Results 1 to 8 of 8

Thread: Wicked fails to retrieve configured IPv6 address

Hybrid View

  1. Wicked fails to retrieve configured IPv6 address

    Hi!

    I'm trying to setup an IPv6 address, but this seems to fail when running openSUSE and SLES instances which use Wicked for network configuration.

    At first I enabled IPv6 in a fresh VPC according to this documentation:
    http://docs.aws.amazon.com/AmazonVPC...rted-ipv6.html

    In "eu-central-1" I tested:

    * openSUSE Leap 42.2 (ami-2af53a45)
    * SLES 12 SP2 (ami-c425e4ab)
    * Amazon Linux AMI 2016.09.1 (ami-af0fc0c0)

    When the Amazon Linux instance boots, it is automatically set up with the configured IPv4 and IPv6 addresses.
    The openSUSE / SLES instances are successfully set up with the configured IPv4 address, but instead of getting the configured IPv6 address, it just uses an "fe60:" link-local address.

    The following workaround is possible to retrieve the desired IPv6 address:

    # systemctl disable wicked.service
    Disabling the wicked.service seems to be mandatory for running the following commands.

    # dhclient6 -v eth0
    This does not work. "dhclient6" just fetches the IPv4 address which the system already knows, so it doesn't change anything relevant.

    # dhclient -6 -v eth0
    This command temporarily solves the issue by fetching the desired IPv6 address:

    Code:
    Internet Systems Consortium DHCP Client 4.3.3
    Copyright 2004-2015 Internet Systems Consortium.
    All rights reserved.
    For info, please visit https://www.isc.org/software/dhcp/
    
    Listening on Socket/eth0
    Sending on   Socket/eth0
    Created duid \000\001\000\001 <,\024\006\3746\273!\305.
    PRC: Soliciting for leases (INIT).
    XMT: Forming Solicit, 0 ms elapsed.
    XMT:  X-- IA_NA 36:bb:21:c5
    XMT:  | X-- Request renew in  +3600
    XMT:  | X-- Request rebind in +5400
    XMT: Solicit on eth0, interval 1060ms.
    RCV: Advertise message on eth0 from fe80::47a:xxxx:xxxx:xxxx.
    RCV:  X-- Preference 255.
    RCV:  X-- IA_NA 36:bb:21:c5
    RCV:  | X-- starts 1487499156
    RCV:  | X-- t1 - renew  +75
    RCV:  | X-- t2 - rebind +120
    RCV:  | X-- [Options]
    RCV:  | | X-- IAADDR 2a05:d014:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
    RCV:  | | | X-- Preferred lifetime 150.
    RCV:  | | | X-- Max lifetime 450.
    RCV:  X-- Server ID: 00:03:00:01:06:7a:8f:xx:xx:xx
    RCV:  Advertisement immediately selected.
    PRC: Selecting best advertised lease.
    PRC: Considering best lease.
    PRC:  X-- Initial candidate 00:03:00:01:06:7a:8f:xx:xx:xx (s: 152, p: 255).
    XMT: Forming Request, 0 ms elapsed.
    XMT:  X-- IA_NA 36:bb:21:c5
    XMT:  | X-- Requested renew  +3600
    XMT:  | X-- Requested rebind +5400
    XMT:  | | X-- IAADDR 2a05:d014:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
    XMT:  | | | X-- Preferred lifetime +7200
    XMT:  | | | X-- Max lifetime +7500
    XMT:  V IA_NA appended.
    XMT: Request on eth0, interval 930ms.
    RCV: Reply message on eth0 from fe80::47a:xxxx:xxxx:xxxx.
    RCV:  X-- IA_NA 36:bb:21:c5
    RCV:  | X-- starts 1487499156
    RCV:  | X-- t1 - renew  +75
    RCV:  | X-- t2 - rebind +120
    RCV:  | X-- [Options]
    RCV:  | | X-- IAADDR 2a05:d014:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
    RCV:  | | | X-- Preferred lifetime 150.
    RCV:  | | | X-- Max lifetime 450.
    RCV:  X-- Server ID: 00:03:00:01:06:7a:8f:xx:xx:xx
    PRC: Bound to lease 00:03:00:01:06:7a:8f:xx:xx:xx.
    Checking DAD results for 2a05:d014:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
    Of course this does not survive a reboot, so I'd need to find a way to set up IPv4/IPv6 automatically.
    Please note that I'm able to reproduce this issue with every new EC2 instance, as long as Wicked is involved.
    No additional configuration changes were done, so all config files should contain the original values.

    Any suggestions?

    Thanks!
    Thomas

  2. Re: Wicked fails to retrieve configured IPv6 address

    Is there an IPv6 router advertising to use DHCPv6 on the network in it's RA
    (the managed [=IP + dns,...] or other-config [dns, ... info] bit set) ?

    You can install radvd and run "radvdump" while "ip link set up" or for a while
    as it is sent periodically to see if there is an RA and what it contains.

    When there is no RA [which is also used to set the default IPv6 route], or when
    the IPv6 router advertises to not use DHCPv6 (managed off, other-config off] and
    you want to override it, set DHCLIENT6_MODE=managed in the ifcfg file.

