Jump to content
  • 0
akazakou

IPv6 + PPPoE + WiFi система. Проблема маршрутизации IPv6

Question

Описание проблемы: у провайдера была приобретена услуга предоставления подсети IPv6 из диапазона /56. При попытке настроить доступ по протоколу IPv6 нет доступа ко всем интернет ресурсам работающим по этому протоколу.

Схема подключения:

  • PON от провайдера MT-PON-AT-4(F609) в Bridge режиме
  • Keenetic Ultra (KN-1810) в качестве основного интернет центра (Версия ОС 3.6.3) подключен к модему провайдера через Ethernet кабель
  • Keenetic City (KN-1510) включен в единую WiFi систему с Keenetic Ultra (Версия ОС 3.6.3) подключен через Ethernet кабель
  • Устройства подключены через WiFi и Lan к обоим Keenetic

Конфигурация проводного подключения:

  • Параметры IP и DNS: Без использования IP и DNS (с включение рвется соединение PPPoE)
  • Аутентификация у провайдера (PPPoE) - включена поддержка IPv6

Текущее поведение:

Всем устройствам успешно раздаются IP адреса из приобретенного диапазона 2a02:220e:2000:900::/56. Префикс успешно отображается при поднятии PPPoE подключения. 

При попытке с оконечного устройства выполнить команду "ping6 ipv6.google.com" получаю сообщение об ошибке:

$ ping6 ipv6.google.com
PING ipv6.google.com(ams16s22-in-x0e.1e100.net (2a00:1450:400e:803::200e)) 56 data bytes
From 2a02:220e:2000:900:52ff:20ff:fe22:fa74 (2a02:220e:2000:900:52ff:20ff:fe22:fa74) icmp_seq=1 Destination unreachable: No route

Данные IPv6

Spoiler



(config)> show ipv6 routes 

           route_: 
          destination: ::/0
              gateway: fe80::1
            interface: ISP

           route_: 
          destination: 2a02:220e:2000:900::/64
              gateway: ::
            interface: Home

 

 

Spoiler



(config)> show ipv6 prefixes 

           prefix: 
                 prefix: 2a02:220e:2000:900::/56
              interface: PPPoE0
         valid-lifetime: 258953
     preferred-lifetime: 172553
                 global: yes

 

Spoiler



(config)> show ipv6 addresses 

        addresses: 
              address: 
                  address: 2a02:220e:2000:900:52ff:20ff:fe22:fa75
               link-local: fe80::52ff:20ff:fe22:fa74
                interface: Home
           valid-lifetime: 258892

              address: 
                  address: 2a02:220e:2000:900:52ff:20ff:fe22:fa74
               link-local: ::
                interface: Home
           valid-lifetime: 258892

              address: 
                  address: fe80::52ff:20ff:fe22:fa75
               link-local: fe80::52ff:20ff:fe22:fa75
                interface: ISP
           valid-lifetime: infinite

              address: 
                  address: fe80::52ff:20ff:fe22:fa74
               link-local: fe80::52ff:20ff:fe22:fa74
                interface: WifiMaster0
           valid-lifetime: infinite

              address: 
                  address: fe80::52ff:20ff:fe22:fa76
               link-local: fe80::52ff:20ff:fe22:fa76
                interface: WifiMaster1
           valid-lifetime: infinite

              address: 
                  address: fe80::52ff:20ff:fe22:fa74
               link-local: fe80::52ff:20ff:fe22:fa74
                interface: GigabitEthernet0/Vlan1
           valid-lifetime: infinite

              address: 
                  address: fe80::50ff:20ff:fe22:fa73
               link-local: fe80::50ff:20ff:fe22:fa73
                interface: GigabitEthernet0/Vlan2
           valid-lifetime: infinite

              address: 
                  address: fe80::50ff:20ff:fe22:fa73
               link-local: fe80::50ff:20ff:fe22:fa73
                interface: Guest
           valid-lifetime: infinite

              address: 
                  address: fe80::e5cc:5006:b38c:b6bb
               link-local: fe80::e5cc:5006:b38c:b6bb
                interface: PPPoE0
           valid-lifetime: infinite

 

Список доступных интерфейсов

Spoiler



(config)> show interface 

Interface, name = "GigabitEthernet0"
               id: GigabitEthernet0
            index: 0
             type: GigabitEthernet
      description: 
   interface-name: GigabitEthernet0
             link: up
        connected: yes
            state: up
              mtu: 1500
  tx-queue-length: 2000
             port, name = 1: 
                   id: GigabitEthernet0/0
                index: 0
       interface-name: 1
                 type: Port
                 link: up
                speed: 100
               duplex: full
     auto-negotiation: on
         flow-control: on
                  eee: off
          last-change: 1422.944355
        last-overflow: 0
               public: no
           link-group: 
             port, name = 2: 
                   id: GigabitEthernet0/1
                index: 1
       interface-name: 2
                 type: Port
                 link: down
          last-change: 1677.779184
        last-overflow: 0
               public: no
           link-group: 
             port, name = 3: 
                   id: GigabitEthernet0/2
                index: 2
       interface-name: 3
                 type: Port
                 link: down
          last-change: 1677.777508
        last-overflow: 0
               public: no
           link-group: 
             port, name = 4: 
                   id: GigabitEthernet0/3
                index: 3
       interface-name: 4
                 type: Port
                 link: down
          last-change: 1677.776178
        last-overflow: 0
               public: no
           link-group: 

Interface, name = "1"
               id: GigabitEthernet0/0
            index: 0
   interface-name: 1
             type: Port
             link: up
            speed: 100
           duplex: full
 auto-negotiation: on
     flow-control: on
              eee: off
      last-change: 1422.944782
    last-overflow: 0
           public: no
       link-group: 
            supported: no

Interface, name = "2"
               id: GigabitEthernet0/1
            index: 1
   interface-name: 2
             type: Port
             link: down
      last-change: 1677.779599
    last-overflow: 0
           public: no
       link-group: 
            supported: no

Interface, name = "3"
               id: GigabitEthernet0/2
            index: 2
   interface-name: 3
             type: Port
             link: down
      last-change: 1677.777926
    last-overflow: 0
           public: no
       link-group: 
            supported: no

Interface, name = "4"
               id: GigabitEthernet0/3
            index: 3
   interface-name: 4
             type: Port
             link: down
      last-change: 1677.776549
    last-overflow: 0
           public: no
       link-group: 
            supported: no

Interface, name = "GigabitEthernet0/Vlan1"
               id: GigabitEthernet0/Vlan1
            index: 1
             type: Vlan
      description: Home VLAN
   interface-name: GigabitEthernet0/Vlan1
             link: up
        connected: yes
            state: up
              mtu: 1500
  tx-queue-length: 0
            group: Home
           usedby: Bridge0
              mac: 50:ff:20:22:fa:74
        auth-type: none

Interface, name = "GigabitEthernet0/Vlan2"
               id: GigabitEthernet0/Vlan2
            index: 2
             type: Vlan
      description: 
   interface-name: GigabitEthernet0/Vlan2
             link: up
        connected: yes
            state: up
              mtu: 1500
  tx-queue-length: 0
            group: Guest
           usedby: Bridge1
              mac: 52:ff:20:22:fa:73
        auth-type: none

