Sponsored Links

Weird ipv6 issue

cmsj

Casual Member
So, having posted in the other thread that my ipv6 was brought back to life after talking to CF tech support, things have taken a turn for the worse in a way that I am struggling to understand.

I noticed that after a few hours, the logs on my Unifi UDM SE were showing odhcp6c sending RENEW messages to the DHCPv6 server, but not seeming to get a response.

Last night, the UDM rebooted for a firmware upgrade and now odhcp6c isn't getting replies to even its SOLICIT packets. tcpdump shows them going out, but nothing coming back in. Neighbor/Router solications/advertisements seem to be working fine, and I see a CF router appear in "ip -6 neighbor" as REACHABLE.

In a fit of desperation I've installed both dhcpcd and dibbler-client on the UDM to see if I could get any further with those and they both seem to trigger DHCPv6 ADVERTISE responses to their SOLICITs, but at least in the case of dibbler, it didn't seem to be aware that it was getting the responses.

Unifi gives almost zero options for configuring how odhcp6c is configured (literally just the prefix size), but if anyone has any deeper insights into what the heck might be going on here, I would love to hear them. Happy to share packet dumps, etc. if that would help.
 
Oh, and CF clearly still thinks I have a v6 allocation because tcpdump shows incoming connection attempts for my server, which has a couple of AAAA records pointing at it.
 
A friend of mine has the exact same situation starting a few days ago on YouFibre. Completely different provider.

Makes me wonder if they both use the same software to deliver IPv6 and recently applied a bad software update.
 
Sponsored Links
Interesting.

I spent a bunch of hours poking at this last night and I discovered that while CF isn’t responding to the SOLICIT packets odhcp6c is sending, if I run it by hand with a different DUID, they do respond and advertise a prefix, but just like dibbler, odhcp6c also doesn’t seem to see the response packet that tcpdump shows, which suggests there is some kind of network configuration issue on the UDM SE
 
Have you still got the Velop router and can check IPv6 is working?
I do still have their router, and I should give it a try. I expect it will work fine because ipv6 is clearly able to route to me, and I have been able to trigger DHCPv6 advertisements manually.
I’m not sure what it would actually tell me though - I can see all of the pieces working on the UDM SE, they’re just not working together 😬
 
It would rule out a CF issue then you can downgrade the firmware on the UDM SE and get back to enjoying your weekend.
 
Last edited:
Sponsored Links
I made a bunch of progress last night. First up I figured out why DHCPv6 responses were being ignored - I’d failed to appreciate that unifi changes the v6 firewall rules depending on which setting you use for WAN ipv6.

So, I manually added rules for ICMPv6 and DHCPv6 and was able to get a full dhcp response.

I turned my attention to getting it to work via unifi and tl;dr I wrapped odhcp6c in a bash script so I could pass a custom -c argument (client-ID). I don’t know why, but CF seems to hate odhcp6c’s default choice for that.

It immediately all sprang back to life 😁

Thanks all, for the replies!
 
I made a bunch of progress last night. First up I figured out why DHCPv6 responses were being ignored - I’d failed to appreciate that unifi changes the v6 firewall rules depending on which setting you use for WAN ipv6.

So, I manually added rules for ICMPv6 and DHCPv6 and was able to get a full dhcp response.

I turned my attention to getting it to work via unifi and tl;dr I wrapped odhcp6c in a bash script so I could pass a custom -c argument (client-ID). I don’t know why, but CF seems to hate odhcp6c’s default choice for that.

It immediately all sprang back to life 😁

Thanks all, for the replies!
Thanks for posting the solution, I am staying well away from IPv6 for now but for sure these problems will become more common as more people start using IPv6 on their home networks. Which is why I have turned off so other people do the hard work and figure it out while I eat popcorn watching Netflix via IPv4. :cool:
 
Sponsored Links
Thanks for posting the solution, I am staying well away from IPv6 for now but for sure these problems will become more common as more people start using IPv6 on their home networks. Which is why I have turned off so other people do the hard work and figure it out while I eat popcorn watching Netflix via IPv4. :cool:
I’d never used it before switching to CF a few weeks ago, and while I’m excited to have a new toy to play with, my goodness is it complex!

UniFi’s support is kinda underwhelming though, they need to add a lot more options for dhcp v6 if they want to be compatible with lots of ISPs.

(Eg see the kind of hoops Orange FR customers are having to jump through: https://community.ui.com/questions/...-odhcp6c/77fe7a81-2f8f-4614-9015-2c809915d11e )
 
I'm running into a fairly identical issue with CF ignoring the DHCPv6 solications. Mine are also being sent by odhcp6c - I've tried overriding the ClientID but that didn't seem to help. Could you let me know what format you used for this @cmsj ?
 
@strideynet This is the script I used:

#!/bin/bash logger -t odhcp6c.wrapper Execing odhcp6c.orig exec -a /usr/sbin/odhcp6c /usr/sbin/odhcp6c.orig -c 00030001aabbccddeeff "$@"

(where the aabbccddeeff part by default would be the MAC address of the sending interface. Ultimately can be anything that's going to be unique - I just checked the MAC address of my WAN port and increased the final part by one)
 
@cmsj Thanks for the reply. Still no luck on my end. Please don't go to too much effort on my behalf, but if you had a dump of a successful Solicit somewhere that'd be appreciated to compare with the one that odhcp6c is generating for me.
 
Aha ! I cracked it, I had to use a DUID LLT rather than a DUID LL - weirdly a DUID LLT with a timestamp of 0 works but hey hoh.

My current OpenWRT config for anyone curious:

config interface 'wan6'
option device 'wan'
option proto 'dhcpv6'
option reqaddress 'none'
option reqprefix 'auto'
option clientid '000100010000000034430320D4D6'

The last part of the clientid is the MAC of the interface.
 
Sponsored Links
Top
Cheap BIG ISPs for 100Mbps+
Community Fibre UK ISP Logo
150Mbps
Gift: None
Virgin Media UK ISP Logo
Virgin Media £22.99
132Mbps
Gift: None
Vodafone UK ISP Logo
Vodafone £24.00 - 26.00
150Mbps
Gift: None
NOW UK ISP Logo
NOW £24.00
100Mbps
Gift: None
Plusnet UK ISP Logo
Plusnet £25.99
145Mbps
Gift: £50 Reward Card
Large Availability | View All
Cheapest ISPs for 100Mbps+
Gigaclear UK ISP Logo
Gigaclear £17.00
200Mbps
Gift: None
Community Fibre UK ISP Logo
150Mbps
Gift: None
Virgin Media UK ISP Logo
Virgin Media £22.99
132Mbps
Gift: None
Hey! Broadband UK ISP Logo
150Mbps
Gift: None
Youfibre UK ISP Logo
Youfibre £23.99
150Mbps
Gift: None
Large Availability | View All
Sponsored Links
The Top 15 Category Tags
  1. FTTP (6026)
  2. BT (3639)
  3. Politics (2721)
  4. Business (2439)
  5. Openreach (2405)
  6. Building Digital UK (2330)
  7. Mobile Broadband (2146)
  8. FTTC (2083)
  9. Statistics (1901)
  10. 4G (1816)
  11. Virgin Media (1764)
  12. Ofcom Regulation (1582)
  13. Fibre Optic (1467)
  14. Wireless Internet (1462)
  15. 5G (1407)
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms  ,  Privacy and Cookie Policy  ,  Links  ,  Website Rules