Re: Configuring IPv6 addresses using dhcp6leased(8)

2024-11-05 Thread Christian Schulte
On 11/2/24 16:49, Peter Hessler wrote:
> What does the full output of 'slaacctl show interface iwm0', 'ifconfig iwm0',
> and  'netstat -rnf inet6' say?

Disabling the DHCPv6 server in the fritz box seems to do the job. Every device
now gets a working IPv6 configuration using SLAAC. Is there anything special
I need to add to pf.conf(5) to make IPv6 work? Currently IPv6 only works when
pf(4) is disabled. Following script also contains the contents of the current
pf.conf(5) file. Neither the FAQ nor the manpages contain anything special for
IPv6 and I do not see the reason the following pf.conf(5) file will not behave
the same for IPv6 as for IPv4. Any hints highly appreciated.


Script started on Tue Nov  5 09:48:16 2024
x500# pfctl -d
pfctl: pf not enabled
x500# slaacctl show interface iwm0
iwm0:
 index:   2 running: yes temporary: yes
lladdr: e8:b1:fc:51:73:7c
 inet6: fe80::eab1:fcff:fe51:737c%iwm0
Router Advertisement from fe80::6b4:feff:fe18:9cab%iwm0
received: 2024-11-05 09:48:25; 2s ago
Cur Hop Limit: 255, M: 0, O: 0, Router Lifetime:  1800s
Default Router Preference: High
Reachable Time: 0ms, Retrans Timer: 0ms
MTU: 1492 bytes
prefix: fd20:3eea:92dd::/64
On-link: 1, Autonomous address-configuration: 1
vltime:   7200, pltime:   3600
prefix: 2001:16b8:8170:200::/64
On-link: 1, Autonomous address-configuration: 1
vltime:   7200, pltime:   3600
rdns: 2001:16b8:8170:200:6b4:feff:fe18:9cab, lifetime: 1200
rdns: fd20:3eea:92dd:0:6b4:feff:fe18:9cab, lifetime: 1200
Address proposals
id:5, state: PROPOSAL_CONFIGURED, temporary: y
vltime:   7200, pltime:   3600, timeout:   3586s
updated: 2024-11-05 09:48:25; 2s ago
2001:16b8:8170:200:b1a3:64d1:e5b4:1ebb, 2001:16b8:8170:200::/64
id:4, state: PROPOSAL_CONFIGURED, temporary: n
vltime:   7200, pltime:   3600, timeout:   3586s
updated: 2024-11-05 09:48:25; 2s ago
2001:16b8:8170:200:c5e3:8aee:2f6e:407c, 2001:16b8:8170:200::/64
id:3, state: PROPOSAL_CONFIGURED, temporary: y
vltime:   7200, pltime:   3600, timeout:   3586s
updated: 2024-11-05 09:48:25; 2s ago
fd20:3eea:92dd:0:f82:3437:a92d:f03e, fd20:3eea:92dd::/64
id:2, state: PROPOSAL_CONFIGURED, temporary: n
vltime:   7200, pltime:   3600, timeout:   3586s
updated: 2024-11-05 09:48:25; 2s ago
fd20:3eea:92dd:0:5e46:169e:4173:a36e, fd20:3eea:92dd::/64
Default router proposals
id:1, state: PROPOSAL_CONFIGURED
router: fe80::6b4:feff:fe18:9cab%iwm0
router lifetime:   1800
Preference: High
updated: 2024-11-05 09:48:25; 2s ago, timeout:   1786s
rDNS proposals
id:6, state: PROPOSAL_CONFIGURED
router: fe80::6b4:feff:fe18:9cab%iwm0
rdns lifetime:   1200
rdns:
2001:16b8:8170:200:6b4:feff:fe18:9cab
fd20:3eea:92dd:0:6b4:feff:fe18:9cab
updated: 2024-11-05 09:48:25; 2s ago, timeout:   1186s
x500# ifconfig iwm0
iwm0: 
flags=a48843
 mtu 1492
lladdr e8:b1:fc:51:73:7c
index 2 priority 4 llprio 3
groups: wlan egress
media: IEEE802.11 autoselect (HT-MCS15 mode 11n)
status: active
ieee80211: nwid FLSTR81WHG6DG chan 11 bssid 04:b4:fe:18:9c:ad 82% 
wpakey wpaprotos wpa2 wpaakms psk wpaciphers ccmp wpagroupcipher ccmp
inet6 fe80::eab1:fcff:fe51:737c%iwm0 prefixlen 64 scopeid 0x2
inet 10.0.0.115 netmask 0x broadcast 10.0.255.255
inet6 fd20:3eea:92dd:0:5e46:169e:4173:a36e prefixlen 64 autoconf pltime 
3593 vltime 7193
inet6 fd20:3eea:92dd:0:175c:a176:d0d4:f714 prefixlen 64 autoconf 
temporary pltime 3384 vltime 6984
inet6 2001:16b8:8170:200:c5e3:8aee:2f6e:407c prefixlen 64 autoconf 
pltime 3593 vltime 7193
inet6 2001:16b8:8170:200:4a3c:e602:d10b:e61e prefixlen 64 autoconf 
temporary pltime 3384 vltime 6984
inet6 fd20:3eea:92dd:0:f82:3437:a92d:f03e prefixlen 64 autoconf 
temporary pltime 3593 vltime 7193
inet6 2001:16b8:8170:200:b1a3:64d1:e5b4:1ebb prefixlen 64 autoconf 
temporary pltime 3593 vltime 7193
x500# cat /etc/pf.conf
#   $OpenBSD: pf.conf,v 1.55 2017/12/03 20:40:04 sthen Exp $
#
# See pf.conf(5) and /etc/examples/pf.conf

