[Cerowrt-devel] cerowrt 3.7.2-3 released, still in a battle with ipv6

Dave Taht dave.taht at gmail.com
Wed Jan 16 16:48:11 EST 2013


At least one (possibly not new) unaligned exception trap has reared its
head in addrconf_prefix_rcv.

https://www.bufferbloat.net/issues/419

This is a bad place for one! a network burp heisenbug....

On Wed, Jan 16, 2013 at 4:12 PM, Maciej Soltysiak <maciej at soltysiak.com>wrote:

> Good build! I have to report that the issue with polipo, DNS and TFO that
> I observed with 3.7.1-1 seems resolved.
> Test with and without TFO.
> Ketan, I won't post a bug unless it appears again.
>

What I saw (Ages ago) was that dns would stop working over time in polipo.


>
> Regards.
> Maciej
> On Wed, Jan 16, 2013 at 12:37 PM, Dave Taht <dave.taht at gmail.com> wrote:
>
>> It's at:
>>
>> http://snapon.lab.bufferbloat.net/~cero2/cerowrt/wndr/3.7.2-3/
>>
>> It seems pretty stable but with the ipv6 churn...
>>
>> [insert my std hyperbolic warnings about exposing the release to
>> default gws in front of spouses or young children]
>>
>> features:
>>
>> + dnsmasq 2.66test10
>> + merge with openwrt head
>> + new unaligned access code from openwrt head (by nbd) and the
>> remainder of the older unaligned patch set (by robert bradley) ported
>> to work on top of that
>>
>> I have not checked to see if all traps are gone, you can look at that via
>> files in /sys/debug/kernel/mips/
>>
>>  - it's mostly the ipv6 related traps I'm concerned about...
>>
>> The checksum routine changed and I did check checksums on a variety of
>> ipv4 ethernet traffic, but not enough to feel assured.
>>
>> + Bug fixed https://www.bufferbloat.net/issues/418
>>
>> BUG_ON removed on TFO support in the kernel. TFO works. I tested it by:
>>
>> echo 3 > /proc/sys/net/ipv4/tcp_fastopen
>> editing /etc/init.d/polipo to add support for a boolean useTCPFastOpen
>> parameter
>> adding that parameter to /etc/config/polipo
>> testing with the current version of httping
>>
>> I will update the init script and config in the next spin.
>>
>> ...
>>
>> The churn in how to setup ipv6 sanely continues. The configuration for
>> how to do it has changed significantly again and is documented at:
>>
>> http://wiki.openwrt.org/doc/uci/network6
>>
>> It's not clear to me to state of the ipv6 dnsmasq integration now.
>> There is much discussion on the dnsmasq-discuss list as to how to do
>> prefix-independent configuration as one example.
>>
>> as for the ipv6 related changes just now come down from openwrt,
>> steven barth tells me that:
>>
>> "6distributed functionality (prefix delegation) was merged into netifd
>> for size reasons.
>> The shell mess which was ipv6-support was abandoned.
>>
>> dhcpv6 is now a regular network proto in netifd (which can be added
>> ontop of other ipv4-wan types or separately for ipv6-only).
>>
>> network6 is unnecessary now. 6rd, 6to4 now automatically publish their
>> prefix. 6in4 adds a new option ip6prefix for adding the routed prefix.
>>
>> LANs / WLANs which want a prefix now just add a option ip6assign 64 to
>> the interface definition.
>>
>> See examples in: http://wiki.openwrt.org/doc/uci/network6
>>
>> Prefix Announcement / DHCPv6 / Relaying has been untangled and should
>> be moved into the respective daemon config / init. I've done this for