Interface, name = "ISP"
               id: GigabitEthernet1
            index: 1
             type: GigabitEthernet
      description: Beltelecom
   interface-name: ISP
             link: up
        connected: yes
            state: up
              mtu: 1500
  tx-queue-length: 2000
           global: no
   security-level: public
           usedby: PPPoE0
           usedby: OpenVPN1
              mac: 50:ff:20:22:fa:75
        auth-type: none
             port, name = 0: 
                   id: GigabitEthernet1/0
                index: 0
       interface-name: 0
                 type: Port
                 link: up
     auto-negotiation: on
                speed: 100
               duplex: full
         flow-control: off
          transceiver: internal
            sfp-combo: yes

Interface, name = "0"
               id: GigabitEthernet1/0
            index: 0
   interface-name: 0
             type: Port
             link: up
 auto-negotiation: on
            speed: 100
           duplex: full
     flow-control: off
      transceiver: internal
        sfp-combo: yes

Interface, name = "WifiMaster0"
               id: WifiMaster0
            index: 0
             type: WifiMaster
      description: 
   interface-name: WifiMaster0
             link: up
        connected: yes
            state: up
              mtu: 1500
  tx-queue-length: 1000
          hwstate: on
          bitrate: 600000000
          channel: 8
      temperature: 45

Interface, name = "AccessPoint"
               id: WifiMaster0/AccessPoint0
            index: 0
             type: AccessPoint
      description: Wi-Fi access point
   interface-name: AccessPoint
             link: up
        connected: yes
            state: up
              mtu: 1500
  tx-queue-length: 1000
            group: Home
           usedby: Bridge0
              mac: 50:ff:20:22:fa:74
        auth-type: none
             ssid: h37room16
       encryption: wpa2

Interface, name = "GuestWiFi"
               id: WifiMaster0/AccessPoint1
            index: 1
             type: AccessPoint
      description: Guest access point
   interface-name: GuestWiFi
             link: up
        connected: yes
            state: down
              mtu: 1500
  tx-queue-length: 1000
            group: Guest
           usedby: Bridge1
              mac: 52:ff:20:12:fa:74
        auth-type: none
       encryption: 

Interface, name = "WifiMaster0/AccessPoint2"
               id: WifiMaster0/AccessPoint2
            index: 2
             type: AccessPoint
      description: 
   interface-name: WifiMaster0/AccessPoint2
             link: up
        connected: yes
            state: down
              mtu: 1500
  tx-queue-length: 1000
           global: no
   security-level: private
              mac: 52:ff:20:22:fa:74
        auth-type: none
       encryption: 

Interface, name = "WifiMaster0/AccessPoint3"
               id: WifiMaster0/AccessPoint3
            index: 3
             type: AccessPoint
      description: 
   interface-name: WifiMaster0/AccessPoint3
             link: up
        connected: yes
            state: down
              mtu: 1500
  tx-queue-length: 1000
           global: no
   security-level: private
              mac: 52:ff:20:32:fa:74
        auth-type: none
       encryption: 

Interface, name = "WifiMaster0/WifiStation0"
               ap: 00:00:00:00:00:00
               id: WifiMaster0/WifiStation0
            index: 0
             type: WifiStation
      description: 
   interface-name: WifiMaster0/WifiStation0
             link: down
        connected: no
            state: down
              mtu: 1500
  tx-queue-length: 1000
           global: no
   security-level: public
              mac: 56:ef:20:22:fa:74
        auth-type: none
       encryption: 

Interface, name = "WifiMaster1"
               id: WifiMaster1
            index: 1
             type: WifiMaster
      description: 
   interface-name: WifiMaster1
             link: up
        connected: yes
            state: up
              mtu: 1500
  tx-queue-length: 1000
          hwstate: on
          bitrate: 1734000000
          channel: 52
      temperature: 48

Interface, name = "AccessPoint_5G"
               id: WifiMaster1/AccessPoint0
            index: 0
             type: AccessPoint
      description: 5Ghz Wi-Fi access point
   interface-name: AccessPoint_5G
             link: up
        connected: yes
            state: up
              mtu: 1500
  tx-queue-length: 1000
            group: Home
           usedby: Bridge0
              mac: 50:ff:20:22:fa:76
        auth-type: none
             ssid: h37room16
       encryption: wpa2

Interface, name = "WifiMaster1/AccessPoint1"
               id: WifiMaster1/AccessPoint1
            index: 1
             type: AccessPoint
      description: 
   interface-name: WifiMaster1/AccessPoint1
             link: up
        connected: yes
            state: down
              mtu: 1500
  tx-queue-length: 1000
            group: Guest
           usedby: Bridge1
              mac: 52:ff:20:12:fa:76
        auth-type: none
       encryption: wpa,wpa2

Interface, name = "WifiMaster1/AccessPoint2"
               id: WifiMaster1/AccessPoint2
            index: 2
             type: AccessPoint
      description: 
   interface-name: WifiMaster1/AccessPoint2
             link: up
        connected: yes
            state: down
              mtu: 1500
  tx-queue-length: 1000
           global: no
   security-level: private
              mac: 52:ff:20:22:fa:76
        auth-type: none
       encryption: 

Interface, name = "WifiMaster1/AccessPoint3"
               id: WifiMaster1/AccessPoint3
            index: 3
             type: AccessPoint
      description: 
   interface-name: WifiMaster1/AccessPoint3
             link: up
        connected: yes
            state: down
              mtu: 1500
  tx-queue-length: 1000
           global: no
   security-level: private
              mac: 52:ff:20:32:fa:76
        auth-type: none
       encryption: 

Interface, name = "WifiMaster1/WifiStation0"
               ap: 00:00:00:00:00:00
               id: WifiMaster1/WifiStation0
            index: 0
             type: WifiStation
      description: 
   interface-name: WifiMaster1/WifiStation0
             link: down
        connected: no
            state: down
              mtu: 1500
  tx-queue-length: 1000
           global: no
   security-level: public
              mac: 56:ef:20:22:fa:76
        auth-type: none
       encryption: 

Interface, name = "Home"
               id: Bridge0
            index: 0
             type: Bridge
      description: Home
   interface-name: Home
             link: up
        connected: yes
            state: up
              mtu: 1500
  tx-queue-length: 0
          address: 192.168.1.1
             mask: 255.255.255.0
           uptime: 1662
           global: no
   security-level: private
              mac: 50:ff:20:22:fa:74
        auth-type: none
           bridge: 
            interface, link = yes, inherited = yes: GigabitEthernet0/Vlan1
            interface, link = yes: WifiMaster0/AccessPoint0
            interface, link = yes: WifiMaster1/AccessPoint0

Interface, name = "Guest"
               id: Bridge1
            index: 1
             type: Bridge
      description: Guest
   interface-name: Guest
             link: up
        connected: yes
            state: up
              mtu: 1500
  tx-queue-length: 0
          address: 10.1.30.1
             mask: 255.255.255.0
           uptime: 1661
           global: no
   security-level: protected
              mac: 52:ff:20:22:fa:73
        auth-type: none
           bridge: 
            interface, link = yes: GigabitEthernet0/Vlan2
            interface, link = yes: WifiMaster0/AccessPoint1
            interface, link = yes: WifiMaster1/AccessPoint1

