1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Tomato RAF Releases

Discussion in 'Tomato Firmware' started by Victek, Dec 28, 2012.

  1. Victek

    Victek Network Guru Member

    a) I work in linux.. so I use commands .. but you can use also kompare. meld ..
    b) Yes, you modify only the values needed.
     
    zavar likes this.
  2. Victek

    Victek Network Guru Member

    Yes, very usual, I replaced mine 3 months ago by a Tantalum capacitor, problem solved forever.
     
  3. Edrikk

    Edrikk Network Guru Member

    Here's why I think Victek is awesome: while everyone is running to throw the kitchen sink at the router, he takes the time to fix the bugs in the code. In my opinion, the art of root cause analysis is something to admire. Incredible work Victek!
     
  4. nurofen

    nurofen Serious Server Member

    The logs:
    Do not set up correctly igmpproxy for IPTV ?

    igmpproxy does not see the VLAN ?
     
  5. ilkevinli

    ilkevinli Network Guru Member

    Hi Vic,
    I upgraded my E4200 to 1.2g and now I can't access the web interface anymore. I can telnet in but that's it. Do you have any suggestions ? Thanks.
     
  6. Victek

    Victek Network Guru Member

    I ran (same as other people in the post using same model) 1.2g in my E4200 without problems, don't know what you did but I suggest do 'nvram erase' from telnet, 'nvram commit', 'reboot' .. and try again. Nevertheless tomorrow you can find a new version with local/remote https bug solved and other kernel updates but what you found in 1.2g it's something not detected till now by others and also by me.

    @nurofen, please, refrain to insist and post the same thing always, yes, the message said something about it, may be you can solve, edit igmproxy.conf and test service, but I can't cause I don't have IPTV service. Use ASUS firmware, I can't help you.
     
    Last edited: Sep 26, 2013
  7. ilkevinli

    ilkevinli Network Guru Member

    That's what it was. I enabled remote https.



     
  8. kyrios

    kyrios Serious Server Member

    Victek,

    This v1.2g is extremely pleased me. It's OSKAM friendly :)
    Code:
    2013/09/27 01:05:25: found (496 ms) by OSKAM server
    2013/09/27 01:05:35: found (283 ms) by OSKAM server
    2013/09/27 01:05:45: found (402 ms) by OSKAM server
    2013/09/27 01:05:55: found (334 ms) by OSKAM server
    2013/09/27 01:06:05: found (362 ms) by OSKAM server
    2013/09/27 01:06:15: found (291 ms) by OSKAM server
    2013/09/27 01:06:25: found (343 ms) by OSKAM server
    2013/09/27 01:06:35: found (257 ms) by OSKAM server
    2013/09/27 01:06:45: found (267 ms) by OSKAM server
    2013/09/27 01:06:55: found (340 ms) by OSKAM server
    2013/09/27 01:07:05: found (340 ms) by OSKAM server
    2013/09/27 01:07:15: found (406 ms) by OSKAM server
    2013/09/27 01:07:25: found (300 ms) by OSKAM server
    2013/09/27 01:07:35: found (334 ms) by OSKAM server
    2013/09/27 01:07:45: found (340 ms) by OSKAM server
    2013/09/27 01:07:55: found (298 ms) by OSKAM server
    2013/09/27 01:08:05: found (366 ms) by OSKAM server
    2013/09/27 01:08:15: found (254 ms) by OSKAM server
    2013/09/27 01:08:25: found (339 ms) by OSKAM server
    2013/09/27 01:08:35: found (312 ms) by OSKAM server
    2013/09/27 01:08:45: found (299 ms) by OSKAM server
    2013/09/27 01:08:55: found (287 ms) by OSKAM server
    2013/09/27 01:09:05: found (252 ms) by OSKAM server
    2013/09/27 01:09:15: found (349 ms) by OSKAM server
    2013/09/27 01:09:25: found (323 ms) by OSKAM server
    2013/09/27 01:09:35: found (295 ms) by OSKAM server
    2013/09/27 01:09:45: found (290 ms) by OSKAM server
    2013/09/27 01:09:55: found (265 ms) by OSKAM server
    2013/09/27 01:10:05: found (313 ms) by OSKAM server
    Now I will never complaint about OSKAM thingy.
    Whenever I felt new release is not oskam friendly,
    I know where to go back :)
     
  9. Victek

    Victek Network Guru Member

    I was thinking in you when I updated dnsmasq2.67test16 dated 25/09/2013 .. I was wondering, it will run with @kyrios service?, thanks for reporting.

    Did you read some posts before that https was solved and will run in next version? ... be patient guys... it's not a race.
     
  10. Victek

    Victek Network Guru Member

    Release v1.2h ready for RT-N16, RT-N66, RT-AC66U, E4200, E3000 .. other builds upon request or wait till final v1.3.

    Changelog.

    *- BW Limiter works.
    *- Nocatsplash works.
    *- Local/Remote Management works.
    *- Updated kernel to mipsr2r32 instructions.
    *- OpenSSL 1.0.1e patched.
    *- OpenVPN 2.3.2.
    *- dnsmasq v2.67test16 dated Sept 25th,2013 updates.
    *- igmpproxy sources and build cloned from asuswrt branch.

    Thanks!
     
    szpunk, zavar, zapoqx and 2 others like this.
  11. zapoqx

    zapoqx Networkin' Nut Member

    Well I may not be using the E3000 as the main router soon much longer. Might be using the RT-AC66U. Unfortunately after seeing some people's comments about the AC66U and reviews, not sure if I'll use Tomato. But I'll probably be using the E3000 in my section of the apartment so I guess I'll try testing it out from time to time. Right now though, I think I'll upgrade to 1.2h.
     
  12. Edrikk

    Edrikk Network Guru Member

    I jumped up to 1.2h on my E3000 (from 1.2f). No issues, and running smooth! Did a full reset, and reloaded settings using the 'iMacro' tool (which automates entry from the GUI).

    One question however:
    Not strictly due to 1.2h, but going back as far as I can remember, when a torrent is downloading (in this example, 2 torrents, combined 12 seeds connected, roughly 100 peers; Combined download speed 50 kB/s and up 13 kB/s... I know it's a slow couple...).

    The 'issue' is this:
    The iPhones (a 4, a 4s, and a 5 [different people tried]) are not able to hold onto a face time call with someone in another house who is on wireless. I have tried putting the devices as 'voip' QoS and also with them not on, the same issue.

    The other side says that the phone informs that that the connection has issues, and the video doesn't make it etc.


    As soon as I 'stop' the torrents, all is good.


    My stupid question is this: Should'nt the QoS result in the Face Time to work? Additionally, (in my maybe mis-guided opinion) since the torrent up/down speeds are slow, and the number of peers is not too high, regardless of QoS, shouldn't this be sufficient for FaceTime to work?

    Additional FYI, turning off the Wifi and going off of LTE works without issues (as it shows, as I assume Apple lowers quality for the bandwidth of LTE).


    Any input / suggestions are welcome!


    PS. Additional info: Tried with iOS6.1.3, iOS 7.
    Otherwise, the network appears fine. I can stream videos from web to a desktop (wired), youtube to a wireless, youtube to iphone, etc.
    Don't know if FaceTime uses a specific protocol which MAYBE isn't handled well in this scenario?
     
  13. Marcel Tunks

    Marcel Tunks Networkin' Nut Member

    It depends on a variety of factors. First, are the torrents on wireless or wired clients? Is there any other wireless traffic? (it's the most likely culprit)

    Whether QoS works or not to maintain throughput and minimize latency depends on whether your QoS has been set up properly to achieve your goals. If you're using wired clients for the torrents, your router's CPU isn't maxed out, and you're still having this problem, then you may want to move your question over to the QoS thread or a new thread.
     
  14. MrJman

    MrJman Reformed Router Member

    I am running Tomato RAF Firmware v1.28.9013 MIPSR2-RAF-V1.2 K26 USB VLAN-NGINX on an E3000 and trying to set up Jumbo frames. I have enabled it in the Tomato code and set the MTU to 8192 bytes. I have also set the NIC (Broadcom NetLink (TM) Gigabit Ethernet) to MTU of 8192 and enabled "Large Send Offload V2(IPv4)" and "Large Send Offload V2(IPv6)". When I issue "ping 192.168.1.1 -f -l 1473" I get "Packet needs to be fragmented but DF set." I have spent some time searching and find a number of users asking if JFs work with the E3000 with TomatoRAF FW, but no definitive answers. Should this work or not? If yes, please help me to get the setup correct. Thanks and enjoy, John.

    EDIT: Where is the "download area"?
     
    Last edited: Sep 27, 2013
  15. zavar

    zavar Networkin' Nut Member

    Wow Victek, thanks for all of your hard work and expertise that you put into Tomato. With all of these changes, what else could you possibly be cooking up for 1.3?
     
  16. CowMix

    CowMix Addicted to LI Member

    Hey Victek will the QOS bug fix for AC66U be in the final 1.3 release? I'm holding off on updating my device until thats fixed. Thanks for your hard work! Do you think its safe to run QOS even with the bug?

    Also a way to enable jumbo frames? Theres a setting in the webui but I could never get it work on any tomato firmware on any device.

    Whats wrong with AC66U and tomato? Victek has been doing a great job on the AC66U builds. Its stable and better than the stock firmware.
     
    Last edited: Sep 27, 2013
  17. eahm

    eahm LI Guru Member

    CowMix, Shibby as well.
     
    Last edited: Sep 27, 2013
  18. Edrikk

    Edrikk Network Guru Member

    Good points which I should have included! The torrents are running on a wired box.
    There is some wireless activity going on constantly (from a wireless 640x480 camera) which uses between 100 kB/s and 120 kB/s on the 2.4 GHz antenna (so roughly 960 kb/s).... Just a blip. No other wireless activity. And this remaining on doesn't impact the FaceTime.

    The iPhones were tested connected to both the 2.4GHz (setup = "Auto") and 5.4GHz (setup = "N Only") antennae.

    The Router information with all this activity (still ongoing) is as follows:

    Code:
    Model   Linksys E3000
    Chipset   Broadcom BCM4716 chip rev 1 pkg 10
    CPU Clock   480 MHz
    CPU Load   12.83%
    CPU Load (1 / 5 / 15 mins)   0.00 / 0.00 / 0.00
    
    
    Flash RAM Size   8 MB
    RAM Size / Free   60.03 MB / 46.71 MB (77.82%)
    NVRAM Size / Free   60.00 KB / 24.30 KB (40.49%)
    
    PS. Things that take up SIRQ with little benefit (to me) are always turned off by me:
    - All logging = off
    - Ethernet port state = off
    - Bandwidth Limiter = off
     
  19. CowMix

    CowMix Addicted to LI Member

    Yes of course :) I haven't had a chance to try his AC66U builds yet but I may try on his next release (with the high ping bug fixed)
     
    eahm likes this.
  20. Victek

    Victek Network Guru Member

    RT-AC56U, A faster VPN, SIProxy, ACR (Automatic Configuration Restorage).. all network features.
     
