Re: iptables MARK breaks radvd

To: debian-ipv6 List <debian-ipv6@lists.debian.org>
Subject: Re: iptables MARK breaks radvd
From: "Marcus C. Gottwald" <mcg@cheers.de>
Date: Fri, 2 Jul 2010 06:58:50 -0400
Message-id: <[🔎] 20100702105850.GA18184@ernie.cheers.de>
Mail-followup-to: debian-ipv6 List <debian-ipv6@lists.debian.org>
In-reply-to: <20100630161958.GG16627@swansys>
References: <20100630161958.GG16627@swansys>

green wrote (Wed 2010-Jun-30 11:19:58 -0500):

> For use with shaping, there is an ip6tables rule like this:
>  ip6tables -t mangle -A OUTPUT -j MARK --set-mark 0x4/0xf
..
> Unfortunately the above ip6tables rule breaks radvd.  Nothing different happens 
> except clients do not seem to see the advertisements and so get no ipv6 
> address.

Just an idea -- I have at several occasions seen the call to
sendto() fail if the packet passed to the operating system
matches a MARKing rule in the "mangle" table (at least for
IPv4). If radvd does not catch that (and transforms it into a
log message), it may remain unnoticed. An strace could show
if this is happening for you.


Cheers, Marcus

-- 
   Marcus C. Gottwald  ·  <mcg@cheers.de>  ·  https://cheers.de

Reply to:

Follow-Ups:
- Re: iptables MARK breaks radvd
  - From: green <greenfreedom10@gmail.com>

Prev by Date: Re: iptables MARK breaks radvd
Next by Date: Re: iptables MARK breaks radvd
Previous by thread: Re: iptables MARK breaks radvd
Next by thread: Re: iptables MARK breaks radvd
Index(es):
- Date
- Thread