Wicked doesn't assign any IPv6 addresses

English Network/Internet
1

I have a server running Leap 15.3, using Wicked for network management. While it’s able to request and assign an IPv4 address fine, for some reason IPv6 refuses to work. Other devices on the network are able to get Ipv6 addresses, so I doubt this is a router issue.

Thing is, it was working fine a few months ago. In the meantime, I changed a few things in my network and I just realized this weekend IPv6 was not working. However, I know it is not because of the switch to 15.3, it was also not working on 15.2 a few days ago.

Here are some command outputs. Let me know what else would be needed for troubleshooting:


jonapap@delta ~> **ip** a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 
    inet 127.0.0.1/8 scope host lo 
       valid_lft forever preferred_lft forever 
    inet6 ::1/128 scope host  
       valid_lft forever preferred_lft forever 
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 
    link/ether 70:85:c2:c7:80:ad brd ff:ff:ff:ff:ff:ff 
    inet 192.168.1.144/24 brd 192.168.1.255 scope global eth0 
       valid_lft forever preferred_lft forever 
    inet6 fe80::7285:c2ff:fec7:80ad/64 scope link  
       valid_lft forever preferred_lft forever




jonapap@delta ~> **sudo** wicked show eth0
eth0            up 
      link:     #2, state up, mtu 1500 
      type:     ethernet, hwaddr 70:85:c2:c7:80:ad 
      config:   compat:suse:/etc/sysconfig/network/ifcfg-eth0 
      leases:   ipv4 dhcp granted 
      leases:   ipv6 dhcp requesting 
      addr:     ipv4 192.168.1.144/24 [dhcp] 
      route:    ipv4 default via 192.168.1.1 proto dhcp



jonapap@delta ~> **sudo** firewall-cmd --zone=home --list-all
home (active) 
  target: default 
  icmp-block-inversion: no 
  interfaces: br1 eth0 wg0 
  sources:  
  services: dhcpv6-client mdns nfs samba samba-client ssh 
  ports: 8200/tcp 51820/udp 25500/tcp 
  protocols:  
  forward: yes 
  masquerade: no 
  forward-ports:  
  source-ports:  
  icmp-blocks:  
  rich rules:



jonapap@delta ~> **sudo **cat /etc/sysconfig/network/ifcfg-eth0
[sudo] password for root:  
MTU='0' 
BOOTPROTO='dhcp' 
STARTMODE='auto' 
ZONE='home'

Output of **sudo** journalctl -u wickedd-dhcp6 -b 0:


Jul 18 19:22:08 delta wickedd-dhcp6[1477]: **eth0: Request to acquire DHCPv6 lease with UUID d0cbf360-5e4e-0800-c905-000020000000 in mode auto**
Jul 18 19:22:08 delta wickedd-dhcp6[1477]: Reading lease from /var/lib/wicked/lease-eth0-dhcp-ipv6.xml
Jul 18 19:22:08 delta wickedd-dhcp6[1477]: eth0: Link-local IPv6 address not (yet) available
Jul 18 19:22:08 delta wickedd-dhcp6[1477]: eth0: setting fsm timeout to 15000 msec
Jul 18 19:22:08 delta wickedd-dhcp6[1477]: timeout 1000 adjusted by 91 to 1091 (jr 100)
Jul 18 19:22:09 delta wickedd-dhcp6[1477]: timeout 2000 adjusted by 56 to 2056 (jr 100)
Jul 18 19:22:09 delta wickedd-dhcp6[1477]: eth0: Found usable link-local IPv6 address: fe80::7285:c2ff:fec7:80ad
Jul 18 19:22:09 delta wickedd-dhcp6[1477]: timeout 2000 adjusted by 87 to 2087 (jr 100)
Jul 18 19:22:11 delta wickedd-dhcp6[1477]: timeout 4000 adjusted by 56 to 4056 (jr 100)
Jul 18 19:22:15 delta wickedd-dhcp6[1477]: timeout 8000 adjusted by 2 to 8002 (jr 100)
Jul 18 19:22:23 delta wickedd-dhcp6[1477]: eth0: timeout in state INIT
Jul 18 19:22:23 delta wickedd-dhcp6[1477]: dhcp6_protocol_event(ev=2, dev=2, uuid=d0cbf360-5e4e-0800-c905-000020000000)
Jul 18 19:22:23 delta wickedd-dhcp6[1477]: timeout 16000 adjusted by 91 to 16091 (jr 100)
Jul 18 19:22:39 delta wickedd-dhcp6[1477]: timeout 32000 adjusted by 48 to 32048 (jr 100)
Jul 18 19:23:11 delta wickedd-dhcp6[1477]: timeout 64000 adjusted by 68 to 64068 (jr 100)
Jul 18 19:24:16 delta wickedd-dhcp6[1477]: timeout 128000 adjusted by 22 to 128022 (jr 100)
Jul 18 19:26:24 delta wickedd-dhcp6[1477]: timeout 256000 adjusted by 74 to 256074 (jr 100)
Jul 18 19:30:40 delta wickedd-dhcp6[1477]: timeout 512000 adjusted by 31 to 512031 (jr 100)
Jul 18 19:39:12 delta wickedd-dhcp6[1477]: timeout 1024000 adjusted by 85 to 1024085 (jr 100)
Jul 18 19:56:16 delta wickedd-dhcp6[1477]: timeout 2048000 adjusted by 98 to 2048098 (jr 100)
Jul 18 20:30:24 delta wickedd-dhcp6[1477]: timeout 3600000 adjusted by 7 to 3600007 (jr 100)
Jul 18 21:30:24 delta wickedd-dhcp6[1477]: timeout 3600000 adjusted by 80 to 3600080 (jr 100)