    Elfew, eahm and zavar like this.
  21. zapoqx

    zapoqx Networkin' Nut Member

    Nothing. I just hear quite a few like the stock firmware, I think I read that Merlin has a firmware mod for the Asus on some routers? (Correct me if wrong here), and overall, if either is the case, I just figure that it becomes questionable to go into Tomato IF it fits my needs. I also figure worst case that what I'll do is probably try it out on Tomato and Regular and see which I want for my situation. Just for my needs, I found on my Buffalo router of ye olde that when I discovered Tomato, it made it much better! After that, I liked it on the E3000 because hell, I just did not like the Linksys default setup. Outside of that, I have no problems with Tomato or RAF. I just love Victek's work of all of the versions just for my needs. I'm pretty sure I'm just not gonna get much more difference in WAN throughput when I start hitting 150 Mbps, not that I'd make use of it constantly on a personal level (but with everyone in the house... what slow down?)
     
  22. JAC70

    JAC70 Networkin' Nut Member

    Just noticed the Speedtest version version for the e3000. Thanks, Victek, can't wait to test it.

    Anyone know how much space is left for a JFFS partition?
     
  23. Victek

    Victek Network Guru Member

    Download area: http://victek.is-a-geek.com/9013.html , v1.2 top and betas to v1.3 at the bottom.

    Jumbo frames; In command mode (telnet), type:

    root@E4200:/tmp/home/root# nvram show | grep jumbo
    jumbo_frame_enable=0
    jumbo_frame_size=2000

    If enabled then should be 1, to modify write; nvram set jumbo_frame_enable="1" , after, nvram commit, then reboot and test. Max size is 9720.
    With BCM53115 (switch chipset) we don't know if JF works, to test use net analyzer like tcpdump/wireshark. Ethernet driver is a broadcom propietary code, we can't play too much with these sections.
     
    Last edited: Sep 27, 2013
  24. mahi2003

    mahi2003 Reformed Router Member

    I couldn't find a tool that exports just the differences (most tools generate patch or result files) so I wrote my own tool. I've tidied up the code somewhat and put it online:

    [​IMG]

    Download NvramDiff (16 kB - includes both executable and C# source code)

    Requirements:
    • Microsoft Windows XP or later (sorry no Linux or MacOS)
    • Microsoft .NET Framework 3.5 Service Pack 1
    The tool is very simple in use. Just paste the nvram output of the clean router in "Original nvram", then paste the nvram output of the fully configured router in "Configured nvram" and finally click "Generate Differences".

    The tool is smart enough to handle nvram dumps that are out of order or contain multiline values like complex scripts. Please note the "Differences nvram" output only includes entries that are changed or new in "Configured nvram". That's exactly what you want to create "redo" settings but it also means you cannot use the tool in the opposite direction to create "undo" settings!

    Update: version 1.1 is now able to handle removed variables as well. So from now on you could use the tool for both "redo" and "undo" actions.

    I hope it's useful to you and others.

    Yes that would work... but if you upgrade to a new firmware there's a chance some of the default values have changed between both firmware versions. These changed default values would end up in the differences and you do not want that. The purpose of generating the differences is to exclude all (or at least as much as possible) default values. Therefore I would recommend to generate the differences only between nvram outputs of the same firmware version.

    In your case you could, for example, first backup the router configuration ("Administration > Configuration") and then execute ("Tools > System") command nvram export --set . Copy/paste the output to "Configured nvram" in my tool. Next erase the nvram ("Administration > Configuration"). After the router has rebooted execute the nvram export command once more, copy/paste its output to "Original nvram" and press "Generate Differences". Now restore the backup you created earlier. This way your router is exactly like it was before erasing the nvram and you have all the time to look at the nvram differences for future use.

    As I explained in my earlier post (#1695) the differences will still contain hundreds of values you did not explicitly change. In my opinion it pays off to spend a little more time on stripping the differences output even further and keeping only the entries that you manually changed. This can be a bit challenging because the nvram key names are often cryptic, but the smaller your resulting set is the more future proof/safe it will be... My differences output was still hundreds of entries long, but I managed to reduce that to just over 30 entries. These entries are very unlikely to change in future Tomato versions and I can probably even use them on a different router!

    Of course router configurations do not always stay the same. Whenever I make changes to the router configuration I copy/paste the nvram export --set output before making the changes to "Original nvram" and the output after the changes are applied to "Configured nvram". The resulting differences set is usually very small and (if necessary) isolating your own manually changed settings is quite easy. The differences can then be appended to the "redo" settings you created earlier. This way the "redo" settings are always up to date.
     
    Last edited: Sep 28, 2013
    Holy_Hunter, ottoemezzo, Siff and 6 others like this.
  25. Victek

    Victek Network Guru Member

  26. zavar

    zavar Networkin' Nut Member

    Thanks mahi2003, I'll definitely grab your utility. The easier the better for me! Great suggestion for when configuration changes are made, I'll be sure to try and remember to do that once I get my "base" configuration file setup.
     
  27. RonV

    RonV Network Guru Member


    Very impressive. Can't wait to try it out. I have very complex management of NVRAM because of the router farms that I have in the field. Most of my management is via shell scripts and version management. But this should provide the pointers I need in a easy fashion when I do my initial diff of a new version of a flash to a router.
     
  28. M0g13r

    M0g13r LI Guru Member

    @ mahi2003 .... nice tool ! ..... any chance for an non .net version ?
     
  29. Edrikk

    Edrikk Network Guru Member

    Guys, just my 2 cents (to avoid headsaches for the devs in the future)... I'd be careful with a automatic config transfer tool... I know this is a boundary case, but there could be cases where an NVRAM variable name is changed or deleted. Such things wouldn't be caught by a tool, and could have adverse affects.
    e.g. if the code (by another dev) is not fully removed but they depend on an NVRAM var not being there (or to change the functionality).

    Additionally (again, boundary case), if enough "large" vars are removed / renamed across multiple versions, this would cascade the NVRAM size usage, resulting in people posting for help "why does my router behave strangely / crashes)...

    Also what if validations change what should be made, which change the value which the nvram var can hold (I have seen this before in dd-wrt for example in the past for static dhcp lease time).

    I personally think people should use the GUI (to benefit from any validations done). There are cross-platform automation tools already written for this purpose... Again, i use iMacros free plugin:
    https://addons.mozilla.org/en-US/firefox/addon/imacros-for-firefox/
     
  30. Elfew

    Elfew Addicted to LI Member

    I would prefer nodog instead of ACR because of problems in nvram and values which could be different on each version - more problems than bonuses...only my opinion ;)

    Keep excellent work!
     
    Edrikk likes this.
  31. Victek

    Victek Network Guru Member

    Well.. the TODO list will keep me working in Tomato for next 10 years.. so no problem LOL.
     
  32. MrJman

    MrJman Reformed Router Member

    Thanks much, Victek. I will give Telnet a try and post what I learn. I assumed the "download area", was different from the page I have used. I do not see the 1.2g or 1.2h etc. versions. When I first installed your code and enabled JF I did a transfer from my LT with Wireshark running and saw no frames over 1500 bytes. I did see most of the transactions were IPv6. I have been trying IPv6 but do not know if it was enabled at the time. Thanks and enjoy, John.
     
  33. Elfew

    Elfew Addicted to LI Member

    Victek you are lucky person - you have lifetime fulljob ;)
     
  34. Victek

    Victek Network Guru Member

    I'm concentrating all build in one page.. it was a Babel Tower.. hope to launch in few hours...
     
  35. jerrm

    jerrm Network Guru Member

    It's not quite the same, but if you save off the results of nvram export --quote, ie:
    Code:
    nvram export --quote > nvram_clean
    after erasing, then subsequent changes are easy to find later with:
    Code:
    nvram export --quote | grep -Fvf nvram_clean
    While not quite as readable or cut and paste friedly as --set, --quote is script friendly with the advantage that all entries are always a single line.
     
    Last edited: Sep 27, 2013
  36. Darius510

    Darius510 Reformed Router Member

    Are there any implications for your internet connection by using jumbo frames? I understand it'll help speed up transfers over the LAN, but I wouldn't want to do anything that could increase my latency or cause any other issues. I know all my switches support it, dunno about the media streamers or gaming consoles...does that even matter?
     
  37. MrJman

    MrJman Reformed Router Member

    It took me awhile to figure out how to use telnet (been long time) but here is what I received:
    Code:
    Tomato v1.28.9013 MIPSR2-RAF-V1.2 K26 USB VLAN-NGINX
    root@unknown:/tmp/home/root# nvram show | grep jumbo
    jumbo_frame_enable=1
    jumbo_frame_size=8192
    root@unknown:/tmp/home/root#
    
    I again tried to ping (ping 192.168.1.1 -f -l 1473) the E3000 and my LT. They both worked with 1472 bytes but failed (Packet needs to be fragmented but DF set.) with larger byte counts. I assume JF does not work in E3000 with the FW I am running. Thanks Victek for your time. Enjoy, John.
     
  38. Victek

    Victek Network Guru Member

    John, the JF only works between LAN nodes, when it goes to WAN then it should respect the MTU fixed by the protocol you use....also if you have some switch in your LAN please check that JF are supported.
     
  39. M0g13r

    M0g13r LI Guru Member

    i have a prob :\
    not shure its a bug .... since yesterday i have a new vdsl modem with webif
    and yes modem has different subnet :) ... (my lan 192.168.0/24 ... modem 192.168.100.2 ... wan is vlan7 *tagged)

    first i tried the route modem ip in gui .... can't connect to modem webif :\

    then from toastman

    init: ip addr add 192.168.0.123/24 dev $(nvram get wan_ifname) brd +
    (you may need a "sleep 5" line first to give a delay)

    This gives the WAN interface an IP so that we can use it to route.

    firewall: iptables -I POSTROUTING -t nat -o $(nvram get wan_ifname) -d 192.168.100.3/24 -j MASQUERADE

    We now route the modem's subnet out of the WAN port in addition to the PPPOE connection.

    can't connect to modem webif :\


    then from tomato usb forum
    init:

    sleep 45
    # add IP to modem port
    ifconfig vlan7 add 192.168.100.123
    # add alias to LAN port
    ifconfig br0:1 192.168.0.123
    # IP-alias forward to modem
    iptables -t nat -I PREROUTING -i br0 -d 192.168.0.123 -j DNAT --to-destination 192.168.100.2
    # fake source IP when sending to modem
    iptables -t nat -I POSTROUTING -d 192.168.100.2 -j SNAT --to-source 192.168.100.123
    # fake source IP when forwarding replies from modem
    iptables -t nat -I POSTROUTING -s 192.168.100.2 -j SNAT --to-source 192.168.0.123

    can't connect to modem webif :\

    when connectig the modem directly to PC it woks

    now i have no clue and need some help ..... what i'm doing wrong ?

    thx
     
    Last edited: Sep 27, 2013
  40. Victek

    Victek Network Guru Member

    Did you try plugin the router as dhcp to the modem? .. simple as it.
     
