From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-ie0-x230.google.com (mail-ie0-x230.google.com [IPv6:2607:f8b0:4001:c03::230]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by huchra.bufferbloat.net (Postfix) with ESMTPS id EBE1A2012C3 for ; Fri, 24 Jan 2014 09:06:12 -0800 (PST) Received: by mail-ie0-f176.google.com with SMTP id tp5so3109657ieb.21 for ; Fri, 24 Jan 2014 09:06:12 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; bh=IGLR5AmQRhW//Z8JOHLf5g6TGZh4EMfoqKtBwPJz0yY=; b=mljij4uxzsvSk3AQdjhDbC2pq+Q9MP9wbKqJbLt7w3MzBy/Vmhtep/CO4sPxQN0caI YQgUdfwU8PU2Rg+0dIIVvSmPD7wJF1tJFtw+Pe92KF5jFpe1C9w8gugOHcfrqBEHhhY1 uansrK7mT8/GwBNyZK05CFHLpTDVLLqfLXARTIRnL93u1MhSFnvQLWkJUzFb5ys+wXfe Nqbb0qSCi3IKepo2oQ7k5ikOudIAzlaqhp+8M+Mq7Kba57SGiZ94Rd3IyYNtD+h/zg5u J/NqfBTSVaW4BhilIgZDUXxC5tThiXEBBJq5Vk+G1r/pO+pi8X93nCVDWXFTMd+C3t6A X8PA== MIME-Version: 1.0 X-Received: by 10.43.57.146 with SMTP id wg18mr11577399icb.42.1390583172243; Fri, 24 Jan 2014 09:06:12 -0800 (PST) Received: by 10.64.145.67 with HTTP; Fri, 24 Jan 2014 09:06:12 -0800 (PST) In-Reply-To: References: Date: Fri, 24 Jan 2014 12:06:12 -0500 Message-ID: From: Dave Taht To: "cerowrt-devel@lists.bufferbloat.net" Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Subject: Re: [Cerowrt-devel] Comcast specific Cerowrt-3.10.26-7: another "too exciting for me" unrelease X-BeenThere: cerowrt-devel@lists.bufferbloat.net X-Mailman-Version: 2.1.13 Precedence: list List-Id: Development issues regarding the cerowrt test router project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Jan 2014 17:06:13 -0000 On Tue, Jan 21, 2014 at 3:59 PM, Dave Taht wrote: > This is a special release intended only for comcast users with ipv6 > capable modems and CMTSes. There have been several testers getting back to me privately. All report good results IF you reflash from scratch. the biggest problem people have had is the switch to https vs http for the gui, their webbrowsers' cache rewrite the url back to http, and lighttpd, unlike apache, doesn't give any sign as to why the connection is not working. remember: https://gw.home.lan:81 from now on... ^^ > NOTE: If you are running any form of tunneling for ipv6 (e.g. hurricane) > do NOT try this release, as it breaks badly. It turns out that source-specific routing for he tunneling is what is broke= n. It's not broken if you turn off sourcerouting in the 6in4 /etc/config/netwo= rk stanza by adding option sourcerouting '0' The bug is also specific to cerowrt. the openwrt folk report it works for t= hem. As a temporary workaround, IF you try this unrelease and still want a tunne= l up, add the above to your 6in4 configuration. Hopefully we'll find an answ= er soon, sourcerouting solves a whole raft of other problems if applied consistently. I am otherwise pretty happy with this unrelease, I've been running it all w= eek, with only 4 instruction traps in the last 20 hours. Finding these last instruction traps is going to be a PITA. Can I encourage people to add this to their config? echo 1 > /sys/kernel/debug/mips/unaligned_action and check their logfile once in a while, perhaps we can isolate where and why it happens. I went to town last night adding procd support to various easy daemons, it gets simpler after the first 3... > http://snapon.lab.bufferbloat.net/~cero2/cerowrt/wndr/comcast/3.10.26-7/ > > I strongly recommend all cerowrt users on comcast, upgrade.