jonapap@delta ~> **sudo **radvdump
# 
# radvd configuration generated by radvdump 2.17 
# based on Router Advertisement from fe80::4af8:b3ff:fe8a:416c 
# received by interface eth0 
# 

interface eth0 
{ 
        AdvSendAdvert on; 
        # Note: {Min,Max}RtrAdvInterval cannot be obtained with radvdump 
        AdvManagedFlag on; 
        AdvOtherConfigFlag on; 
        AdvReachableTime 0; 
        AdvRetransTimer 0; 
        AdvCurHopLimit 64; 
        AdvDefaultLifetime 1800; 
        AdvHomeAgentFlag off; 
        AdvDefaultPreference medium; 
        AdvSourceLLAddress on; 
        AdvLinkMTU 1500; 
        AdvIntervalOpt on; 

        prefix 2607:fea8:bddd:2901::/64 
        { 
                AdvValidLifetime 595862; 
                AdvPreferredLifetime 163862; 
                AdvOnLink on; 
                AdvAutonomous on; 
                AdvRouterAddr off; 
        }; # End of prefix definition 


        prefix fdb9:f2d6:d596:1::/64 
        { 
                AdvValidLifetime infinity; # (0xffffffff) 
                AdvPreferredLifetime infinity; # (0xffffffff) 
                AdvOnLink on; 
                AdvAutonomous on; 
                AdvRouterAddr off; 
        }; # End of prefix definition 


        RDNSS fdb9:f2d6:d596:1::1 
        { 
                AdvRDNSSLifetime 1800; 
        }; # End of RDNSS definition 

}; # End of interface definition
2

Your router claims that IPv6 addresses are available via DHCPv6 but nothing answers DHCPv6 request. The problem seems to be outside your host. Is DHCPv6 server actually active on your router? Is it configured to assign IPv6 addresses?

3

My router definitely answers DHCPv6 requests. Other devices on the network are able to get an IPv6 lease from the router. I’m also able to get an IPv6 address if I put DHCLIENT6_MODE=‘managed’ in ifcfg-eth0. However, I feel this is a workaround and that I should be able to get IPv6 working using SLAAC. Anyway, for some maybe unrelated reason, IPv6 still doesn’t work even with the ‘managed’ mode. ping google.com -6 gives some permission denied error.

To me, it seems that for some reason the dhcpv6 client doesn’t see the route advertisement being sent by the router. Initially, I assumed it was maybe the firewall blocking the request, but it seems that firewalld is correctly configured. I even stopped the firewalld service and it didn’t seem to help.

4

Sorry, I take back what I said. Now this morning, even *DHCLIENT6_MODE=‘managed’ *doesn’t work. Here are the logs I have when using this mode. While it says it is trying to set the IPv6 address, weirdly my router is not showing any lease it assigned to my server.


