home | list info | list archive | date index | thread index

Re: Is static address ipv6 on Teksavvy working for you?

On Fri, 3 Aug 2018, Bart Trojanowski wrote:

The key things to configure are:
* pppd / rp-pppoe
* sysctl (forwarding=1, autoconf=1, accept_ra=2)

These were key. I am unsure if I had them right at one time and then not. But I certainly needed autoconf and accept_ra=2. I think a missing / reset autoconf was the main problem though.

* iptables ... -j TCPMSS --clamp-mss-to-pmtu

Indeed, I had this one already for ipv4 frag problems.

Hmm. I just realized I probably have to make sure this is in ip*6*tables too... I did notice that ufw had a bunch of needed/useful rules in the ipv6 default already, possibly with this.

* dnsmasq

I spent far too much time with dnsmasq this weekend! Previously I had been using and am still using bind9 as an authoritative (for my domains) and recursive/caching DNS server (for my lan). I wanted to have better dhcp for my lan, and dnsmasq could provide that too. It also gave me a authenticating server too. I think there may be a bug in bind9 which disallows the ad bit being set on an an server that is also authoritative.

* TekSavvy gives me 2 logins, one for static IPv4 and another for IPv6
  -- I don't know if they still do this, but back when they started this is what they did :-)

I had a wiredhighspeed login for ipv6 before, which I never got around to using.

I understand they are not both needed now. If you have stabilty problems, you might want to try single login.

My connection normally (only, but frequently enough) goes down because I reboot after a core (kernel, libc, whatever) update.

* I have /etc/ppp/peers/ipv4 and /etc/ppp/peers/ipv6
  -- "pon ipv4" brings up ppp0, "pon ipv6" brings up ppp1
* /etc/ppp/ipv6-up.d/0-local script does the heavy lifting
  -- sets up sysctl params,

I thought I might need to do that but the sysctl params from above are 'sticking' just being set at boot. Thankfully.

  -- sometimes the pppoe sessions stay up for weeks, sometimes for minutes

I will keep an eye out for this.

Other than the last part (the script that restart ipv6 pppoe sessions), I found
all the details in various HOWTOs online.  It's been a while, so I don't recall
how it all works at a protocol level anymore.  And I certainly, I don't remember
exactly what sources I used to learn all this crap :-)

I've been bookmarking with ipv6 tag like crazy ;-) And still confused, because I have visted so many sites now...

Let me know what specifically doesn't work for you.

Well, thanks very much! I will add on the routing later this week, after I get dnsmasq stable and make sure my host/router is working on v6 reliably - so far, so good. Dnsmasq just hasn't been responding to DHCP REQUESTs reliably... driving me and my wife trying to work on her computer) crazy. ;-)

I'm really glad to get to this state after years of foot-dragging (but in the meantime I at least got my webserver running HTTP2 with HSTS and a proxied php, on ipv6 on a DNSSEC-signed domain. And now I can reach it on ipv6 :-) Thanks! I am hitting all the buzzwords ;-)

I'll let you know how the ipv6 routing goes.

Thanks again for taking the time to help Bart.

Brett