  41. M0g13r

    M0g13r LI Guru Member

    i think you don't understand me *G*

    i can't connect to modem webif from lan ..... connection to isp is fine :)

    dhcp on lan is off
    on wan its on .... to get an ip from isp :p

    edited my poste above a bit
     
    Last edited: Sep 27, 2013
  42. Victek

    Victek Network Guru Member

    now yes.. I understood you was not connecting Internet. Then I suggest you it .. go to administration/scripts/firewall and type:

    /usr/sbin/iptables -I POSTROUTING -t nat -o vlan1 -d 192.168.100.0/24 -j MASQUERADE
    ip addr add 192.168.100.3/24 dev vlan1 brd +


    save, reboot, that's all...
     
  43. MrJman

    MrJman Reformed Router Member

    Thanks, Victek. I think I do understand about WAN vs LAN and JF/MTU. The WAN MTU still shows 1500. This is why I only pinged 192.168.x.x IPs. I also moved a file (about 500 MB) from my LT to my DT and took a Wireshark trace. I saw no packets over 1514 bytes. Most of the transfer used IPv6 IPs. There are no switches in my network - very simple, cable modem (SB6141), E3000 with one DT and one LT. The LT is connected via Ethernet cable for my testing. Thanks and enjoy, John.
     
  44. M0g13r

    M0g13r LI Guru Member


    edited it to vlan7 .... is what i have :) ..... and ...... can't connect to modem webif :\ .... damn
     
  45. RonV

    RonV Network Guru Member

    Yea I have 45mbps per second...boo for some reason can't get native IPv6 working. It was working with HE Static tunnel but now I can't seem to get it working with U-verse. As usual I configured my u-verse gateway is IP Passthough and it's working great. I can access all my IP4 based services with no issue.

    My Router configuration:

    IPv6 Service: TypeNative IPv6 from ISP

    Assigned / Routed Prefix : ****:****:bdae:6b20::
    Prefix Length : 64
    Router IPv6 Address Default : ****:****:BDAE:6B20::1
    Static DNS 2620:0:ccc::2
    2620:0:ccd::2


    So the question is am I configuring tomato appropriately for that AT&T is showing me on their page:

    U-verse IPv6
    StatusAvailable
    Global IPv6 Address****:****:bdae:6b20::1/64
    Link-local IPv6 Address****::****:acff:fecf:a30
    Router Advertisement Prefix****:****:bdae:6b20::/64
    IPV6 Delegated LAN Prefix****:****:bdae:6b20::
    ****:****:bdae:6b28
     
  46. Lorenceo

    Lorenceo Networkin' Nut Member

    Native v6 hasn't worked on Tomato since it started using dnsmasq for router advertisements. Or at least it hasn't for me. I assume you're getting the same problem I've been having.
     
  47. RonV

    RonV Network Guru Member

    Yes I IPv6 DNS resolution, I see bytes out via IPv6 but nothing hits the internet and nothing coming back in....
     
  48. Victek

    Victek Network Guru Member

    @RonV & @Lorenceo, lets's wait tomorrow, I'll release one version with some patches in kernel for ipv6.... but I think the problem is stil in dnsmasq and what Lorenceo mentions...but now we have two beta testers running ipv6.. so.. we need to sort it. Go to read what dnsmasq author wrote in the code about router advertisements prior to release this version.

    @MrJman If there is no traffic larger than 1500 then switch is not responding to JF request.

    Edit: Did you test it? http://www.linksysinfo.org/index.php?threads/ipv6-using-dnsmasq-for-ipv6-instead-of-radvd.68396/

    Copy of my dnsmasq.conf file after adding enable-ra in dnsmasq custom window.

    Code:
    root@RT-N16:/tmp/etc# cat dnsmasq.conf
    pid-file=/var/run/dnsmasq.pid
    domain=xxxxxxxxx
    resolv-file=/etc/resolv.dnsmasq
    addn-hosts=/etc/dnsmasq/hosts
    dhcp-hostsfile=/etc/dnsmasq/dhcp
    expand-hosts
    min-port=4096
    stop-dns-rebind
    rebind-localhost-ok
    quiet-dhcp
    quiet-dhcp6
    quiet-ra
    interface=br0
    dhcp-range=tag:br0,10.10.2.2,10.10.2.52,255.255.255.0,1440m
    dhcp-option=tag:br0,3,10.10.2.1
    dhcp-lease-max=255
    dhcp-authoritative
    enable-ra
    
     
    Last edited: Sep 27, 2013
  49. RonV

    RonV Network Guru Member

    I agree, will wait until tomorrow......
     
  50. MrJman

    MrJman Reformed Router Member

    Thanks, Victek. I assume this means that the E3000 cannot support Jumbo Frames? Switch is within the E3000?

    IPv6...
    My ISP, Time Warner, provides an IPv6 connection. When I got the Motorola SB6141 and plugged my DT directly into it I got a IPv6 connection. When I placed the E3000 in between, no IPv6 connection. It took awhile, but I finally talked to a knowledgeable Time Warner Level 3 support person and was given the parameters to use in my router. I was told to use "DHCPv6 with Prefix Delegation", select "Accept RA from LAN" and leave the other options unchanged. I did this, rebooted the DT, router, and modem and still cannot get an IPv6 connection. The LT is powered off, so no other HW involved. To be sure IPv6 still worked, I connected the DT directly to the modem, supplied a public v6 DNS address set and got an IPv6 connection. I went to the test site and completed the tests with no problems. Please tell me what I have done incorrectly. I see lots of discussions about IPv6 but most are concerning DNSmasq which I have not touched. Please help me get this working. Thanks and enjoy, John.

    Tomato RAF Firmware v1.28.9013 MIPSR2-RAF-V1.2 K26 USB VLAN-NGINX
     
  51. koitsu

    koitsu Network Guru Member

    I can help test IPv6 if it's really needed, but I don't run Victek's firmware (I use Toastman, specifically tomato-K26USB-1.28.0503MIPSR2Toastman-RT-N-Ext.trx on an Asus RT-N16). Note that I do all IPv6 testing/etc. from the router itself; machines on my network (LAN) do not do IPv6 (by choice), so if there are RA re-advertisement issues for the LAN side (i.e. ISP -> router WAN -> dnsmasq -> advertising RAs to machines on LAN) I can't help with that.
     
  52. Victek

    Victek Network Guru Member

    I think it's the problem...

    version 1.2h1 in beta area for RT-N16/RT-N66/E3000 ready in few minutes.
     
  53. Lorenceo

    Lorenceo Networkin' Nut Member

    And 1.2h1 will include the IPv6 changes?
     
  54. Victek

    Victek Network Guru Member

  55. Lorenceo

    Lorenceo Networkin' Nut Member

    That config looks the same as your stock one. The only differences seem to be the v4 IP ranges, and lack of quiet-* flags.

    Edit: dnsmasq.conf from my N66U:
     
    Last edited: Sep 28, 2013
  56. Victek

    Victek Network Guru Member

    Ok, fine.. I release first RT-N66U, it's your model, right?
     
  57. Lorenceo

    Lorenceo Networkin' Nut Member

    N66U HW rev B1, yes. I can wait, don't worry. :)

    Edit:
    Just flashed 1.2h1.
    :(
    I also tried adding "dhcp-option=option:mtu,1492" as a custom dnsmasq config. The router advertisements still have the MTU as 1500.
     
    Last edited: Sep 28, 2013
  58. nurofen

    nurofen Serious Server Member

    Victek, I do not correctly configure the VLAN :)

    That's right. IPTV works!!!

    vlan.png


    You can add a theme color ???

    Bluedream Toastman .

    And collect Ext - normal + Extra utilities + NTFS :)

    I do not use VPN-NOCAT-NGINX

    thank you
     
    Last edited: Sep 28, 2013
  59. Elfew

    Elfew Addicted to LI Member

    So IPTV is working now without problem? Victek will be happy, because his TODO list is shorter now :)

    I dont understand this:
    NTFS and Ext are already in builds
     
  60. MatteoV

    MatteoV Serious Server Member

    Hi guys. I'm trying to re-set my E4200 after upgrade (and nvram reset) from 1.2f to 1.2g.
    I'm unsure/confused about nvram values about WiFi. I can see there are wl_ wl0_ wl1_ values. For example, about channel. I do not understand them. Are wl_ values the default values saved for some purpose and wl0_ and wl1_ the actual used values?

    Thanks ;)

    -edit-
    @Victek I can confirm https working good now ;)
     
    Last edited: Sep 28, 2013
  61. nurofen

    nurofen Serious Server Member

    Elfew, On firmware Toastman also works IPTV. I'm guilty, not properly configure the VLAN :)

    tomato-K26USB-NVRAM64K-1.28.0503MIPSR2Toastman-RT-N-VLAN-Ext.trx all you need, but I want to RAF!
     
  62. khris972

    khris972 Networkin' Nut Member

    About ipv6

    Native ipv6 worked fine with 1.2h , tried 1.2h1 does ont work now

    Édit: sorry , 1.2h1 still working weird
     
    Last edited: Sep 28, 2013
  63. MatteoV

    MatteoV Serious Server Member

    @nurofen I (always?) needed to login as root. So it works, here, hope it helps!
     
  64. nurofen

    nurofen Serious Server Member

    thank you very much :)
     
  65. MatteoV

    MatteoV Serious Server Member

    @nurofen you're welcome!
    @Victek
    I now find the strict-order directive in my /etc/dnsmasq.conf file without having entered it / selected it anywhere, as far as I know it was not there before (I did check it) and I can't find it in nvram nor in the gui. I do not want this, due to I am using dnscrypt-proxy(es) and sometimes one/more servers simply do not work correctly, so this is gonna slow me down a lot in these frequent cases.
    Is this some kind of unexpected and new behaviour of the firmware adding this directive or is there some opt-out directive in the gui I am missing?
     
  66. Victek

    Victek Network Guru Member

    Could you explain a little bit better? works or not?. Thanks!

    In my findings reading dnsmasq I read about and fixed as default, once the ipv6 will work (I don't understand yet why khris972 was working in 1.2h and not for Lorenceo) then I'll revert the changes I did desperately in order to sort this issue.

    But I need reliable feedback... for some it works, for others doesn't work.. it's insane ;)

    @nurofen , glad to read it works, Tomato RAF theme is the default and I'll not include other themes, I like it. ntfs and ext are included also.
    Could you post all settings you did in order to fix IPTV? you show only VLAN.. but what additional did you enabled in order to see IPTV? it can help others to have this information.
     
    Last edited: Sep 28, 2013
  67. MatteoV

    MatteoV Serious Server Member

    Ok, I must have lost some words on this, I was ignoring IPv6 stuff as I'm not using it. So, sorry for bothering if you said that already.

    Thanks!
     
  68. khris972

    khris972 Networkin' Nut Member

    Sorry for the confusion

    Yes it works ,Just after flashed 1.2h1 it did not works but fews minutes later i got my ipv6 IP
     
  69. RonV

    RonV Network Guru Member

    Ok I am ready to test something this morning...I just downloaded the h1 build for my RT-N66U. I am going to skip configuring everything and just focus on the ipv6 right now. That way I can easily flash back and restore my old configuration before the family suspects anything. Thanks for the quick build.
     