[1] > > If you are on comcast and dare not upgrade to this, comment out these > lines in /etc/config/network > > #config interface ge01 # wan6 on some release. > # option ifname @ge00 > # option proto dhcpv6 > # option 'broadcast' '1' > # option 'metric' '2048' > # option 'reqprefix' '60' > > and reboot to disable dhcpv6 on the external interface entirely. I still recomend that everyone on comcast & not running this release do thi= s. > I have been having flashbacks to the IPX/SPX transition... but it > really did bring a tear to my eye to finally have ipv6 connectivity > for the first time, native. And to see no real difference in RTT > between ipv4 and v6. > > http://snapon.lab.bufferbloat.net/~d/bev/comcast_native_ipv6/ > > Oh brave new world that may have new protocols in it. > > A bunch of other stuff landed in cero, and if you are not tunneling, > and your spouse and family are willing, you can try: > > + openwrt sync from head > + RA spamming filter stopping mega firewall reloads on comcast ipv6 - > thx steven barth! > + switch from dnsmasq to using odhcpd for ipv6 RAs (thx #openwrt!) > + Comcast ipv6 actually tested by me > + GUI is now https - thx sebastian! (we still have some work left here) > For snowden points, it also does perfect forward secrecy. > + GUI has selectable skins (pick one, any one) > + SQM starts correctly on boot and other restarts > + SQM now scales better to higher rates > + updated on-board documentation ( example: > http://cero2.bufferbloat.net/cerowrt/index.html ) > + updated uftp, ccnx, new libnettle package (for dnsmasq 2.69) - thx > stephen walker > + sysupgrade fixed > > on the minus side > > - We still have some timing problems in picking up the RAs, > particularly from wifi. > If you don't get ipv6 addresses on your wifi client after a fresh > boot of cero, > reconnect the wifi client. After cero is fully booted. and has > dhcpv6-pd'd addresses, you'll get them. Usually. > > - bcp38: didn't get 'round2it src/dst routing solves half of it > - updated shaperprobe, ditg, same > - HT40+ DOES appear to be NOT working. (this has been the case for a whil= e) > - Hurricane electric ipv6 tunnels are *badly broken* as in *will > disable your router* with a zillion extra processes. > > a huge change in openwrt made saturday was a switch to source specific ro= uting, > > e.g, if you have two ipv6 providers, (or a vpn, and so on) > stuff from source A will go out the right destination for destination A, > and stuff from source B will go out the right destination for > destination B. At least in theory. > > so you will see "from" routes. > > root@cerowrt:~# ip -6 route > default from :: via fe80::201:5cff:de41:b841 dev ge00 proto static metr= ic 1024 > default from 2001:E:L:I:D:E:D:Z via fe80::201:5ccf:fe41:b841 dev ge00 > proto static metric 1024 > default from 2601:X:Y::0::/60 via fe80::201:5ccf:fe41:b841 dev ge00 > proto static metric 1024 > 2601:X:Y:0::/64 dev gw00 proto kernel metric 256 expires 345262sec > 2601:X:Y:1::/64 dev gw10 proto kernel metric 256 expires 345262sec > 2601:X:Y:2::/64 dev se00 proto kernel metric 256 expires 345262sec > 2601:X:Y:3::/64 dev sw00 proto kernel metric 256 expires 345262sec > 2601:X:Y:4::/64 dev sw10 proto kernel metric 256 expires 345262sec > unreachable 2601:X:X:0::/60 dev lo proto static metric 2147483647 erro= r -128 > > I figure there is much work to be done to get things like ipsec and openv= pn > and bird/quagga/babeld to work well again, but source/dest routing was > desparately needed, so... > > [1] All my testing was done on an ARRIS TM822G cablemodem. (I have a prof= oundly > low opinion of several other cablemodems, notably the technicolor...) > There are a few other testers on other cablemodems, please report > in... > > I return now to my regularly scheduled workweek from last wednesday. > Share and enjoy. > > -- > Dave T=E4ht > > Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscrib= e.html --=20 Dave T=E4ht Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscribe.= html