (in this case, %eth1).
So you should be binding to address fe80::fab1:56ff:fe9a:cfef%eth1.
I am trying to run PTPDV2 (precision timing protocol) server which binds on interface for setting up multicasting.
I have a following virtual interface
eth1:0 Link encap:Ethernet HWaddr 00:00:50:A0:42:BD
inet addr:10.2.0.17 Bcast:10.2.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Base address:0xa000
Now, I don't have any issues binding to a normal interface, but for any virtual interface I get a failure.
(ptpd debug1) 09:28:12.995509 (init) netInit
(ptpd debug1) 09:28:12.996254 (init) Local IP address used : 10.2.0.17
(ptpd error) 09:28:12.997099 (init) failed to call SO_BINDTODEVICE on the interface (strerror: No such device)
I need some pointers to overcome this issue. Any help here is appreciated.
I found a workaround to this problem. But it may not be the perfect solution. I am still open for suggestions.
I observed that socket bind is successful, so the socket does get the IP address of eth1:0 . But SO_BINDTODEVICE was failing since this was a virtual interface.
So i decided to call SO_BINDTODEVICE on the real interface that is eth1, since both eth1:0 and eth1 share same MAC.
Which this, i am no longer blocked as the responses are typically unicast for me. But this may not work perfectly if some one wants multicast support on receiving too.
Open for suggestion
I have a couple of programs that talk t each other through HTTP. I have a main program that is a HTTP server that acts as a browser for other programs to query.
Everything works fine if... I have an internet connection on my machine, but when I disconnect the cable, eth0 goes down and I can't connect to anything.
In windows all I need is a loopback network card and I am set.
In my ubuntu box (10.10) I still have lo connected with it's assigned IP but I can't force eth0 to go up.
How can I have a working connection without being connected?!
Can I fake a connection?
Cheers
André Moreira
some clarification, the first thing I am doing is trying to send a broadcast to discover what other apps are on the same network.
This is failing because the network is unreachable. Try to unplug you cable and ping to 255.255.255.255...
I guess that when I "solve this" everything will fall into place.
There is a loopback in Linux, and it has an IP address (like all IP based network interfaces).
Just connect to 127.0.0.1, or localhost if your network configuration hasn't been customized to not follow the standard.
Often the alias for the loopback interface is lo and here is a typical entry from ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:6026819 errors:0 dropped:0 overruns:0 frame:0
TX packets:6026819 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2106315659 (1.9 GiB) TX bytes:2106315659 (1.9 GiB)
I have a problem:
When I try to connect to a network, initially with ifconfig eth2 I get (correctly):
eth2 inet addr:192.168.1.56 ....
inet6 addr: fe80:221:ff:fe96:4598/64
but after a few seconds the 102.168.1.56 disappears and after some other seconds disappears the inet6 address too. In this case the network is wireless and no DHCP.
At uni, the connection is a DHCP one. It works for the first few seconds but after it doesn't.
Any possible solution?
Whats this 102.168.1.56?
cat /var/log/syslog will give more info about what happening in the system. Usually it contains large amount of information.