On 11/2/24 16:49, Peter Hessler wrote:
> What does the full output of 'slaacctl show interface iwm0', 'ifconfig iwm0',
> and 'netstat -rnf inet6' say?
Disabling the DHCPv6 server in the fritz box seems to do the job. Every device
now gets a working IPv6 configuration using SLAAC. Is there anything special
I need to add to pf.conf(5) to make IPv6 work? Currently IPv6 only works when
pf(4) is disabled. Following script also contains the contents of the current
pf.conf(5) file. Neither the FAQ nor the manpages contain anything special for
IPv6 and I do not see the reason the following pf.conf(5) file will not behave
the same for IPv6 as for IPv4. Any hints highly appreciated.
Script started on Tue Nov 5 09:48:16 2024
x500# pfctl -d
pfctl: pf not enabled
x500# slaacctl show interface iwm0
iwm0:
index: 2 running: yes temporary: yes
lladdr: e8:b1:fc:51:73:7c
inet6: fe80::eab1:fcff:fe51:737c%iwm0
Router Advertisement from fe80::6b4:feff:fe18:9cab%iwm0
received: 2024-11-05 09:48:25; 2s ago
Cur Hop Limit: 255, M: 0, O: 0, Router Lifetime: 1800s
Default Router Preference: High
Reachable Time: 0ms, Retrans Timer: 0ms
MTU: 1492 bytes
prefix: fd20:3eea:92dd::/64
On-link: 1, Autonomous address-configuration: 1
vltime: 7200, pltime: 3600
prefix: 2001:16b8:8170:200::/64
On-link: 1, Autonomous address-configuration: 1
vltime: 7200, pltime: 3600
rdns: 2001:16b8:8170:200:6b4:feff:fe18:9cab, lifetime: 1200
rdns: fd20:3eea:92dd:0:6b4:feff:fe18:9cab, lifetime: 1200
Address proposals
id: 5, state: PROPOSAL_CONFIGURED, temporary: y
vltime: 7200, pltime: 3600, timeout: 3586s
updated: 2024-11-05 09:48:25; 2s ago
2001:16b8:8170:200:b1a3:64d1:e5b4:1ebb, 2001:16b8:8170:200::/64
id: 4, state: PROPOSAL_CONFIGURED, temporary: n
vltime: 7200, pltime: 3600, timeout: 3586s
updated: 2024-11-05 09:48:25; 2s ago
2001:16b8:8170:200:c5e3:8aee:2f6e:407c, 2001:16b8:8170:200::/64
id: 3, state: PROPOSAL_CONFIGURED, temporary: y
vltime: 7200, pltime: 3600, timeout: 3586s
updated: 2024-11-05 09:48:25; 2s ago
fd20:3eea:92dd:0:f82:3437:a92d:f03e, fd20:3eea:92dd::/64
id: 2, state: PROPOSAL_CONFIGURED, temporary: n
vltime: 7200, pltime: 3600, timeout: 3586s
updated: 2024-11-05 09:48:25; 2s ago
fd20:3eea:92dd:0:5e46:169e:4173:a36e, fd20:3eea:92dd::/64
Default router proposals
id: 1, state: PROPOSAL_CONFIGURED
router: fe80::6b4:feff:fe18:9cab%iwm0
router lifetime: 1800
Preference: High
updated: 2024-11-05 09:48:25; 2s ago, timeout: 1786s
rDNS proposals
id: 6, state: PROPOSAL_CONFIGURED
router: fe80::6b4:feff:fe18:9cab%iwm0
rdns lifetime: 1200
rdns:
2001:16b8:8170:200:6b4:feff:fe18:9cab
fd20:3eea:92dd:0:6b4:feff:fe18:9cab
updated: 2024-11-05 09:48:25; 2s ago, timeout: 1186s
x500# ifconfig iwm0
iwm0: flags=a48843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,AUTOCONF6TEMP,AUTOCONF6,AUTOCONF4> mtu 1492
lladdr e8:b1:fc:51:73:7c
index 2 priority 4 llprio 3
groups: wlan egress
media: IEEE802.11 autoselect (HT-MCS15 mode 11n)
status: active
ieee80211: nwid FLSTR81WHG6DG chan 11 bssid 04:b4:fe:18:9c:ad 82% wpakey wpaprotos wpa2 wpaakms psk wpaciphers ccmp wpagroupcipher ccmp
inet6 fe80::eab1:fcff:fe51:737c%iwm0 prefixlen 64 scopeid 0x2
inet 10.0.0.115 netmask 0xffff0000 broadcast 10.0.255.255
inet6 fd20:3eea:92dd:0:5e46:169e:4173:a36e prefixlen 64 autoconf pltime 3593 vltime 7193
inet6 fd20:3eea:92dd:0:175c:a176:d0d4:f714 prefixlen 64 autoconf temporary pltime 3384 vltime 6984
inet6 2001:16b8:8170:200:c5e3:8aee:2f6e:407c prefixlen 64 autoconf pltime 3593 vltime 7193
inet6 2001:16b8:8170:200:4a3c:e602:d10b:e61e prefixlen 64 autoconf temporary pltime 3384 vltime 6984
inet6 fd20:3eea:92dd:0:f82:3437:a92d:f03e prefixlen 64 autoconf temporary pltime 3593 vltime 7193
inet6 2001:16b8:8170:200:b1a3:64d1:e5b4:1ebb prefixlen 64 autoconf temporary pltime 3593 vltime 7193
x500# cat /etc/pf.conf
# $OpenBSD: pf.conf,v 1.55 2017/12/03 20:40:04 sthen Exp $
#
# See pf.conf(5) and /etc/examples/pf.conf
set skip on lo
block return # block stateless traffic
pass # establish keep-state
# By default, do not permit remote connections to X11
#block return in on ! lo0 proto tcp to port 6000:601
block return in on ! lo0
# Port build user does not need network
block return out log proto {tcp udp} user _pbuild
x500# ^D
Script done on Tue Nov 5 09:48:47 2024
--
Christian
No comments:
Post a Comment