Thanks again Thomas. Another side note for anyone pulling this thread from the archive, when set in the ipv6 shared mode, RDNSS(I assume within network-manager?) pulls its DNS entries from whatever the LAN interface is configured with. A few hours of wrangling with dnsmasq trying to "publish" a specific DNS server to my network and still seeing duplicate entries under "IP6.DNS" led me to that result. On Fri, Sep 7, 2018 at 5:59 AM Thomas Haller <[email protected]> wrote: > > On Wed, 2018-09-05 at 19:50 -0500, dag dg via networkmanager-list > wrote: > > Thanks Thomas. Going into debug was able to point me in the right > > direction. For those stumbling on this like myself, the > > "ipv6.method=shared" refers to your *LAN* interface, not your WAN > > interface. While this might seem intuitive to some, when I think > > "shared" I think of the WAN though that is mostly a holdover from > > IPv4 > > conventions. > > > > In an earlier fit of desperation I had tried setting the LAN > > interface > > to "shared", but at the time ipv6 ICMP was unintentionally blocked by > > the firewall which was preventing the negotiation with my ISP from > > happening. I eventually figured it out that it was the firewall when > > I > > switched to wide-dhcpv6 using the known working config I had used > > with > > my old router, but I never went back to try setting the LAN interface > > to shared. > > > > After switching to debug I was able to see that the errors hinted at > > NM trying to find an interface(device) other than my WAN to assign a > > range to. The informational level message "no device to obtain a > > subnet to share on <interface> from" sort of gives this away but by > > itself can appear a bit cryptic, especially if like me you don't > > fully > > understand how ipv6 works. > > > > I think it would really help out if the documentation had a smidgen > > more detail, even if it was just a "for example if you are > > configuring > > a router for prefix delegation you would want to set your > > LAN/local/whatever interface to shared mode". Maybe it's already > > supposed to appear obvious but I definitely missed it, for what it's > > worth. > > > > Thanks again Thomas and thanks Vladimir; your earlier post was what > > made me aware Network Manager began supporting prefix delegation in > > the first place. > > > Hi, > > > I added a comment about that in `man nm-settings` [1], but it's unclear > that this is sufficiently discoverable. But it's also unclear where > else to document it. > > > Regarding firewall, at least for ipv4.method=shared, NetworkManager adds some > iptables rules to enable NAT [2]. This has room for improvement. Possibly > firewalld should be informed about the sharing and it's up to firewalld to > do the right thing. Todo. > > [1] > https://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=e90e1536c91678dcf34ab496aa750598052e1143 > [2] > https://cgit.freedesktop.org/NetworkManager/NetworkManager/tree/src/devices/nm-device.c?id=e90e1536c91678dcf34ab496aa750598052e1143#n10068 > > > So, after all you got it working?? Cool!! > > > best, > Thomas > > > > > ~dag > > On Wed, Sep 5, 2018 at 8:11 AM Thomas Haller <[email protected]> > > wrote: > > > > > > On Tue, 2018-09-04 at 09:29 -0500, dag dg via networkmanager-list > > > wrote: > > > > > > > > There doesn't seem to be much documentation for Network Manager > > > > on > > > > the > > > > prefix delegation support. Any insight would be appreciated. > > > > > > Hi, > > > > > > > > > it's not much documented, because there isn't much to configure > > > about > > > ipv6.method=shared. It's supposed to just work -- except when it > > > doesn't. > > > > > > Could you provide a full logfile with level=TRACE enabled? > > > > > > See the hints about logging at > > > > https://cgit.freedesktop.org/NetworkManager/NetworkManager/tree/contrib/fedora/rpm/NetworkManager.conf > > > > > > > > > best, > > > Thomas > > > > _______________________________________________ > > networkmanager-list mailing list > > [email protected] > > https://mail.gnome.org/mailman/listinfo/networkmanager-list _______________________________________________ networkmanager-list mailing list [email protected] https://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: IPv6 Prefix Delegation through Network Manager
dag dg via networkmanager-list Sat, 08 Sep 2018 16:06:55 -0700
- IPv6 Prefix Delegation through Netwo... dag dg via networkmanager-list
- Re: IPv6 Prefix Delegation thro... Vladimir Mosgalin
- Re: IPv6 Prefix Delegation thro... Thomas Haller via networkmanager-list
- Re: IPv6 Prefix Delegation ... dag dg via networkmanager-list
- Re: IPv6 Prefix Delegat... Thomas Haller via networkmanager-list
- Re: IPv6 Prefix Del... dag dg via networkmanager-list
- Re: IPv6 Prefix Del... Thomas Haller via networkmanager-list
- Re: IPv6 Prefix Delegat... Vladimir Mosgalin
