Am 18.12.2023 um 16:22 schrieb Paul D:
How does pppoe-wan get its IP?
It is retrieved by odhcp6c.
You may not be able to do much about that, but you can hint which IPv6 an interface gets using the assignment length, hint and prefix settings. I don't use openvpn, but perhaps it has something like this? I guess it would try to pick a source IP with the 'lowest' IPv6 from an available /64?
It isn't the lowest address. In my case it is all the time the ipv6 address from br-guest1, even if I exchange the ip6hint value between the three local interfaces. I could solve the problem. First I did modify /etc/init.d/openvpn by adding an interface trigger which does restart openvpn with parameter '--local <IPV6 from wan>'. Second, I did use the simple way by adding 'option multihome 1' to the openvpn config file. Regards, Hartmut
On 2023-12-15 11:08, e9hack wrote: > Hi, > > I've trouble with openvpn over ipv6. It isn't possible to connect to my router from outside via ipv6, because openvpn uses the wrong ipv6 address as source. I get from my provider two prefixes (a 56 and 64 bit). The wan interface gets assigned a random address from the 64 bit prefix. I'm using 3 local interfaces that have been assigned a 64-bit prefix derived from the 56-bit prefix. This are the ipv6 global addresses on my interfaces: > > pppoe-wan Link encap:Point-to-Point Protocol > inet6 addr: 2003:cccc:ddff:1242:bbbb:bbbb:bbbb:bbbb/64 Scope:Global > > br-lan Link encap:Ethernet HWaddr 50:xx:xx:xx:xx:xx > inet6 addr: 2003:cccc:dd12:27ac::1/64 Scope:Global > > br-guest1 Link encap:Ethernet HWaddr 56:xx:xx:xx:xx:xx > inet6 addr: 2003:cccc:dd12:27e1::1/64 Scope:Global > > br-guest2 Link encap:Ethernet HWaddr 5A:xx:xx:xx:xx:xx > inet6 addr: 2003:cccc:dd12:27e2::1/64 Scope:Global > > openvpn uses all the time the address from br-guest1 as source address. I did monitor this with tcpdump: > > root@OpenWRT:~# tcpdump -n -i pppoe-wan ip6 and port 1194 > tcpdump: verbose output suppressed, use -v[v]... for full protocol decode > listening on pppoe-wan, link-type LINUX_SLL (Linux cooked v1), snapshot length 262144 bytes > 09:20:06.656182 IP6 2a01:eeee:ffff:56b6:aaaa:aaaa:aaaa:aaaa.62668 > 2003:cccc:ddff:1242:bbbb:bbbb:bbbb:bbbb.1194: UDP, length 86 > 09:20:06.657636 IP6 2003:cccc:dd12:27e1::1.1194 > 2a01:eeee:ffff:56b6:aaaa:aaaa:aaaa:aaaa.62668: UDP, length 98 > 09:20:21.294559 IP6 2a01:eeee:ffff:56b6:aaaa:aaaa:aaaa:aaaa.62668 > 2003:cccc:ddff:1242:bbbb:bbbb:bbbb:bbbb.1194: UDP, length 86 > 09:20:21.296070 IP6 2003:cccc:dd12:27e1::1.1194 > 2a01:eeee:ffff:56b6:aaaa:aaaa:aaaa:aaaa.62668: UDP, length 98 > 09:20:50.938655 IP6 2a01:eeee:ffff:56b6:aaaa:aaaa:aaaa:aaaa.62668 > 2003:cccc:ddff:1242:bbbb:bbbb:bbbb:bbbb.1194: UDP, length 86 > 09:20:50.939972 IP6 2003:cccc:dd12:27e1::1.1194 > 2a01:eeee:ffff:56b6:aaaa:aaaa:aaaa:aaaa.62668: UDP, length 98 > > What can I change, that openvpn uses the ipv6 address from the wan interface? > > Regards, > Hartmut > > _______________________________________________ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/mailman/listinfo/openwrt-devel _______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
_______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
