eyJhb changed the topic of #nixos-on-your-router to: NixOS on your Router || https://logs.nix.samueldr.com/nixos-on-your-router
<gchristensen> :)
<gchristensen> those are well kept I think
<andi-> gchristensen: you should add a $TYPE and -4/-6 to https://github.com/grahamc/network/blob/master/ogden/dns.sh#L14
<gchristensen> good idea
<gchristensen> and do it for both
<andi-> and replace that regex with an IPv6 compatible verison
<andi-> basically the entire file ;)
<gchristensen> aww
<gchristensen> maybe just switch to ipvN.icanhazip.com
<andi-> ip --json -6 a show scope global dynamic mngtmpaddr | jq '.[0].addr_info[7].local'
<gchristensen> --json!
<gchristensen> finally!
<andi-> should give you the local ipv6 addr that isn't temporary
<gchristensen> cool :D
<andi-> not sure why I needed the `[7]` there the output doesn't really look like it is structured as it should be...
<gchristensen> $ ip --json -6 a show scope global dynamic mngtmpaddr
<gchristensen> []
<andi-> 🤔
<andi-> drop the mngtmpaddr
<gchristensen> we'll need to search the code for why `7`
<andi-> I guess that structure is just fixed for all kinds of situations and those just don't apply to plain old IPv6 addresses
<flokli> gchristensen: what about something like this instead? ip -j a s dev wlp2s0| jq '.[].addr_info[] | select (.scope == "global") | .local'
<flokli> s/wlp2s0/your-uplink-iface/
<gchristensen> hm my laptop isn't getting ipv6
<andi-> did you disable ipv6 in networkmanager?
<gchristensen> no
<andi-> the phone was on the same wifi?
<gchristensen> hmm yes
<gchristensen> good point
<andi-> is /proc/sys/net/ipv6/conf/wlp2s0/accept_ra on ?
<gchristensen> yes
<gchristensen> my phone receiving an ipv6 addr really blows up a bunch of places I thought it could have been :P
<andi-> firewall?
<andi-> (on the notebook)
<gchristensen> nothing novel, standard nixos firewall
<gchristensen> I do have "net.ipv6.conf.all.use_tempaddr" = 2; but that shouldn't be a problem
<gchristensen> ehh maybe this is cause for a second call :P
<gchristensen> hrm.
<gchristensen> enp3s0: wrong xid 0x8e6f55bf (expecting 0xd6c049b9) from
mmlb has joined #nixos-on-your-router
<gchristensen> clever: let's move here :)
<gchristensen> and let delroth get helped
<gchristensen> I'm seeing these 02:57:47.876702 IP6 fe80::20d:b9ff:fe49:c0d6 > fe80::4b5:8c03:706b:1584: ICMP6, router advertisement, length 56
<gchristensen> from the router, that is
<gchristensen> and I'm seeing 02:48:32.196976 IP6 fe80::a837:8e58:317c:31c8 > ff02::2: ICMP6, router solicitation, length 8
<gchristensen> also on the router
<clever> why are they coming from 2 source ip's?
<clever> ah wait, one is ra, the other is rs
<clever> can the laptop hear the ra packets?
<gchristensen> wait one sec
<gchristensen> right
<gchristensen> no
<gchristensen> the laptop is only able to send
<clever> can the desktop ssh into the laptop?
<gchristensen> router in to the laptop?
<clever> try testing ssh in every direction, between 3 nodes, laptop, router, other
<gchristensen> over ipv4 yes :P
<gchristensen> maybe I should look at firewall rules and how many times they've been hit
<clever> tcpdump bypasses firewalls
<gchristensen> ah.
<gchristensen> but still might be caught in the sending side on the router
<clever> outgoing firewall is rarely configured
<gchristensen> but that doesn't make a lot of sense
<gchristensen> because my phone has an IPv6 addr
<clever> not sure what else to check
<clever> and ive been having routing related problems with v6 lately
<gchristensen> hum
<gchristensen> I'll wait until flokli / andi can log in again :P
<gchristensen> nothing.