  70. Lorenceo

    Lorenceo Networkin' Nut Member

    @khris972 Can you ping ipv6.google.com from Tools/Ping on the router? Can you ping it from client PCs? What sort of IPv6 connection do you have? DHCP-PD? Native? Something else? Do you use DHCP or PPPoE to connect to your ISP?
     
  71. khris972

    khris972 Networkin' Nut Member

    I can't ping from Tools/Ping
    I can't ping from PC ( ipv6.google.com is Not reachable)

    My router behind MoDem from ISP , wan connected with DHCP

    IPV6 NATIVE


    Assigned / Routed Prefix :2a02:XXXX:YYYY:XXXX::
    Prefix Lenght :56
    Router ipv6 address: 2a02:XXXX:YYYY:XXXX::1
     
  72. RonV

    RonV Network Guru Member

    Ok I was able with the RT-N66U running v1.28.9013 MIPSR2-RAF-V1.2h1 to ping goggle from a telnet session on the router:


    Code:
    ping ipv6.google.com
    PING ipv6.google.com (2607:f8b0:4009:802::1014): 56 data bytes
    64 bytes from 2607:f8b0:4009:802::1014: seq=0 ttl=56 time=29.231 ms
    64 bytes from 2607:f8b0:4009:802::1014: seq=1 ttl=56 time=27.382 ms
    64 bytes from 2607:f8b0:4009:802::1014: seq=2 ttl=56 time=27.555 ms
    64 bytes from 2607:f8b0:4009:802::1014: seq=3 ttl=56 time=27.319 ms
    64 bytes from 2607:f8b0:4009:802::1014: seq=4 ttl=56 time=27.625 ms
    
    When I do the same ping on a computer I receive name resolution but it just times out:

    Code:
    Pinging ipv6.l.google.com [2607:f8b0:4009:802::1012] with 32 bytes of data:
    Request timed out.
    Request timed out.

    Here is the dnsmasq config file:

    Code:
    pid-file=/var/run/dnsmasq.pid
    resolv-file=/etc/resolv.dnsmasq
    addn-hosts=/etc/dnsmasq/hosts
    dhcp-hostsfile=/etc/dnsmasq/dhcp
    expand-hosts
    min-port=4096
    stop-dns-rebind
    rebind-localhost-ok
    interface=br0
    dhcp-range=tag:br0,192.168.10.2,192.168.10.49,255.255.255.0,10m
    dhcp-option=tag:br0,3,192.168.10.1
    dhcp-lease-max=255
    dhcp-authoritative
    enable-ra
    dhcp-range=tag:br0,****:****:bdae:6b2f::, slaac, ra-names, 64
    
    I compared the ipconfig when I was directly attached to the AT&T gateway vs. what the router is giving me:


    Code:
    Ethernet adapter Ethernet 8:
     
      Connection-specific DNS Suffix  . : att.net
      Description . . . . . . . . . . . : Plugable Ethernet
      Physical Address. . . . . . . . . : xx-xx-xx-xx-xx-xx-xx
      DHCP Enabled. . . . . . . . . . . : Yes
      Autoconfiguration Enabled . . . . : Yes
      IPv6 Address. . . . . . . . . . . : ****:****:bdae:6b20::48(Preferred)
      Lease Obtained. . . . . . . . . . : Saturday, September 28, 2013 7:27:16 AM
      Lease Expires . . . . . . . . . . : Monday, October 28, 2013 7:27:16 AM
      IPv6 Address. . . . . . . . . . . : ****:****:bdae:6b20:f947:723:90e:b527(Pref
    erred)
      Temporary IPv6 Address. . . . . . : ****:****:bdae:6b20:bcea:5854:b43e:6b95(Pr
    eferred)
      Link-local IPv6 Address . . . . . : fe80::f947:723:90e:b527%54(Preferred)
      IPv4 Address. . . . . . . . . . . : 192.168.1.72(Preferred)
      Subnet Mask . . . . . . . . . . . : 255.255.255.0
      Lease Obtained. . . . . . . . . . : Saturday, September 28, 2013 7:27:16 AM
      Lease Expires . . . . . . . . . . : Sunday, September 29, 2013 7:27:16 AM
      Default Gateway . . . . . . . . . : fe80::b277:acff:fecf:a30%54
                                          192.168.1.254
      DHCP Server . . . . . . . . . . . : 192.168.1.254
      DHCPv6 IAID . . . . . . . . . . . : 1107316918
      DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-AF-C8-5E-00-00-00-00-00-00
     
      DNS Servers . . . . . . . . . . . : 192.168.1.254
      NetBIOS over Tcpip. . . . . . . . : Enabled
    And now what I received from Tomato:

    Code:
    Ethernet adapter Ethernet 8:
     
      Connection-specific DNS Suffix  . :
      Description . . . . . . . . . . . : Plugable Ethernet
      Physical Address. . . . . . . . . : 00-50-B6-5E-BB-DA
      DHCP Enabled. . . . . . . . . . . : Yes
      Autoconfiguration Enabled . . . . : Yes
      IPv6 Address. . . . . . . . . . . : ****:****:bdae:6b20:f947:723:90e:b527(Pref
    erred)
      Temporary IPv6 Address. . . . . . : ****:****:bdae:6b20:a470:89bd:2b3c:267d(Pr
    eferred)
      Link-local IPv6 Address . . . . . : fe80::f947:723:90e:b527%54(Preferred)
      IPv4 Address. . . . . . . . . . . : 192.168.10.12(Preferred)
      Subnet Mask . . . . . . . . . . . : 255.255.255.0
      Lease Obtained. . . . . . . . . . : Saturday, September 28, 2013 8:19:42 AM
      Lease Expires . . . . . . . . . . : Saturday, September 28, 2013 8:29:41 AM
      Default Gateway . . . . . . . . . : fe80::5246:5dff:fece:2b0%54
                                          192.168.10.1
      DHCP Server . . . . . . . . . . . : 192.168.10.1
      DNS Servers . . . . . . . . . . . : 192.168.10.1
      NetBIOS over Tcpip. . . . . . . . : Enabled

    My IPv6 on the router is configured with DHCP Prefix Delegation:

    Code:
    Prefix length: 64
    Static: DNS:  2620:0:ccc::2
     2620:0:ccd::2
    Accept RA: Wan
    

    Anything else to look at or configure?
     
  73. Lorenceo

    Lorenceo Networkin' Nut Member

    My computers get their prefix and v6 address info, but cannot ping anything, and nor can the router.
    As my connection is PPPoE the MTU is 1492. The router advertisements show the MTU as 1500, which will break many v6 websites as v6 does not support packet fragmentation.

    @RonV Is your N66U getting an external IPv4 address or an internal one on its WAN port? It might be receiving the v6 information from your ATT router/modem, and getting running behind the v4 NAT of the router/modem? It's odd that you can ping v6 hosts but @khris972 and I cannot.
     
  74. khris972

    khris972 Networkin' Nut Member

    I forgot to mention that I need to add these Two lines in Administration/script

    Init
    ebtables -t broute -A BROUTING -i vlan2 -p ! ipv6 -j DROP

    And Wan up
    brctl addif br0 vlan2

    Without these two lines i cannot get ipv6 IP on my Pc
     
  75. MrJman

    MrJman Reformed Router Member

    With respect to my IPv6 question above: I DLed V1.2h1 and will test it after the more experienced users have some time on it. Is it possible that V1.2h1 will correct my inability to get a v6 connection?

    With respect to my Jumbo Frame problem. I assume it is well know that the BCM53115 supports JF.
    Is it possible that the E4200 would more likely have a working JF. What chipset does it use? - EDIT: Answer is BCM53115, same as the E3000.
    Thanks and enjoy, John.
     
    Last edited: Sep 28, 2013
  76. Toastman

    Toastman Super Moderator Staff Member Member

    Quick comment on the ipv6 thing ... I have had several PM's saying that native ipv6 works fine for them, and many that say it doesn't. It seems that the providers have different ideas on how to provide native ipv6! I don't have any way to test it here unfortunately...
     
  77. nurofen

    nurofen Serious Server Member

    Sorry, do not know much language to explain :)

    Make a video in Russian on his blog ;) http://gosha.me/

    But not how to remove certain menu items? And what versions are installed and IGMPproxy, Udpxy?
     
    Last edited: Sep 28, 2013
  78. RonV

    RonV Network Guru Member

    It's working now!

    IPv6....just started working...I left to take my son to swimming and bam when I got home went to ipv6.google.com and the page painted. Then did a ping and got an IPv6 ping test successfully. And then from the Test IPv6 web site got this:

    Code:
    Test with IPv4 DNS record  ok (0.100s) using ipv4
    Test with IPv6 DNS record  ok (0.107s) using ipv6
    Test with Dual Stack DNS record  ok (0.107s) using ipv6
    Test for Dual Stack DNS and large packet  ok (0.113s) using ipv6
    Test IPv4 without DNS  ok (0.105s) using ipv4
    Test IPv6 without DNS  ok (0.184s) using ipv6
    Test IPv6 large packet  ok (0.186s) using ipv6
    Test if your ISP's DNS server uses IPv6  bad (0.046s)
    Find IPv4 Service Provider  ok (0.123s) using ipv4 ASN 7018
    Find IPv6 Service Provider  ok (0.174s) using ipv6 ASN 7018
    

    My router is getting it's IPv4 address from the AT&T Gateway which is configured as IP pasthrough. So my WAN port has a real static IPv4 address. In theory the router role for IPv6 for native is just to all direct IPv6 to IPv6.
     
    Last edited: Sep 28, 2013
  79. nurofen

    nurofen Serious Server Member

  80. RonV

    RonV Network Guru Member

    Darn I was putting in the rest of my configurations and now IPv6 has stopped working....very strange. I will have to back out the changes and see what happens. Don't know exactly what configuration step casued these to show up I the log. This looks like the IPv6 DNS requests being blocked.

    Also the ping from the router to ipv6.google.com no longer replies....


    Found the issue...backed everything out and every time I enable QOS IPv6 pings fail and cannot access any IPv6 sites.

    Now adding back everything one step at a time except for QOS....
     
    Last edited: Sep 28, 2013
  81. Victek

    Victek Network Guru Member

    Interesting .. OK.. let's see more tests. Thank you very much to all guys testing ipv6 ;)

    @nurofen, no RT-12Nc1, no options to delete or modify the GUI. ;)
     
  82. nurofen

    nurofen Serious Server Member

    @Victek, thank you, advise a friend to buy
    LINKSYS E900-EE :)

    And what versions are installed and IGMPproxy, Udpxy?
     
