On Fri, Feb 05, Thomas Haller wrote: > On Fri, 2016-02-05 at 09:01 +0100, Olaf Hering wrote: > > The openvpn connection I have been using for months just gained > > support for ipv6. A few months ago I already set ipv6 to "Disabled" > > in the IPv6 tab of nm-connection-editor 1.0.8. But when the tunnel > > is established NM applies the settings received from the peer > > anyway. > There exists no ipv6 method "Disabled" until now. What exists is > "Ignore" which means, NM leaves it all to the kernel.
What does it leave to the kernel? I think there is nothing the kernel can do on tun0, should there be some autonegitation for link-local? Its unlikely, and tun0 gets just the provided ipv4+ipv6 address. And addition also the ipv6 default route is set to tun0. Every knob in the ipv6 tab is ignored. > Can you show > nmcli connection show $CONNECTION_ID connection.id: $VPN connection.uuid: b210995e-b03d-4f35-882c-523fcf3fe264 connection.interface-name: -- connection.type: vpn connection.autoconnect: no connection.autoconnect-priority: 0 connection.timestamp: 1454686875 connection.read-only: no connection.permissions: user:olaf connection.zone: -- connection.master: -- connection.slave-type: -- connection.autoconnect-slaves: -1 (default) connection.secondaries: connection.gateway-ping-timeout: 0 connection.metered: unknown ipv4.method: auto ipv4.dns: ipv4.dns-search: ipv4.addresses: ipv4.gateway: -- ipv4.routes: ipv4.route-metric: -1 ipv4.ignore-auto-routes: no ipv4.ignore-auto-dns: no ipv4.dhcp-client-id: -- ipv4.dhcp-send-hostname: yes ipv4.dhcp-hostname: -- ipv4.never-default: yes ipv4.may-fail: yes ipv6.method: ignore ipv6.dns: ipv6.dns-search: ipv6.addresses: ipv6.gateway: -- ipv6.routes: ipv6.route-metric: -1 ipv6.ignore-auto-routes: no ipv6.ignore-auto-dns: no ipv6.never-default: no ipv6.may-fail: yes ipv6.ip6-privacy: 0 (disabled) ipv6.dhcp-send-hostname: yes ipv6.dhcp-hostname: -- vpn.service-type: org.freedesktop.NetworkManager.openvpn vpn.user-name: -- vpn.data: $cmdline vpn.secrets: <hidden> vpn.persistent: no GENERAL.NAME: $VPN GENERAL.UUID: b210995e-b03d-4f35-882c-523fcf3fe264 GENERAL.DEVICES: br0 GENERAL.STATE: activated GENERAL.DEFAULT: no GENERAL.DEFAULT6: no GENERAL.VPN: yes GENERAL.ZONE: -- GENERAL.DBUS-PATH: /org/freedesktop/NetworkManager/ActiveConnection/12 GENERAL.CON-PATH: /org/freedesktop/NetworkManager/Settings/4 GENERAL.SPEC-OBJECT: /org/freedesktop/NetworkManager/ActiveConnection/0 GENERAL.MASTER-PATH: /org/freedesktop/NetworkManager/Devices/1 IP4.ADDRESS[1]: 10.163.0.87/32 IP4.GATEWAY: 10.163.0.1 IP4.ROUTE[1]: dst = 10.163.0.0/21, nh = 10.163.0.1, mt = 50 IP4.ROUTE[2]: dst = 10.0.0.0/8, nh = 10.163.0.1, mt = 50 IP4.ROUTE[3]: dst = 149.44.0.0/16, nh = 10.163.0.1, mt = 50 IP4.ROUTE[4]: dst = 147.2.0.0/16, nh = 10.163.0.1, mt = 50 IP4.ROUTE[5]: dst = 164.99.0.0/16, nh = 10.163.0.1, mt = 50 IP4.ROUTE[6]: dst = 137.65.0.0/16, nh = 10.163.0.1, mt = 50 IP4.ROUTE[7]: dst = 151.155.128.0/17, nh = 10.163.0.1, mt = 50 IP4.DNS[1]: 10.160.0.1 IP4.DNS[2]: 10.160.2.88 IP4.DOMAIN[1]: $domain IP6.ADDRESS[1]: 2620:113:80c0:8100:10:163:0:87/64 IP6.GATEWAY: IP6.ROUTE[1]: dst = 2620:113:80c0:8000::/50, nh = 2620:113:80c0:8100:10:163:0:2, mt = 50 VPN.TYPE: openvpn VPN.USERNAME: $user VPN.GATEWAY: $gate VPN.BANNER: VPN.VPN-STATE: 5 - VPN connected VPN.CFG[1]: $ta VPN.CFG[2]: $key VPN.CFG[3]: $ca VPN.CFG[4]: $cert VPN.CFG[5]: username = $user VPN.CFG[6]: dev-type = tun VPN.CFG[7]: cert-pass-flags = 2 VPN.CFG[8]: comp-lzo = yes VPN.CFG[9]: cipher = AES-256-CBC VPN.CFG[10]: remote = $gate VPN.CFG[11]: password-flags = 2 VPN.CFG[12]: auth = SHA512 VPN.CFG[13]: connection-type = password-tls VPN.CFG[14]: ta-dir = 1 > ip addr > ip route Not easily, and this misses ipv6: ip -6 a|r s Olaf _______________________________________________ networkmanager-list mailing list [email protected] https://mail.gnome.org/mailman/listinfo/networkmanager-list
