From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mout.gmx.net (mout.gmx.net [212.227.17.22]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "mout.gmx.net", Issuer "TeleSec ServerPass DE-1" (verified OK)) by huchra.bufferbloat.net (Postfix) with ESMTPS id 67F2E21F229 for ; Sun, 27 Apr 2014 12:49:09 -0700 (PDT) Received: from hms-beagle-2.home.lan ([217.86.120.237]) by mail.gmx.com (mrgmx002) with ESMTPSA (Nemesis) id 0MTjua-1WVfNo2oRU-00QUgI; Sun, 27 Apr 2014 21:49:04 +0200 Content-Type: text/plain; charset=windows-1252 Mime-Version: 1.0 (Mac OS X Mail 6.6 \(1510\)) From: Sebastian Moeller In-Reply-To: Date: Sun, 27 Apr 2014 21:49:02 +0200 Content-Transfer-Encoding: quoted-printable Message-Id: <2E382B33-D0B4-4A05-9D9E-BE2E3B7179FA@gmx.de> References: <535AB657.50906@etorok.net> <9DC7D299-1CA7-42B5-80B5-DDE2A37E8B8F@gmx.de> To: Dave Taht X-Mailer: Apple Mail (2.1510) X-Provags-ID: V03:K0:h5dziF9eZyRm1pUiZ+8Eo7dd/FOa0oyfEVmwLxOhPtHKdG9apsk XJGHE6AoaD7G3iGxJqAtTY2uq5/fohu1OV62fUsyqfdv1HPbAg155JSgRNgs+VYHTKf7G5Y fIovHSEiBEHaCL7WJCnG7VYz7KCrxT9/KN92lHljTmMy8KWikFtqepqktW399iKRD7nPdHD 93oNUOccSuakCtB2cM2KA== Cc: "cerowrt-devel@lists.bufferbloat.net" Subject: Re: [Cerowrt-devel] test-ipv6.com vs dnssec X-BeenThere: cerowrt-devel@lists.bufferbloat.net X-Mailman-Version: 2.1.13 Precedence: list List-Id: Development issues regarding the cerowrt test router project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 27 Apr 2014 19:49:10 -0000 Hi Dave, thanks for the information. On Apr 27, 2014, at 18:15 , Dave Taht wrote: > On Sat, Apr 26, 2014 at 12:41 PM, Sebastian Moeller = wrote: >> Hi List, hi Dave, >>=20 >> so I had to restart cerowrt 3.10.36-6 today after coming home from a = 5 day trip. I had some issues connecting with a macbook and one of 2 = nexus 4s. after a reboot of the router both MacBooks connected fine on = the 5GHz radio but none of the nexi connected to either the 2.4GHz nor = the 5GHz radio, instead they produced endless repetitions of: >> Sat Apr 26 21:27:15 2014 daemon.warn dnsmasq-dhcp[2560]: no address = range available for DHCP request via sw00 >> Sat Apr 26 21:27:29 2014 daemon.info hostapd: sw00: STA = 10:68:3f:4b:0b:48 IEEE 802.11: disassociated >> Sat Apr 26 21:27:29 2014 daemon.info hostapd: sw00: STA = 10:68:3f:4b:0b:48 IEEE 802.11: authenticated >> Sat Apr 26 21:27:29 2014 daemon.info hostapd: sw00: STA = 10:68:3f:4b:0b:48 IEEE 802.11: associated (aid 1) >> Sat Apr 26 21:27:29 2014 daemon.info hostapd: sw00: STA = 10:68:3f:4b:0b:48 WPA: pairwise key handshake completed (RSN) >> Sat Apr 26 21:27:30 2014 daemon.warn dnsmasq-dhcp[2560]: no address = range available for DHCP request via sw00 >> Sat Apr 26 21:27:33 2014 daemon.warn dnsmasq-dhcp[2560]: no address = range available for DHCP request via sw00 >> Sat Apr 26 21:27:35 2014 daemon.warn dnsmasq-dhcp[2560]: no address = range available for DHCP request via sw00 >> Sat Apr 26 21:27:39 2014 daemon.warn dnsmasq-dhcp[2560]: no address = range available for DHCP request via sw00 >> Sat Apr 26 21:27:47 2014 daemon.warn dnsmasq-dhcp[2560]: no address = range available for DHCP request via sw00 >=20 > Well, somehow dnsmasq ran out of leases, or was unable to derive an > ip address range from the interface's > ifconfig. There are only a very few leases by default (28), and they > time out after a few hours, so a bunch of drive-by > dhcp requests could have run you out, but I'd suspect a bug unless > you have/had a large number of leases in > /tmp/dhcp.leases. Alas, I rebooted before checking that file (I should have saved = the borked state somewhere, but was too eager to get internet access = working again ;) ) I will monitor tis more closely on 3.10.38-1. Best Regards Sebastian >=20 > I have been fiddling with things, and (for example) changing wifi > parameters and doing a reload sometimes > loses the ip address on one or more wifi interfaces. (you get a > different error