  83. koitsu

    koitsu Network Guru Member

    Victek asked me to try and help out with the IPv6 situation. The best I can do right now is enable IPv6 on my RT-N16 running tomato-K26USB-1.28.0503MIPSR2Toastman-RT-N-Ext.trx which uses dnsmasq for RA propagation between WAN and LAN, but I can only test from the router itself. So today I enabled IPv6. Relevant information:

    1. ISP:

    Comcast (in northern California / Silicon Valley)

    2. Settings:

    * Basic / IPv6 / IPv6 Service Type: DHCPv6 with Prefix Delegation
    * Basic / IPv6 / Prefix Length: 64 (this is normal for Comcast)
    * Basic / IPv6 / Accept RA from: [*] WAN [ ] LAN (meaning LAN is unchecked (the default); this applies to my setup, keep reading)

    3. More settings, but whether or not you need these depends on if you've seen these kernel messages in the past. It does not hurt to have these set regardless, but I want to make that point clear:

    * Scripts / Init:

    Code:
    #
    # Increase ARP cache sizes and GC thresholds; may alleviate "Neighbour table
    # overflow" warnings that some users are seeing.  Do this for both IPv4 and
    # IPv6.
    #
    # http://www.linksysinfo.org/index.php?threads/ipv6-and-comcast.38006/page-2#post-184563
    #
    echo  256 > /proc/sys/net/ipv4/neigh/default/gc_thresh1
    echo 1024 > /proc/sys/net/ipv4/neigh/default/gc_thresh2
    echo 2048 > /proc/sys/net/ipv4/neigh/default/gc_thresh3
    echo  256 > /proc/sys/net/ipv6/neigh/default/gc_thresh1
    echo 1024 > /proc/sys/net/ipv6/neigh/default/gc_thresh2
    echo 2048 > /proc/sys/net/ipv6/neigh/default/gc_thresh3
    
    4. I do not have any IPv6-capable clients on my LAN at this time. The best I could do would be to bring up a FreeBSD VM in VirtualBox, but I'm not sure how the guest vs. host networking layer could interfere with IPv6 because my workstation is a Windows XP SP3 system (and there is no way in hell I'm installing Teredo etc. -- yes I'm aware how to do it, do not ask me to do so -- I will not).

    Anyway, with all these settings, things worked fine. "Worked fine" means the following:

    1. I was able to see a very large number of IPv6 routes being advertised by Comcast and picked up by the Linux kernel (visible via route -A inet6 -n):

    Code:
    root@gw:/tmp/home/root# route -A inet6 -n
    ...
    ff02::1/128  ff02::1  UC  0  381  0 vlan2
    ff02::2/128  ff02::2  UC  0  6  0 vlan2
    ff02::1:2/128  ff02::1:2  UC  0  6  0 vlan2
    ff02::1:ff00:0/128  ff02::1:ff00:0  UC  0  6  0 vlan2
    ff02::1:ff00:1/128  ff02::1:ff00:1  UC  0  6  0 vlan2
    ff02::1:ff02:af84/128  ff02::1:ff02:af84  UC  0  2  0 vlan2
    ff02::1:ff04:57d4/128  ff02::1:ff04:57d4  UC  0  11  0 vlan2
    ff02::1:ff04:6131/128  ff02::1:ff04:6131  UC  0  1  0 vlan2
    ff02::1:ff04:6b74/128  ff02::1:ff04:6b74  UC  0  2  0 vlan2
    ff02::1:ff04:6eb4/128  ff02::1:ff04:6eb4  UC  0  2  0 vlan2
    ff02::1:ff05:2fdd/128  ff02::1:ff05:2fdd  UC  0  2  0 vlan2
    ff02::1:ff05:6034/128  ff02::1:ff05:6034  UC  0  2  0 vlan2
    ff02::1:ff05:7ee4/128  ff02::1:ff05:7ee4  UC  0  2  0 vlan2
    ff02::1:ff05:ac1f/128  ff02::1:ff05:ac1f  UC  0  2  0 vlan2
    ff02::1:ff07:7f32/128  ff02::1:ff07:7f32  UC  0  2  0 vlan2
    ff02::1:ff08:bdb2/128  ff02::1:ff08:bdb2  UC  0  2  0 vlan2
    ff02::1:ff08:d188/128  ff02::1:ff08:d188  UC  0  2  0 vlan2
    ff02::1:ff08:f4de/128  ff02::1:ff08:f4de  UC  0  2  0 vlan2
    ff02::1:ff09:a42/128  ff02::1:ff09:a42  UC  0  2  0 vlan2
    ...and many others...
    
    2. I could see many relevant ICMPv6 packets flowing back and forth with tcpdump, but the easiest way to do this is just to use ip6tables -L INPUT -n -v and look at packet counters:

    Code:
    root@gw:/tmp/home/root# ip6tables -L INPUT -n -v
    Chain INPUT (policy DROP 0 packets, 0 bytes)
    pkts bytes target  prot opt in  out  source  destination
      0  0 DROP  all  *  *  ::/0  ::/0  rt type:0
      13  1712 ACCEPT  all  *  *  ::/0  ::/0  state RELATED,ESTABLISHED
      0  0 ACCEPT  59  *  *  ::/0  ::/0  length 40
      8  1024 ACCEPT  all  br0  *  ::/0  ::/0
      0  0 ACCEPT  all  lo  *  ::/0  ::/0
      0  0 ACCEPT  udp  *  *  ::/0  ::/0  udp dpt:546
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 1
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 2
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 3
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 4
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 128
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 129
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 130
      122  8784 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 131
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 132
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 133
      363 43560 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 134
      12  864 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 135
      3  216 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 136
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 141
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 142
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 143
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 148
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 149
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 151
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 152
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 153
    
    3. ifconfig clearly shows that the WAN-side link local /64 address (for the vlan2 interface) gets assigned properly, meaning the router itself should be able to talk to IPv6 hosts on the Internet (more on that in a moment):

    Code:
    root@gw:/tmp/home/root# ifconfig vlan2
    vlan2  Link encap:Ethernet  HWaddr 10:BF:48:E6:F4:6A
      inet addr:76.102.14.35  Bcast:76.102.15.255  Mask:255.255.252.0
      inet6 addr: fe80::12bf:48ff:fee6:f46a/64 Scope:Link
      UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
      RX packets:65766 errors:0 dropped:0 overruns:0 frame:0
      TX packets:8198 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0
      RX bytes:4693165 (4.4 MiB)  TX bytes:758575 (740.7 KiB)
    
    4. The /128 address gets assigned to interface lo as well (verified with route -A inet6 -n):

    Code:
    root@gw:/tmp/home/root# route -A inet6 -n
    ...
    ::1/128  ::  U  0  0  1 lo
    2601:9:3440:6e::/128  ::  U  0  0  2 lo
    2601:9:3440:6e:12bf:48ff:fee6:f469/128  ::  U  0  13  1 lo
    ...
    
    5. The default IPv6 gateway is picked up as well (note to readers, this is not done via DHCPv6, this is accomplished via IPv6 RAs received by the ISP, and can sometimes take a while to get picked up. This may be what RonV was seeing, re: "IPv6 says it's working but it isn't", but that's speculation on my part):

    Code:
    root@gw:/tmp/home/root# route -A inet6 -n
    ...
    ::/0  fe80::201:5cff:fe62:ac46  UGDA  1024  19  0 vlan2
    
    6. ping6 ipv6.google.com from the router itself works as #3 above alludes to:

    Code:
    root@gw:/tmp/home/root# ping6 ipv6.google.com
    PING ipv6.google.com (2607:f8b0:4005:800::1011): 56 data bytes
    64 bytes from 2607:f8b0:4005:800::1011: seq=0 ttl=56 time=12.709 ms
    64 bytes from 2607:f8b0:4005:800::1011: seq=1 ttl=56 time=12.042 ms
    64 bytes from 2607:f8b0:4005:800::1011: seq=2 ttl=56 time=12.014 ms
    
    --- ipv6.google.com ping statistics ---
    3 packets transmitted, 3 packets received, 0% packet loss
    round-trip min/avg/max = 12.014/12.255/12.709 ms
    
    7. Status shows both a Router IPv6 Address and a IPv6 Link-local Address (which would be what would get advertised via IPv6 RAs across the LAN to IPv6 clients on the LAN, but as I said above I do not have any):

    Code:
    Router IPv6 Address 2601:9:3440:6e:12bf:48ff:fee6:f469
    IPv6 Link-local Address fe80::12bf:48ff:fee6:f469
    
    So, from my perspective, things look good using Comcast here in my area, and simply enabling IPv6 as I described above. Again: I have not tested LAN RA advertisement (not to mention what I said near the top).

    This is the best I can do for now.
     
    Derbo, Toastman and Elfew like this.
  84. RonV

    RonV Network Guru Member

    I put all my configuration back together, VPN, DNS Poisoning for Ad blocking, NGINX web site, etc. So far IPv6 is holding up. Again the only thing that breaks IPv6 is enabling QOS.

    When I ping my Windows Server, Windows 7 and Windows 8 devices they names are resolving to IPv6 addresses and discovery services seem to be working. I can see the router advertisements in the log at random times.

    I am getting dual stack resolution pinging from a windows 8 machine to a IPv4 device by name resolves to an IPv4 address, and then the same to a IPv6 device resolves to a IPv6 address.

    Advertisements from Log:

    Code:
    Sep 28 15:31:24 rtr-gateway-n66r daemon.info dnsmasq-dhcp[3536]: RTR-ADVERT(br0) ****:****:bdae:6b2f::
    Sep 28 15:31:39 rtr-gateway-n66r daemon.info dnsmasq-dhcp[3536]: RTR-ADVERT(br0) ****:****:bdae:6b2f::
    Sep 28 15:31:45 rtr-gateway-n66r daemon.info dnsmasq-dhcp[3536]: RTR-ADVERT(br0) ****:****:bdae:6b2f::
    Sep 28 15:32:02 rtr-gateway-n66r daemon.info dnsmasq-dhcp[3536]: RTR-ADVERT(br0) ****:****:bdae:6b2f::
    Sep 28 15:32:17 rtr-gateway-n66r daemon.info dnsmasq-dhcp[3536]: RTR-ADVERT(br0) ****:****:bdae:6b2f::
    Sep 28 15:32:23 rtr-gateway-n66r daemon.info dnsmasq-dhcp[3536]: RTR-ADVERT(br0) ****:****:bdae:6b2f::
    Sep 28 15:32:34 rtr-gateway-n66r daemon.info dnsmasq-dhcp[3536]: RTR-ADVERT(br0) ****:****:bdae:6b2f::
    Sep 28 15:42:28 rtr-gateway-n66r daemon.info dnsmasq-dhcp[3536]: RTR-ADVERT(br0) ****:****:bdae:6b2f::
    Sep 28 15:50:55 rtr-gateway-n66r daemon.info dnsmasq-dhcp[3536]: RTR-ADVERT(br0) ****:****:bdae:6b2f::
    Sep 28 15:59:08 rtr-gateway-n66r daemon.info dnsmasq-dhcp[3536]: RTR-ADVERT(br0) ****:****:bdae:6b2f::
    
    IP Tables for IPv6 look ok with counters increasing:

