[CentOS] RHEL 8.2
Got RHEL 8.2 today. https://www.redhat.com/en/about/press-releases/red-hat-delivers-force-multiplier-enterprise-it-enhanced-intelligent-monitoring-unveils-latest-version-red-hat-enterprise-linux-8 . thanks -- Lee ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Tomcat or what on CentOS 8?
Hi, We're running some web apps on CentOS 6 on Tomcat 6 shipped by the distribution. As time goes by we'd like to move on to CentOS 8 and Tomcat 9 or whatever is appropriate. My question is, what do others use now that Tomcat is not shipped anymore with CentOS? Do you run some JBoss/WildFly instead or still running Tomcat? And, how do you install/manage those installations. Do you have RPM packaged versions or fiddle with tarballs? Since this is a quite standard setup for web apps I'm really wondering how everybody is doing it these days? Thanks, Simon ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] CentOS-announce Digest, Vol 182, Issue 3
Send CentOS-announce mailing list submissions to centos-annou...@centos.org To subscribe or unsubscribe via the World Wide Web, visit https://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-requ...@centos.org You can reach the person managing the list at centos-announce-ow...@centos.org When replying, please edit your Subject line so it is more specific than "Re: Contents of CentOS-announce digest..." Today's Topics: 1. Release for CentOS Linux 7 (2003) on the x86_64 Architecture (Johnny Hughes) 2. Release for CentOS Linux 7 (2003) on armhfp aarch64 i386 ppc64 ppc64le and power9 (Pablo Sebasti?n Greco) 3. CESA-2020:1488 Important CentOS 6 thunderbird Security Update (Johnny Hughes) 4. CESA-2020:1429 Important CentOS 6 firefox Security Update (Johnny Hughes) 5. CESA-2020:1403 Important CentOS 6 qemu-kvmSecurity Update (Johnny Hughes) 6. CESA-2020:1508 Important CentOS 6 java-1.7.0-openjdk Security Update (Johnny Hughes) 7. CESA-2020:1506 Important CentOS 6 java-1.8.0-openjdk Security Update (Johnny Hughes) 8. CESA-2020:1524 Important CentOS 6 kernel Security Update (Johnny Hughes) -- Message: 1 Date: Mon, 27 Apr 2020 05:04:53 -0500 From: Johnny Hughes To: CentOS-Announce Subject: [CentOS-announce] Release for CentOS Linux 7 (2003) on the x86_64 Architecture Message-ID: Content-Type: text/plain; charset="utf-8" Release for CentOS Linux 7 (2003) on the x86_64 Architecture We are pleased to announce the general availability of CentOS Linux 7 (1908) for the x86_64 architecture. Effectively immediately, this is the current release for CentOS Linux 7 and is tagged as 1908, derived from Red Hat Enterprise Linux 7.8 Source Code. As always, read through the Release Notes at : http://wiki.centos.org/Manuals/ReleaseNotes/CentOS7 - these notes contain important information about the release and details about some of the content inside the release from the CentOS QA team. These notes are updated constantly to include issues and incorporate feedback from the users. -- Updates, Sources, and DebugInfos Updates released since the upstream release are all posted, across all architectures. We strongly recommend every user apply all updates, including the content released today, on your existing CentOS Linux 7 machine by just running 'yum update'. As with all CentOS Linux 7 components, this release was built from sources hosted at git.centos.org. In addition, SRPMs that are a byproduct of the build (and also considered critical in the code and buildsys process) are being published to match every binary RPM we release. Sources will be available from vault.centos.org in their own dedicated directories to match the corresponding binary RPMs. Since there is far less traffic to the CentOS source RPMs compared with the binary RPMs, we are not putting this content on the main mirror network. If users wish to mirror this content they can do so using the reposync command available in the yum-utils package. All CentOS source RPMs are signed with the same key used to sign their binary counterparts. Developers and end users looking at inspecting and contributing patches to the CentOS Linux distro will find the code hosted at git.centos.org far simpler to work against. Details on how to best consume those are documented along with a quick start at : http://wiki.centos.org/Sources Debuginfo packages are also being signed and pushed. Yum configs shipped in the new release file will have all the context required for debuginfo to be available on every CentOS Linux install. This release supersedes all previously released content for CentOS Linux 7, and therefore we highly encourage all users to upgrade their machines. Information on different upgrade strategies and how to handle stale content is included in the Release Notes. Note that older content, obsoleted by newer versions of the same applications are trim'd off from repos like Extras/ and Plus/ However this time we have also extended this to the SIG content hosted at mirror.centos.org, and some older End of Life content has been dropped. Everything we ever release, is always available on the vault service for people still looking for and have a real need for it. -- Download In order to conserve donor bandwidth, and to make it possible to get the mirror content sync'd out as soon as possible, we recommend using torrents to get your initial installer images: Details on the images are available on the mirrors at http://mirror.centos.org/centos/7/isos/x86_64/0_README.txt - that file clearly highlights the difference in the images, and when one might be more suitable than the others. sha256sum x86_64: 087a5743dc6fd6706d9b961b8147423ddc029451b938364c760d75440eb7be14 CentOS-7-x86_64-DVD