<gchristensen> watch -tdn1 ip6tables -v -L only showed ACCEPT and OUTPUT counters incrementing
<gchristensen> clever: do you know where ff02::2 vs. ff02::1 comes from?
<gchristensen> oh
<gchristensen> I see
<clever> link-local i think
<clever> like 169.
<clever> wait, i think fe80 is ll?
<gchristensen> yea
<clever> ah, ff02 is multicast
<gchristensen> ff02::1 All nodes on the local network segment
<gchristensen> ff02::2 All routers on the local network segment
pie_ has quit [Ping timeout: 265 seconds]
<flokli> gchristensen: this really smells like too restrictively configured firewalls
kalbasit has quit [*.net *.split]
kalbasit has joined #nixos-on-your-router
kalbasit has quit [*.net *.split]
{^_^} has quit [*.net *.split]
Dezgeg has quit [*.net *.split]
sphalerite_ has quit [*.net *.split]
teozkr has quit [*.net *.split]
clever has quit [*.net *.split]
cransom has quit [*.net *.split]
flokli has quit [*.net *.split]
gchristensen has quit [*.net *.split]
hexa- has quit [*.net *.split]
NinjaTrappeur has quit [*.net *.split]
ar has quit [*.net *.split]
qyliss has quit [*.net *.split]
makefu has quit [*.net *.split]
teozkr has joined #nixos-on-your-router
Dezgeg has joined #nixos-on-your-router
sphalerite_ has joined #nixos-on-your-router
{^_^} has joined #nixos-on-your-router
kalbasit has joined #nixos-on-your-router
clever has joined #nixos-on-your-router
kalbasit has quit [*.net *.split]
{^_^} has quit [*.net *.split]
Dezgeg has quit [*.net *.split]
sphalerite_ has quit [*.net *.split]
teozkr has quit [*.net *.split]
Dezgeg has joined #nixos-on-your-router
sphalerite_ has joined #nixos-on-your-router
teozkr has joined #nixos-on-your-router
kalbasit has joined #nixos-on-your-router
{^_^} has joined #nixos-on-your-router
qyliss has joined #nixos-on-your-router
hexa- has joined #nixos-on-your-router
gchristensen has joined #nixos-on-your-router
NinjaTrappeur has joined #nixos-on-your-router
ar has joined #nixos-on-your-router
flokli has joined #nixos-on-your-router
cransom has joined #nixos-on-your-router
makefu has joined #nixos-on-your-router
hexa- has quit [Max SendQ exceeded]
hexa- has joined #nixos-on-your-router
pie_ has joined #nixos-on-your-router
<gchristensen> flokli: I was watching iptables -L -v and didn't see anything get blocked
<gchristensen> on both sides
<gchristensen> https://twitter.com/noIPv6/status/1202441250781253632 I tried this around forwarding (it was forwarding=1, accept_ra=1 because of docker!) but no luck
<flokli> gchristensen: we can later take a look at it
<gchristensen> cool
<gchristensen> some time in the next few hours, we're going to do ipv6p2 to make it work on my router
<gchristensen> laptop*
<samueldr> ++
<samueldr> oops
<samueldr> (cleaning my keyboard and forgot to turn it off)
<gchristensen> just had to deal with an ipv4 public/private IP problem on my laptop
<gchristensen> looking forward to ipv6 goodness
<gchristensen> flokli: what time are you thinking?
<flokli> gchristensen: I'm stuck with andi- in bullshit discussions
<flokli> hopefully over soon
<gchristensen> hah
<gchristensen> good luck
<andi-> gchristensen: when you said you looked at iptables -L -v you considnered looking at ip6tables instead?
<gchristensen> yeah I was using ip6tables -L -v
<gchristensen> thankfully I didn't make such a boneheaded mistake
<andi-> :D
<gchristensen> thankfully for me, bad luck for the debugging
<gchristensen> flokli, andi-: maybe in like 30min or more we'll start? if so, I'll go to the store. if sooner, I won't go until tomorrow and that is fine
<andi-> gchristensen: go to the store
<gchristensen> lol
<gchristensen> okay