    You can also pass this kernel parameters to _linuxrc_ at installation time:
    ifcfg=*=dhcp6,DHCLIENT6_MODE=managed

  3. Re: Wicked fails to retrieve configured IPv6 address

    Thanks a lot for the fast reply! I installed radvd on a fresh SLES 12 SP2 instance and received the following data during radvddump:

    Code:
    #
    # radvd configuration generated by radvdump 1.9.7
    # based on Router Advertisement from fe80::47a:8fff:fe31:d557
    # received by interface eth0
    #
    
    interface eth0
    {
    	AdvSendAdvert on;
    	# Note: {Min,Max}RtrAdvInterval cannot be obtained with radvdump
    	AdvManagedFlag on;
    	AdvOtherConfigFlag off;
    	AdvReachableTime 0;
    	AdvRetransTimer 0;
    	AdvCurHopLimit 64;
    	AdvDefaultLifetime 1800;
    	AdvHomeAgentFlag off;
    	AdvDefaultPreference medium;
    	AdvSourceLLAddress on;
    
    	prefix 2a05:d014:70b:xxxx::/64
    	{
    		AdvValidLifetime infinity; # (0xffffffff)
    		AdvPreferredLifetime infinity; # (0xffffffff)
    		AdvOnLink off;
    		AdvAutonomous off;
    		AdvRouterAddr off;
    	}; # End of prefix definition
    
    }; # End of interface definition
    So, there is an RA, "managed" is "on" and "other-config" is "off", right?
    If I understand you correctly, this advertisement should be fine.

    Explicitly setting DHCLIENT6_MODE=managed in the ifcfg file did not help.

    BTW, I also tried SLES 11 SP4 as EC2 instance and IPv6 worked fine after enabling general IPv6 support and installing the RPM "dhcpv6".


    Regards,
    Thomas

  4. Re: Wicked fails to retrieve configured IPv6 address

    OK,

    then please stop and disable any other dhcp client that may run, e.g. NetworkManager.service:
    Code:
      systemctl status network.service NetworkManager.service wicked.service # shows active services
      systemctl disable -f NetworkManager.service
      systemctl kill --kill-who=all NetworkManager.service
      systemctl stop NetworkManager.service
    [the kill is required, because NetworkManager leaves running dhcp clients by default].
    You can reboot here to ensure, there are no conflicting network service/dhcp clients running.

    Further, please set WICKED_DEBUG=all /etc/sysconfig/network/config and call:
    Code:
      systemctl disable -f wicked.service
      systemctl enable -f wicked.service
      systemctl restart wickedd.service
    Then use the following ifcfg file ifcfg-eth0 (adopt eth0 to match the interface name):

    Code:
      STARTMODE=auto
      BOOTPROTO=dhcp
    and call "wicked ifup lo eth0". Provide the config using "wicked show-config" and
    the logs "journalctl -b -o short-precise" and a "ps aux" output to me (mt at suse de)
    or open a bug report and attach the files there.

    See also: https://en.opensuse.org/openSUSE:Bugreport_wicked

  5. Re: Wicked fails to retrieve configured IPv6 address

    Hi!

    We've tested it and found out what the problem is: wicked requests some options
    (from newer RFCs) by default, causing that the amazon dhcp6 server does not
    respond then at all.

    An initial patch that disables the request of the further options will appear here soon:
    http://users.suse.com/~mt/dhcp6_req_...ions_only.diff

    With the patch applied, DHCP6 works.

    With enabled SDK repository, you can apply it and rebuild the RPMs with:
    Code:
    	zypper in git-core rpm-build gcc make pkg-config \
    		autoconf automake libtool systemd-devel \
    		libnl3-devel libiw-devel dbus-1-devel \
    		libgcrypt-devel
    	git clone https://github.com/openSUSE/wicked.git
    	cd wicked
    	wget http://users.suse.com/~mt/wicked/dhc...ions_only.diff
    	patch -p1 < dhcp6_req_basis_options_only.diff
    	./autogen.sh
    	make rpmbuild
    We are about to open a bug report to discuss and fix (also to make it configurable) it the right way.
    Last edited by mtomaschewski; 27-Feb-2017 at 17:58.

  6. Re: Wicked fails to retrieve configured IPv6 address

    Quote Originally Posted by mtomaschewski View Post
    We've tested it and found out what the problem is: wicked requests some options
    (from newer RFCs) by default, causing that the amazon dhcp6 server does not
    respond then at all.

    An initial patch that disables the request of the further options will appear here soon:
    http://users.suse.com/~mt/dhcp6_req_...ions_only.diff

    With the patch applied, DHCP6 works.
    That's great, thanks a lot!
    I can confirm that this procedure fixes the problem!

    I tested this with:
    * openSUSE Leap 42.2 (ami-2af53a45)
    * SLES 12 SP2 (ami-c425e4ab)

    Quote Originally Posted by mtomaschewski View Post
    We are about to open a bug report to discuss and fix (also to make it configurable) it the right way.
    I've Cc'ed myself to the bug.