    Code:
     ip6tables -L INPUT -n -v
    Chain INPUT (policy DROP 0 packets, 0 bytes)
     pkts bytes target  prot opt in  out  source  destination
      0  0 restrict  udp  !lo  *  ::/0  ::/0  udp dpt:53
      0  0 DROP  all  *  *  ::/0  ::/0  rt type:0
      685  109K ACCEPT  all  *  *  ::/0  ::/0  state RELATED,ESTABLISHED
      0  0 ACCEPT  59  *  *  ::/0  ::/0  length 40
      877 65944 ACCEPT  all  br0  *  ::/0  ::/0
      0  0 ACCEPT  all  lo  *  ::/0  ::/0
      0  0 ACCEPT  udp  *  *  ::/0  ::/0  udp dpt:546
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 1
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 2
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 3
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 4
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 128
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 129
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 130
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 131
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 132
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 133
     1327  170K ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 134
      446 32112 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 135
      251 16064 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 136
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 141
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 142
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 143
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 148
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 149
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 151
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 152
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 153
    
    And finally routing tables:

    Code:
    route -A inet6 -n
    Kernel IPv6 routing table
    Destination  Next Hop  Flags Metric Ref  Use Iface
    ****:****:bdae:6b20::/64  ::  UA  256  0  0 vlan2
    ****:****:bdae:6b2f:a470:89bd:2b3c:267d/128  ****:****:bdae:6b2f:a470:89bd:2b3c:267d  UC  0  5  0 br0
    ****:****:bdae:6b2f::/64  ::  U  256  0  0 br0
    fe80::/64  ::  U  256  0  0 vlan1
    fe80::/64  ::  U  256  0  0 eth2
    fe80::/64  ::  U  256  0  0 br0
    fe80::/64  ::  U  256  0  0 vlan2
    ::/0  fe80::b277:acff:fecf:a30  UGDA  1024  37146  0 vlan2
    ::1/128  ::  U  0  0  1 lo
    ****:****:bdae:6b20::/128  ::  U  0  1568  2 lo 
    ****:****:bdae:6b20:5246:5dff:fece:2b1/128  ::  U  0  991  1 lo
    ****:****:bdae:6b2f::/128  ::  U  0  0  2 lo
    ****:****:bdae:6b2f:5246:5dff:fece:2b0/128  ::  U  0  416  1 lo
    fe80::/128  ::  U  0  0  2 lo
    fe80::/128  ::  U  0  0  2 lo
    fe80::/128  ::  U  0  0  2 lo
    fe80::/128  ::  U  0  0  2 lo
    fe80::5246:5dff:fece:2b0/128  ::  U  0  0  1 lo
    fe80::5246:5dff:fece:2b0/128  ::  U  0  1013  1 lo 
    fe80::5246:5dff:fece:2b1/128  ::  U  0  535  1 lo
    fe80::5246:5dff:fece:2b4/128  ::  U  0  0  1 lo
    ff02::1/128  ff02::1  UC  0  1569  0 vlan2 
    ff02::1:3/128  ff02::1:3  UC  0  450  0 br0
    ff00::/8  ::  U  256  0  0 vlan1
    ff00::/8  ::  U  256  0  0 eth2
    ff00::/8  ::  U  256  0  0 br0
    ff00::/8  :: 
    
     
  85. Victek

    Victek Network Guru Member

    Ok, then go to see what's going on with QoS and ipv6.
     
  86. RonV

    RonV Network Guru Member

    It's getting late here but I have a copy of the two routing tables. There are differences but I have not dug very deep. Maybe with a good eye someone here can help. If not I'll have to try to decode in the morning.


    Routing without QOS:

    Code:
    route -A inet6 -n
    Kernel IPv6 routing table
    Destination                                Next Hop                                Flags Metric Ref    Use Iface
    ****:****:bdae:6b20::/64                    ::                                      UA    256    0        0 vlan2
    ****:****:bdae:6b2f:a470:89bd:2b3c:267d/128  ****:****:bdae:6b2f:a470:89bd:2b3c:267d  UC    0      1        0 br0
    ****:****:bdae:6b2f::/64                    ::                                      U    256    0        0 br0
    fe80::/64                                  ::                                      U    256    0        0 vlan1
    fe80::/64                                  ::                                      U    256    0        0 eth2
    fe80::/64                                  ::                                      U    256    0        0 br0
    fe80::/64                                  ::                                      U    256    0        0 vlan2
    ::/0                                        fe80::b277:acff:fecf:a30                UGDA  1024  209      0 vlan2
    ::1/128                                    ::                                      U    0      0        1 lo
    ****:****:bdae:6b20::/128                    ::                                      U    0      3920      2 lo
    ****:****:bdae:6b20:5246:5dff:fece:2b1/128  ::                                      U    0      2550      1 lo
    ****:****:bdae:6b2f::/128                    ::                                      U    0      0        2 lo
    ****:****:bdae:6b2f:5246:5dff:fece:2b0/128  ::                                      U    0      1324      1 lo
    fe80::/128                                  ::                                      U    0      0        2 lo
    fe80::/128                                  ::                                      U    0      0        2 lo
    fe80::/128                                  ::                                      U    0      0        2 lo
    fe80::/128                                  ::                                      U    0      0        2 lo
    fe80::5246:5dff:fece:2b0/128                ::                                      U    0      0        1 lo
    fe80::5246:5dff:fece:2b0/128                ::                                      U    0      2264      1 lo
    fe80::5246:5dff:fece:2b1/128                ::                                      U    0      1288      1 lo
    fe80::5246:5dff:fece:2b4/128                ::                                      U    0      0        1 lo
    ff02::1/128                                ff02::1                                UC    0      3921      0 vlan2
    ff02::c/128                                ff02::c                                UC    0      1        0 br0
    ff02::1:2/128                              ff02::1:2                              UC    0      1        0 br0
    ff02::1:3/128                              ff02::1:3                              UC    0      581      0 br0
    ff00::/8                                    ::                                      U    256    0        0 vlan1
    ff00::/8                                    ::                                      U    256    0        0 eth2
    ff00::/8                                    ::                                      U    256    0        0 br0
    ff00::/8                                    ::                                      U    256    0        0 vlan2
    

    Routing with QOS

    Code:
    route -A inet6 -n
    Kernel IPv6 routing table
    Destination                                Next Hop                                Flags Metric Ref    Use Iface
    ****:****:bdae:6b20::/64                    ::                                      UA    256    0        0 vlan2
    ****:****:bdae:6b2f:a470:89bd:2b3c:267d/128  ****:****:bdae:6b2f:a470:89bd:2b3c:267d  UC    0      2        0 br0
    ****:****:bdae:6b2f:cad1:bff:fea6:7b6c/128  ****:****:bdae:6b2f:cad1:bff:fea6:7b6c  UC    0      1        0 br0
    ****:****:bdae:6b2f:d2df:c7ff:fea8:cfa8/128  ****:****:bdae:6b2f:d2df:c7ff:fea8:cfa8  UC    0      1        0 br0
    ****:****:bdae:6b2f::/64                    ::                                      U    256    0        0 br0
    fe80::5246:5dff:fece:2b1/128                fe80::5246:5dff:fece:2b1                UC    0      58      0 vlan1
    fe80::b277:acff:fecf:a30/128                fe80::b277:acff:fecf:a30                UC    0      11      3 vlan1
    fe80::/64                                  ::                                      U    256    0        0 vlan1
    fe80::/64                                  ::                                      U    256    0        0 eth2
    fe80::/64                                  ::                                      U    256    0        0 br0
    fe80::/64                                  ::                                      U    256    0        0 vlan2
    ::/0                                        fe80::b277:acff:fecf:a30                UGDA  1024  95      0 vlan2
    ::1/128                                    ::                                      U    0      0        1 lo
    ****:****:bdae:6b20::/128                    ::                                      U    0      3827      2 lo
    ****:****:bdae:6b20:5246:5dff:fece:2b1/128  ::                                      U    0      2499      1 lo
    ****:****:bdae:6b2f::/128                    ::                                      U    0      0        2 lo
    ****:****:bdae:6b2f:5246:5dff:fece:2b0/128  ::                                      U    0      1292      1 lo
    fe80::/128                                  ::                                      U    0      0        2 lo
    fe80::/128                                  ::                                      U    0      0        2 lo
    fe80::/128                                  ::                                      U    0      0        2 lo
    fe80::/128                                  ::                                      U    0      0        2 lo
    fe80::5246:5dff:fece:2b0/128                ::                                      U    0      0        1 lo
    fe80::5246:5dff:fece:2b0/128                ::                                      U    0      2212      1 lo
    fe80::5246:5dff:fece:2b1/128                ::                                      U    0      1264      1 lo
    fe80::5246:5dff:fece:2b4/128                ::                                      U    0      0        1 lo
    ff02::1/128                                ff02::1                                UC    0      3828      0 vlan2
    ff02::1:2/128                              ff02::1:2                              UC    0      1        0 br0
    ff02::1:3/128                              ff02::1:3                              UC    0      487      0 br0
    ff02::1:ffce:2b1/128                        ff02::1:ffce:2b1                        UC    0      67      0 vlan2
    ff02::1:ffcf:a30/128                        ff02::1:ffcf:a30                        UC    0      2        0 vlan1
    ff00::/8                                    ::                                      U    256    0        0 vlan1
    ff00::/8                                    ::                                      U    256    0        0 eth2
    ff00::/8                                    ::                                      U    256    0        0 br0
    ff00::/8                                    ::                                      U    256    0        0 vlan2
    
     
  87. koitsu

    koitsu Network Guru Member

    The routing tables in IPv6 will change rapidly given the nature of how IPv6 RAs propagate in general. They may change every few seconds, or every few minutes; route changes are constantly happening on the Internet in general too, this is just how routing works. Welcome to how the Internet actually works and what network engineers deal with 24x7x365. :)

    I think seeing your QoS rules -- there is some tc command/flag that can be used to look at these -- combined with ifconfig -a would be more relevant, as well as knowing what EXACT type of IPv6 setup you're using (please see my above post for an example of what you need to provide). ip6tables -L -n -v would also be useful, although I don't remember all the table names (there are some which are in iptables that are not in ip6tables, ex. nat).

    I also ask that people participating please stop editing/hiding information. Your paranoia is mostly unjustified. It makes troubleshooting network virtually impossible, and I pretty much throw out any PRs (problem reports) where people hide/edit information.

    I myself do not use QoS. I've added this to my ever-growing list of reasons not to, haha. :) (I'm a KISS principle person, QoS violates that in a lot of ways; the simpler/less features of something you use, the better off you are)

    I will mention there is already one user in this thread who is trying to use recent TomatoUSB builds with IPv6 without success, but his configuration is uncommon here in the United States (specifically it's DHCPv6 backed by PPPoE which uses some sort of unique VLAN identifier (I do not know how this has anything to do with PPPoE) and and IPv6 prefix length that is not common or is not what his ISP delegates (speculative on my part)).
     
  88. nurofen

    nurofen Serious Server Member

    [​IMG]

    Rate my speeds of up to 100 mb/c :)
     
  89. Lorenceo

    Lorenceo Networkin' Nut Member

    I assume you're referring to me. My ISP offers service over ADSL2+, VDSL2 and FTTH. I am currently connected via VDSL2, previously via ADSL2+. Fibre is not available where I live. :(
    Authentication is done via PPPoE on all connection mediums, and in order to connect all packets must be tagged as VLAN 10. If packets are not tagged as VLAN 10 the internet will not connect.
    This is because the wholesaler they use (nearly every ISP in my country uses this same wholesaler, which provides xDSL and FTTH) requires it to determine the difference between general internet traffic (VLAN 10) and high priority traffic such as VOIP (VLAN 4). I do not have any services which require high priority, so all packets are tagged as VLAN 10 as they leave the router.
    IPv6 is provided through DHCPv6-PD, and my ISP hands out a /48 prefix. While this seems too big to me, they have a large address space to waste at the moment. I suspect they will eventually reduce the prefix allocation to /64, but for now they give out /48s.