Jul 19 08:46:56 delta wickedd-dhcp6[1475]: eth0: Request to acquire DHCPv6 lease with UUID 6d73f560-1734-0200-cc05-00000d000000 in mode managed
Jul 19 08:46:56 delta wickedd-dhcp6[1475]: Reading lease from /var/lib/wicked/lease-eth0-dhcp-ipv6.xml
Jul 19 08:46:56 delta wickedd-dhcp6[1475]: eth0: Link-local IPv6 address not (yet) available
Jul 19 08:46:56 delta wickedd-dhcp6[1475]: eth0: setting fsm timeout to 15000 msec
Jul 19 08:46:56 delta wickedd-dhcp6[1475]: timeout 1000 adjusted by 36 to 1036 (jr 100)
Jul 19 08:46:57 delta wickedd-dhcp6[1475]: timeout 2000 adjusted by 51 to 2051 (jr 100)
Jul 19 08:46:57 delta wickedd-dhcp6[1475]: eth0: Found usable link-local IPv6 address: fe80::7285:c2ff:fec7:80ad
Jul 19 08:46:57 delta wickedd-dhcp6[1475]: eth0: fsm start in mode managed
Jul 19 08:46:57 delta wickedd-dhcp6[1475]: eth0: Initiating DHCPv6 Address Confirmation
Jul 19 08:46:57 delta wickedd-dhcp6[1475]: eth0: building CONFIRM with xid 0x1097
Jul 19 08:46:57 delta wickedd-dhcp6[1475]: elapsed-time: 000.00
Jul 19 08:46:57 delta wickedd-dhcp6[1475]: client-id: 00:01:00:01:27:d1:79:84:70:85:c2:c7:80:ad
Jul 19 08:46:57 delta wickedd-dhcp6[1475]: ia-na: iaid=3267854509, T1=0, T2=0
Jul 19 08:46:57 delta wickedd-dhcp6[1475]: ia-na.ia-address: 2607:fea8:bddd:2901::144, pref-life: 0, valid-life: 0
Jul 19 08:46:57 delta wickedd-dhcp6[1475]: ia-na.ia-address: fdb9:f2d6:d596:1::144, pref-life: 0, valid-life: 0
Jul 19 08:46:57 delta wickedd-dhcp6[1475]: eth0: bound DHCPv6 socket to [fe80::7285:c2ff:fec7:80ad%2]:546
Jul 19 08:46:57 delta wickedd-dhcp6[1475]: eth0: setting initial transmit delay of 1000 -100 .. 100] msec
Jul 19 08:46:57 delta wickedd-dhcp6[1475]: timeout 1000 adjusted by 13 to 1013 (jr 200)
Jul 19 08:46:57 delta wickedd-dhcp6[1475]: eth0: setting fsm timeout to 1013 msec
Jul 19 08:46:58 delta wickedd-dhcp6[1475]: eth0: starting to transmit after initial delay
Jul 19 08:46:58 delta wickedd-dhcp6[1475]: timeout 1000 adjusted by -58 to 942 (jr 200)
Jul 19 08:46:58 delta wickedd-dhcp6[1475]: arming retransmit timer (942 msec)
Jul 19 08:46:58 delta wickedd-dhcp6[1475]: eth0: setting fsm timeout to 10000 msec
Jul 19 08:46:58 delta wickedd-dhcp6[1475]: eth0: CONFIRM message #1, xid 0x1097 sent with 100 of 100 byte to ff02::1:2
Jul 19 08:46:59 delta wickedd-dhcp6[1475]: timeout 1884 adjusted by -64 to 1820 (jr 376)
Jul 19 08:46:59 delta wickedd-dhcp6[1475]: arming retransmit timer (1820 msec)
Jul 19 08:46:59 delta wickedd-dhcp6[1475]: eth0: advanced xid 0x001097 retransmission timeout from 1884 to 1820 -188 .. 188]
Jul 19 08:46:59 delta wickedd-dhcp6[1475]: eth0: Retransmitting DHCPv6 Address Confirmation
Jul 19 08:46:59 delta wickedd-dhcp6[1475]: elapsed-time: 000.94
Jul 19 08:46:59 delta wickedd-dhcp6[1475]: client-id: 00:01:00:01:27:d1:79:84:70:85:c2:c7:80:ad
Jul 19 08:46:59 delta wickedd-dhcp6[1475]: ia-na: iaid=3267854509, T1=0, T2=0
Jul 19 08:46:59 delta wickedd-dhcp6[1475]: ia-na.ia-address: 2607:fea8:bddd:2901::144, pref-life: 0, valid-life: 0
Jul 19 08:46:59 delta wickedd-dhcp6[1475]: ia-na.ia-address: fdb9:f2d6:d596:1::144, pref-life: 0, valid-life: 0
Jul 19 08:46:59 delta wickedd-dhcp6[1475]: eth0: CONFIRM message #2, xid 0x1097 sent with 100 of 100 byte to ff02::1:2
Jul 19 08:46:59 delta wickedd-dhcp6[1475]: eth0: xid 0x001097 retransmitted, next deadline in 4m8.107s
Jul 19 08:47:01 delta wickedd-dhcp6[1475]: timeout 3640 adjusted by -304 to 3336 (jr 728)
Jul 19 08:47:01 delta wickedd-dhcp6[1475]: arming retransmit timer (3336 msec)
Jul 19 08:47:01 delta wickedd-dhcp6[1475]: eth0: advanced xid 0x001097 retransmission timeout from 3640 to 3336 -364 .. 364]
Jul 19 08:47:01 delta wickedd-dhcp6[1475]: eth0: Retransmitting DHCPv6 Address Confirmation
Jul 19 08:47:01 delta wickedd-dhcp6[1475]: elapsed-time: 002.76
Jul 19 08:47:01 delta wickedd-dhcp6[1475]: client-id: 00:01:00:01:27:d1:79:84:70:85:c2:c7:80:ad
Jul 19 08:47:01 delta wickedd-dhcp6[1475]: ia-na: iaid=3267854509, T1=0, T2=0