Interface, name = "PPPoE0"
               id: PPPoE0
            index: 0
             type: PPPoE
      description: Beltelecom
   interface-name: PPPoE0
             link: up
        connected: yes
            state: up
             role: inet
              mtu: 1492
  tx-queue-length: 1000
          address: 100.101.64.101
             mask: 255.255.255.255
           global: yes
        defaultgw: yes
         priority: 49325
   security-level: public
        auth-type: none
           remote: 100.101.0.1
           uptime: 367
             fail: no
              via: GigabitEthernet1
      last-change: 367.371100
       session-id: 23988
           ac-mac: 2c:55:d3:3a:25:fc

Interface, name = "OpenVPN1"
               id: OpenVPN1
            index: 1
             type: OpenVPN
      description: vpn.kantora.pro
   interface-name: OpenVPN1
             link: down
        connected: no
            state: down
             role: misc
              mtu: 1500
  tx-queue-length: 0
           global: yes
        defaultgw: no
         priority: 33117
   security-level: public
              mac: 0a:83:17:94:42:bc
        auth-type: none
              via: 

 

Таблица маршрутизации с оконечного устройства

Spoiler


$ ip -6 route show
::1 dev lo proto kernel metric 256 pref medium
2a02:220e:2000:900::/64 dev wlp111s0 proto ra metric 600 pref medium
fe80::/64 dev veth6ddd14e proto kernel metric 256 pref medium
fe80::/64 dev br-b2c7779917ad proto kernel metric 256 pref medium
fe80::/64 dev wlp111s0 proto kernel metric 600 pref medium
default via fe80::52ff:20ff:fe22:fa74 dev wlp111s0 proto ra metric 20600 pref medium

 

Прошу помочь разобраться как правильно настроить IPv6 для использования на всех устройствах.

 

Edited by akazakou

Share this post


Link to post
Share on other sites

Recommended Posts

  • 0

Дополнительная информация по трассировке с оконечного устройства

$ traceroute6 ipv6.google.com
traceroute to ipv6.l.google.com (2a00:1450:401b:804::200e) from 2a02:220e:2000:900:88ba:9eba:6d0e:c8fb, 30 hops max, 24 byte packets
 1  2a02:220e:2000:900:52ff:20ff:fe22:fa74 (2a02:220e:2000:900:52ff:20ff:fe22:fa74)  2,5003 ms !N  2,4950 ms !N  1,7562 ms !N

 

Share this post


Link to post
Share on other sites

  • 0

Default route висит на ISP интерфейсе вместо Pppoe

На ISP галка ipv6 снята?

Share this post


Link to post
Share on other sites

  • 0

Еще меня немного смущает что не назначается IPv6 адрес для самого роутера. Но я не в курсе, надо ли или нет. 

Сам же IPv6 префикс исчезает через некоторое время из информации о подключении

beltel.png

Edited by akazakou

Share this post


Link to post
Share on other sites

  • 0

Лучше в конфиг файле гляньте как там v6 настройки между интерфейсами распределились, а то этот экран описывает и isp и pppoe одновременно.

Зы роутеру свой глобальный v6 адрес для маршрутизации не обязателен. Только если он еще и как конечное устройство выступает.

Edited by r13

Share this post


Link to post
Share on other sites

  • 0

Попытка назначить PPPoE0 интерфейс в качестве дефолтного принудительно не удалась

(config)> interface PPPoE0
Core::Configurator: Done.

(config-if)> ipv6 force-default
Ip6::Nd::Node: Force interface to be the default IPv6 gateway enabled.

(config-if)> exit
Core::Configurator: Done.

(config)> show ipv6 routes 

           route_: 
          destination: ::/0
              gateway: fe80::1
            interface: ISP

           route_: 
          destination: 2a02:220e:2000:900::/64
              gateway: ::
            interface: Home

 

Share this post


Link to post
Share on other sites

  • 0
Spoiler

! $$$ Model: Keenetic Ultra
! $$$ Version: 2.06.1
! $$$ Agent: cli
! $$$ Md5 checksum: d06ad9566778badbc98d00d79b865d29
! $$$ Last change: Tue,  6 Apr 2021 15:45:39 GMT
! $$$ Username: admin