    I am currently using an Asus RT-N16, which is running Tomato Firmware v1.28.7501 MIPSR2Toastman-RT K26 USB VPN-NOCAT. It is an older version which uses radvd for router advertisements. When I first enabled IPv6 (around April or May 2012) TomatoUSB was using radvd for router advertisements. When I first enabled it I had issues with some websites not working over IPv6. I eventually found this was an MTU issue. IPv6 does not support packet fragmentation, and clients assume that the MTU announced to them in router advertisements is correct.
    Since I have to authenticate via PPPoE, and all traffic is passed through this PPP tunnel, all packets have an MTU of 1492. If clients receive a router advertisement with the MTU as 1500, they will try and send 1500 byte packets and fail.
    With the old version 1.28.7501 of TomatoUSB, radvd ignores information entered in its GUI under Basic/IPv6. Regardless of what settings are entered in here, it seems to run the default radvd.conf. This config announces a /64 with 1500 MTU. The /64 part does not cause any issues, as /64 is smaller than /48, so I just end up using less of my /48 allocation. Unfortunately the incorrect MTU issue breaks many websites. The most notable website which it breaks is Facebook.
    In order to counter this I have router advertisements disabled under Basic/IPv6, and have written a custom radvd.conf into the NVRAM. When the router boots it will execute radvd with this custom config file. The radvd.conf has the correct MTU in it, and IPv6 will then work properly.
    This works for a while, but radvd will crash after around 24 hours, give or take with a sigint fault. It does not get restarted automatically by the router. I posted on these forums about these problems last year when I encountered them, but nothing came of it.

    In order to get around this problem I have a script scheduled to run every 3 minutes. It checks whether radvd is running or not, and if it has crashed it restarts it.
    Apart from when someone on the LAN is using an IPv6 service when radvd crashes, using this setup has worked quite well. v6 works as long as radvd is running, and if it crashes it just needs to be restarted to make v6 work again.

    When TomatoUSB moved to using dnsmasq for router advertisements I noticed that it broke IPv6. I posted on these forums about it, but nothing came of it. Since I already had a mostly working solution, I went back to the older version and running radvd manually. I probably should've been more proactive about making people aware of it not working.

    I have recently started posting about these v6 issues again as my RT-N16 is dying. It spontaneously reboots which can be very annoying, so I bought an RT-N66U to replace it. I attempted to flash the N66U with TomatoUSB. I was unable to find a version of TomatoUSB with radvd which would run on it. Since it is hardware revision B1, older versions won't run on it.

    I greatly appreciate all the work that people put into this firmware. IMO it is the best solution available at the moment. I want to help getting IPv6 working properly on TomatoUSB.

    1. ISP:
    Snap (New Zealand)

    2. Settings:
    * Basic / IPv6 / IPv6 Service Type: DHCPv6 with Prefix Delegation
    * Basic / IPv6 / Prefix Length: 48
    * Basic / IPv6 / Accept RA from: [] WAN [ ] LAN
    * Enable Router Advertisements: []

    Here are the results of the above commands from my N16 with IPv6 working (with the custom radvd.conf):
    route -A inet6 -n
    Code:
    Kernel IPv6 routing table
    Destination  Next Hop  Flags Metric Ref  Use Iface
    2001:4c48:2:8400:dead:beef:c0de:face/128  2001:4c48:2:8400:dead:beef:c0de:face  UC  0  9  0 ppp0
    2406:e000:XXXX:0:XXXX:69a4:6a7f:XXXX/128  2406:e000:XXXX:0:XXXX:69a4:6a7f:XXXX  UC  0  9  0 br0
    2406:e000:e28d::/64  ::  U  256  0  0 br0
    fe80::/64  ::  U  256  0  0 eth0
    fe80::/64  ::  U  256  0  0 vlan1
    fe80::/64  ::  U  256  0  0 eth1
    fe80::/64  ::  U  256  0  0 br0
    fe80::/64  ::  U  256  0  0 vlan10
    fe80::/64  ::  U  256  0  0 ppp0
    fe80::/10  ::  U  1  0  0 ppp0
    fe80::/10  ::  U  256  0  0 ppp0
    ::/0  ::  U  1024  0  0 ppp0
    ::1/128  ::  U  0  0  1 lo
    2406:e000:XXXX::/128  ::  U  0  0  2 lo
    2406:e000:e28d:0:beae:c5ff:fec3:XXXX/128  ::  U  0  0  1 lo
    fe80::/128  ::  U  0  0  2 lo
    fe80::/128  ::  U  0  0  2 lo
    fe80::/128  ::  U  0  0  2 lo
    fe80::/128  ::  U  0  0  2 lo
    fe80::/128  ::  U  0  0  2 lo
    fe80::/128  ::  U  0  0  2 lo
    fe80::a898:e95e:ba80:9aad/128  ::  U  0  3  1 lo
    fe80::beae:c5ff:fec3:XXXX/128  ::  U  0  0  1 lo
    fe80::beae:c5ff:fec3:XXXX/128  ::  U  0  0  1 lo
    fe80::beae:c5ff:fec3:XXXX/128  ::  U  0  3174  1 lo
    fe80::beae:c5ff:fec3:XXXX/128  ::  U  0  0  1 lo
    fe80::beae:c5ff:fec3:XXXX/128  ::  U  0  0  1 lo
    ff02::1/128  ff02::1  UC  0  1  0 br0
    ff02::1:2/128  ff02::1:2  UC  0  2  0 ppp0
    ff02::1:ffc3:XXXX/128  ff02::1:ffc3:XXXX  UC  0  1  0 br0
    ff00::/8  ::  U  256  1  0 eth0
    ff00::/8  ::  U  256  0  0 vlan1
    ff00::/8  ::  U  256  0  0 eth1
    ff00::/8  ::  U  256  0  0 br0
    ff00::/8  ::  U  256  0  0 vlan10
    ff00::/8  ::  U  256  0  0 ppp0
    
    ip6tables -L INPUT -n -v
    Code:
    Chain INPUT (policy DROP 0 packets, 0 bytes)
    pkts bytes target  prot opt in  out  source  destination
      0  0 DROP  all  *  *  ::/0  ::/0  rt type:0
      0  0 ACCEPT  all  *  *  ::/0  ::/0  state RELATED,ESTABLISHED
      0  0 ACCEPT  59  *  *  ::/0  ::/0  length 40
    6951  709K ACCEPT  all  br0  *  ::/0  ::/0
      0  0 ACCEPT  all  lo  *  ::/0  ::/0
      2  296 ACCEPT  udp  *  *  ::/0  ::/0  udp dpt:546
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 1
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 2
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 3
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 4
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 128
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 129
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 130
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 131
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 132
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 133
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 134
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 135
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 136
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 141
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 142
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 143
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 148
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 149
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 151
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 152
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 153
    
    ifconfig
    Code:
    br0 Link encap:Ethernet HWaddr BC:AE:C5:C3:XX:XX
    inet addr:192.168.2.1 Bcast:192.168.2.255 Mask:255.255.255.0
    inet6 addr: 2406:e000:XXXX:0:beae:c5ff:fec3:XXXX/64 Scope:Global
    inet6 addr: fe80::beae:c5ff:fec3:XXXX/64 Scope:Link
    UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
    RX packets:12663005 errors:0 dropped:0 overruns:0 frame:0
    TX packets:16430535 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:0
    RX bytes:3608610994 (3.3 GiB) TX bytes:2120194241 (1.9 GiB)
    
    eth0 Link encap:Ethernet HWaddr BC:AE:C5:C3:XX:XX
    inet6 addr: fe80::beae:c5ff:fec3:XXXX/64 Scope:Link
    UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
    RX packets:24946363 errors:0 dropped:0 overruns:0 frame:0
    TX packets:22296243 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:1000
    RX bytes:996510095 (950.3 MiB) TX bytes:2036883318 (1.8 GiB)
    Interrupt:4 Base address:0x2000
    eth1 Link encap:Ethernet HWaddr BC:AE:C5:C3:XX:XX
    inet6 addr: fe80::beae:c5ff:fec3:XXXX/64 Scope:Link
    UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
    RX packets:3276265 errors:0 dropped:0 overruns:0 frame:1024060
    TX packets:6155858 errors:37 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:1000
    RX bytes:236926747 (225.9 MiB) TX bytes:3968298689 (3.6 GiB)
    Interrupt:3 Base address:0x1000
    
    imq0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
    UP RUNNING NOARP MTU:1500 Metric:1
    RX packets:6893618 errors:0 dropped:0 overruns:0 frame:0
    TX packets:6893618 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:30
    RX bytes:248851803 (237.3 MiB) TX bytes:248851803 (237.3 MiB)
    
    lo Link encap:Local Loopback
    inet addr:127.0.0.1 Mask:255.0.0.0
    inet6 addr: ::1/128 Scope:Host
    UP LOOPBACK RUNNING MULTICAST MTU:16436 Metric:1
    RX packets:4253 errors:0 dropped:0 overruns:0 frame:0
    TX packets:4253 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:0
    RX bytes:708810 (692.1 KiB) TX bytes:708810 (692.1 KiB)
    
    ppp0 Link encap:Point-to-Point Protocol
    inet addr:111.69.XXX.XXX P-t-P:111.69.17.16 Mask:255.255.255.255
    inet6 addr: fe80::a898:e95e:ba80:XXXX/10 Scope:Link
    UP POINTOPOINT RUNNING MULTICAST MTU:1492 Metric:1
    RX packets:15554279 errors:0 dropped:0 overruns:0 frame:0
    TX packets:11951040 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:3
    RX bytes:1199921617 (1.1 GiB) TX bytes:3465599613 (3.2 GiB)
    
    vlan1 Link encap:Ethernet HWaddr BC:AE:C5:C3:XX:XX
    inet6 addr: fe80::beae:c5ff:fec3:XXXX/64 Scope:Link
    UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
    RX packets:9390474 errors:0 dropped:0 overruns:0 frame:0
    TX packets:10344915 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:0
    RX bytes:3455638459 (3.2 GiB) TX bytes:2555501281 (2.3 GiB)
    
    vlan10 Link encap:Ethernet HWaddr BC:AE:C5:C3:XX:XX
    inet addr:192.168.1.2 Bcast:0.0.0.0 Mask:255.255.255.255
    inet6 addr: fe80::beae:c5ff:fec3:XXXX/64 Scope:Link
    UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
    RX packets:15555889 errors:0 dropped:0 overruns:0 frame:0
    TX packets:11951321 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:0
    RX bytes:1386804398 (1.2 GiB) TX bytes:3776348675 (3.5 GiB)
    
    Status:
    Code:
    Router IPv6 Address    2406:e000:XXXX:0:beae:c5ff:fec3:XXXX
    IPv6 Link-local Address    fe80::beae:c5ff:fec3:XXXX
     
    Last edited: Sep 29, 2013
  90. Lorenceo

    Lorenceo Networkin' Nut Member

    Well this is interesting.
    I've just connected the N66U to get the above command results from it, and IPv6 is working on it. Perhaps I didn't leave it connected for long enough when I tried yesterday.
    Yay!

