Re: iptables MARK breaks radvd

To: debian-ipv6@lists.debian.org
Subject: Re: iptables MARK breaks radvd
From: Pascal Hambourg <pascal.mail@plouf.fr.eu.org>
Date: Fri, 02 Jul 2010 00:07:43 +0200
Message-id: <[🔎] 4C2D11AF.6090500@plouf.fr.eu.org>
In-reply-to: <[🔎] 20100701211909.GI16627@swansys>
References: <20100630161958.GG16627@swansys> <[🔎] 4C2C82AB.7090608@plouf.fr.eu.org> <[🔎] 20100701211909.GI16627@swansys>

green a écrit :
>>>
>>>  ip6tables -t mangle -A OUTPUT -j MARK --set-mark 0x4/0xf
[...]
> (First, I disabled shaping altogether.)
> Listening with wireshark at a client system.
> 
> Rule in place:
> 1. radvd running
> 2. client connects
> 3. client sends solicitation to ff02::2
> 4. no response
> 5. no advertisements
> 6. manual rdisc6 solicitations time out (with ipv6 address set manually)
> 
> No MARK rule:
> 1. radvd running
> 2. client connects
> 3. client sends solicitation to ff02::2
> 4. server responds with advertisement
> 5. advertisements continue
> 6. manual rdisc6 solicitations are successful
[...]
> Shall I run something to capture at the server?

Yes, it could be helpful to check packets on the bridge interface (br0),
and on the bridge port (eth1, eth2...) the client is connected to.

> Would you like to see some 
> other packets?  Shall I use something other than wireshark?

Wireshark is fine if the server has a GUI. Otherwise tcpdump or tshark
are fine. There are other packet sniffers but these are the ones I use.

Reply to:

Follow-Ups:
- Re: iptables MARK breaks radvd
  - From: green <greenfreedom10@gmail.com>

References:
- Re: iptables MARK breaks radvd
  - From: Pascal Hambourg <pascal.mail@plouf.fr.eu.org>
- Re: iptables MARK breaks radvd
  - From: green <greenfreedom10@gmail.com>

Prev by Date: Re: iptables MARK breaks radvd
Next by Date: Re: iptables MARK breaks radvd
Previous by thread: Re: iptables MARK breaks radvd
Next by thread: Re: iptables MARK breaks radvd
Index(es):
- Date
- Thread