system
    reboot schedule rebootroute
    set net.ipv4.ip_forward 1
    set net.ipv4.tcp_fin_timeout 30
    set net.ipv4.tcp_keepalive_time 120
    set net.ipv4.neigh.default.gc_thresh1 256
    set net.ipv4.neigh.default.gc_thresh2 1024
    set net.ipv4.neigh.default.gc_thresh3 2048
    set net.ipv6.neigh.default.gc_thresh1 256
    set net.ipv6.neigh.default.gc_thresh2 1024
    set net.ipv6.neigh.default.gc_thresh3 2048
    set net.netfilter.nf_conntrack_tcp_timeout_established 1200
    set net.netfilter.nf_conntrack_max 16384
    set vm.swappiness 60
    set vm.overcommit_memory 0
    set vm.vfs_cache_pressure 1000
    set dev.usb.force_usb2 0
    set net.ipv6.conf.all.forwarding 1
    clock timezone Europe/Minsk
    domainname WORKGROUP
    hostname Keenetic_Ultra
    description "Keenetic Ultra"
!
ntp server 0.pool.ntp.org
ntp server 1.pool.ntp.org
ntp server 2.pool.ntp.org
ntp server 3.pool.ntp.org
schedule schedule0
    description "\xd0\x9d\xd0\xbe\xd1\x87\xd1\x8c"
    action start 0 3 *
    action stop 0 5 *
!
schedule rebootroute
    action start 30 4 *
    action stop 31 4 *
!
known host OnePlus3TAndroidPie c0:ee:fb:f4:cf:fa
known host "Keenetic City" 50:ff:20:14:7f:84
known host Chromecast 30:fd:38:bd:93:8f
known host "\xd0\x94\xd0\xbe\xd0\xbc\xd0\xb0\xd1\x88\xd0\xbd\xd0\xb8\xd0\xb9 \xd0\x9a\xd0\xbe\xd0\xbc\xd0\xbf\xd1\x8c\xd1\x8e\xd1\x82\xd0\xb5\xd1\x80" 4c:cc:6a:d7:d0:f8
known host "\xd0\x9e\xd0\xba\xd1\x81\xd0\xb0\xd0\xbd\xd0\xb0 Xiaomi A1" f4:f5:db:ce:68:e9
known host "\xd0\x9d\xd0\xbe\xd1\x83\xd1\x82\xd0\xb1\xd1\x83\xd0\xba \xd0\x9e\xd0\xba\xd1\x81\xd0\xb0\xd0\xbd\xd1\x8b" a4:34:d9:51:4c:bc
known host "\xd0\x9f\xd0\xbb\xd0\xb0\xd0\xbd\xd1\x88\xd0\xb5\xd1\x82 \xd0\x90\xd1\x80\xd1\x82\xd0\xb5\xd0\xbc" d0:f8:8c:ea:7d:25
known host "\xd0\x9f\xd0\xbb\xd0\xb0\xd0\xbd\xd1\x88\xd0\xb5\xd1\x82 \xd0\xa0\xd0\xbe\xd0\xbc\xd0\xb0" 40:a1:08:83:20:6e
known host "iPhone \xd0\x94\xd0\xb8\xd0\xb0\xd0\xbd\xd0\xb0" 60:30:d4:33:1e:bf
known host "\xd0\x9f\xd1\x80\xd0\xb8\xd0\xbd\xd1\x82\xd0\xb5\xd1\x80 EPSON" f8:d0:27:80:b6:11
known host "\xd0\x9e\xd0\xba\xd1\x81\xd0\xb0\xd0\xbd\xd0\xb0 HUAWEI P40 Pro" aa:f4:26:e7:1b:dc
known host "\xd0\xa0\xd0\xb0\xd0\xb1\xd0\xbe\xd1\x87\xd0\xb8\xd0\xb9 \xd0\x9d\xd0\xbe\xd1\x83\xd1\x82\xd0\xb1\xd1\x83\xd0\xba HP" 8c:c6:81:91:22:a6
known host "\xd0\xa1\xd1\x82\xd0\xb8\xd1\x80\xd0\xb0\xd0\xbb\xd1\x8c\xd0\xbd\xd0\xb0\xd1\x8f \xd0\xbc\xd0\xb0\xd1\x88\xd0\xb8\xd0\xbd\xd0\xb0" a4:cf:12:f3:0e:1f
isolate-private
user admin
    password md5 c8bac97e360cc481000971ff587ce17b
    password nt 1c5aa194aa0f11e9ff44cdafd8e40636
    tag cli
    tag http
    tag cifs
    tag printers
    tag torrent
    tag http-proxy
!
dyndns profile _WEBADMIN
!
adguard-dns
    enable
    assign c0:ee:fb:f4:cf:fa default
    assign 50:ff:20:14:7f:84 standard
    assign 30:fd:38:bd:93:8f standard
    assign 4c:cc:6a:d7:d0:f8 default
    assign f4:f5:db:ce:68:e9 standard
    assign a4:34:d9:51:4c:bc standard
    assign d0:f8:8c:ea:7d:25 family
    assign 40:a1:08:83:20:6e family
    assign 60:30:d4:33:1e:bf standard
    assign 8c:c6:81:91:22:a6 default
    assign f8:d0:27:80:b6:11 default
    assign aa:f4:26:e7:1b:dc standard
    assign a4:cf:12:f3:0e:1f default
!
ping-check profile _WEBADMIN_GigabitEthernet1
    host 8.8.4.4
    update-interval 10
    mode icmp
    max-fails 5
!
ping-check profile _WEBADMIN_GigabitEthernet1/Vlan1293
    host 8.8.4.4
    update-interval 10
    mode icmp
    max-fails 5
!
ping-check profile _WEBADMIN_PPPoE0
    host 8.8.4.4
    update-interval 10
    mode icmp
    max-fails 5
!
interface GigabitEthernet0
    up
!
interface GigabitEthernet0/0
    rename 1
    switchport mode access
    switchport mode trunk
    switchport access vlan 1
    switchport trunk vlan 2
    up
!
interface GigabitEthernet0/1
    rename 2
    switchport mode access
    switchport access vlan 1
    up
!
interface GigabitEthernet0/2
    rename 3
    switchport mode access
    switchport access vlan 1
    up
!
interface GigabitEthernet0/3
    rename 4
    switchport mode access
    switchport access vlan 1
    up
!
interface GigabitEthernet0/Vlan1
    description "Home VLAN"
    security-level private
    ip dhcp client dns-routes
    ip dhcp client name-servers
    up
!
interface GigabitEthernet0/Vlan2
    security-level public
    ip dhcp client dns-routes
    ip dhcp client name-servers
    up
!
interface GigabitEthernet1
    rename ISP
    description Beltelecom
    mac address factory wan
    security-level public
    ip dhcp client hostname Keenetic_Ultra
    ip dhcp client dns-routes
    ip dhcp client name-servers
    ip mtu 1500
    igmp upstream
    ipv6 address auto
    ipv6 prefix auto
    ipv6 name-servers auto
    ping-check profile _WEBADMIN_GigabitEthernet1
    up
!
interface GigabitEthernet1/0
    rename 0
    ipv6 address auto
    ipv6 prefix auto
    ipv6 name-servers auto
    up
!
interface WifiMaster0
    country-code BY
    compatibility BGN
    channel width 40-below
    channel auto-rescan 00:00 interval 12
    tx-burst
    rekey-interval 3600
    beamforming explicit
    vht
    up
!
interface WifiMaster0/AccessPoint0
    rename AccessPoint
    description "Wi-Fi access point"
    mac access-list type none
    security-level private
    wps
    wps no auto-self-pin
    authentication wpa-psk ns3 LNkatrVeOV9JjaRuESMr44sb
    encryption enable
    encryption wpa2
    ip dhcp client dns-routes
    ip dhcp client name-servers
    ssid h37room16
    wmm
    rrm
    ft mdid DD
    ft otd
    ft enable
    up
!
interface WifiMaster0/AccessPoint1
    rename GuestWiFi
    description "Guest access point"
    mac access-list type none
    security-level protected
    encryption disable
    ip dhcp client dns-routes
    ip dhcp client name-servers
    ssid Guest
    wmm
    down
!
interface WifiMaster0/AccessPoint2
    mac access-list type none
    security-level private
    ip dhcp client dns-routes
    ip dhcp client name-servers
    down
!
interface WifiMaster0/AccessPoint3
    mac access-list type none
    security-level private
    ip dhcp client dns-routes
    ip dhcp client name-servers
    down
!
interface WifiMaster0/WifiStation0
    security-level public
    encryption disable
    ip dhcp client dns-routes
    ip dhcp client name-servers
    down
!
interface WifiMaster1
    country-code BY
    compatibility AN+AC
    channel width 160
    channel auto-rescan 00:00 interval 6
    tx-burst
    rekey-interval 3600
    band-steering
    band-steering preference 5
    beamforming explicit
    downlink-mumimo
    up
!
interface WifiMaster1/AccessPoint0
    rename AccessPoint_5G
    description "5Ghz Wi-Fi access point"
    mac access-list type none
    security-level private
    wps
    wps no auto-self-pin
    authentication wpa-psk ns3 LNkatrVeOV9JjaRuESMr44sb
    encryption enable
    encryption wpa2
    ip dhcp client dns-routes
    ip dhcp client name-servers
    ssid h37room16
    wmm
    rrm
    ft mdid DD
    ft otd
    ft enable
    up
!
interface WifiMaster1/AccessPoint1
    mac access-list type none
    security-level protected
    authentication wpa-psk ns3 LNkatrVeOV9JjaRuESMr44sb
    encryption enable
    encryption wpa
    encryption wpa2
    ip dhcp client dns-routes
    ip dhcp client name-servers
    ssid 5Ghz
    hide-ssid
    down
!
interface WifiMaster1/AccessPoint2
    mac access-list type none
    security-level private
    ip dhcp client dns-routes
    ip dhcp client name-servers
    down
!
interface WifiMaster1/AccessPoint3
    mac access-list type none
    security-level private
    ip dhcp client dns-routes
    ip dhcp client name-servers
    down
!
interface WifiMaster1/WifiStation0
    security-level public
    encryption disable
    ip dhcp client dns-routes
    ip dhcp client name-servers
    down
!
interface Bridge0
    rename Home
    description Home
    inherit GigabitEthernet0/Vlan1
    include AccessPoint
    include AccessPoint_5G
    mac access-list type deny
    security-level private
    ip address 192.168.1.1 255.255.255.0
    ip dhcp client dns-routes
    ip dhcp client name-servers
    igmp downstream
    ipv6 address auto
    ipv6 prefix auto
    ipv6 name-servers auto
    iapp key ns3 7sLV9venXcRoWSVo3wXIR8sr
    up
!
interface Bridge1
    rename Guest
    description Guest
    traffic-shape rate 10000
    include GigabitEthernet0/Vlan2
    include GuestWiFi
    include WifiMaster1/AccessPoint1
    mac access-list type none
    security-level protected
    ip address 10.1.30.1 255.255.255.0
    ip dhcp client dns-routes
    ip dhcp client name-servers
    up
!
interface PPPoE0
    description Beltelecom
    role inet
    ipv6cp
    lcp echo 30 3
    ipcp default-route
    ipcp no name-servers
    ipcp dns-routes
    no ccp
    security-level public
    authentication identity 170300970800003@beltel.by
    authentication password ns3 GjD2LHu8E66g2mAkhUyReczb
    ip mtu 1492
    ip global 49325
    ip tcp adjust-mss pmtu
    ipv6 address auto
    ipv6 prefix auto
    ipv6 name-servers auto
    ipv6 force-default
    ping-check profile _WEBADMIN_PPPoE0
    connect via ISP
    up
!
interface OpenVPN1
    description vpn.kantora.pro
    role misc
    security-level public
    ip dhcp client dns-routes
    ip dhcp client name-servers
    ip mtu 1500
    ip global 33117
    ip tcp adjust-mss pmtu
    openvpn accept-routes
    openvpn name-servers
    openvpn connect via ISP
    down
!
ip dhcp pool _WEBADMIN
    range 192.168.1.33 192.168.1.72
    lease 25200
    bind Home
    enable
!
ip dhcp pool _WEBADMIN_GUEST_AP
    range 10.1.30.33 10.1.30.52
    lease 25200
    bind Guest
    enable
!
ip name-server 1.1.1.1 ""
ip name-server 1.0.0.1 ""
ip name-server 8.8.8.8 ""
ip name-server 8.8.4.4 ""
ip http port 80
ip http security-level public
ip http lockout-policy 5 15 3
ip http ssl enable
ip http ssl redirect
ip http proxy apps
    upstream http 127.0.0.1 80
    domain ndns
    security-level public
!
ip nat Home
ip nat Guest
ip telnet
    port 22
    security-level public
    lockout-policy 5 15 3
!
ip hotspot
    policy Guest permit
    policy Home permit
    host c0:ee:fb:f4:cf:fa permit
    host 50:ff:20:14:7f:84 permit
    host 30:fd:38:bd:93:8f permit
    host 4c:cc:6a:d7:d0:f8 permit
    host f4:f5:db:ce:68:e9 permit
    host a4:34:d9:51:4c:bc permit
    host d0:f8:8c:ea:7d:25 permit
    host 40:a1:08:83:20:6e permit
    host 60:30:d4:33:1e:bf permit
    host f8:d0:27:80:b6:11 permit
    host aa:f4:26:e7:1b:dc permit
    host 8c:c6:81:91:22:a6 permit
    host a4:cf:12:f3:0e:1f permit
!
ipv6 subnet Default
    bind Home
    number 0
    mode slaac
!
ipv6 name-server 2a00:1450:401b:801::200e ""
ipv6 firewall
ppe software
ppe hardware
ppe hardware-ipv6
upnp lan Home
torrent
    rpc-port 8090 public
    peer-port 51413
    directory PORTABLE:/torrents
!
service dhcp
service dns-proxy
service igmp-proxy
service http
service cifs
service dlna
service telnet
service ntp-client
service upnp
service torrent
cifs
    share PORTABLE PORTABLE:
    automount
    permissive
!
dlna
    port 8200
    db-directory PORTABLE:
    directory PORTABLE:
    interface Bridge0
    display-name "Keenetic Ultra"
!
dns-proxy
    rebind-protect auto
    tls upstream 1.1.1.1 853 sni cloudflare-dns.com
    tls upstream 1.0.0.1 853 sni cloudflare-dns.com
    tls upstream 8.8.8.8 853 sni dns.google
    tls upstream 8.8.4.4 853 sni dns.google
    https upstream https://dns.google/dns-query dnsm
    https upstream https://cloudflare-dns.com/dns-query dnsm
!
easyconfig check
    period 15
    max-fails 4
    host google.com
    host facebook.com
    host yahoo.com
!
easyconfig disable
components
    auto-update channel stable
    auto-update schedule schedule0
!
cloud control2 security-level public
!