    Unfortunately the MTU is still incorrect in the router advertisements (1500 when it should be 1492), which breaks many websites. But, definitely progress. Well done @Victek! :cool:
     
  91. RonV

    RonV Network Guru Member

    Ok I have complete sets of dumps of the iptables, routing, tc, and ifconfig with both QOS and non-QOS. Since this is a lot of information I zipped it up. There are two directories in the zip, QOS and No_QOS. Each file has a name that defines what command it came from.

    My configuration for IPv6 is:

    IPv6 Service Type: DHCPv6 with Prefix Delegation
    Prefix Length:64

    Static DNS:2620:0:ccc::2
    2620:0:ccd::2

    Accept RA from [x] WAN [ ]LAN
     

    Attached Files:

  92. Victek

    Victek Network Guru Member

    @RonV thanks, I'm in a friend's home with ipv6 ISP... I'll take a look later, now I'm doing tests...
     
  93. Victek

    Victek Network Guru Member

    I think we have to modify something not 'figured' by dnsmasq creator with your ISP configuration...
     
  94. Lorenceo

    Lorenceo Networkin' Nut Member

    Seems I spoke too soon. I rebooted it when trying to get dnsmasq to announce a different MTU and now it doesn't work any more. :/
    It's reporting destination unreachable when trying to ping ipv6.google.com. Same thing happens on the clients.

    The info from the N66U running 1.2h1:

    2. Settings:
    * Basic / IPv6 / IPv6 Service Type: DHCPv6 with Prefix Delegation
    * Basic / IPv6 / Prefix Length: 48
    * Basic / IPv6 / Accept RA from: [*] WAN [ ] LAN

    route -A inet6 -n
    Code:
    Kernel IPv6 routing table
    Destination  Next Hop  Flags Metric Ref  Use Iface
    2406:e000:XXXX:0:9c98:3920:68c5:XXXX/128  2406:e000:XXXX:0:9c98:3920:68c5:XXXX  UC  0  1602  0 br0 
    2406:e000:XXXX:0:d0ad:e477:20b6:XXXX/128  2406:e000:XXXX:0:d0ad:e477:20b6:XXXX  UC  0  254  0 br0 
    2406:e000:XXXX::/64  ::  U  256  0  0 br0 
    fe80::/64  ::  U  256  0  0 eth2 
    fe80::/64  ::  U  256  0  0 br0 
    fe80::/64  ::  U  256  0  0 vlan10 
    fe80::/64  ::  U  256  0  0 ppp0 
    fe80::/10  ::  U  1  0  0 ppp0 
    fe80::/10  ::  U  256  0  0 ppp0 
    ::1/128  ::  U  0  0  1 lo 
    2406:e000:XXXX::/128  ::  U  0  0  2 lo 
    2406:e000:XXXX:0:ae22:bff:fe31:XXXX/128  ::  U  0  6  1 lo 
    fe80::/128  ::  U  0  0  2 lo 
    fe80::/128  ::  U  0  0  2 lo 
    fe80::/128  ::  U  0  0  2 lo 
    fe80::/128  ::  U  0  0  2 lo 
    fe80::45fb:2f67:b9be:dc1/128  ::  U  0  1  1 lo 
    fe80::ae22:bff:fe31:XXXX/128  ::  U  0  159  1 lo 
    fe80::ae22:bff:fe31:XXXX/128  ::  U  0  0  1 lo 
    fe80::ae22:bff:fe31:XXXX/128  ::  U  0  0  1 lo 
    ff00::/8  ::  U  256  0  0 eth2 
    ff00::/8  ::  U  256  0  0 br0 
    ff00::/8  ::  U  256  0  0 vlan10 
    ff00::/8  ::  U  256  0  0 ppp0  
    ip6tables -L INPUT -n -v
    Code:
    Chain INPUT (policy DROP 0 packets, 0 bytes)
    pkts bytes target  prot opt in  out  source  destination 
      0  0 restrict  udp  !lo  *  ::/0  ::/0  udp dpt:53
      0  0 DROP  all  *  *  ::/0  ::/0  rt type:0
      0  0 ACCEPT  all  *  *  ::/0  ::/0  state RELATED,ESTABLISHED
      0  0 ACCEPT  59  *  *  ::/0  ::/0  length 40
      209 15352 ACCEPT  all  br0  *  ::/0  ::/0 
      0  0 ACCEPT  all  lo  *  ::/0  ::/0 
      1  152 ACCEPT  udp  *  *  ::/0  ::/0  udp dpt:546
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 1
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 2
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 3
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 4
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 128
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 129
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 130
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 131
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 132
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 133
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 134
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 135
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 136
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 141
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 142
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 143
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 148
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 149
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 151
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 152
      0  0 ACCEPT  icmpv6  *  *  ::/0  ::/0  ipv6-icmp type 153  
    ifconfig
    Code:
    br0  Link encap:Ethernet  HWaddr AC:22:0B:31:XX:XX 
      inet addr:192.168.2.1  Bcast:192.168.2.255  Mask:255.255.255.0
      inet6 addr: 2406:e000:XXXX:0:ae22:bff:fe31:XXXX/64 Scope:Global
      inet6 addr: fe80::ae22:bff:fe31:XXXX/64 Scope:Link
      UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
      RX packets:834715 errors:0 dropped:0 overruns:0 frame:0
      TX packets:999880 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0
      RX bytes:687288095 (655.4 MiB)  TX bytes:716188885 (683.0 MiB)
    eth0  Link encap:Ethernet  HWaddr AC:22:0B:31:XX:XX 
      UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
      RX packets:1765925 errors:0 dropped:0 overruns:0 frame:0
      TX packets:1767609 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000
      RX bytes:1414044457 (1.3 GiB)  TX bytes:1412134253 (1.3 GiB)
      Interrupt:4 Base address:0x2000
    eth1  Link encap:Ethernet  HWaddr AC:22:0B:31:XX:XX 
      UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1
      RX packets:116 errors:0 dropped:0 overruns:0 frame:2391
      TX packets:3002 errors:27 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000
      RX bytes:18266 (17.8 KiB)  TX bytes:680607 (664.6 KiB)
      Interrupt:3 Base address:0x8000
    eth2  Link encap:Ethernet  HWaddr AC:22:0B:31:XX:XX 
      inet6 addr: fe80::ae22:bff:fe31:XX:XX/64 Scope:Link
      UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1
      RX packets:656 errors:0 dropped:0 overruns:0 frame:251
      TX packets:3193 errors:36 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000
      RX bytes:141192 (137.8 KiB)  TX bytes:804480 (785.6 KiB)
      Interrupt:5 Base address:0x8000
    imq0  Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 
      UP RUNNING NOARP  MTU:1500  Metric:1
      RX packets:475055 errors:0 dropped:0 overruns:0 frame:0
      TX packets:475055 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:30
      RX bytes:647026376 (617.0 MiB)  TX bytes:647026376 (617.0 MiB)
    lo  Link encap:Local Loopback 
      inet addr:127.0.0.1  Mask:255.0.0.0
      inet6 addr: ::1/128 Scope:Host
      UP LOOPBACK RUNNING MULTICAST  MTU:16436  Metric:1
      RX packets:34 errors:0 dropped:0 overruns:0 frame:0
      TX packets:34 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0
      RX bytes:5752 (5.6 KiB)  TX bytes:5752 (5.6 KiB)
    ppp0  Link encap:Point-to-Point Protocol 
      inet addr:111.69.XXX.XXX  P-t-P:111.69.17.16  Mask:255.255.255.255
      inet6 addr: fe80::45fb:2f67:b9be:dc1/10 Scope:Link
      UP POINTOPOINT RUNNING MULTICAST  MTU:1492  Metric:1
      RX packets:931067 errors:0 dropped:0 overruns:0 frame:0
      TX packets:767374 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:3
      RX bytes:680401646 (648.8 MiB)  TX bytes:671918635 (640.7 MiB)
    vlan1  Link encap:Ethernet  HWaddr AC:22:0B:31:XX:XX 
      UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1
      RX packets:834303 errors:0 dropped:0 overruns:0 frame:0
      TX packets:1000221 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0
      RX bytes:690640743 (658.6 MiB)  TX bytes:720262929 (686.8 MiB)
    vlan2  Link encap:Ethernet  HWaddr AC:22:0B:31:XX:XX 
      inet addr:192.168.1.2  Bcast:0.0.0.0  Mask:255.255.255.255
      inet6 addr: fe80::ae22:bff:fe31:XXXX/64 Scope:Link
      UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
      RX packets:931622 errors:0 dropped:0 overruns:0 frame:0
      TX packets:767386 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0
      RX bytes:691617064 (659.5 MiB)  TX bytes:691871144 (659.8 MiB)
    Status:
    Code:
    Router IPv6 Address  2406:e000:XXXX:0:ae22:bff:fe31:XXXX
    IPv6 Link-local Address  fe80::ae22:bff:fe31:XXXX
    dnsmasq.conf
    Code:
    pid-file=/var/run/dnsmasq.pid
    resolv-file=/etc/resolv.dnsmasq
    addn-hosts=/etc/dnsmasq/hosts
    dhcp-hostsfile=/etc/dnsmasq/dhcp
    expand-hosts
    min-port=4096
    stop-dns-rebind
    rebind-localhost-ok
    quiet-dhcp
    quiet-dhcp6
    quiet-ra
    interface=br0
    dhcp-range=tag:br0,192.168.2.11,192.168.2.250,255.255.255.0,1440m
    dhcp-option=tag:br0,3,192.168.2.1
    dhcp-lease-max=255
    dhcp-authoritative
    enable-ra
    dhcp-range=tag:br0,2406:e000:XXXX::, slaac, ra-names, 64 
     
    Last edited: Sep 29, 2013
  95. vlads

    vlads Serious Server Member

    @Victek - just a heads-up that build 1.2i for the E3200 still doesn't show a USB/NAS menu. USB works fine as long as it gets configured from the CLI.
     
  96. Victek

    Victek Network Guru Member

    Thanks, I'll build again.. switches...
     
  97. Lorenceo

    Lorenceo Networkin' Nut Member

    What were the changes on 1.2i?
     
  98. Victek

    Victek Network Guru Member

  99. zavar

    zavar Networkin' Nut Member

    Wow Victek, you are flying with all of these updates. Thanks to everyone for helping Victek out with troubleshooting. This is one great firmware.

    I can't keep up with all of these updates. For RAF 1.4, can you implement an auto update feature? ;)
     
  100. Lorenceo

    Lorenceo Networkin' Nut Member

    Will flash it now and report back.
     

Share This Page