00:00
<
gchristensen >
those are well kept I think
00:03
<
gchristensen >
good idea
00:03
<
gchristensen >
and do it for both
00:03
<
andi- >
and replace that regex with an IPv6 compatible verison
00:03
<
andi- >
basically the entire file ;)
00:04
<
gchristensen >
maybe just switch to ipvN.icanhazip.com
00:08
<
andi- >
ip --json -6 a show scope global dynamic mngtmpaddr | jq '.[0].addr_info[7].local'
00:08
<
gchristensen >
--json!
00:08
<
gchristensen >
finally!
00:08
<
andi- >
should give you the local ipv6 addr that isn't temporary
00:09
<
gchristensen >
cool :D
00:09
<
andi- >
not sure why I needed the `[7]` there the output doesn't really look like it is structured as it should be...
00:10
<
gchristensen >
$ ip --json -6 a show scope global dynamic mngtmpaddr
00:11
<
andi- >
drop the mngtmpaddr
00:29
<
gchristensen >
we'll need to search the code for why `7`
00:30
<
andi- >
I guess that structure is just fixed for all kinds of situations and those just don't apply to plain old IPv6 addresses
00:39
<
flokli >
gchristensen: what about something like this instead? ip -j a s dev wlp2s0| jq '.[].addr_info[] | select (.scope == "global") | .local'
00:39
<
flokli >
s/wlp2s0/your-uplink-iface/
00:58
<
gchristensen >
hm my laptop isn't getting ipv6
00:58
<
andi- >
did you disable ipv6 in networkmanager?
00:59
<
andi- >
the phone was on the same wifi?
00:59
<
gchristensen >
hmm yes
00:59
<
gchristensen >
good point
00:59
<
andi- >
is /proc/sys/net/ipv6/conf/wlp2s0/accept_ra on ?
01:00
<
gchristensen >
my phone receiving an ipv6 addr really blows up a bunch of places I thought it could have been :P
01:01
<
andi- >
(on the notebook)
01:01
<
gchristensen >
nothing novel, standard nixos firewall
01:01
<
gchristensen >
I do have "net.ipv6.conf.all.use_tempaddr" = 2; but that shouldn't be a problem
01:34
<
gchristensen >
ehh maybe this is cause for a second call :P
01:39
<
gchristensen >
hrm.
02:03
<
gchristensen >
enp3s0: wrong xid 0x8e6f55bf (expecting 0xd6c049b9) from 10.5.4.1
02:08
mmlb has joined #nixos-on-your-router
02:58
<
gchristensen >
clever: let's move here :)
02:58
<
gchristensen >
and let delroth get helped
02:58
<
gchristensen >
I'm seeing these 02:57:47.876702 IP6 fe80::20d:b9ff:fe49:c0d6 > fe80::4b5:8c03:706b:1584: ICMP6, router advertisement, length 56
02:59
<
gchristensen >
from the router, that is
02:59
<
gchristensen >
and I'm seeing 02:48:32.196976 IP6 fe80::a837:8e58:317c:31c8 > ff02::2: ICMP6, router solicitation, length 8
02:59
<
gchristensen >
also on the router
03:00
<
clever >
why are they coming from 2 source ip's?
03:00
<
clever >
ah wait, one is ra, the other is rs
03:00
<
clever >
can the laptop hear the ra packets?
03:00
<
gchristensen >
wait one sec
03:00
<
gchristensen >
right
03:01
<
gchristensen >
the laptop is only able to send
03:01
<
clever >
can the desktop ssh into the laptop?
03:01
<
gchristensen >
router in to the laptop?
03:01
<
clever >
try testing ssh in every direction, between 3 nodes, laptop, router, other
03:01
<
gchristensen >
over ipv4 yes :P
03:02
<
gchristensen >
maybe I should look at firewall rules and how many times they've been hit
03:02
<
clever >
tcpdump bypasses firewalls
03:02
<
gchristensen >
but still might be caught in the sending side on the router
03:02
<
clever >
outgoing firewall is rarely configured
03:02
<
gchristensen >
but that doesn't make a lot of sense
03:02
<
gchristensen >
because my phone has an IPv6 addr
03:04
<
clever >
not sure what else to check
03:04
<
clever >
and ive been having routing related problems with v6 lately
03:04
<
gchristensen >
I'll wait until flokli / andi can log in again :P
03:11
<
gchristensen >
nothing.