 

@r13 Вот весь конфиг. Вроде ничего криминального кроме "set net.ipv6.conf.all.forwarding 1" я не вижу

Share this post


Link to post
Share on other sites

  • 0
Только что, akazakou сказал:

@krass я надеялся что за 5 лет что-то изменилось :)

прогресс тормозят kenetic start и все остальные у кого флеша 8 мб ... как я понял. ipv6 полноценно введут когда 8мбайтники  дропнут с поддержки........

Share this post


Link to post
Share on other sites

  • 0
7 минут назад, krass сказал:

прогресс тормозят kenetic start и все остальные у кого флеша 8 мб ... как я понял. ipv6 полноценно введут когда 8мбайтники  дропнут с поддержки........

Ровно через год...

Share this post


Link to post
Share on other sites

  • 0

В общем все выглядит так, что у меня нет возможности изменить default gateway для IPv6. Я бы сказал что это баг который надо пофиксить )

(config)> ipv6 route default PPPoE0 
Network::Ip6::Routing: Route added.
(config)> show ipv6 routes

           route_: 
          destination: ::/0
              gateway: fe80::1
            interface: ISP

           route_: 
          destination: 2a02:220e:2000:900::/64
              gateway: ::
            interface: Home

(config)> ipv6 route ::/0 PPPoE0 
Network::Ip6::Routing: Route added.
(config)> show ipv6 routes

           route_: 
          destination: ::/0
              gateway: fe80::1
            interface: ISP

           route_: 
          destination: 2a02:220e:2000:900::/64
              gateway: ::
            interface: Home

(config)> no ipv6 route ::/0 ISP
Network::Ip6::Routing: Route erased.
(config)> show ipv6 routes

           route_: 
          destination: ::/0
              gateway: fe80::1
            interface: ISP

           route_: 
          destination: 2a02:220e:2000:900::/64
              gateway: ::
            interface: Home

(config)> ipv6 route default PPPoE0
Network::Ip6::Routing: Route added.
(config)> show ipv6 routes

           route_: 
          destination: ::/0
              gateway: fe80::1
            interface: ISP

           route_: 
          destination: 2a02:220e:2000:900::/64
              gateway: ::
            interface: Home