set skip on lo

block return# block stateless traffic
pass# establish keep-state

# By default, do not permit remo

Re: Configuring IPv6 addresses using dhcp6leased(8)

2024-11-02 Thread Christian Schulte
On 11/2/24 16:49, Peter Hessler wrote:
> 
> What does the full output of 'slaacctl show interface iwm0', 'ifconfig iwm0',
> and  'netstat -rnf inet6' say?


Script started on Sat Nov  2 17:52:32 2024
x500$ slaacctl show interface iwm0
iwm0:
 index:   2 running: yes temporary: yes
lladdr: e8:b1:fc:51:73:7c
 inet6: fe80::eab1:fcff:fe51:737c%iwm0
Router Advertisement from fe80::6b4:feff:fe18:9cab%iwm0
received: 2024-11-01 20:14:47; 77879s ago
Cur Hop Limit: 255, M: 1, O: 1, Router Lifetime:  1800s
Default Router Preference: Medium
Reachable Time: 0ms, Retrans Timer: 0ms
MTU: 1492 bytes
prefix: fd20:3eea:92dd::/64
On-link: 1, Autonomous address-configuration: 1
vltime:   7200, pltime:   3600
prefix: 2001:16b8:814d:7f00::/64
On-link: 1, Autonomous address-configuration: 1
vltime:   7200, pltime:   3600
rdns: 2001:16b8:814d:7f00:6b4:feff:fe18:9cab, lifetime: 1200
rdns: fd20:3eea:92dd:0:6b4:feff:fe18:9cab, lifetime: 1200
x500$ ifconfig iwm0
iwm0: 
flags=a48843
 mtu 1492
lladdr e8:b1:fc:51:73:7c
index 2 priority 4 llprio 3
groups: wlan egress
media: IEEE802.11 autoselect (HT-MCS15 mode 11n)
status: active
ieee80211: nwid FLSTR81WHG6DG chan 11 bssid 04:b4:fe:18:9c:ad 80% 
wpakey wpaprotos wpa2 wpaakms psk wpaciphers ccmp wpagroupcipher ccmp
inet6 fe80::eab1:fcff:fe51:737c%iwm0 prefixlen 64 scopeid 0x2
inet 10.0.0.115 netmask 0x broadcast 10.0.255.255
x500$ netstat -rnf inet6
Routing tables