Jul 19 08:47:01 delta wickedd-dhcp6[1475]: ia-na.ia-address: 2607:fea8:bddd:2901::144, pref-life: 0, valid-life: 0
Jul 19 08:47:01 delta wickedd-dhcp6[1475]: ia-na.ia-address: fdb9:f2d6:d596:1::144, pref-life: 0, valid-life: 0
Jul 19 08:47:01 delta wickedd-dhcp6[1475]: eth0: CONFIRM message #3, xid 0x1097 sent with 100 of 100 byte to ff02::1:2
Jul 19 08:47:01 delta wickedd-dhcp6[1475]: eth0: xid 0x001097 retransmitted, next deadline in 4m11.444s
Jul 19 08:47:05 delta wickedd-dhcp6[1475]: timeout 4000 adjusted by -278 to 3722 (jr 800)
Jul 19 08:47:05 delta wickedd-dhcp6[1475]: arming retransmit timer (3722 msec)
Jul 19 08:47:05 delta wickedd-dhcp6[1475]: eth0: advanced xid 0x001097 retransmission timeout from 4000 to 3722 -400 .. 400]
Jul 19 08:47:05 delta wickedd-dhcp6[1475]: eth0: Retransmitting DHCPv6 Address Confirmation
Jul 19 08:47:05 delta wickedd-dhcp6[1475]: elapsed-time: 006.10
Jul 19 08:47:05 delta wickedd-dhcp6[1475]: client-id: 00:01:00:01:27:d1:79:84:70:85:c2:c7:80:ad
Jul 19 08:47:05 delta wickedd-dhcp6[1475]: ia-na: iaid=3267854509, T1=0, T2=0
Jul 19 08:47:05 delta wickedd-dhcp6[1475]: ia-na.ia-address: 2607:fea8:bddd:2901::144, pref-life: 0, valid-life: 0
Jul 19 08:47:05 delta wickedd-dhcp6[1475]: ia-na.ia-address: fdb9:f2d6:d596:1::144, pref-life: 0, valid-life: 0
Jul 19 08:47:05 delta wickedd-dhcp6[1475]: eth0: CONFIRM message #4, xid 0x1097 sent with 100 of 100 byte to ff02::1:2
Jul 19 08:47:05 delta wickedd-dhcp6[1475]: eth0: xid 0x001097 retransmitted, next deadline in 4m15.167s
Jul 19 08:47:08 delta wickedd-dhcp6[1475]: timeout 4000 adjusted by 79 to 4079 (jr 800)
Jul 19 08:47:08 delta wickedd-dhcp6[1475]: arming retransmit timer (4079 msec)
Jul 19 08:47:08 delta wickedd-dhcp6[1475]: eth0: advanced xid 0x001097 retransmission timeout from 4000 to 4079 -400 .. 400]
Jul 19 08:47:08 delta wickedd-dhcp6[1475]: eth0: Retransmitting DHCPv6 Address Confirmation
Jul 19 08:47:08 delta wickedd-dhcp6[1475]: elapsed-time: 009.82
Jul 19 08:47:08 delta wickedd-dhcp6[1475]: client-id: 00:01:00:01:27:d1:79:84:70:85:c2:c7:80:ad
Jul 19 08:47:08 delta wickedd-dhcp6[1475]: ia-na: iaid=3267854509, T1=0, T2=0
Jul 19 08:47:08 delta wickedd-dhcp6[1475]: ia-na.ia-address: 2607:fea8:bddd:2901::144, pref-life: 0, valid-life: 0
Jul 19 08:47:08 delta wickedd-dhcp6[1475]: ia-na.ia-address: fdb9:f2d6:d596:1::144, pref-life: 0, valid-life: 0
Jul 19 08:47:08 delta wickedd-dhcp6[1475]: eth0: CONFIRM message #5, xid 0x1097 sent with 100 of 100 byte to ff02::1:2
Jul 19 08:47:08 delta wickedd-dhcp6[1475]: eth0: xid 0x001097 retransmitted, next deadline in 4m19.246s
Jul 19 08:47:08 delta wickedd-dhcp6[1475]: eth0: timeout in state CONFIRMING
Jul 19 08:47:08 delta wickedd-dhcp6[1475]: eth0: disarming xid 0x001097 retransmission
Jul 19 08:47:08 delta wickedd-dhcp6[1475]: eth0: Committing DHCPv6 lease with:
Jul 19 08:47:08 delta wickedd-dhcp6[1475]: eth0    +ia-na.address 2607:fea8:bddd:2901::144/0, pref-lft 106452, valid-lft 538452
Jul 19 08:47:08 delta wickedd-dhcp6[1475]: eth0    +ia-na.address fdb9:f2d6:d596:1::144/0, pref-lft 4294967295, valid-lft 4294967295
Jul 19 08:47:08 delta wickedd-dhcp6[1475]: Preparing xml lease data for '/var/lib/wicked/lease-eth0-dhcp-ipv6.xml'
Jul 19 08:47:08 delta wickedd-dhcp6[1475]: Writing lease to temporary file for '/var/lib/wicked/lease-eth0-dhcp-ipv6.xml'
Jul 19 08:47:08 delta wickedd-dhcp6[1475]: Lease written to file '/var/lib/wicked/lease-eth0-dhcp-ipv6.xml'
Jul 19 08:47:08 delta wickedd-dhcp6[1475]: dhcp6_protocol_event(ev=0, dev=2, uuid=6d73f560-1734-0200-cc05-00000d000000)
Jul 19 08:47:08 delta wickedd-dhcp6[1475]: eth0: setting fsm timeout to 2000 msec
Jul 19 08:47:10 delta wickedd-dhcp6[1475]: eth0: timeout in state VALIDATING
Jul 19 08:47:10 delta wickedd-dhcp6[1475]: eth0: Reached BOUND state, scheduled RENEW to start in 364m17.347s
Jul 19 08:47:10 delta wickedd-dhcp6[1475]: eth0: setting fsm timeout to 21600000 msec
1 Like
5