сс: @r13 @vst

Share this post


Link to post
Share on other sites

  • 1
1 час назад, akazakou сказал:
  Показать содержимое


! $$$ Model: Keenetic Ultra
! $$$ Version: 2.06.1
! $$$ Agent: cli
! $$$ Md5 checksum: d06ad9566778badbc98d00d79b865d29
! $$$ Last change: Tue,  6 Apr 2021 15:45:39 GMT
! $$$ Username: admin

system
    reboot schedule rebootroute
    set net.ipv4.ip_forward 1
    set net.ipv4.tcp_fin_timeout 30
    set net.ipv4.tcp_keepalive_time 120
    set net.ipv4.neigh.default.gc_thresh1 256
    set net.ipv4.neigh.default.gc_thresh2 1024
    set net.ipv4.neigh.default.gc_thresh3 2048
    set net.ipv6.neigh.default.gc_thresh1 256
    set net.ipv6.neigh.default.gc_thresh2 1024
    set net.ipv6.neigh.default.gc_thresh3 2048
    set net.netfilter.nf_conntrack_tcp_timeout_established 1200
    set net.netfilter.nf_conntrack_max 16384
    set vm.swappiness 60
    set vm.overcommit_memory 0
    set vm.vfs_cache_pressure 1000
    set dev.usb.force_usb2 0
    set net.ipv6.conf.all.forwarding 1
    clock timezone Europe/Minsk
    domainname WORKGROUP
    hostname Keenetic_Ultra
    description "Keenetic Ultra"
!
ntp server 0.pool.ntp.org
ntp server 1.pool.ntp.org
ntp server 2.pool.ntp.org
ntp server 3.pool.ntp.org
schedule schedule0
    description "\xd0\x9d\xd0\xbe\xd1\x87\xd1\x8c"
    action start 0 3 *
    action stop 0 5 *
!
schedule rebootroute
    action start 30 4 *
    action stop 31 4 *
!
known host OnePlus3TAndroidPie c0:ee:fb:f4:cf:fa
known host "Keenetic City" 50:ff:20:14:7f:84
known host Chromecast 30:fd:38:bd:93:8f
known host "\xd0\x94\xd0\xbe\xd0\xbc\xd0\xb0\xd1\x88\xd0\xbd\xd0\xb8\xd0\xb9 \xd0\x9a\xd0\xbe\xd0\xbc\xd0\xbf\xd1\x8c\xd1\x8e\xd1\x82\xd0\xb5\xd1\x80" 4c:cc:6a:d7:d0:f8
known host "\xd0\x9e\xd0\xba\xd1\x81\xd0\xb0\xd0\xbd\xd0\xb0 Xiaomi A1" f4:f5:db:ce:68:e9
known host "\xd0\x9d\xd0\xbe\xd1\x83\xd1\x82\xd0\xb1\xd1\x83\xd0\xba \xd0\x9e\xd0\xba\xd1\x81\xd0\xb0\xd0\xbd\xd1\x8b" a4:34:d9:51:4c:bc
known host "\xd0\x9f\xd0\xbb\xd0\xb0\xd0\xbd\xd1\x88\xd0\xb5\xd1\x82 \xd0\x90\xd1\x80\xd1\x82\xd0\xb5\xd0\xbc" d0:f8:8c:ea:7d:25
known host "\xd0\x9f\xd0\xbb\xd0\xb0\xd0\xbd\xd1\x88\xd0\xb5\xd1\x82 \xd0\xa0\xd0\xbe\xd0\xbc\xd0\xb0" 40:a1:08:83:20:6e
known host "iPhone \xd0\x94\xd0\xb8\xd0\xb0\xd0\xbd\xd0\xb0" 60:30:d4:33:1e:bf
known host "\xd0\x9f\xd1\x80\xd0\xb8\xd0\xbd\xd1\x82\xd0\xb5\xd1\x80 EPSON" f8:d0:27:80:b6:11
known host "\xd0\x9e\xd0\xba\xd1\x81\xd0\xb0\xd0\xbd\xd0\xb0 HUAWEI P40 Pro" aa:f4:26:e7:1b:dc
known host "\xd0\xa0\xd0\xb0\xd0\xb1\xd0\xbe\xd1\x87\xd0\xb8\xd0\xb9 \xd0\x9d\xd0\xbe\xd1\x83\xd1\x82\xd0\xb1\xd1\x83\xd0\xba HP" 8c:c6:81:91:22:a6
known host "\xd0\xa1\xd1\x82\xd0\xb8\xd1\x80\xd0\xb0\xd0\xbb\xd1\x8c\xd0\xbd\xd0\xb0\xd1\x8f \xd0\xbc\xd0\xb0\xd1\x88\xd0\xb8\xd0\xbd\xd0\xb0" a4:cf:12:f3:0e:1f
isolate-private
user admin
    password md5 c8bac97e360cc481000971ff587ce17b
    password nt 1c5aa194aa0f11e9ff44cdafd8e40636
    tag cli
    tag http
    tag cifs
    tag printers
    tag torrent
    tag http-proxy
!
dyndns profile _WEBADMIN
!
adguard-dns
    enable
    assign c0:ee:fb:f4:cf:fa default
    assign 50:ff:20:14:7f:84 standard
    assign 30:fd:38:bd:93:8f standard
    assign 4c:cc:6a:d7:d0:f8 default
    assign f4:f5:db:ce:68:e9 standard
    assign a4:34:d9:51:4c:bc standard
    assign d0:f8:8c:ea:7d:25 family
    assign 40:a1:08:83:20:6e family
    assign 60:30:d4:33:1e:bf standard
    assign 8c:c6:81:91:22:a6 default
    assign f8:d0:27:80:b6:11 default
    assign aa:f4:26:e7:1b:dc standard
    assign a4:cf:12:f3:0e:1f default
!
ping-check profile _WEBADMIN_GigabitEthernet1
    host 8.8.4.4
    update-interval 10
    mode icmp
    max-fails 5
!
ping-check profile _WEBADMIN_GigabitEthernet1/Vlan1293
    host 8.8.4.4
    update-interval 10
    mode icmp
    max-fails 5
!
ping-check profile _WEBADMIN_PPPoE0
    host 8.8.4.4
    update-interval 10
    mode icmp
    max-fails 5
!
interface GigabitEthernet0
    up
!
interface GigabitEthernet0/0
    rename 1
    switchport mode access
    switchport mode trunk
    switchport access vlan 1
    switchport trunk vlan 2
    up
!
interface GigabitEthernet0/1
    rename 2
    switchport mode access
    switchport access vlan 1
    up
!
interface GigabitEthernet0/2
    rename 3
    switchport mode access
    switchport access vlan 1
    up
!
interface GigabitEthernet0/3
    rename 4
    switchport mode access
    switchport access vlan 1
    up
!
interface GigabitEthernet0/Vlan1
    description "Home VLAN"
    security-level private
    ip dhcp client dns-routes
    ip dhcp client name-servers
    up
!
interface GigabitEthernet0/Vlan2
    security-level public
    ip dhcp client dns-routes
    ip dhcp client name-servers
    up
!
interface GigabitEthernet1
    rename ISP
    description Beltelecom
    mac address factory wan
    security-level public
    ip dhcp client hostname Keenetic_Ultra
    ip dhcp client dns-routes
    ip dhcp client name-servers
    ip mtu 1500
    igmp upstream
    ipv6 address auto
    ipv6 prefix auto
    ipv6 name-servers auto
    ping-check profile _WEBADMIN_GigabitEthernet1
    up
!
interface GigabitEthernet1/0
    rename 0
    ipv6 address auto
    ipv6 prefix auto
    ipv6 name-servers auto
    up
!
interface WifiMaster0
    country-code BY
    compatibility BGN
    channel width 40-below
    channel auto-rescan 00:00 interval 12
    tx-burst
    rekey-interval 3600
    beamforming explicit
    vht
    up
!
interface WifiMaster0/AccessPoint0
    rename AccessPoint
    description "Wi-Fi access point"
    mac access-list type none
    security-level private
    wps
    wps no auto-self-pin
    authentication wpa-psk ns3 LNkatrVeOV9JjaRuESMr44sb
    encryption enable
    encryption wpa2
    ip dhcp client dns-routes
    ip dhcp client name-servers
    ssid h37room16
    wmm
    rrm
    ft mdid DD
    ft otd
    ft enable
    up
!
interface WifiMaster0/AccessPoint1
    rename GuestWiFi
    description "Guest access point"
    mac access-list type none
    security-level protected
    encryption disable
