From: Maciej Soltysiak <maciej@soltysiak.com>
To: Dave Taht <dave.taht@gmail.com>
Cc: cerowrt-devel@lists.bufferbloat.net
Subject: Re: [Cerowrt-devel] cerowrt 3.7.2-3 released, still in a battle with ipv6
Date: Wed, 16 Jan 2013 22:12:23 +0100 [thread overview]
Message-ID: <CAMZR1YBQ8YDH-M73JpYNOMNUJH54Pzjr7rxETGC4ai4n60akRA@mail.gmail.com> (raw)
In-Reply-To: <CAA93jw5mxfvsLHgjqnytasS1vxWAsp_eWdgX6M6DU6rq82QO0g@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 5805 bytes --]
Good build! I have to report that the issue with polipo, DNS and TFO that I
observed with 3.7.1-1 seems resolved.
Test with and without TFO.
Ketan, I won't post a bug unless it appears again.
Regards.
Maciej
On Wed, Jan 16, 2013 at 12:37 PM, Dave Taht <dave.taht@gmail.com> wrote:
> It's at:
>
> http://snapon.lab.bufferbloat.net/~cero2/cerowrt/wndr/3.7.2-3/
>
> It seems pretty stable but with the ipv6 churn...
>
> [insert my std hyperbolic warnings about exposing the release to
> default gws in front of spouses or young children]
>
> features:
>
> + dnsmasq 2.66test10
> + merge with openwrt head
> + new unaligned access code from openwrt head (by nbd) and the
> remainder of the older unaligned patch set (by robert bradley) ported
> to work on top of that
>
> I have not checked to see if all traps are gone, you can look at that via
> files in /sys/debug/kernel/mips/
>
> - it's mostly the ipv6 related traps I'm concerned about...
>
> The checksum routine changed and I did check checksums on a variety of
> ipv4 ethernet traffic, but not enough to feel assured.
>
> + Bug fixed https://www.bufferbloat.net/issues/418
>
> BUG_ON removed on TFO support in the kernel. TFO works. I tested it by:
>
> echo 3 > /proc/sys/net/ipv4/tcp_fastopen
> editing /etc/init.d/polipo to add support for a boolean useTCPFastOpen
> parameter
> adding that parameter to /etc/config/polipo
> testing with the current version of httping
>
> I will update the init script and config in the next spin.
>
> ...
>
> The churn in how to setup ipv6 sanely continues. The configuration for
> how to do it has changed significantly again and is documented at:
>
> http://wiki.openwrt.org/doc/uci/network6
>
> It's not clear to me to state of the ipv6 dnsmasq integration now.
> There is much discussion on the dnsmasq-discuss list as to how to do
> prefix-independent configuration as one example.
>
> as for the ipv6 related changes just now come down from openwrt,
> steven barth tells me that:
>
> "6distributed functionality (prefix delegation) was merged into netifd
> for size reasons.
> The shell mess which was ipv6-support was abandoned.
>
> dhcpv6 is now a regular network proto in netifd (which can be added
> ontop of other ipv4-wan types or separately for ipv6-only).
>
> network6 is unnecessary now. 6rd, 6to4 now automatically publish their
> prefix. 6in4 adds a new option ip6prefix for adding the routed prefix.
>
> LANs / WLANs which want a prefix now just add a option ip6assign 64 to
> the interface definition.
>
> See examples in: http://wiki.openwrt.org/doc/uci/network6
>
> Prefix Announcement / DHCPv6 / Relaying has been untangled and should
> be moved into the respective daemon config / init. I've done this for
> 6relayd.
>
> For dnsmasq you will have to add config support similar to what is
> done for DHCP in IPv4, so it should be easy to adapt. Maybe some of
> the CeroWrt contributors like to add that.
>
> I also haven't looked at NPT yet. I've removed the shell-script mess
> for now as we will not have all targets up to 3.7 in the coming weeks
> and therefore also not a new ip6tables."
>
> AHCP is still lost and lonely in the configuration.
>
> I took a stab at enabling ipv6 NPT support myself in this release, but
> the changes I'd made to the openwrt configuration didn't successfully
> get the modules to compile nor create a package. My *non-working
> patch* looked like this, and suggestions as to what sort of magic wand
> to wave over it welcomed.
