-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Saturday, 2023-04-29 at 16:42 +0200, Per Jessen wrote:
Andrei Borzenkov wrote:
On 29.04.2023 15:48, Per Jessen wrote:
Andrei Borzenkov wrote:
On 29.04.2023 15:00, Per Jessen wrote:
- monitor the ipv6 lease file, in /var/lib/NetworkManager
Prefix comes from RA, not from DHCP
Yes, but the prefix will still be written into the lease file,
As my example that you gratuitously trimmed shows - it does not.
Your example did not appear to be applicable to the situation at hand.
office68:~ # cat /var/lib/NetworkManager/dhclient6-987c4a73-1fb9-3528-9145-9b04bc192c30-eth0.lease default-duid "\000\004\330\216\262\302\224f\300\254\032\354G\260\207p\207S"; lease6 { interface "eth0"; ia-na 76:17:e1:1b {
You requested IA NA from DHCPv6, of course you got back full address with prefix. But that requires using DHCPv6 for address configuration in the first place.
Which ISTR was necessary anyway? for DNS config? - I think Carlos may also have mentioned it being used/available in the Mitrastar router.
I could try stopping our dhcpv6 and see what happens.
And even if you *are* using DHCPv6 the content of lease file depends on which DHCP implementation NM is using. Which changes over time and currently preferred is internal client which does not write anything related to DHCPv6 (even though it does use it to obtain address).
Okay - if the lease file cannot be depended on, maybe it can just be used to detect the change and the actual address determined with "ip -6 -o addr show".
If that doesn't work either, I would write an iptables rule to catch the RA and log a message.
This is the file I have, with some editing for privacy. It corresponds fully with the address I get on the "ip addr" command, as "scope global dynamic mngtmpaddr" <lease> <family>ipv6</family> <type>auto</type> <uuid>73ca3964-...</uuid> <state>granted</state> <acquired>1682786208</acquired> <update>0x00000004</update> <ipv6:auto> <addresses> <address> <local>2a02:9140:...:50a1/64</local> <cache-info> <preferred-lifetime>86400</preferred-lifetime> <valid-lifetime>86400</valid-lifetime> </cache-info> </address> <address> <local>fd81:8fe5:...:50a1/64</local> </address> </addresses> <dns> <server>2a02:9000::aaaa</server> <server>2a02:9000::bbbb</server> </dns> </ipv6:auto> </lease> Isengard:/var/lib/named # There is a duid file, but it is dated yr 2018. There is also a /var/lib/wicked/lease-wlan0-dhcp-ipv6.xml, quite different. It does not contain the same prefix at all. Nor any "<address>" field. Isengard:/var/lib/named # cat /var/lib/wicked/lease-wlan0-dhcp-ipv6.xml <lease> <family>ipv6</family> <type>dhcp</type> <uuid>73ca3964-...</uuid> <state>granted</state> <acquired>1681729921</acquired> <update>0x0000341e</update> <ipv6:dhcp> <client-id>00:01:...:50:a1</client-id> <server-id>00:03:...:80:d4</server-id> <server-address>fe80::...:b34c</server-address> <server-preference>0</server-preference> <dns> <server>2a02:9000::aaaa</server> <server>2a02:9000::bbbb</server> </dns> <options> <unknown-16> <code>16</code> <data>00:00:0d:...:6f:72:67</data> </unknown-16> </options> </ipv6:dhcp> </lease> Isengard:/var/lib/named # Maybe because I tell wifi to switch off. # ip addr ... 3: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noqueue state DOWN group default qlen 1000 link/ether a0:d3:...:ff:ff altname wlp1s0 Isengard:/var/lib/named # Well, the best thing would be find out if wicked has hook scripts. There is a directory, "/etc/wicked/scripts". /etc/wicked/scripts /etc/wicked/scripts/redfish-update /usr/share/doc/packages/wicked/samples/scripts /usr/share/doc/packages/wicked/samples/scripts/config /usr/share/doc/packages/wicked/samples/scripts/config/dummy0.xml /usr/share/doc/packages/wicked/samples/scripts/config/ifcfg-dummy1 /usr/share/doc/packages/wicked/samples/scripts/systemd /usr/share/doc/packages/wicked/samples/scripts/systemd/test-post@.service I had a quick look at them (3 scripts). Can't make sense of them. - -- Cheers, Carlos E. R. (from openSUSE 15.4 x86_64 at Telcontar) -----BEGIN PGP SIGNATURE----- iHoEARECADoWIQQZEb51mJKK1KpcU/W1MxgcbY1H1QUCZE1MXBwccm9iaW4ubGlz dGFzQHRlbGVmb25pY2EubmV0AAoJELUzGBxtjUfVSukAn2Txw7VvwQuy8i9yMSJW YhKXCvU7AJwKI6n2tvZm7ViF7njHB591GKOCtA== =pLYr -----END PGP SIGNATURE-----