On Wed, 2018-09-05 at 19:50 -0500, dag dg via networkmanager-list
wrote:
> Thanks Thomas. Going into debug was able to point me in the right
> direction. For those stumbling on this like myself, the
> "ipv6.method=shared" refers to your *LAN* interface, not your WAN
> interface. While this might seem intuitive to some, when I think
> "shared" I think of the WAN though that is mostly a holdover from
> IPv4
> conventions.
>
> In an earlier fit of desperation I had tried setting the LAN
> interface
> to "shared", but at the time ipv6 ICMP was unintentionally blocked by
> the firewall which was preventing the negotiation with my ISP from
> happening. I eventually figured it out that it was the firewall when
> I
> switched to wide-dhcpv6 using the known working config I had used
> with
> my old router, but I never went back to try setting the LAN interface
> to shared.
>
> After switching to debug I was able to see that the errors hinted at
> NM trying to find an interface(device) other than my WAN to assign a
> range to. The informational level message "no device to obtain a
> subnet to share on from" sort of gives this away but by
> itself can appear a bit cryptic, especially if like me you don't
> fully
> understand how ipv6 works.
>
> I think it would really help out if the documentation had a smidgen
> more detail, even if it was just a "for example if you are
> configuring
> a router for prefix delegation you would want to set your
> LAN/local/whatever interface to shared mode". Maybe it's already
> supposed to appear obvious but I definitely missed it, for what it's
> worth.
>
> Thanks again Thomas and thanks Vladimir; your earlier post was what
> made me aware Network Manager began supporting prefix delegation in
> the first place.
Hi,
I added a comment about that in `man nm-settings` [1], but it's unclear
that this is sufficiently discoverable. But it's also unclear where
else to document it.
Regarding firewall, at least for ipv4.method=shared, NetworkManager adds some
iptables rules to enable NAT [2]. This has room for improvement. Possibly
firewalld should be informed about the sharing and it's up to firewalld to
do the right thing. Todo.
[1]
https://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=e90e1536c91678dcf34ab496aa750598052e1143
[2]
https://cgit.freedesktop.org/NetworkManager/NetworkManager/tree/src/devices/nm-device.c?id=e90e1536c91678dcf34ab496aa750598052e1143#n10068
So, after all you got it working?? Cool!!
best,
Thomas
>
> ~dag
> On Wed, Sep 5, 2018 at 8:11 AM Thomas Haller
> wrote:
> >
> > On Tue, 2018-09-04 at 09:29 -0500, dag dg via networkmanager-list
> > wrote:
> > >
> > > There doesn't seem to be much documentation for Network Manager
> > > on
> > > the
> > > prefix delegation support. Any insight would be appreciated.
> >
> > Hi,
> >
> >
> > it's not much documented, because there isn't much to configure
> > about
> > ipv6.method=shared. It's supposed to just work -- except when it
> > doesn't.
> >
> > Could you provide a full logfile with level=TRACE enabled?
> >
> > See the hints about logging at
> >
https://cgit.freedesktop.org/NetworkManager/NetworkManager/tree/contrib/fedora/rpm/NetworkManager.conf
> >
> >
> > best,
> > Thomas
>
> ___
> networkmanager-list mailing list
> networkmanager-list@gnome.org
> https://mail.gnome.org/mailman/listinfo/networkmanager-list
signature.asc
Description: This is a digitally signed message part
___
networkmanager-list mailing list
networkmanager-list@gnome.org
https://mail.gnome.org/mailman/listinfo/networkmanager-list