>
> diff --git a/include/netfilter.mk b/include/netfilter.mk
> index 1d89e6d..3d65f76 100644
> --- a/include/netfilter.mk
> +++ b/include/netfilter.mk
> @@ -154,10 +154,14 @@ $(eval $(call
> nf_add,IPT_IPV6,CONFIG_IP6_NF_MATCH_RT, $(P_V6)ip6t_rt))
>
> $(eval $(call nf_add,IPT_IPV6,CONFIG_IP6_NF_TARGET_LOG, $(P_V6)ip6t_LOG))
> $(eval $(call nf_add,IPT_IPV6,CONFIG_IP6_NF_TARGET_REJECT,
> $(P_V6)ip6t_REJECT))
> +$(eval $(call nf_add,IPT_IPV6,CONFIG_IP6_NF_NAT, $(P_V6)nf_nat_ipv6))
> +$(eval $(call nf_add,IPT_IPV6,CONFIG_IP6_NF_TARGET_MASQUERADE,
> $(P_V6)ip6t_MASQUERADE))
> +$(eval $(call nf_add,IPT_IPv6,CONFIG_IP6_NF_TARGET_NPT, $(P_V6)ip6t_NPT))
>
> # nat
>
> # kernel only
> +$(eval $(if $(NF_KMOD),$(call nf_add,IPT_NAT6,CONFIG_IP6_NF_NAT,
> $(P_V6)nf_nat_ipv6, ge 3.7.0),))
> $(eval $(if $(NF_KMOD),$(call nf_add,IPT_NAT,CONFIG_NF_NAT,
> $(P_XT)nf_nat $(P_V4)nf_nat_ipv4 $(P_XT)xt_nat $(P_V4)iptable_nat, ge
> 3.7.0),))
> $(eval $(if $(NF_KMOD),$(call nf_add,IPT_NAT,CONFIG_NF_NAT,
> $(P_V4)nf_nat $(P_V4)iptable_nat, lt 3.7.0),))
>
> diff --git a/package/kernel/modules/netfilter.mk
> b/package/kernel/modules/netfilter.mk
> index 69bdba0..d862c32 100644
> --- a/package/kernel/modules/netfilter.mk
> +++ b/package/kernel/modules/netfilter.mk
> @@ -164,6 +164,23 @@ endef
>
> $(eval $(call KernelPackage,ipt-nat))
>
> +define KernelPackage/ipt-nat6
> + TITLE:=Basic NAT targets for IPv6
> + KCONFIG:=$(KCONFIG_IPT_NAT6)
> + FILES:=$(foreach mod,$(IPT_NAT6-m),$(LINUX_DIR)/net/$(mod).ko)
> + AUTOLOAD:=$(call AutoLoad,42,$(notdir $(IPT_NAT6-m)))
> + $(call AddDepends/ipt)
> +endef
> +
> +define KernelPackage/ipt-nat6/description
> + Netfilter (IPv6) kernel modules for basic NAT targets
> + Includes:
> + - MASQUERADE
> + - NPT
> +endef
> +
> +$(eval $(call KernelPackage,ipt-nat6))
> +
>
> define KernelPackage/ipt-nat-extra
> TITLE:=Extra NAT targets
>
>
> --
> Dave Täht
>
> Fixing bufferbloat with cerowrt:
> http://www.teklibre.com/cerowrt/subscribe.html
> _______________________________________________
> Cerowrt-devel mailing list
> Cerowrt-devel@lists.bufferbloat.net
> https://lists.bufferbloat.net/listinfo/cerowrt-devel
>
[-- Attachment #2: Type: text/html, Size: 7542 bytes --]
next prev parent reply other threads:[~2013-01-16 21:12 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-01-16 11:37 Dave Taht
2013-01-16 21:12 ` Maciej Soltysiak [this message]
2013-01-16 21:48 ` Dave Taht
2013-01-16 21:53 ` Maciej Soltysiak
2013-01-17 21:45 ` Maciej Soltysiak
2013-01-17 21:47 ` Dave Taht
[not found] <mailman.5563.1358459264.1742.cerowrt-devel@lists.bufferbloat.net>
2013-01-18 13:23 ` Richard Brown
2013-01-18 15:26 ` Dave Taht
2013-01-18 15:53 ` Richard Brown
2013-01-18 15:54 ` Dave Taht
2013-01-18 18:07 ` Robert Bradley
2013-01-18 18:11 ` Dave Taht
2013-01-18 18:30 ` Robert Bradley
2013-01-19 0:41 ` Richard Brown
2013-01-19 9:45 ` Maciej Soltysiak
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://lists.bufferbloat.net/postorius/lists/cerowrt-devel.lists.bufferbloat.net/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAMZR1YBQ8YDH-M73JpYNOMNUJH54Pzjr7rxETGC4ai4n60akRA@mail.gmail.com \
--to=maciej@soltysiak.com \
--cc=cerowrt-devel@lists.bufferbloat.net \
--cc=dave.taht@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox