Pascal Hambourg wrote at 2010-07-01 17:07 -0500: > green a écrit : > >>> > >>> ip6tables -t mangle -A OUTPUT -j MARK --set-mark 0x4/0xf > [...] > > (First, I disabled shaping altogether.) > > Listening with wireshark at a client system. > > > > Rule in place: > > 1. radvd running > > 2. client connects > > 3. client sends solicitation to ff02::2 > > 4. no response > > 5. no advertisements > > 6. manual rdisc6 solicitations time out (with ipv6 address set manually) > > > > No MARK rule: > > 1. radvd running > > 2. client connects > > 3. client sends solicitation to ff02::2 > > 4. server responds with advertisement > > 5. advertisements continue > > 6. manual rdisc6 solicitations are successful > [...] > > Shall I run something to capture at the server? > > Yes, it could be helpful to check packets on the bridge interface (br0), > and on the bridge port (eth1, eth2...) the client is connected to. Commands run on the server. After I started tcpdump I pinged the client system I am working from (again, from the server). The pings always work without the MARK rule. If I add the MARK rule, then ping, the ping works for more than 60s. If I add the MARK rule, then wait at least 60s before attempting a ping, then the ping fails. No router advertisents seen on br0 or wlan0 when the MARK rule is active. Perhaps I should try skipping the wireless; using eth1 port of br0? I can try that, but first I need to make my laptop's eth0 work (2.6.34 seems to have broken it). No MARK rule # tcpdump -i br0 icmp6 18:31:42.017695 IP6 2001:470:c191::1 > 2001:470:c191:0:21b:77ff:feaf:efc8: ICMP6, echo request, seq 1, length 64 18:31:42.018765 IP6 2001:470:c191:0:21b:77ff:feaf:efc8 > 2001:470:c191::1: ICMP6, echo reply, seq 1, length 64 18:32:52.293952 IP6 fe80::200:24ff:fecc:5cb5 > ip6-allnodes: ICMP6, router advertisement, length 56 # tcpdump -i wlan0 icmp6 18:33:25.226304 IP6 2001:470:c191::1 > 2001:470:c191:0:21b:77ff:feaf:efc8: ICMP6, echo request, seq 1, length 64 18:33:25.227354 IP6 2001:470:c191:0:21b:77ff:feaf:efc8 > 2001:470:c191::1: ICMP6, echo reply, seq 1, length 64 18:33:34.031817 IP6 fe80::200:24ff:fecc:5cb5 > ip6-allnodes: ICMP6, router advertisement, length 56 MARK rule # tcpdump -i br0 icmp6 18:34:08.608020 IP6 2001:470:c191::1 > 2001:470:c191:0:21b:77ff:feaf:efc8: ICMP6, echo request, seq 1, length 64 18:34:08.609105 IP6 2001:470:c191:0:21b:77ff:feaf:efc8 > 2001:470:c191::1: ICMP6, echo reply, seq 1, length 64 # tcpdump -i wlan0 icmp6 18:34:37.637579 IP6 2001:470:c191::1 > 2001:470:c191:0:21b:77ff:feaf:efc8: ICMP6, echo request, seq 1, length 64 18:34:37.642411 IP6 2001:470:c191:0:21b:77ff:feaf:efc8 > 2001:470:c191::1: ICMP6, echo reply, seq 1, length 64 Thanks.
Attachment:
signature.asc
Description: Digital signature