Internet6:
Destination Gateway 
Flags   Refs  Use   Mtu  Prio Iface
::/96   ::1 
UGRS   00 32768 8 lo0  
::1 ::1 
UHhl  10   20 32768 1 lo0  
:::0.0.0.0/96   ::1 
UGRS   00 32768 8 lo0  
2002::/24   ::1 
UGRS   00 32768 8 lo0  
2002:7f00::/24  ::1 
UGRS   00 32768 8 lo0  
2002:e000::/20  ::1 
UGRS   00 32768 8 lo0  
2002:ff00::/24  ::1 
UGRS   00 32768 8 lo0  
fe80::/10   ::1 
UGRS   0  145 32768 8 lo0  
fec0::/10   ::1 
UGRS   00 32768 8 lo0  
fe80::%iwm0/64  fe80::eab1:fcff:fe51:737c%iwm0  
UCn11 - 8 iwm0 
fe80::6b4:feff:fe18:9cab%iwm0   link#2  
UHLc   0   10 - 7 iwm0 
fe80::eab1:fcff:fe51:737c%iwm0  e8:b1:fc:51:73:7c   
UHLl   00 - 1 iwm0 
fe80::1%lo0 fe80::1%lo0 
UHl00 32768 1 lo0  
ff01::/16   ::1 
UGRS   01 32768 8 lo0  
ff01::%iwm0/32  fe80::eab1:fcff:fe51:737c%iwm0  
Um 04 - 4 iwm0 
ff01::%lo0/32   fe80::1%lo0 
Um 01 32768 4 lo0  
ff02::/16   ::1 
UGRS   01 32768 8 lo0  
ff02::%iwm0/32  fe80::eab1:fcff:fe51:737c%iwm0  
Um 0   15 - 4 iwm0 
ff02::%lo0/32   fe80::1%lo0 
Um 01 32768 4 lo0  
x500$ ^D

Script done on Sat Nov  2 17:53:13 2024



Re: Configuring IPv6 addresses using dhcp6leased(8)

2024-11-02 Thread Peter Hessler
On 2024 Nov 02 (Sat) at 16:44:59 +0100 (+0100), Christian Schulte wrote:
:On 11/2/24 15:32, Brian Conway wrote:
:> On Sat, Nov 2, 2024, at 7:09 AM, Christian Schulte wrote:
:>> Hello misc@,
:>>
:>> x500$ cat /etc/hostname.iwm0
:>> nwid "FLSTR81WHG6DG" wpa wpakey "xyz"
:>> inet autoconf
:>> inet6 autoconf
:>>
:>> Does "inet6 autoconf" with dhcp6leased(8) already work the same way
:>> "inet autoconf" with dhcpleased(8) works so far? "inet autoconf"
:>> makes
:> 
:> No, it is used for DHCPv6-PD. See the man pages for
:> dhcp6leased[.conf].
:> 
:> 'inet6 autoconf' is handled by slaacd.
:
:Thank you. So there must be something else I am doing wrong. Why can't
:I ping6 IPv6 addresses? Other devices like smartphones or tablets get
:different addresses from the fritz box than the OpenBSD laptop and IPv6
:is working flawlessly with them. The fritz box seems to only support
:DHCPv6 for handing out IPv6 addresses.
:
:Script started on Sat Nov  2 16:17:57 2024
:x500$ slaacctl show interface
:iwm0:
: index:   2 running: yes temporary: yes
:lladdr: e8:b1:fc:51:73:7c
: inet6: fe80::eab1:fcff:fe51:737c%iwm0
:Router Advertisement from fe80::6b4:feff:fe18:9cab%iwm0
:received: 2024-11-01 20:14:47; 72199s ago
:Cur Hop Limit: 255, M: 1, O: 1, Router Lifetime:  1800s
:Default Router Preference: Medium
:Reachable Time: 0ms, Retrans Timer: 0ms
:MTU: 1492 bytes
:prefix: fd20:3eea:92dd::/64
:On-link: 1, Autonomous address-configuration: 1
:vltime:   7200, pltime:   3600
:prefix: 2001:16b8:814d:7f00::/64
:On-link: 1, Autonomous address-configuration: 1
:vltime:   7200, pltime:   3600
:rdns: 2001:16b8:814d:7f00:6b4:feff:fe18:9cab, lifetime: 1200
:rdns: fd20:3eea:92dd:0:6b4:feff:fe18:9cab, lifetime: 1200

This tells me that you're given a prefix to install on to your
interface.  It also should have also displayed 3 "proposals", but you
didn't display those here.

What does the full output of 'slaacctl show interface iwm0', 'ifconfig iwm0',
and  'netstat -rnf inet6' say?


-- 
Children seldom misquote you.  In fact, they usually repeat word for
word what you shouldn't have said.



