# [solved] Router Speedport W 724V looses IPv6 conn.

## 222697

Edit:

Solved with firmware version 09011603.00.012

Edit:

Looks, like this is a problem only for (but not necessary limited to) users of proprietary router "Speedport W 724V" deployed by provider German Telekom, when selecting router connection reset interval >24h (86400 s), with firmware version 09011603.00.009

It's a confirmed bug since other users of the above router reported the same problem.

I have IPv6 connection from provider (Edit: German Telekom) and get IPv6 address via ICMPv6 autoconfiguration (SLAAC), I guess.

Device is eth1

(gentoo world is up to date, Linux 3.14.37-gentoo, x86_64)

I enabled IPv6 privacy extension (see here how: https://forums.gentoo.org/viewtopic-t-1016264.html)

In short:

net.ipv6.conf.all.use_tempaddr = 2

net.ipv6.conf.default.use_tempaddr = 2

net.ipv6.conf.eth1.use_tempaddr = 2 

IPv6 address was working (MAC address values replaced by xxxx):

```

    inet6 2003:58:8f19:98cf:e00a:5eb9:e8cb:5c04/64 scope global temporary dynamic 

       valid_lft 590427sec preferred_lft 71427sec

    inet6 2003:58:8f19:98cf:xxxx:xxxx:xxxx:xxxx/64 scope global mngtmpaddr dynamic 

       valid_lft 604787sec preferred_lft 86387sec

```

But after some hours I lost IPv6 connectivity, because the above addresses got in state deprecated, allthough the preferred lifetime was not reached. Instead, I got some strange new addresses beginning with ::36, which where not working for connectivity:

```

    inet6 ::36:e00a:5eb9:e8cb:5c04/64 scope global temporary dynamic 

       valid_lft 587590sec preferred_lft 68590sec

    inet6 ::36:xxxx:xxxx:xxxx:xxxx/64 scope global mngtmpaddr dynamic 

       valid_lft 602428sec preferred_lft 84028sec

    inet6 2003:58:8f19:98cf:e00a:5eb9:e8cb:5c04/64 scope global temporary deprecated dynamic 

       valid_lft 12073sec preferred_lft 0sec

    inet6 2003:58:8f19:98cf:xxxx:xxxx:xxxx:xxxx/64 scope global deprecated mngtmpaddr dynamic 

       valid_lft 12073sec preferred_lft 0sec

```

Why did that happen? What are these ::36 addresses?

I needed to reset my provider connection to get a new IPv6 prefix, then the Gentoo box got a new IPv6 management addr and a new privacy extended addr was added, and connectivity was established again.

Do I need to add something in /etc/conf.d/net ? Here is mine

```

config_eth1="192.168.2.10/24"

routes_eth1="default via 192.168.2.1"

rc_net_eth1_provide="net"

vlans_eth1="9"

config_eth1_9="null"

```

192.168.2.1 is the provider router with the IPv6 network

I allow all incoming, forwarding and outgoing ICMPv6 packets in ip6tables.

Provider router device is Telekom Speedport 724V. Also with dhcpcd I get disfunctional addresses via SLAAC, according to log:

```

May  3 13:50:05 regen dhcpcd[2854]: version 6.6.7 starting

May  3 13:50:05 regen dhcpcd[2854]: dev: loaded udev

May  3 13:50:05 regen dhcpcd[2854]: DUID 00:01:00:01:1c:d8:xx:xx:xx:xx:xx:xx:xx:xx

May  3 13:50:05 regen dhcpcd[2854]: eth1: IAID xx:xx:xx:xx

May  3 13:50:05 regen dhcpcd[2854]: eth1: soliciting an IPv6 router

May  3 13:50:06 regen dhcpcd[2854]: eth1: Router Advertisement from fe80::1

May  3 13:50:06 regen dhcpcd[2854]: eth1: adding address ::3c:a23:4b0a:xxxx:xxxx/64

May  3 13:50:06 regen dhcpcd[2854]: eth1: adding route to 0:0:0:3c::/64

May  3 13:50:06 regen dhcpcd[2854]: eth1: adding default route via fe80::1

May  3 13:50:06 regen dhcpcd[2854]: eth1: requesting DHCPv6 information

May  3 13:50:35 regen dhcpcd[2854]: timed out

May  3 13:50:35 regen dhcpcd[2854]: forked to background, child pid 2888

```

This time, it got 3c::/64 prefix, not 36::/64

These addresses break my IPv6 connectivity.

Maybe the router is buggy?

I now extended the preferred lifetime of the privacy extended addresses to be 1h higher then the connection reset interval (currently I selected 4 days) of the provider, and the valid lifetime 2h higher.Last edited by 222697 on Thu Jul 30, 2015 7:21 pm; edited 10 times in total

----------

## UberLord

Sounds like you have slaac private enabled in dhcpcd.conf (which is the default) and you don't want that?

I don't know how it breaks connectivity for you unless you actively need the MAC based one.

----------

## 222697

slaac stable private address is enabled in dhcpcd.conf, and I want that.

----------

## UberLord

Can you try upgrading to dhcpcd-6.8.2 ( or 6.8.1 if it's not in portage yet) please?