03:11
<
gchristensen >
watch -tdn1 ip6tables -v -L only showed ACCEPT and OUTPUT counters incrementing
03:18
<
gchristensen >
clever: do you know where ff02::2 vs. ff02::1 comes from?
03:18
<
gchristensen >
I see
03:18
<
clever >
link-local i think
03:18
<
clever >
wait, i think fe80 is ll?
03:19
<
clever >
ah, ff02 is multicast
03:19
<
gchristensen >
ff02::1 All nodes on the local network segment
03:19
<
gchristensen >
ff02::2 All routers on the local network segment
07:18
pie_ has quit [Ping timeout: 265 seconds]
08:23
<
flokli >
gchristensen: this really smells like too restrictively configured firewalls
08:34
kalbasit has quit [*.net *.split]
08:38
kalbasit has joined #nixos-on-your-router
09:54
kalbasit has quit [*.net *.split]
09:54
{^_^} has quit [*.net *.split]
09:54
Dezgeg has quit [*.net *.split]
09:54
sphalerite_ has quit [*.net *.split]
09:54
teozkr has quit [*.net *.split]
09:54
clever has quit [*.net *.split]
09:54
cransom has quit [*.net *.split]
09:54
flokli has quit [*.net *.split]
09:54
gchristensen has quit [*.net *.split]
09:54
hexa- has quit [*.net *.split]
09:54
NinjaTrappeur has quit [*.net *.split]
09:54
ar has quit [*.net *.split]
09:54
qyliss has quit [*.net *.split]
09:54
makefu has quit [*.net *.split]
09:56
teozkr has joined #nixos-on-your-router
09:56
Dezgeg has joined #nixos-on-your-router
09:56
sphalerite_ has joined #nixos-on-your-router
09:56
{^_^} has joined #nixos-on-your-router
09:57
kalbasit has joined #nixos-on-your-router
09:59
clever has joined #nixos-on-your-router
10:00
kalbasit has quit [*.net *.split]
10:00
{^_^} has quit [*.net *.split]
10:00
Dezgeg has quit [*.net *.split]
10:00
sphalerite_ has quit [*.net *.split]
10:00
teozkr has quit [*.net *.split]
10:01
Dezgeg has joined #nixos-on-your-router
10:01
sphalerite_ has joined #nixos-on-your-router
10:01
teozkr has joined #nixos-on-your-router
10:01
kalbasit has joined #nixos-on-your-router
10:01
{^_^} has joined #nixos-on-your-router
10:04
qyliss has joined #nixos-on-your-router
10:04
hexa- has joined #nixos-on-your-router
10:04
gchristensen has joined #nixos-on-your-router
10:04
NinjaTrappeur has joined #nixos-on-your-router
10:04
ar has joined #nixos-on-your-router
10:04
flokli has joined #nixos-on-your-router
10:04
cransom has joined #nixos-on-your-router
10:04
makefu has joined #nixos-on-your-router
10:05
hexa- has quit [Max SendQ exceeded]
10:08
hexa- has joined #nixos-on-your-router
11:20
pie_ has joined #nixos-on-your-router
12:27
<
gchristensen >
flokli: I was watching iptables -L -v and didn't see anything get blocked
12:27
<
gchristensen >
on both sides
13:11
<
flokli >
gchristensen: we can later take a look at it
13:12
<
gchristensen >
cool
18:49
<
gchristensen >
some time in the next few hours, we're going to do ipv6p2 to make it work on my router
18:49
<
gchristensen >
laptop*
19:01
<
samueldr >
(cleaning my keyboard and forgot to turn it off)
21:05
<
gchristensen >
just had to deal with an ipv4 public/private IP problem on my laptop
21:05
<
gchristensen >
looking forward to ipv6 goodness
21:14
<
gchristensen >
flokli: what time are you thinking?
21:15
<
flokli >
gchristensen: I'm stuck with andi- in bullshit discussions
21:15
<
flokli >
hopefully over soon
21:15
<
gchristensen >
good luck
21:15
<
andi- >
gchristensen: when you said you looked at iptables -L -v you considnered looking at ip6tables instead?
21:16
<
gchristensen >
yeah I was using ip6tables -L -v
21:16
<
gchristensen >
thankfully I didn't make such a boneheaded mistake
21:16
<
gchristensen >
thankfully for me, bad luck for the debugging
21:21
<
gchristensen >
flokli, andi-: maybe in like 30min or more we'll start? if so, I'll go to the store. if sooner, I won't go until tomorrow and that is fine
21:31
<
andi- >
gchristensen: go to the store
21:31
<
gchristensen >
okay