    Thanks a lot for working on this and providing this very useful information!

    Regards,
    Thomas

  7. #7

    Re: Wicked fails to retrieve configured IPv6 address

    Quote Originally Posted by tschulte79 View Post
    Hi!

    I'm trying to setup an IPv6 address, but this seems to fail when running openSUSE and SLES instances which use Wicked for network configuration.

    At first I enabled IPv6 in a fresh VPC according to this documentation:
    http://docs.aws.amazon.com/AmazonVPC...rted-ipv6.html

    In "eu-central-1" I tested:

    * openSUSE Leap 42.2 (ami-2af53a45)
    * SLES 12 SP2 (ami-c425e4ab)
    * Amazon Linux AMI 2016.09.1 (ami-af0fc0c0)

    When the Amazon Linux instance boots, it is automatically set up with the configured IPv4 and IPv6 addresses.
    The openSUSE / SLES instances are successfully set up with the configured IPv4 address, but instead of getting the configured IPv6 address, it just uses an "fe60:" link-local address.

    The following workaround is possible to retrieve the desired IPv6 address:

    # systemctl disable wicked.service
    Disabling the wicked.service seems to be mandatory for running the following commands.

    # dhclient6 -v eth0
    This does not work. "dhclient6" just fetches the IPv4 address which the system already knows, so it doesn't change anything relevant.

    # dhclient -6 -v eth0
    This command temporarily solves the issue by fetching the desired IPv6 address:

    Code:
    Internet Systems Consortium DHCP Client 4.3.3
    Copyright 2004-2015 Internet Systems Consortium.
    All rights reserved.
    For info, please visit https://www.isc.org/software/dhcp/
    
    Listening on Socket/eth0
    Sending on   Socket/eth0
    Created duid \000\001\000\001 <,\024\006\3746\273!\305.
    PRC: Soliciting for leases (INIT).
    XMT: Forming Solicit, 0 ms elapsed.
    XMT:  X-- IA_NA 36:bb:21:c5
    XMT:  | X-- Request renew in  +3600
    XMT:  | X-- Request rebind in +5400
    XMT: Solicit on eth0, interval 1060ms.
    RCV: Advertise message on eth0 from fe80::47a:xxxx:xxxx:xxxx.
    RCV:  X-- Preference 255.
    RCV:  X-- IA_NA 36:bb:21:c5
    RCV:  | X-- starts 1487499156
    RCV:  | X-- t1 - renew  +75
    RCV:  | X-- t2 - rebind +120
    RCV:  | X-- [Options]
    RCV:  | | X-- IAADDR 2a05:d014:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
    RCV:  | | | X-- Preferred lifetime 150.
    RCV:  | | | X-- Max lifetime 450.
    RCV:  X-- Server ID: 00:03:00:01:06:7a:8f:xx:xx:xx
    RCV:  Advertisement immediately selected.
    PRC: Selecting best advertised lease.
    PRC: Considering best lease.
    PRC:  X-- Initial candidate 00:03:00:01:06:7a:8f:xx:xx:xx (s: 152, p: 255).
    XMT: Forming Request, 0 ms elapsed.
    XMT:  X-- IA_NA 36:bb:21:c5
    XMT:  | X-- Requested renew  +3600
    XMT:  | X-- Requested rebind +5400
    XMT:  | | X-- IAADDR 2a05:d014:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
    XMT:  | | | X-- Preferred lifetime +7200
    XMT:  | | | X-- Max lifetime +7500
    XMT:  V IA_NA appended.
    XMT: Request on eth0, interval 930ms.
    RCV: Reply message on eth0 from fe80::47a:xxxx:xxxx:xxxx.
    RCV:  X-- IA_NA 36:bb:21:c5
    RCV:  | X-- starts 1487499156
    RCV:  | X-- t1 - renew  +75
    RCV:  | X-- t2 - rebind +120
    RCV:  | X-- [Options]
    RCV:  | | X-- IAADDR 2a05:d014:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
    RCV:  | | | X-- Preferred lifetime 150.
    RCV:  | | | X-- Max lifetime 450.
    RCV:  X-- Server ID: 00:03:00:01:06:7a:8f:xx:xx:xx
    PRC: Bound to lease 00:03:00:01:06:7a:8f:xx:xx:xx.
    Checking DAD results for 2a05:d014:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
    Of course this does not survive a reboot, so I'd need to find a way to set up IPv4/IPv6 automatically.
    Please note that I'm able to reproduce this issue with every new EC2 instance, as long as Wicked is involved.
    No additional configuration changes were done, so all config files should contain the original values.

    Any suggestions?

    Thanks!
    Thomas


    Can you check if you enabled IPv6 forwarding . If its enabled IPv6 auto assign will not work .

    May be you can try setting net.ipv6.conf.all.accept_ra = 2 if you still want to forward traffic on server

    Thanks,
    Sarath

  8. Re: Wicked fails to retrieve configured IPv6 address

    Thanks a lot for your suggestion, Sarath.
    This issue was already identified and fixed in the meantime. Please have a look at the other thread for details.

    Regards,
    Thomas

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •