Проблемы со Statefull конфигурацией для IPv6

IPoE related questions
Post Reply
co_rel
Posts: 2
Joined: 24 Feb 2015, 11:21

Проблемы со Statefull конфигурацией для IPv6

Post by co_rel »

accel-ppp не отвечает на DHCPv6 Solicitation запросы клиента.

IPv6 адрес клиента передается в атрибутах RADIUS сервера.
Delegated-IPv6-Prefix
Framed-IPv6-Prefix


tcpdump на стороне сервера при подключении:
Feb 24 12:59:37 repo accel-pppd: eth1:: send [RADIUS(1) Access-Request id=1 <User-Name "172.31.0.2-1/7/879/0-48575443EC71372A"> <NAS-Identifier "ipoe-as0"> <NAS-IP-Address 127.0.0.1> <NAS-Port 3> <NAS-Port-Id "eth1"> <NAS-Port-Type Ethernet> <Calling-Station-Id "10:bf:48:2a:fb:97"> <Called-Station-Id "eth1"> <User-Password >]
Feb 24 12:59:37 repo accel-pppd: eth1:: recv [RADIUS(1) Access-Accept id=1 <Service-Type Framed-User> <Framed-IP-Address 10.128.0.10> <Connect-Info "8000:5000@0:0@0:0"> <User-Name "172.31.0.2-1/7/879/0-48575443EC71372A"> <Filter-Id "IPOE"> <Acct-Interim-Interval 300> <DHCP-Client-IP-Address 10.128.0.10> <DHCP-Router-IP-Address 10.128.0.1> <DHCP-Mask 255.255.255.255> <Framed-IPv6-Prefix 2a04:2c01:200:194::100/64> ]
Feb 24 12:59:37 repo accel-pppd: eth1:172.31.0.2-1/7/879/0-48575443EC71372A: 172.31.0.2-1/7/879/0-48575443EC71372A: authentication succeeded
Feb 24 12:59:37 repo accel-pppd: eth1:172.31.0.2-1/7/879/0-48575443EC71372A: send [DHCPv4 Offer xid=b8c75555 yiaddr=10.128.0.10 chaddr=10:bf:48:2a:fb:97 <Message-Type Offer> <Server-ID 10.128.0.1> <Lease-Time 300> <Router 10.128.0.1> <Subnet 255.255.255.254> <DNS 195.138.80.86,195.138.80.33>]
Feb 24 12:59:37 repo accel-pppd: eth1:172.31.0.2-1/7/879/0-48575443EC71372A: recv [DHCPv4 Request xid=b8c75555 chaddr=10:bf:48:2a:fb:97 <Message-Type Request> <Client-ID 0110bf482afb97> <Request-IP 10.128.0.10> <Server-ID 10.128.0.1> <Host-Name notebook> <Option-81 0000006e6f7465626f6f6b> <Vendor-Class 4d53465420352e30> <Request-List Subnet,Domain-Name,Router,DNS,44,46,47,31,Route,Classless-Route,249,Vendor-Specific> <Relay-Agent {Agent-Circuit-ID 172.31.0.2-1/7/879/0-48575443EC71372A} {Agent-Remote-ID }>]
Feb 24 12:59:37 repo accel-pppd: eth1:172.31.0.2-1/7/879/0-48575443EC71372A: send [RADIUS(1) Accounting-Request id=1 <User-Name "172.31.0.2-1/7/879/0-48575443EC71372A"> <NAS-Identifier "ipoe-as0"> <NAS-IP-Address 127.0.0.1> <NAS-Port 3> <NAS-Port-Id "eth1"> <NAS-Port-Type Ethernet> <Calling-Station-Id "10:bf:48:2a:fb:97"> <Called-Station-Id "eth1"> <Acct-Status-Type Start> <Acct-Authentic RADIUS> <Acct-Session-Id "c4771ef17cdf0624"> <Acct-Session-Time 0> <Acct-Input-Octets 0> <Acct-Output-Octets 0> <Acct-Input-Packets 0> <Acct-Output-Packets 0> <Acct-Input-Gigawords 0> <Acct-Output-Gigawords 0> <Framed-IP-Address 10.128.0.10> <Framed-Interface-Id 0:0:0:1> <Framed-IPv6-Prefix 2a04:2c01:200:194::100/64>]
Feb 24 12:59:37 repo accel-pppd: eth1:172.31.0.2-1/7/879/0-48575443EC71372A: send [DHCPv4 Ack xid=b8c75555 yiaddr=10.128.0.10 chaddr=10:bf:48:2a:fb:97 <Message-Type Ack> <Server-ID 10.128.0.1> <Lease-Time 300> <Router 10.128.0.1> <Subnet 255.255.255.254> <DNS 195.138.80.86,195.138.80.33>]
Feb 24 12:59:37 repo accel-pppd: eth1:172.31.0.2-1/7/879/0-48575443EC71372A: recv [RADIUS(1) Accounting-Response id=1]
Feb 24 12:59:37 repo accel-pppd: eth1:172.31.0.2-1/7/879/0-48575443EC71372A: ipoe: session started
Feb 24 12:59:37 repo accel-pppd: eth1:172.31.0.2-1/7/879/0-48575443EC71372A: pppd_compat: ip-up started (pid 17990)
Feb 24 12:59:37 repo accel-pppd: eth1:172.31.0.2-1/7/879/0-48575443EC71372A: pppd_compat: ip-up finished (0)
Конфигурация интерфейса:

Code: Select all

eth1      Link encap:Ethernet  HWaddr 00:E0:81:B7:70:A5
          inet6 addr: 2a04:2c01:200:194::1/64 Scope:Global
          inet6 addr: fe80::2e0:81ff:feb7:70a5/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:131847 errors:0 dropped:0 overruns:0 frame:0
          TX packets:133809 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:14399188 (13.7 MiB)  TX bytes:177604839 (169.3 MiB)
          Interrupt:17 Memory:f4180000-f41a0000
фрагмент конфига accel-ppp:

Code: Select all

[modules]
ipoe
ipv6pool
ipv6_nd
ipv6_dhcp

[ipoe]
shared=0
ipv6=1
ifcfg=0
mode=L2
interface=eth1

[ipv6-dhcp]
verbose=1
pref-lifetime=604800
valid-lifetime=2592000
route-via-gw=1
Dmitry
Администратор
Posts: 954
Joined: 09 Oct 2014, 10:06

Re: Проблемы со Statefull конфигурацией для IPv6

Post by Dmitry »

если посмотреть tcpdump'ом, ип6 запросы видны на интерфейсе ?
co_rel
Posts: 2
Joined: 24 Feb 2015, 11:21

Re: Проблемы со Statefull конфигурацией для IPv6

Post by co_rel »

Да, на порт все приходит.

строка из tcpdump'а на интерфейсе:
12:08:35.078181 IP6 (hlim 1, next-header UDP (17) payload length: 175) fe80::b95a:fbfc:50b3:4ab0.547 > ff02::1:2.547: [udp sum ok] dhcp6 relay-fwd (linkaddr=:: peeraddr=fe80::b95a:fbfc:50b3:4ab0 (interface-ID 3137322e33312e302e32...) (relay-message (dhcp6 solicit (xid=bc4458 (elapsed-time 6300) (client-ID hwaddr/time type 1 time 428633943 10bf482afb97) (IA_NA IAID:269533000 T1:0 T2:0) (Client-FQDN) (vendor-class) (option-request DNS-search-list DNS-server vendor-specific-info Client-FQDN))))
leosixers
Posts: 6
Joined: 29 Jul 2019, 20:12

Re: Проблемы со Statefull конфигурацией для IPv6

Post by leosixers »

Hi Dimitri,

I have the same problem. My guess is that ACCEL is rejecting the packet because of the relay-forw option (12).

My tcpdump logs:

reading from file iwr3.pcap, link-type EN10MB (Ethernet)
16:30:42.363772 IP6 :: > ip6-allrouters: ICMP6, router solicitation, length 8
16:30:43.623255 IP6 fe80::1a0d:2cff:fe33:bff2.dhcpv6-client > ff02::1:2.dhcpv6-server: dhcp6 relay-fwd
16:30:43.922395 IP6 :: > ff02::1:ff33:bff2: ICMP6, neighbor solicitation, who has fe80::1a0d:2cff:fe33:bff2, length 24
16:30:45.620241 IP6 fe80::1a0d:2cff:fe33:bff2.dhcpv6-client > ff02::1:2.dhcpv6-server: dhcp6 relay-fwd
16:30:45.919434 IP6 fe80::1a0d:2cff:fe33:bff2 > ip6-allrouters: ICMP6, router solicitation, length 8
16:30:45.919535 IP6 fe80::4a5b:39ff:feaf:dc20 > ff02::1:ff33:bff2: ICMP6, neighbor solicitation, who has fe80::1a0d:2cff:fe33:bff2, length 32
16:30:45.921774 IP6 fe80::1a0d:2cff:fe33:bff2 > fe80::4a5b:39ff:feaf:dc20: ICMP6, neighbor advertisement, tgt is fe80::1a0d:2cff:fe33:bff2, length 32
16:30:45.921785 IP6 fe80::4a5b:39ff:feaf:dc20 > fe80::1a0d:2cff:fe33:bff2: ICMP6, router advertisement, length 88
16:30:47.417204 IP6 fe80::1a0d:2cff:fe33:bff2 > fe80::4a5b:39ff:feaf:dc20: ICMP6, neighbor solicitation, who has fe80::4a5b:39ff:feaf:dc20, length 32
16:30:47.417231 IP6 fe80::4a5b:39ff:feaf:dc20 > fe80::1a0d:2cff:fe33:bff2: ICMP6, neighbor advertisement, tgt is fe80::4a5b:39ff:feaf:dc20, length 24
16:30:47.617133 IP6 fe80::1a0d:2cff:fe33:bff2.dhcpv6-client > ff02::1:2.dhcpv6-server: dhcp6 relay-fwd
16:30:51.611174 IP6 fe80::1a0d:2cff:fe33:bff2.dhcpv6-client > ff02::1:2.dhcpv6-server: dhcp6 relay-fwd
16:31:00.597634 IP6 fe80::1a0d:2cff:fe33:bff2.dhcpv6-client > ff02::1:2.dhcpv6-server: dhcp6 relay-fwd
16:31:17.571936 IP6 fe80::1a0d:2cff:fe33:bff2.dhcpv6-client > ff02::1:2.dhcpv6-server: dhcp6 relay-fwd
16:31:50.524147 IP6 fe80::1a0d:2cff:fe33:bff2.dhcpv6-client > ff02::1:2.dhcpv6-server: dhcp6 relay-fwd

Accel prints the following:

warn: dhcpv6: invalid packet received

Can you help me?

I am using option82 in a GPON OLT system from Zhone. When I activate this option the OLT starts to make the relay. Without the option82 it works perfectly.

Thanks
Post Reply