Re: [Cerowrt-devel] cerowrt 3.7.2-3 released, still in a battle with ipv6

[Maciej Soltysiak <maciej@soltysiak.com>]

[-- Attachment #1: Type: text/plain, Size: 5805 bytes --]

Good build! I have to report that the issue with polipo, DNS and TFO that I
observed with 3.7.1-1 seems resolved.
Test with and without TFO.
Ketan, I won't post a bug unless it appears again.

Regards.
Maciej
On Wed, Jan 16, 2013 at 12:37 PM, Dave Taht <dave.taht@gmail.com> wrote:

> It's at:
>
> http://snapon.lab.bufferbloat.net/~cero2/cerowrt/wndr/3.7.2-3/
>
> It seems pretty stable but with the ipv6 churn...
>
> [insert my std hyperbolic warnings about exposing the release to
> default gws in front of spouses or young children]
>
> features:
>
> + dnsmasq 2.66test10
> + merge with openwrt head
> + new unaligned access code from openwrt head (by nbd) and the
> remainder of the older unaligned patch set (by robert bradley) ported
> to work on top of that
>
> I have not checked to see if all traps are gone, you can look at that via
> files in /sys/debug/kernel/mips/
>
>  - it's mostly the ipv6 related traps I'm concerned about...
>
> The checksum routine changed and I did check checksums on a variety of
> ipv4 ethernet traffic, but not enough to feel assured.
>
> + Bug fixed https://www.bufferbloat.net/issues/418
>
> BUG_ON removed on TFO support in the kernel. TFO works. I tested it by:
>
> echo 3 > /proc/sys/net/ipv4/tcp_fastopen
> editing /etc/init.d/polipo to add support for a boolean useTCPFastOpen
> parameter
> adding that parameter to /etc/config/polipo
> testing with the current version of httping
>
> I will update the init script and config in the next spin.
>
> ...
>
> The churn in how to setup ipv6 sanely continues. The configuration for
> how to do it has changed significantly again and is documented at:
>
> http://wiki.openwrt.org/doc/uci/network6
>
> It's not clear to me to state of the ipv6 dnsmasq integration now.
> There is much discussion on the dnsmasq-discuss list as to how to do
> prefix-independent configuration as one example.
>
> as for the ipv6 related changes just now come down from openwrt,
> steven barth tells me that:
>
> "6distributed functionality (prefix delegation) was merged into netifd
> for size reasons.
> The shell mess which was ipv6-support was abandoned.
>
> dhcpv6 is now a regular network proto in netifd (which can be added
> ontop of other ipv4-wan types or separately for ipv6-only).
>
> network6 is unnecessary now. 6rd, 6to4 now automatically publish their
> prefix. 6in4 adds a new option ip6prefix for adding the routed prefix.
>
> LANs / WLANs which want a prefix now just add a option ip6assign 64 to
> the interface definition.
>
> See examples in: http://wiki.openwrt.org/doc/uci/network6
>
> Prefix Announcement / DHCPv6 / Relaying has been untangled and should
> be moved into the respective daemon config / init. I've done this for
> 6relayd.
>
> For dnsmasq you will have to add config support similar to what is
> done for DHCP in IPv4, so it should be easy to adapt. Maybe some of
> the CeroWrt contributors like to add that.
>
> I also haven't looked at NPT yet. I've removed the shell-script mess
> for now as we will not have all targets up to 3.7 in the coming weeks
> and therefore also not a new ip6tables."
>
> AHCP is still lost and lonely in the configuration.
>
> I took a stab at enabling ipv6 NPT support myself in this release, but
> the changes I'd made to the openwrt configuration didn't successfully
> get the modules to compile nor create a package. My *non-working
> patch* looked like this, and suggestions as to what sort of magic wand
> to wave over it welcomed.
>
> diff --git a/include/netfilter.mk b/include/netfilter.mk
> index 1d89e6d..3d65f76 100644
> --- a/include/netfilter.mk
> +++ b/include/netfilter.mk
> @@ -154,10 +154,14 @@ $(eval $(call
> nf_add,IPT_IPV6,CONFIG_IP6_NF_MATCH_RT, $(P_V6)ip6t_rt))
>
>  $(eval $(call nf_add,IPT_IPV6,CONFIG_IP6_NF_TARGET_LOG, $(P_V6)ip6t_LOG))
>  $(eval $(call nf_add,IPT_IPV6,CONFIG_IP6_NF_TARGET_REJECT,
> $(P_V6)ip6t_REJECT))
> +$(eval $(call nf_add,IPT_IPV6,CONFIG_IP6_NF_NAT, $(P_V6)nf_nat_ipv6))
> +$(eval $(call nf_add,IPT_IPV6,CONFIG_IP6_NF_TARGET_MASQUERADE,
> $(P_V6)ip6t_MASQUERADE))
> +$(eval $(call nf_add,IPT_IPv6,CONFIG_IP6_NF_TARGET_NPT, $(P_V6)ip6t_NPT))
>
>  # nat
>
>  # kernel only
> +$(eval $(if $(NF_KMOD),$(call nf_add,IPT_NAT6,CONFIG_IP6_NF_NAT,
> $(P_V6)nf_nat_ipv6, ge 3.7.0),))
>  $(eval $(if $(NF_KMOD),$(call nf_add,IPT_NAT,CONFIG_NF_NAT,
> $(P_XT)nf_nat $(P_V4)nf_nat_ipv4 $(P_XT)xt_nat $(P_V4)iptable_nat, ge
> 3.7.0),))
>  $(eval $(if $(NF_KMOD),$(call nf_add,IPT_NAT,CONFIG_NF_NAT,
> $(P_V4)nf_nat $(P_V4)iptable_nat, lt 3.7.0),))
>
> diff --git a/package/kernel/modules/netfilter.mk
> b/package/kernel/modules/netfilter.mk
> index 69bdba0..d862c32 100644
> --- a/package/kernel/modules/netfilter.mk
> +++ b/package/kernel/modules/netfilter.mk
> @@ -164,6 +164,23 @@ endef
>
>  $(eval $(call KernelPackage,ipt-nat))
>
> +define KernelPackage/ipt-nat6
> +  TITLE:=Basic NAT targets for IPv6
> +  KCONFIG:=$(KCONFIG_IPT_NAT6)
> +  FILES:=$(foreach mod,$(IPT_NAT6-m),$(LINUX_DIR)/net/$(mod).ko)
> +  AUTOLOAD:=$(call AutoLoad,42,$(notdir $(IPT_NAT6-m)))
> +  $(call AddDepends/ipt)
> +endef
> +
> +define KernelPackage/ipt-nat6/description
> + Netfilter (IPv6) kernel modules for basic NAT targets
> + Includes:
> + - MASQUERADE
> + - NPT
> +endef
> +
> +$(eval $(call KernelPackage,ipt-nat6))
> +
>
>  define KernelPackage/ipt-nat-extra
>    TITLE:=Extra NAT targets
>
>
> --
> Dave Täht
>
> Fixing bufferbloat with cerowrt:
> http://www.teklibre.com/cerowrt/subscribe.html
> _______________________________________________
> Cerowrt-devel mailing list
> Cerowrt-devel@lists.bufferbloat.net
> https://lists.bufferbloat.net/listinfo/cerowrt-devel
>

[-- Attachment #2: Type: text/html, Size: 7542 bytes --]