from dnsmasq in that case) >=20 > So I figure we have multiple race conditions right now causing > problems, in addition to some long term > bugs in wifi handling. Tighter integration of dnsmasq with the ubus > system would be good. A better grip > on how to exercise and debug ubus events would be good too. >=20 > Of possible relevance, this just landed in openwrt head: >=20 > https://dev.openwrt.org/changeset/40573 >=20 > There are also some routing bugs fixed in 3.10.37 >=20 > I have been running without setting a multicast_rate now for half a > day on 3.10.36-7 >=20 >=20 >>=20 >> Following Dave's recommendation of issuing a "/etc/init.d/dnsmasq = reload" allowed both phones to connect again, so we might still have a = race hidden somewhere=85 (This is on a system without working ipv6 = currently). 3.10.36-6 looks like it needs a bit more maturation time ;) = It would be interesting to learn whether the same approach might help = other people as well... >>=20 >> Best Regards >> Sebastian >>=20 >>=20 >>=20 >> On Apr 25, 2014, at 21:42 , Dave Taht wrote: >>=20 >>> We used to arbitrarily restart dnsmasq after boot with a script. >>> Perhaps doing a /etc/init.d/dnsmasq reload 60 sec after boo will = show >>> something. >>>=20 >>> But I am puzzled as to not getting an ipv4 route. This hints at an >>> issue on the ubus. >>>=20 >>> I am trying to take a bit of vacation for the next week or so, it = was >>> my hope everything was actually working... >>>=20 >>> ... and even if it isn't, I need a break. Good Luck on this y'all, >>> I'll be back after a tan. >>>=20 >>>=20 >>> On Fri, Apr 25, 2014 at 12:24 PM, T=F6r=F6k Edwin >>> wrote: >>>> On 04/25/2014 09:01 PM, Jim Gettys wrote: >>>>> More specifically, after boot, most of the time test-ipv6.com = reports lots of problems. >>>>>=20 >>>>> Then I turned off both dnssec and dnssec-check-unsigned, and = restarted dnsmasq; clean bill of health from test-ipv6.com = . >>>>>=20 >>>>>=20 >>>>> So we seem to have a boot time race of some sort. >>>>=20 >>>> There is definitely something wrong when ipv6 is enabled (I just = noticed that since my latest upgrade I forgot to enable it). >>>> When I enable ipv6 for PPPoE, then IPv6 works in the sense I can = ping6 stuff from the router ... except IPv4 is completely broken: there = is no default route added according to 'ip route show', >>>> and even if I add a default route machines from LAN still can't = reach IPv4 (presumably firewall would need to be reloaded too?). >>>> It doesn't seem to be dnssec related, as even if I turn both dnssec = and dnssec-check-unsigned off the behaviour is still the same. >>>> I haven't investigated more deeply whats wrong yet. Do you think it = could be related to your race condition? >>>>=20 >>>>> Then I turned on dnssec only, leaving dnssec-check-unsigned, and = got a clean bill of health. >>>>=20 >>>> I've been using this for a while, it gets me a 0/10 score, i.e. = ipv4 works, ipv6 fails, dual stack works with ipv4. >>>>=20 >>>>>=20 >>>>> Then I turned on both at the same time, and things are working. >>>>=20 >>>> With both on I get a 'n/a' as a result, saying that dual-stack = lookups timed out, presumably because ipv6 is off see below. >>>>=20 >>>>=20 >>>>=20 >>>> Best regards, >>>> --Edwin >>>> _______________________________________________ >>>> Cerowrt-devel mailing list >>>> Cerowrt-devel@lists.bufferbloat.net >>>> https://lists.bufferbloat.net/listinfo/cerowrt-devel >>>=20 >>>=20 >>>=20 >>> -- >>> Dave T=E4ht >>>=20 >>> NSFW: = https://w2.eff.org/Censorship/Internet_censorship_bills/russell_0296_indec= ent.article >>> _______________________________________________ >>> Cerowrt-devel mailing list >>> Cerowrt-devel@lists.bufferbloat.net >>> https://lists.bufferbloat.net/listinfo/cerowrt-devel >>=20 >=20 >=20 >=20 > --=20 > Dave T=E4ht >=20 > NSFW: = https://w2.eff.org/Censorship/Internet_censorship_bills/russell_0296_indec= ent.article