Wicked behavior is correct so far. As long as lease is not expired client MUST send CONFIRM message and SHOULD continue to use lease if no reply was received.

Jul 19 08:46:56 delta wickedd-dhcp6[1475]: Reading lease from /var/lib/wicked/lease-eth0-dhcp-ipv6.xml

Seeing content of this file may be helpful. You could also try to delete (move, rename) it to force wicked to request new address. I suppose there should be some command line for it, but I cannot test right now.

6

@jonapap:

Just checking some basics –

  • Do you have Avahi enabled?

 # systemctl list-unit-files | grep -i 'avahi'
avahi-daemon.service                                                      enabled         enabled      
avahi-dnsconfd.service                                                    disabled        disabled     
dbus-org.freedesktop.Avahi.service                                        alias           -            
avahi-daemon.socket                                                       enabled         disabled     
 #
  • Is the “hosts:” entry in ‘/etc/nsswitch.conf’ setup like this?
hosts:          files mdns_minimal [NOTFOUND=return] dns
  • Have you made any changes to ‘/etc/sysconfig/network/dhcp’ ?

For the record, I use the following settings due to my Router’s behaviour –


DHCLIENT_RELEASE_BEFORE_QUIT="yes"
 .
 .
DHCLIENT6_RELEASE_BEFORE_QUIT="yes"

All the other settings use the Leap 15.3 default values.