Re: [CentOS] Understanding modularity
Am 28.04.20 um 08:07 schrieb Simon Matter: Am 27.04.20 um 17:31 schrieb Simon Matter via CentOS: On 4/27/20 8:27 AM, Simon Matter via CentOS wrote: Hi, I've read the Fedora modularity docs but am still missing the big picture somehow. Hope someone can clarify things for me. What I'm most wondering: does modularity have any influence on the RPM packages at all. I mean, is there anything inside a RPM package which says it belongs to a module or it has a special function in a module? >From what I understand the RPMs are just completely normal packages and only YUM/DNF knows from some metadata that an RPM belongs to a module. Is that corrent? Well .. yes and no. Individual rpm packages have requirements for install .. so if a package is built against python38 , it will require python38 libraries. The individual RPMs though do not have knowledge specifically about Modules though, just the metadata. Okay, so the rpm has it's usual provides and requires, in this case a requirement for python38. Still, I don't really understand how it can work for a simple example I have in mind. Let's say there is this new, shiny Apache httpd version 3.0.0 which requires this new and incompatible zlib version 2.0.0. How can this be built with modules? Dozen of RPMs depend on zlib version 1.x.x, how is this situation handled with modules. Sorry, I just don't really understand. IIRC: A module is just a set of RPM packages that can or must be installed together. Modules of the same "applications" can not be installed at the same time (postgresql 10 or 12). Normally a core library would not be packaged as a module but technically possible. So, the new thing about "modules" is, that the package manager (dnf) can handle this bundles like it would be a single package (handled with the help of metadata). In other words, it does not have a solution for the problem mentioned above? Modules solves a different problem. Like, you can install your shiny httpd with the same name (httpd) like the default one and pinning it to this "shiny stream". With both (default/shiny) applications (packages /modules) being in the same repo. If the shiny app needs a shiny zlib than that should be installed without producing conflicts (e.g. into /usr/local/) and the application should be linked against that lib. -- Leon ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Tomcat or what on CentOS 8?
> Hi, > > We're running some web apps on CentOS 6 on Tomcat 6 shipped by the > distribution. > > As time goes by we'd like to move on to CentOS 8 and Tomcat 9 or whatever > is appropriate. > > My question is, what do others use now that Tomcat is not shipped anymore > with CentOS? > > Do you run some JBoss/WildFly instead or still running Tomcat? > > And, how do you install/manage those installations. Do you have RPM > packaged versions or fiddle with tarballs? > > Since this is a quite standard setup for web apps I'm really wondering how > everybody is doing it these days? Anybody care to comment? I can't believe nobody's running Java servlet containers on CentOS since it's a very common way to provide webservices. I've just checked our FreeBSD box and it provides: root@freebsd:~ # pkg search tomcat tomcat-native-1.2.23 Tomcat native library tomcat7-7.0.92 Open-source Java web server by Apache, 7.x branch tomcat85-8.5.54 Open-source Java web server by Apache, 8.5.x branch tomcat9-9.0.34 Open-source Java web server by Apache, 9.0.x branch tomcat-devel-10.0.0.M4 Open-source Java web server by Apache, 10.0.x branch root@freebsd:~ # pkg search wildfly wildfly90-9.0.2_2Replacement for JBoss Application Server wildfly10-10.1.0_2 Replacement for JBoss Application Server wildfly11-11.0.0_1 Replacement for JBoss Application Server wildfly12-12.0.0_1 Replacement for JBoss Application Server wildfly13-13.0.0_1 Replacement for JBoss Application Server wildfly14-14.0.1 Replacement for JBoss Application Server wildfly15-15.0.1 Replacement for JBoss Application Server wildfly16-16.0.0 Replacement for JBoss Application Server wildfly17-17.0.1 WildFly is a Java Jakarta EE8 application server developed by Red Hat wildfly18-18.0.1 WildFly is a Java Jakarta EE8 application server developed by Red Hat Additionally there are also packages of Geronimo and Glassfish as alternatives. If I don't find usable RPMs for CentOS 8 I'm going to build our own as I do for other things as well. But I just can't believe they don't already exist. Regards, Simon ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Network Interfaces Issue
I have two network interfaces configured on a server. I would like both of them to be configured to start on boot, but when I enable the second interface to start on boot I do not have access to the first network interface. The second interface is a private network and does not allow any communication our or in from any other interfaces. I can start the server with the first network interface being the only one enabled to start at boot and go in and activate the second interface which allows communication on both interfaces, but when they are both enabled to start on boot only the private interface can communicate. I am running Centos 7.7. Thanks in advance for any assistance you can provide. Jared Jacob ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Tomcat or what on CentOS 8?