>> 6relayd.
>>
>> For dnsmasq you will have to add config support similar to what is
>> done for DHCP in IPv4, so it should be easy to adapt. Maybe some of
>> the CeroWrt contributors like to add that.
>>
>> I also haven't looked at NPT yet. I've removed the shell-script mess
>> for now as we will not have all targets up to 3.7 in the coming weeks
>> and therefore also not a new ip6tables."
>>
>> AHCP is still lost and lonely in the configuration.
>>
>> I took a stab at enabling ipv6 NPT support myself in this release, but
>> the changes I'd made to the openwrt configuration didn't successfully
>> get the modules to compile nor create a package. My *non-working
>> patch* looked like this, and suggestions as to what sort of magic wand
>> to wave over it welcomed.
>>
>> diff --git a/include/netfilter.mk b/include/netfilter.mk
>> index 1d89e6d..3d65f76 100644
>> --- a/include/netfilter.mk
>> +++ b/include/netfilter.mk
>> @@ -154,10 +154,14 @@ $(eval $(call
>> nf_add,IPT_IPV6,CONFIG_IP6_NF_MATCH_RT, $(P_V6)ip6t_rt))
>>
>>  $(eval $(call nf_add,IPT_IPV6,CONFIG_IP6_NF_TARGET_LOG, $(P_V6)ip6t_LOG))
>>  $(eval $(call nf_add,IPT_IPV6,CONFIG_IP6_NF_TARGET_REJECT,
>> $(P_V6)ip6t_REJECT))
>> +$(eval $(call nf_add,IPT_IPV6,CONFIG_IP6_NF_NAT, $(P_V6)nf_nat_ipv6))
>> +$(eval $(call nf_add,IPT_IPV6,CONFIG_IP6_NF_TARGET_MASQUERADE,
>> $(P_V6)ip6t_MASQUERADE))
>> +$(eval $(call nf_add,IPT_IPv6,CONFIG_IP6_NF_TARGET_NPT, $(P_V6)ip6t_NPT))
>>
>>  # nat
>>
>>  # kernel only
>> +$(eval $(if $(NF_KMOD),$(call nf_add,IPT_NAT6,CONFIG_IP6_NF_NAT,
>> $(P_V6)nf_nat_ipv6, ge 3.7.0),))
>>  $(eval $(if $(NF_KMOD),$(call nf_add,IPT_NAT,CONFIG_NF_NAT,
>> $(P_XT)nf_nat $(P_V4)nf_nat_ipv4 $(P_XT)xt_nat $(P_V4)iptable_nat, ge
>> 3.7.0),))
>>  $(eval $(if $(NF_KMOD),$(call nf_add,IPT_NAT,CONFIG_NF_NAT,
>> $(P_V4)nf_nat $(P_V4)iptable_nat, lt 3.7.0),))
>>
>> diff --git a/package/kernel/modules/netfilter.mk
>> b/package/kernel/modules/netfilter.mk
>> index 69bdba0..d862c32 100644
>> --- a/package/kernel/modules/netfilter.mk
>> +++ b/package/kernel/modules/netfilter.mk
>> @@ -164,6 +164,23 @@ endef
>>
>>  $(eval $(call KernelPackage,ipt-nat))
>>
>> +define KernelPackage/ipt-nat6
>> +  TITLE:=Basic NAT targets for IPv6
>> +  KCONFIG:=$(KCONFIG_IPT_NAT6)
>> +  FILES:=$(foreach mod,$(IPT_NAT6-m),$(LINUX_DIR)/net/$(mod).ko)
>> +  AUTOLOAD:=$(call AutoLoad,42,$(notdir $(IPT_NAT6-m)))
>> +  $(call AddDepends/ipt)
>> +endef
>> +
>> +define KernelPackage/ipt-nat6/description
>> + Netfilter (IPv6) kernel modules for basic NAT targets
>> + Includes:
>> + - MASQUERADE
>> + - NPT
>> +endef
>> +
>> +$(eval $(call KernelPackage,ipt-nat6))
>> +
>>
>>  define KernelPackage/ipt-nat-extra
>>    TITLE:=Extra NAT targets
>>
>>
>> --
>> Dave Täht
>>
>> Fixing bufferbloat with cerowrt:
>> http://www.teklibre.com/cerowrt/subscribe.html
>> _______________________________________________
>> Cerowrt-devel mailing list
>> Cerowrt-devel at lists.bufferbloat.net
>> https://lists.bufferbloat.net/listinfo/cerowrt-devel
>>
>
>


-- 
Dave Täht

Fixing bufferbloat with cerowrt:
http://www.teklibre.com/cerowrt/subscribe.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.bufferbloat.net/pipermail/cerowrt-devel/attachments/20130116/853f2dad/attachment-0002.html>


More information about the Cerowrt-devel mailing list