  • Apart from “NETCONFIG_DNS_STATIC_SEARCHLIST” and “NETCONFIG_DNS_STATIC_SERVERS” have you made any other changes to ‘/etc/sysconfig/network/config’ ?

For the record, I setup the DNS Static Search List and Servers to point to the LAN’s router …

  • Does ‘/etc/resolv.conf’ look like the following example?

### /etc/resolv.conf is a symlink to /var/run/netconfig/resolv.conf
### autogenerated by netconfig!
#
# Before you change this file manually, consider to define the
# static DNS configuration using the following variables in the
# /etc/sysconfig/network/config file:
#     NETCONFIG_DNS_STATIC_SEARCHLIST
#     NETCONFIG_DNS_STATIC_SERVERS
#     NETCONFIG_DNS_FORWARDER
# or disable DNS configuration updates via netconfig by setting:
#     NETCONFIG_DNS_POLICY=''
#
# See also the netconfig(8) manual page and other documentation.
#
### Call "netconfig update -f" to force adjusting of /etc/resolv.conf.
search fritz.box
nameserver 192.168.178.1
nameserver fd00::5e49:79ff:fedc:e1aa

For information only, the machine’s relevant systemd Journal entries look like this:


    1.705585] kernel: drop_monitor: Initializing network drop monitor service
    2.069656] systemd-udevd[281]: Network interface NamePolicy= disabled by default.
    6.559405] systemd-udevd[536]: Network interface NamePolicy= disabled by default.
    6.997300] kernel: libphy: r8169: probed
    6.997479] kernel: r8169 0000:03:00.0 eth0: RTL8168h/8111h, d4:5d:64:a5:f5:0e, XID 541, IRQ 70
    6.997481] kernel: r8169 0000:03:00.0 eth0: jumbo features [frames: 9194 bytes, tx checksumming: ko]
    8.872322] systemd[1]: Listening on Avahi mDNS/DNS-SD Stack Activation Socket.
    8.875711] systemd[1]: Starting Avahi mDNS/DNS-SD Stack...
    8.898177] avahi-daemon[1179]: Found user 'avahi' (UID 466) and group 'avahi' (GID 468).
    8.898559] avahi-daemon[1179]: Successfully dropped root privileges.
    8.898763] avahi-daemon[1179]: avahi-daemon 0.7 starting up.
    8.933056] systemd[1]: Reached target Host and Network Name Lookups.
    9.005829] systemd[1]: Started Avahi mDNS/DNS-SD Stack.
    9.007237] avahi-daemon[1179]: Loading service file /etc/avahi/services/sftp-ssh.service.
    9.007608] avahi-daemon[1179]: Loading service file /etc/avahi/services/ssh.service.
    9.008937] avahi-daemon[1179]: Network interface enumeration completed.
    9.009019] avahi-daemon[1179]: Server startup complete. Host name is eck001.local. Local service cookie is 2833830566.
    9.009115] avahi-daemon[1179]: Service "xxx" (/etc/avahi/services/ssh.service) successfully established.
    9.009162] avahi-daemon[1179]: Service "xxx" (/etc/avahi/services/sftp-ssh.service) successfully established.
    9.010180] systemd[1]: Started TPM2 Access Broker and Resource Management Daemon.
    9.491698] systemd[1]: Reached target Network (Pre).
    9.493764] systemd[1]: Starting wicked AutoIPv4 supplicant service...
    9.495081] systemd[1]: Starting wicked DHCPv4 supplicant service...
    9.496369] systemd[1]: Starting wicked DHCPv6 supplicant service...
    9.526444] systemd[1]: Started wicked DHCPv6 supplicant service.
    9.526635] systemd[1]: Started wicked DHCPv4 supplicant service.
    9.526733] systemd[1]: Started wicked AutoIPv4 supplicant service.
    9.527627] systemd[1]: Starting wicked network management service daemon...
    9.544589] systemd[1]: Started wicked network management service daemon.
    9.545614] systemd[1]: Starting wicked network nanny service...
    9.561302] systemd[1]: Started wicked network nanny service.
    9.562222] systemd[1]: Starting wicked managed network interfaces...
   10.590208] kernel: Generic FE-GE Realtek PHY r8169-300:00: attached PHY driver [Generic FE-GE Realtek PHY] (mii_bus:phy_addr=r8169-300:00, irq=IGNORE)
   10.802871] kernel: r8169 0000:03:00.0 eth0: Link is Down
   13.838297] kernel: r8169 0000:03:00.0 eth0: Link is Up - 1Gbps/Full - flow control rx/tx
   13.838314] kernel: IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready
   13.675409] wickedd-dhcp4[1338]: eth0: Request to acquire DHCPv4 lease with UUID 251cf560-1db2-0700-4405-000005000000
   13.677736] wickedd-dhcp6[1340]: eth0: Request to acquire DHCPv6 lease with UUID 251cf560-1db2-0700-4405-000006000000 in mode auto
   14.718404] avahi-daemon[1179]: Joining mDNS multicast group on interface eth0.IPv6 with address fe80::d65d:64ff:fea5:f50e.
   14.718990] avahi-daemon[1179]: New relevant interface eth0.IPv6 for mDNS.
   14.719079] avahi-daemon[1179]: Registering new address record for fe80::d65d:64ff:fea5:f50e on eth0.*.
   19.310359] wickedd-dhcp4[1338]: eth0: Committed DHCPv4 lease with address 192.168.178.27 (lease time 864000 sec, renew in 432000 sec, rebind in 756000 sec)
   19.398513] avahi-daemon[1179]: Joining mDNS multicast group on interface eth0.IPv4 with address 192.168.178.27.
   19.399062] avahi-daemon[1179]: New relevant interface eth0.IPv4 for mDNS.
   19.399151] avahi-daemon[1179]: Registering new address record for 192.168.178.27 on eth0.IPv4.
   20.798506] avahi-daemon[1179]: Leaving mDNS multicast group on interface eth0.IPv6 with address fe80::d65d:64ff:fea5:f50e.
   20.799062] avahi-daemon[1179]: Joining mDNS multicast group on interface eth0.IPv6 with address 2001:16b8:b95c:1300:d65d:64ff:fea5:f50e.
   20.799169] avahi-daemon[1179]: Registering new address record for 2001:16b8:b95c:1300:d65d:64ff:fea5:f50e on eth0.*.
   20.799250] avahi-daemon[1179]: Withdrawing address record for fe80::d65d:64ff:fea5:f50e on eth0.
   20.830340] avahi-daemon[1179]: Registering new address record for 2001:16b8:b95c:1300:e4de:9fee:15c7:686 on eth0.*.
   21.204304] wickedd-dhcp6[1340]: eth0: Committing empty DHCPv6 lease
   26.440027] wicked[1362]: lo              up
   26.440027] wicked[1362]: eth0            up
   26.441194] systemd[1]: Finished wicked managed network interfaces.
   26.441479] systemd[1]: Reached target Network.
   26.441563] systemd[1]: Reached target Network is Online.
7