    ip dhcp client dns-routes
    ip dhcp client name-servers
    ssid Guest
    wmm
    down
!
interface WifiMaster0/AccessPoint2
    mac access-list type none
    security-level private
    ip dhcp client dns-routes
    ip dhcp client name-servers
    down
!
interface WifiMaster0/AccessPoint3
    mac access-list type none
    security-level private
    ip dhcp client dns-routes
    ip dhcp client name-servers
    down
!
interface WifiMaster0/WifiStation0
    security-level public
    encryption disable
    ip dhcp client dns-routes
    ip dhcp client name-servers
    down
!
interface WifiMaster1
    country-code BY
    compatibility AN+AC
    channel width 160
    channel auto-rescan 00:00 interval 6
    tx-burst
    rekey-interval 3600
    band-steering
    band-steering preference 5
    beamforming explicit
    downlink-mumimo
    up
!
interface WifiMaster1/AccessPoint0
    rename AccessPoint_5G
    description "5Ghz Wi-Fi access point"
    mac access-list type none
    security-level private
    wps
    wps no auto-self-pin
    authentication wpa-psk ns3 LNkatrVeOV9JjaRuESMr44sb
    encryption enable
    encryption wpa2
    ip dhcp client dns-routes
    ip dhcp client name-servers
    ssid h37room16
    wmm
    rrm
    ft mdid DD
    ft otd
    ft enable
    up
!
interface WifiMaster1/AccessPoint1
    mac access-list type none
    security-level protected
    authentication wpa-psk ns3 LNkatrVeOV9JjaRuESMr44sb
    encryption enable
    encryption wpa
    encryption wpa2
    ip dhcp client dns-routes
    ip dhcp client name-servers
    ssid 5Ghz
    hide-ssid
    down
!
interface WifiMaster1/AccessPoint2
    mac access-list type none
    security-level private
    ip dhcp client dns-routes
    ip dhcp client name-servers
    down
!
interface WifiMaster1/AccessPoint3
    mac access-list type none
    security-level private
    ip dhcp client dns-routes
    ip dhcp client name-servers
    down
!
interface WifiMaster1/WifiStation0
    security-level public
    encryption disable
    ip dhcp client dns-routes
    ip dhcp client name-servers
    down
!
interface Bridge0
    rename Home
    description Home
    inherit GigabitEthernet0/Vlan1
    include AccessPoint
    include AccessPoint_5G
    mac access-list type deny
    security-level private
    ip address 192.168.1.1 255.255.255.0
    ip dhcp client dns-routes
    ip dhcp client name-servers
    igmp downstream
    ipv6 address auto
    ipv6 prefix auto
    ipv6 name-servers auto
    iapp key ns3 7sLV9venXcRoWSVo3wXIR8sr
    up
!
interface Bridge1
    rename Guest
    description Guest
    traffic-shape rate 10000
    include GigabitEthernet0/Vlan2
    include GuestWiFi
    include WifiMaster1/AccessPoint1
    mac access-list type none
    security-level protected
    ip address 10.1.30.1 255.255.255.0
    ip dhcp client dns-routes
    ip dhcp client name-servers
    up
!
interface PPPoE0
    description Beltelecom
    role inet
    ipv6cp
    lcp echo 30 3
    ipcp default-route
    ipcp no name-servers
    ipcp dns-routes
    no ccp
    security-level public
    authentication identity 170300970800003@beltel.by
    authentication password ns3 GjD2LHu8E66g2mAkhUyReczb
    ip mtu 1492
    ip global 49325
    ip tcp adjust-mss pmtu
    ipv6 address auto
    ipv6 prefix auto
    ipv6 name-servers auto
    ipv6 force-default
    ping-check profile _WEBADMIN_PPPoE0
    connect via ISP
    up
!
interface OpenVPN1
    description vpn.kantora.pro
    role misc
    security-level public
    ip dhcp client dns-routes
    ip dhcp client name-servers
    ip mtu 1500
    ip global 33117
    ip tcp adjust-mss pmtu
    openvpn accept-routes
    openvpn name-servers
    openvpn connect via ISP
    down
!
ip dhcp pool _WEBADMIN
    range 192.168.1.33 192.168.1.72
    lease 25200
    bind Home
    enable
!
ip dhcp pool _WEBADMIN_GUEST_AP
    range 10.1.30.33 10.1.30.52
    lease 25200
    bind Guest
    enable
!
ip name-server 1.1.1.1 ""
ip name-server 1.0.0.1 ""
ip name-server 8.8.8.8 ""
ip name-server 8.8.4.4 ""
ip http port 80
ip http security-level public
ip http lockout-policy 5 15 3
ip http ssl enable
ip http ssl redirect
ip http proxy apps
    upstream http 127.0.0.1 80
    domain ndns
    security-level public
!
ip nat Home
ip nat Guest
ip telnet
    port 22
    security-level public
    lockout-policy 5 15 3
!
ip hotspot
    policy Guest permit
    policy Home permit
    host c0:ee:fb:f4:cf:fa permit
    host 50:ff:20:14:7f:84 permit
    host 30:fd:38:bd:93:8f permit
    host 4c:cc:6a:d7:d0:f8 permit
    host f4:f5:db:ce:68:e9 permit
    host a4:34:d9:51:4c:bc permit
    host d0:f8:8c:ea:7d:25 permit
    host 40:a1:08:83:20:6e permit
    host 60:30:d4:33:1e:bf permit
    host f8:d0:27:80:b6:11 permit
    host aa:f4:26:e7:1b:dc permit
    host 8c:c6:81:91:22:a6 permit
    host a4:cf:12:f3:0e:1f permit
!
ipv6 subnet Default
    bind Home
    number 0
    mode slaac
!
ipv6 name-server 2a00:1450:401b:801::200e ""
ipv6 firewall
ppe software
ppe hardware
ppe hardware-ipv6
upnp lan Home
torrent
    rpc-port 8090 public
    peer-port 51413
    directory PORTABLE:/torrents
!
service dhcp
service dns-proxy
service igmp-proxy
service http
service cifs
service dlna
service telnet
service ntp-client
service upnp
service torrent
cifs
    share PORTABLE PORTABLE:
    automount
    permissive
!
dlna
    port 8200
    db-directory PORTABLE:
    directory PORTABLE:
    interface Bridge0
    display-name "Keenetic Ultra"
!
dns-proxy
    rebind-protect auto
    tls upstream 1.1.1.1 853 sni cloudflare-dns.com
    tls upstream 1.0.0.1 853 sni cloudflare-dns.com
    tls upstream 8.8.8.8 853 sni dns.google
    tls upstream 8.8.4.4 853 sni dns.google
    https upstream https://dns.google/dns-query dnsm
    https upstream https://cloudflare-dns.com/dns-query dnsm
!
easyconfig check
    period 15
    max-fails 4
    host google.com
    host facebook.com
    host yahoo.com
!
easyconfig disable
components
    auto-update channel stable
    auto-update schedule schedule0
!
cloud control2 security-level public
!