Re: Configuring IPv6 addresses using dhcp6leased(8)

2024-11-02 Thread Christian Schulte
On 11/2/24 15:32, Brian Conway wrote:
> On Sat, Nov 2, 2024, at 7:09 AM, Christian Schulte wrote:
>> Hello misc@,
>>
>> x500$ cat /etc/hostname.iwm0
>> nwid "FLSTR81WHG6DG" wpa wpakey "xyz"
>> inet autoconf
>> inet6 autoconf
>>
>> Does "inet6 autoconf" with dhcp6leased(8) already work the same way
>> "inet autoconf" with dhcpleased(8) works so far? "inet autoconf"
>> makes
> 
> No, it is used for DHCPv6-PD. See the man pages for
> dhcp6leased[.conf].
> 
> 'inet6 autoconf' is handled by slaacd.

Thank you. So there must be something else I am doing wrong. Why can't
I ping6 IPv6 addresses? Other devices like smartphones or tablets get
different addresses from the fritz box than the OpenBSD laptop and IPv6
is working flawlessly with them. The fritz box seems to only support
DHCPv6 for handing out IPv6 addresses.

Script started on Sat Nov  2 16:17:57 2024
x500$ slaacctl show interface
iwm0:
 index:   2 running: yes temporary: yes
lladdr: e8:b1:fc:51:73:7c
 inet6: fe80::eab1:fcff:fe51:737c%iwm0
Router Advertisement from fe80::6b4:feff:fe18:9cab%iwm0
received: 2024-11-01 20:14:47; 72199s ago
Cur Hop Limit: 255, M: 1, O: 1, Router Lifetime:  1800s
Default Router Preference: Medium
Reachable Time: 0ms, Retrans Timer: 0ms
MTU: 1492 bytes
prefix: fd20:3eea:92dd::/64
On-link: 1, Autonomous address-configuration: 1
vltime:   7200, pltime:   3600
prefix: 2001:16b8:814d:7f00::/64
On-link: 1, Autonomous address-configuration: 1
vltime:   7200, pltime:   3600
rdns: 2001:16b8:814d:7f00:6b4:feff:fe18:9cab, lifetime: 1200
rdns: fd20:3eea:92dd:0:6b4:feff:fe18:9cab, lifetime: 1200
x500$ dig www.openbsd.org 

; <<>> dig 9.10.8-P1 <<>> www.openbsd.org 
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17979
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.openbsd.org.   IN  

;; ANSWER SECTION:
www.openbsd.org.28713   IN  2620:3d:c000:178::80

;; Query time: 1 msec
;; SERVER: 10.0.0.1#53(10.0.0.1)
;; WHEN: Sat Nov 02 16:18:34 CET 2024
;; MSG SIZE  rcvd: 72

x500$ ping6 2620:3d:c000:178::80
PING 2620:3d:c000:178::80 (2620:3d:c000:178::80): 56 data bytes
ping6: sendmsg: No route to host
ping: wrote 2620:3d:c000:178::80 64 chars, ret=-1
ping6: sendmsg: No route to host
ping: wrote 2620:3d:c000:178::80 64 chars, ret=-1
ping6: sendmsg: No route to host
ping: wrote 2620:3d:c000:178::80 64 chars, ret=-1
ping6: sendmsg: No route to host
ping: wrote 2620:3d:c000:178::80 64 chars, ret=-1

--- 2620:3d:c000:178::80 ping statistics ---
4 packets transmitted, 0 packets received, 100.0% packet loss
x500$ ^D

Script done on Sat Nov  2 16:18:49 2024

-- 
Christian



Re: Configuring IPv6 addresses using dhcp6leased(8)

2024-11-02 Thread Brian Conway
On Sat, Nov 2, 2024, at 7:09 AM, Christian Schulte wrote:
> Hello misc@,
>
> x500$ cat /etc/hostname.iwm0
> nwid "FLSTR81WHG6DG" wpa wpakey "xyz"
> inet autoconf
> inet6 autoconf
>
> Does "inet6 autoconf" with dhcp6leased(8) already work the same way
> "inet autoconf" with dhcpleased(8) works so far? "inet autoconf" makes

No, it is used for DHCPv6-PD. See the man pages for dhcp6leased[.conf].

'inet6 autoconf' is handled by slaacd.

> my laptop obtain an IPv4 address with dhcpleased(8) from the fritz box.
> "inet6 autoconf" does not. Is dhcp6leased(8) already supporting this
> kind of client configuration?
>
> Regards,
> -- 
> Christian

Brian Conway
Owner
RCE Software, LLC