Also, can you capture the RA via tcpdump and email me offlist if it still fails? roy@marples.name

----------

## 222697

Hm, it is really the Telekom router that advertises this strange subnet, see screenshot.

"Nutzbarer Adressbereich für LAN" is in English "Usable address range for LAN".

IPv6 for LAN? What does that mean.

Screenshot from Telekom Router Speedport W 724V section IP address information

After reconnecting the router to get new IP address / prefix, it looks better:

Screenshot after router reset

Then rebooting my Gentoo box, it get no IPv6 connection / address via SLAAC. Don't know why.

When then starting dhcpcd manually, I get four different IPv6 addresses in the correct 2003:... subnet.

Two of kind "scope global mngtmpaddr noprefixroute dynamic" and two of kind "scope global temporary dynamic"

Why isn't the box getting SLAAC via ICMPv6 ? Can I force it somehow, without dhcpcd ? Would like to stay at IPv6 builtin privacy extended SLAAC.

Anything else needed to be allowed in ip6tables beside of ICMPv6 ?

Here the ICMPv6 tcpdump:

```

# tcpdump -i eth1 icmp6

error : ret -1

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode

listening on eth1, link-type EN10MB (Ethernet), capture size 262144 bytes

19:51:36.415454 IP6 fe80::1 > ff02::1: ICMP6, neighbor advertisement, tgt is fe80::1, length 32

19:51:44.423045 IP6 fe80::1 > ff02::1: ICMP6, neighbor advertisement, tgt is fe80::1, length 32

19:51:47.087409 IP6 fe80::1 > ff02::1: ICMP6, router advertisement, length 56

19:51:52.428754 IP6 fe80::1 > ff02::1: ICMP6, neighbor advertisement, tgt is fe80::1, length 32

19:52:00.437215 IP6 fe80::1 > ff02::1: ICMP6, neighbor advertisement, tgt is fe80::1, length 32

19:52:08.444755 IP6 fe80::1 > ff02::1: ICMP6, neighbor advertisement, tgt is fe80::1, length 32

19:52:16.452346 IP6 fe80::1 > ff02::1: ICMP6, neighbor advertisement, tgt is fe80::1, length 32

19:52:24.461079 IP6 fe80::1 > ff02::1: ICMP6, neighbor advertisement, tgt is fe80::1, length 32

19:52:29.463856 IP6 fe80::1 > ff02::1: ICMP6, router advertisement, length 56

19:52:32.464786 IP6 fe80::1 > ff02::1: ICMP6, neighbor advertisement, tgt is fe80::1, length 32

19:52:40.474060 IP6 fe80::1 > ff02::1: ICMP6, neighbor advertisement, tgt is fe80::1, length 32

19:52:48.481913 IP6 fe80::1 > ff02::1: ICMP6, neighbor advertisement, tgt is fe80::1, length 32

```

----------

## UberLord

When dhcpcd is started with "slaac private" or ipv6ra_own, it will disable the kernel from listening to RA's.

It's also possible that something other than dhcpcd has done this - check the sysctl output to see.

----------

## 222697

Thanks for the tip.

net.ipv6.conf.eth1.autoconf was 0.

echo 1 >/proc/sys/net/ipv6/conf/eth1/autoconf

did not help, but

emerge --depclean dhcpcd

(which was not running)

and rebooting did the trick, it seems. After Rebooting eth1 got autoconfigured. Unfortunateley, ignoring my privacy extension lifetime settings that I set in /etc/sysctl.d/40-ipv6.conf and seems to be needed to prevent my buggy router going crazy (at least I want to set the preferred lifetime higher than the router connection reset interval). The values are set:

```

cat /proc/sys/net/ipv6/conf/eth1/temp_prefered_lft 

349200

cat /proc/sys/net/ipv6/conf/eth1/temp_valid_lft 

352800

```

But the interface has the default values:

```

4: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 1000

    inet6 2003:58:8f1a:e05d:e9fa:2409:16c5:c32d/64 scope global temporary dynamic 

       valid_lft 352143sec preferred_lft 86392sec

    inet6 2003:58:8f1a:e05d:xxxx:xxxx:xxxx:xxxx/64 scope global mngtmpaddr dynamic 

       valid_lft 604792sec preferred_lft 86392sec

```

Man, this is a nerving story. I guess, eth1 is autoconfigured before the temp_ settings are modified via sysctl. WTF.

Edit: No, also after deleting the IPv6 addresses with "ip addr del" manually, they get autoconfigured shortly afterwards with the same default temp_ values again.

----------

## UberLord

 *1970 wrote:*   

> Unfortunateley, ignoring my privacy extension lifetime settings that I set in /etc/sysctl.d/40-ipv6.conf and seems to be needed to prevent my buggy router going crazy (at least I want to set the preferred lifetime higher than the router connection reset interval). The values are set:
> 
> ```
> 
> cat /proc/sys/net/ipv6/conf/eth1/temp_prefered_lft 
> ...

 

It's not clear, but those are maximum values, not forced values.

The lifetime of the address is based on the lifetime of the prefix address offered.

See RFC 4941 section 3.3.1

----------