 

@r13 Вот весь конфиг. Вроде ничего криминального кроме "set net.ipv6.conf.all.forwarding 1" я не вижу

А если для isp интерфейса удалить из конфига:

ipv6 address auto
    ipv6 prefix auto
    ipv6 name-servers auto
  • Upvote 1

Share this post


Link to post
Share on other sites

  • 0

@r13 это помогло сделать PPPoE0 дефолтным гейтвеем, но маршрутизация всё равно во что-то упирается. 

(config)> show ipv6 routes 

           route_: 
          destination: ::/0
              gateway: ::
            interface: PPPoE0

           route_: 
          destination: 2a02:220e:2000:900::/64
              gateway: ::
            interface: Home

Селфтест прикрутил. Есть подозрение что оно не может пробросить запросы из Home в PPPoE0...

Из позитивного, теперь самого главного маршрутизатора заработал ping6 Но ни по проводу от главного, ни по WiFi от ведомого пинги и маршруты не проходят

(config)> tools ping6 ipv6.google.com
sending ICMPv6 ECHO request to ipv6.google.com...
PING ipv6.google.com (2a00:1450:4010:c1c::65) 56 (104) bytes of data.
64 bytes from ipv6.google.com (2a00:1450:4010:c1c::65): icmp_req=1, ttl=105, time=42.58 ms.
64 bytes from ipv6.google.com (2a00:1450:4010:c1c::65): icmp_req=2, ttl=105, time=42.33 ms.
64 bytes from ipv6.google.com (2a00:1450:4010:c1c::65): icmp_req=3, ttl=105, time=42.54 ms.
64 bytes from ipv6.google.com (2a00:1450:4010:c1c::65): icmp_req=4, ttl=105, time=42.38 ms.
64 bytes from ipv6.google.com (2a00:1450:4010:c1c::65): icmp_req=5, ttl=105, time=42.38 ms.
--- ipv6.google.com ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss,
0 duplicate(s), time 4643.91 ms.

 

self-test.txt

Edited by akazakou

Share this post


Link to post
Share on other sites

  • 0

Дальше уже не подскажу,  pppoe  c v6 нету 

Зы  ообщение с селфтестом можно скрыть, админам будет доступно

Зы 2

После удаления в конфиге перезагружались?

Edited by r13

Share this post


Link to post
Share on other sites

  • 0

@r13 Скрывать не буду, т.к. там инфа полезная для будущих поколений. Спасибо :)

После изменений в конфиге все перезагружал.

В дополнение ping6 на ведомой точке доступа не работает с сообщением невозможности зарезолвать домен

sending ICMPv6 ECHO request to ipv6.google.com...
Failed to resolve "ipv6.google.com".

Но в любом случае, спасибо вам за вашу помощь! Тот факт что с главной ноды пошли пинги, внушает оптимизм )

Share this post


Link to post
Share on other sites

  • 0
13 минуты назад, akazakou сказал:

@r13 Скрывать не буду, т.к. там инфа полезная для будущих поколений. Спасибо :)

После изменений в конфиге все перезагружал.

В дополнение ping6 на ведомой точке доступа не работает с сообщением невозможности зарезолвать домен



sending ICMPv6 ECHO request to ipv6.google.com...
Failed to resolve "ipv6.google.com".

Но в любом случае, спасибо вам за вашу помощь! Тот факт что с главной ноды пошли пинги, внушает оптимизм )

Это уже проблема с днс, попробуйте ip адрес попинговать, напртмер упомянутый ранее

2a00:1450:4010:c1c::65
Edited by r13

Share this post


Link to post
Share on other sites

  • 0

@r13 К сожалению пинги не проходят с ведомой ноды

sending ICMPv6 ECHO request to 2a00:1450:4010:c1c::65...
PING 2a00:1450:4010:c1c::65 (2a00:1450:4010:c1c::65) 36 (84) bytes of data.
An I/O error occurred: network unreachable.
--- 2a00:1450:4010:c1c::65 ping statistics ---
0 packets transmitted, 0 packets received, 100% packet loss,
0 duplicate(s), time 0.31 ms.

 

Share this post


Link to post
Share on other sites

  • 0
3 часа назад, akazakou сказал:

set net.ipv6.conf.all.forwarding 1

А куда это из селфтеста пропало? Без этого транзит не заработает!

Share this post


Link to post
Share on other sites

  • 0
3 часа назад, krass сказал:

Так поддержку полную IPv6 вроде не ввели еще: 

 

Тут расширенной поддержки и не требуется пока, базовая не настраивается похоже.

Share this post


Link to post
Share on other sites

  • 0

У вас от вышестоящего узла не приходит нормальная dhcpv6-конфигурация.

Цитата

[W] Apr  6 16:06:56 ndm: Network::Ip6::Routing: route not found: source ::/0, destination ::/0. 
[W] Apr  6 16:06:59 dhcp6c[1944]: client6_recvadvert: advertise contains NoPrefixAvail status 
[W] Apr  6 16:06:59 dhcp6c[1944]: client6_recvadvert: advertise contains NoPrefixAvail status 
[W] Apr  6 16:06:59 ndm: Network::Ip6::Routing: route not found: source ::/0, destination ::/0. 
[W] Apr  6 16:07:02 dhcp6c[1957]: client6_recvadvert: advertise contains NoPrefixAvail status 

Пока все указывает на то, что провайдер IPv6 вам не выдает или выдает криво.

Попробуйте захватить дамп на ge1, отключая на 10 секунд кабель WAN на 1810, посмотрим что там приходит.

Share this post


Link to post
Share on other sites

  • 0
11 hours ago, r13 said:

А куда это из селфтеста пропало? Без этого транзит не заработает!

Виноват. Играя с конфигом забыл ввернуть назад. После возвращения ситуация без изменений.

Share this post


Link to post
Share on other sites

  • 0

@Le ecureuil Спасибо вам что присоединились к обсуждению проблемы. Прикрепил дамп пакетов полученный инструментом "Захват пакетов".

Еще небольшое уточнение, если для ISP подключения включить получение IP адреса, происходит постоянный разрыв PPPoE соединения с периодичностью раз в 10-60 секунд. В один из моментов, когда PPPoE соединение было установлено вместе с IP адресом на ISP интерфейсе, я успешно смог пройти все тесты на IPv6 на сайте https://ipv6-test.com/ 

P.S. - на всякий случай прикрепляю обновленный self test

capture-GigabitEthernet1-Apr 7 09-58-53.pcapng self-test.txt

Share this post


Link to post
Share on other sites

  • 1
51 минуту назад, akazakou сказал:

@Le ecureuil на всякий случай сделал захват для обоих интерфейсов: ISP и PPPoE0

capture-PPPoE0-Apr 7 10-12-27.pcapng 2 \u041c\u0431 · 2 downloads

capture-GigabitEthernet1-Apr 7 10-12-25.pcapng 2 \u041c\u0431 · 1 download

по захвату v6 у вас работает видна выдача префикса и последующий обмен с внешними ресурсами, например ваш хромкаст по в6 начал общаться с гуглом.

Edited by r13
  • Confused 1

Share this post


Link to post
Share on other sites

  • 1
ipv6 force-default

сами добавили? попробуйте без него

ЗЫ устройство на котором добиваетесь наличия v6 надеюсь в Home сегменте?

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...