[Cerowrt-devel] Comcast specific Cerowrt-3.10.26-7: another "too exciting for me" unrelease
dave.taht at gmail.com
Tue Jan 21 15:59:21 EST 2014
This is a special release intended only for comcast users with ipv6
capable modems and CMTSes.
NOTE: If you are running any form of tunneling for ipv6 (e.g. hurricane)
do NOT try this release, as it breaks badly.
I strongly recommend all cerowrt users on comcast, upgrade.
If you are on comcast and dare not upgrade to this, comment out these
lines in /etc/config/network
#config interface ge01 # wan6 on some release.
# option ifname @ge00
# option proto dhcpv6
# option 'broadcast' '1'
# option 'metric' '2048'
# option 'reqprefix' '60'
and reboot to disable dhcpv6 on the external interface entirely.
I have been having flashbacks to the IPX/SPX transition... but it
really did bring a tear to my eye to finally have ipv6 connectivity
for the first time, native. And to see no real difference in RTT
between ipv4 and v6.
Oh brave new world that may have new protocols in it.
A bunch of other stuff landed in cero, and if you are not tunneling,
and your spouse and family are willing, you can try:
+ openwrt sync from head
+ RA spamming filter stopping mega firewall reloads on comcast ipv6 -
thx steven barth!
+ switch from dnsmasq to using odhcpd for ipv6 RAs (thx #openwrt!)
+ Comcast ipv6 actually tested by me
+ GUI is now https - thx sebastian! (we still have some work left here)
For snowden points, it also does perfect forward secrecy.
+ GUI has selectable skins (pick one, any one)
+ SQM starts correctly on boot and other restarts
+ SQM now scales better to higher rates
+ updated on-board documentation ( example:
+ updated uftp, ccnx, new libnettle package (for dnsmasq 2.69) - thx
+ sysupgrade fixed
on the minus side
- We still have some timing problems in picking up the RAs,
particularly from wifi.
If you don't get ipv6 addresses on your wifi client after a fresh
boot of cero,
reconnect the wifi client. After cero is fully booted. and has
dhcpv6-pd'd addresses, you'll get them. Usually.
- bcp38: didn't get 'round2it src/dst routing solves half of it
- updated shaperprobe, ditg, same
- HT40+ DOES appear to be NOT working. (this has been the case for a while)
- Hurricane electric ipv6 tunnels are *badly broken* as in *will
disable your router* with a zillion extra processes.
a huge change in openwrt made saturday was a switch to source specific routing,
e.g, if you have two ipv6 providers, (or a vpn, and so on)
stuff from source A will go out the right destination for destination A,
and stuff from source B will go out the right destination for
destination B. At least in theory.
so you will see "from" routes.
root at cerowrt:~# ip -6 route
default from :: via fe80::201:5cff:de41:b841 dev ge00 proto static metric 1024
default from 2001:E:L:I:D:E:D:Z via fe80::201:5ccf:fe41:b841 dev ge00
proto static metric 1024
default from 2601:X:Y::0::/60 via fe80::201:5ccf:fe41:b841 dev ge00
proto static metric 1024
2601:X:Y:0::/64 dev gw00 proto kernel metric 256 expires 345262sec
2601:X:Y:1::/64 dev gw10 proto kernel metric 256 expires 345262sec
2601:X:Y:2::/64 dev se00 proto kernel metric 256 expires 345262sec
2601:X:Y:3::/64 dev sw00 proto kernel metric 256 expires 345262sec
2601:X:Y:4::/64 dev sw10 proto kernel metric 256 expires 345262sec
unreachable 2601:X:X:0::/60 dev lo proto static metric 2147483647 error -128
I figure there is much work to be done to get things like ipsec and openvpn
and bird/quagga/babeld to work well again, but source/dest routing was
desparately needed, so...
 All my testing was done on an ARRIS TM822G cablemodem. (I have a profoundly
low opinion of several other cablemodems, notably the technicolor...)
There are a few other testers on other cablemodems, please report
I return now to my regularly scheduled workweek from last wednesday.
Share and enjoy.
Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscribe.html
More information about the Cerowrt-devel