[CentOS] Diagnosing IPv6 routing

Wed Apr 29 01:57:27 UTC 2020
Kenneth Porter <shiva at sewingwitch.com>

On 4/28/2020 4:22 PM, Chris Adams wrote:
> What's in /etc/sysconfig/network-scripts/ifcfg-<name>?  I wonder if you
> have IPv6 disabled.

Pasted below. V6 definitely works. I have a second server and gave it a 
WAN address and I can connect between them using their WAN addresses. 
That's what told me that my ip6tables weren't screwed up and that the 
problem lay elsewhere. That's when I hit on looking at the route table 
and seeing no default IPv6 route.

> I'm not using a "regular" (CentOS, Fedora, etc.) Linux as a gateway; I
> have OpenWRT on a dedicated box.  I couldn't find a way to handle the
> prefix delegation with the typical desktop/server tools (but it has been
> a while since I looked).  OpenWRT has their own daemon for that.
> 
> However, my local systems are all sending RA solicitations and getting
> DHCPv6-assigned addresses with NetworkManager (which matches the first
> steps of what you need on the WAN, just not the prefix delegation).

I'm using OpenWrt at home and it's working mostly fine there. Except 
with my Android phone. I'm not getting a DNS setting for V6, but I do 
have the setting in the router's config file. The Win10 clients work 
fine, though. Apparently Android has issues with DHCPv6, and I'm betting 
it's interfering with my SLAAC config.

LAN config, ifcfg-em1:

TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=no
IPV6_DEFROUTE=no
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=em1
UUID=fbf59f72-2d60-4dd3-8870-c14a1acb4337
DEVICE=em1
ONBOOT=yes
DHCP_CLIENT_ID=saruman
IPV6_PRIVACY=no
ZONE=internal
IPADDR=10.169.1.128
PREFIX=9
IPV6ADDR=2001:1890:1837:5B11::100/60

WAN config, ifcfg-em2:

TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=em2
UUID=fe08c9df-9913-47f5-be8b-47dad168bcc4
DEVICE=em2
ONBOOT=yes
IPADDR=12.3.140.156
PREFIX=29
GATEWAY=12.3.140.153
DNS1=127.0.0.1
DOMAIN="mpa.lan dhcp.mpa.lan microprecisionautomation.com"
ZONE=external
IPV6FORWARDING=yes
IPV6_PEERDNS=no
# AT&T assigns us 2001:1890:1837:5B00::/56
# we use the 2nd /64 for our DMZ
IPV6ADDR_SECONDARIES=2001:1890:1837:5B01::100/64