--On Tuesday, April 28, 2020 9:35 PM +0200 Simon Matter via CentOS wrote: If I don't find usable RPMs for CentOS 8 I'm going to build our own as I do for other things as well. But I just can't believe they don't already exist. Some upstream providers have taken to providing their own repositories. I'm now getting Nginx, MariaDB, and PostgreSQL from the source that way. Perhaps Tomcat has its own upstream repo. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Diagnosing IPv6 routing
I just got 50 Mbps symmetric fiber from AT&T and it includes a /56 of IPv6 addresses, replacing a much slower ADSL line. I never tried to get IPv6 working on the old connection. I'm using CentOS 7 as a gateway and it's worked great for several versions for IPv4. I'm not seeing any IPv6 default route on the WAN interface. I suspect I'm not getting route announcements. I think I have all the IPv6 variables in ifcfg-em2 set right. But I do notice that the accept_ra file in proc for that interface has value 1, not 2. Changing it to 2 doesn't change anything, though. No route appears. While I wait for an answer to my trouble ticket, is there some way to verify that I'm not receiving any RA packets? Is there a way to force a solicitation for one? Is there a tcpdump invocation I can use to watch for them? Are there log messages that will tell me when an RA has been seen and added to the routing table or ignored? ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Network Interfaces Issue
On Tue, Apr 28, 2020 at 2:40 PM Jared Jacob wrote: > I have two network interfaces configured on a server. I would like both of > them to be configured to start on boot, but when I enable the second > interface to start on boot I do not have access to the first network > interface. The second interface is a private network and does not allow any > communication our or in from any other interfaces. > > I can start the server with the first network interface being the only one > enabled to start at boot and go in and activate the second interface which > allows communication on both interfaces, but when they are both enabled to > start on boot only the private interface can communicate. > > I am running Centos 7.7. Thanks in advance for any assistance you can > provide. > > Jared Jacob > > THe private interface configuration might be setting a default route for itself, which is not what you want. If you are using the NetworkManager widget to configure, make sure "use this connection only for resources on this network" is set Tony Schreiner ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Tomcat or what on CentOS 8?
On Tue, Apr 28, 2020 at 7:35 PM Simon Matter via CentOS wrote: > If I don't find usable RPMs for CentOS 8 I'm going to build our own as I > do for other things as well. But I just can't believe they don't already > exist. I've packaged tomcat8 and tomcat9 in my repo here: https://harbottle.gitlab.io/harbottle-main/8/x86_64/ ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Tomcat or what on CentOS 8?
On Tue, 28 Apr, 2020 at 11:44:20 +0200, Simon Matter via CentOS wrote: > Hi, > > We're running some web apps on CentOS 6 on Tomcat 6 shipped by the > distribution. > > As time goes by we'd like to move on to CentOS 8 and Tomcat 9 or whatever > is appropriate. > > My question is, what do others use now that Tomcat is not shipped anymore > with CentOS? > > Do you run some JBoss/WildFly instead or still running Tomcat? > > And, how do you install/manage those installations. Do you have RPM > packaged versions or fiddle with tarballs? > > Since this is a quite standard setup for web apps I'm really wondering how > everybody is doing it these days? I use the tarball provided by upstream on CentOS 7, since the distro-provided version is quite old. I created a 'tomcat' system user and gave it ownership of the extracted files under /opt. I also wrote a simple systemd unit file to manage the service in the usual way. If you take that approach be sure to subscribe to the tomcat-announce list in order to receive update announcements. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Diagnosing IPv6 routing
I struggled with this under CentOS 7. I think there is a bug. You can run /usr/sbin/radvdump to print out RAs. Leave it running for some minutes. I had this in my /etc/sysctl.d/50-net6.conf (on C7): # # IPv6 Forwarding # net.ipv6.conf.all.forwarding = 1 net.ipv6.conf.default.forwarding = 1 net.ipv6.conf.all.accept_ra = 1 net.ipv6.conf.default.accept_ra = 1 # # Fix bug to received RAs from Router # Disable forwarding on enp4s0f1 interface so we still get RAs # net.ipv6.conf.enp4s0f1.forwarding = 0 #net.ipv6.conf.enp4s0f1.accept_ra = 1 where enp4s0f1 is the WAN interface. Note that ipv6 forwarding still works. I used my C7 as a firewall/gateway. I am running 8.1 now. Alan -- Alan McRae On 29/04/2020 06:54, Kenneth Porter wrote: I just got 50 Mbps symmetric fiber from AT&T and it includes a /56 of IPv6 addresses, replacing a much slower ADSL line. I never tried to get IPv6 working on the old connection. I'm using CentOS 7 as a gateway and it's worked great for several versions for IPv4. I'm not seeing any IPv6 default route on the WAN interface. I suspect I'm not getting route announcements. I think I have all the IPv6 variables in ifcfg-em2 set right. But I do notice that the accept_ra file in proc for that interface has value 1, not 2. Changing it to 2 doesn't change anything, though. No route appears. While I wait for an answer to my trouble ticket, is there some way to verify that I'm not receiving any RA packets? Is there a way to force a solicitation for one? Is there a tcpdump invocation I can use to watch for them? Are there log messages that will tell me when an RA has been seen and added to the routing table or ignored? ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Diagnosing IPv6 routing
Once upon a time, Kenneth Porter said: > I just got 50 Mbps symmetric fiber from AT&T and it includes a /56 > of IPv6 addresses, replacing a much slower ADSL line. I never tried > to get IPv6 working on the old connection. I'm using CentOS 7 as a > gateway and it's worked great for several versions for IPv4. > > I'm not seeing any IPv6 default route on the WAN interface. I > suspect I'm not getting route announcements. I think I have all the > IPv6 variables in ifcfg-em2 set right. But I do notice that the > accept_ra file in proc for that interface has value 1, not 2. > Changing it to 2 doesn't change anything, though. No route appears. > > While I wait for an answer to my trouble ticket, is there some way > to verify that I'm not receiving any RA packets? Is there a way to > force a solicitation for one? Is there a tcpdump invocation I can > use to watch for them? Are there log messages that will tell me when > an RA has been seen and added to the routing table or ignored? I haven't touched AT&T's IPv6, but the typical way WAN IPv6 works is: - gateway sends a router solicitation and gets a router advertisement with "stateful config" set, which tells gateway to do DHCPv6 (but default route comes from RA) - gateway does DHCPv6 to get a WAN IP - after that completes, gateway does DHCPv6 for prefix delegation If you are running NetworkManager, then IIRC the accept_ra flag doesn't matter, because NM manages everything rather than have the kernel handle autoconfiguration (because NM needs to know what's going on with IPs). As for watching, "tcpdump -p -i -v ip6" should show everything (and since you don't have any routing yet, you don't really need to filter out anything else!). You could filter "ip6 and multicast", because RAs and DHCPv6 (and ND, neighbor discovery, the counterpart to ARP) are all multicast. -- Chris Adams ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Diagnosing IPv6 routing
On 4/28/2020 3:17 PM, Chris Adams wrote: - gateway sends a router solicitation and gets a router advertisement with "stateful config" set, which tells gateway to do DHCPv6 (but default route comes from RA) I'm not seeing any outbound IPv6 traffic from my CentOS 7 box on the WAN interface. I do see RA's emitting from the LAN interface, from radvd. Is there some setting in NM tells it to send solicitations? Is there some way to push one manually? ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Diagnosing IPv6 routing
Once upon a time, Kenneth Porter said: > On 4/28/2020 3:17 PM, Chris Adams wrote: > >- gateway sends a router solicitation and gets a router advertisement > > with "stateful config" set, which tells gateway to do DHCPv6 (but > > default route comes from RA) > > I'm not seeing any outbound IPv6 traffic from my CentOS 7 box on the > WAN interface. I do see RA's emitting from the LAN interface, from > radvd. Is there some setting in NM tells it to send solicitations? > Is there some way to push one manually? What's in /etc/sysconfig/network-scripts/ifcfg-? I wonder if you have IPv6 disabled. I'm not using a "regular" (CentOS, Fedora, etc.) Linux as a gateway; I have OpenWRT on a dedicated box. I couldn't find a way to handle the prefix delegation with the typical desktop/server tools (but it has been a while since I looked). OpenWRT has their own daemon for that. However, my local systems are all sending RA solicitations and getting DHCPv6-assigned addresses with NetworkManager (which matches the first steps of what you need on the WAN, just not the prefix delegation). -- Chris Adams ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Checksums in Distribution Directories
Folks While trying to automate a download of the ISO files, I ran into inconsistencies with the method of checksums. I was trying to use the checksum values to validate my download. At least in one mirror (mirrors.sonic.net): Centos 7 uses a file called sha256sum.txt containing: 087a5743dc6fd6706d9b961b8147423ddc029451b938364c760d75440eb7be14 CentOS-7-x86_64-DVD-2003.iso 4120aff542c2f9a30bcf90d4d79e39511e5d9eabdf202566a94ff24ea7f0974c CentOS-7-x86_64-Everything-2003.iso 659691c28a0e672558b003d223f83938f254b39875ee7559d1a4a14c79173193 CentOS-7-x86_64-Minimal-2003.iso 101bc813d2af9ccf534d112cbe8670e6d900425b297d1a4d2529c5ad5f226372 CentOS-7-x86_64-NetInstall-2003.iso 3febddab1498f940e3127f2f5e1056d6fef57fcd559d5b70ff1bfa55a444f176 CentOS-7-x86_64-LiveGNOME-2003.iso 92be566a5b1d2aa62acf2e4ab01ba91420e7170cdb21e2e190dd1dafcb6a8c94 CentOS-7-x86_64-LiveKDE-2003.iso Centos 8 uses a file called CHECKSUM containing: # CentOS-8.1.1911-x86_64-boot.iso: 625999872 bytes SHA256 (CentOS-8.1.1911-x86_64-boot.iso) = 7fea13202bf2f26989df4175aace8fdc16e1137f7961c33512cbfad844008948 # CentOS-8.1.1911-x86_64-dvd1.iso: 7554990080 bytes SHA256 (CentOS-8.1.1911-x86_64-dvd1.iso) = 3ee3f4ea1538e026fff763e2b284a6f20b259d91d1ad5688f5783a67d279423b While these are fairly easy to understand as a human, a script is burdened with the job of guessing the file name of the checksum file, and then decoding the format. I don't know if this method is used on all mirrors. Would it be too much to ask that there be one format across the distributions. I suspect that SHA256 is going to be an acceptable digest for a few years. David ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Diagnosing IPv6 routing
On 4/28/2020 4:22 PM, Chris Adams wrote: What's in /etc/sysconfig/network-scripts/ifcfg-? I wonder if you have IPv6 disabled. Pasted below. V6 definitely works. I have a second server and gave it a WAN address and I can connect between them using their WAN addresses. That's what told me that my ip6tables weren't screwed up and that the problem lay elsewhere. That's when I hit on looking at the route table and seeing no default IPv6 route. I'm not using a "regular" (CentOS, Fedora, etc.) Linux as a gateway; I have OpenWRT on a dedicated box. I couldn't find a way to handle the prefix delegation with the typical desktop/server tools (but it has been a while since I looked). OpenWRT has their own daemon for that. However, my local systems are all sending RA solicitations and getting DHCPv6-assigned addresses with NetworkManager (which matches the first steps of what you need on the WAN, just not the prefix delegation). I'm using OpenWrt at home and it's working mostly fine there. Except with my Android phone. I'm not getting a DNS setting for V6, but I do have the setting in the router's config file. The Win10 clients work fine, though. Apparently Android has issues with DHCPv6, and I'm betting it's interfering with my SLAAC config. LAN config, ifcfg-em1: TYPE=Ethernet PROXY_METHOD=none BROWSER_ONLY=no BOOTPROTO=none DEFROUTE=yes IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=no IPV6_DEFROUTE=no IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy NAME=em1 UUID=fbf59f72-2d60-4dd3-8870-c14a1acb4337 DEVICE=em1 ONBOOT=yes DHCP_CLIENT_ID=saruman IPV6_PRIVACY=no ZONE=internal IPADDR=10.169.1.128 PREFIX=9 IPV6ADDR=2001:1890:1837:5B11::100/60 WAN config, ifcfg-em2: TYPE=Ethernet PROXY_METHOD=none BROWSER_ONLY=no BOOTPROTO=none DEFROUTE=yes IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy NAME=em2 UUID=fe08c9df-9913-47f5-be8b-47dad168bcc4 DEVICE=em2 ONBOOT=yes IPADDR=12.3.140.156 PREFIX=29 GATEWAY=12.3.140.153 DNS1=127.0.0.1 DOMAIN="mpa.lan dhcp.mpa.lan microprecisionautomation.com" ZONE=external IPV6FORWARDING=yes IPV6_PEERDNS=no # AT&T assigns us 2001:1890:1837:5B00::/56 # we use the 2nd /64 for our DMZ IPV6ADDR_SECONDARIES=2001:1890:1837:5B01::100/64 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Diagnosing IPv6 routing
Once upon a time, Kenneth Porter said: > I'm using OpenWrt at home and it's working mostly fine there. Except > with my Android phone. I'm not getting a DNS setting for V6, but I > do have the setting in the router's config file. The Win10 clients > work fine, though. Apparently Android has issues with DHCPv6, and > I'm betting it's interfering with my SLAAC config. Yeah, Android refuses to support DHCPv6, so you either have to have IPv4 DNS or SLAAC. I have IPv4 DNS on my home network, so don't have an issue. I did just look, and OpenWRT is putting the DNS option for SLAAC in the RA, so that should work too (but I think that's something relatively recent for OpenWRT). I didn't get that you have a static assignment (presumably a business connection) - they may not do RAs on that (I don't at my ISP job). Business connections (or at least, connections with static assignments) tend to operate differently. For that, they should have given you a static v6 address and gateway, just like they did for v4. So... there's one thing you could try (but probably won't work to a regular router interface) - see if there's a MAC-derived fe80::/64 link-local address on their end. Get the MAC of the gateway from the v4 ARP entry and expand it to a LL v6 address as fe80:::xxff:fexx: (split the MAC, put ff:fe in the middle). Try ping6 that address with %em2 appended (have to append the interface when using link-local addresses). I doubt it'll work, since I know Juniper (which IIRC AT&T likes) doesn't assign those (I can't remember for sure about Cisco and don't have a handy test target). And frankly, giving you a /56 is pretty crappy, since ARIN rules say to give every site a /48. I'd only do a /56 for a home connection prefix delegation. But, that's AT&T! :) -- Chris Adams ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Diagnosing IPv6 routing
--On Tuesday, April 28, 2020 10:16 PM -0500 Chris Adams wrote: I didn't get that you have a static assignment (presumably a business connection) - they may not do RAs on that (I don't at my ISP job). Business connections (or at least, connections with static assignments) tend to operate differently. For that, they should have given you a static v6 address and gateway, just like they did for v4. I didn't think to ask when we were turning up the v4 and phones. I'm betting there's a setting in their gateway box but I'm waiting for them to give me the credentials to log into it. So... there's one thing you could try (but probably won't work to a regular router interface) - see if there's a MAC-derived fe80::/64 link-local address on their end. Get the MAC of the gateway from the v4 ARP entry and expand it to a LL v6 address as fe80:::xxff:fexx: (split the MAC, put ff:fe in the middle). Try ping6 that address with %em2 appended (have to append the interface when using link-local addresses). I doubt it'll work, since I know Juniper (which IIRC AT&T likes) doesn't assign those (I can't remember for sure about Cisco and don't have a handy test target). Good idea but alas it's not routing. I can ping6 their gateway but it won't route after I add it to the route table for the WAN interface. While pinging a remote server, in a second shell I can tcpdump icmp6 packets and I see the packets going out but no replies coming back. And frankly, giving you a /56 is pretty crappy, since ARIN rules say to give every site a /48. I'd only do a /56 for a home connection prefix delegation. But, that's AT&T! :) I'd just read about that when researching this. Maybe they decided that since we only have about a dozen people at our site, we won't have a lot of subnets. What do small offices DO with 256 public subnets, anyway? I suppose eventually we'll have an IoT subnet on every person. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