What is the output of “sysctl -a | grep accept_ra”?

8

Here is the file in question. Indeed, if I delete it and keep the mode to ‘managed’, I get an IPv6 address. However, trying to ping using IPv6 still throws an error, saying the Network is unreachable. Seems there is no default route setup for IPv6.


<lease> 
  <family>ipv6</family> 
  <type>dhcp</type> 
  <uuid>6d73f560-1734-0200-cc05-00000d000000</uuid> 
  <state>granted</state> 
  <acquired>1626633151</acquired> 
  <update>0x00000000</update> 
  <ipv6:dhcp> 
    <client-id>00:01:00:01:27:d1:79:84:70:85:c2:c7:80:ad</client-id> 
    <server-id>00:03:00:01:48:f8:b3:8a:41:6c</server-id> 
    <server-address>fe80::7285:c2ff:fec7:80ad</server-address> 
    <server-preference>0</server-preference> 
    <ia-na> 
      <interface-id>3267854509</interface-id> 
      <acquired>1626633152</acquired> 
      <renewal-time>21600</renewal-time> 
      <rebind-time>34560</rebind-time> 
      <ia-address> 
        <address>2607:fea8:bddd:2901::144</address> 
        <preferred-lft>172128</preferred-lft> 
        <valid-lft>604128</valid-lft> 
      </ia-address> 
      <ia-address> 
        <address>fdb9:f2d6:d596:1::144</address> 
        <preferred-lft>4294967295</preferred-lft> 
        <valid-lft>4294967295</valid-lft> 
      </ia-address> 
    </ia-na> 
    <dns> 
      <server>fdb9:f2d6:d596:1::1</server> 
    </dns> 
  </ipv6:dhcp> 
</lease>

@dcurtisfra, here is the answer to your questions:

  • Avahi was not installed. However, installing it and making sure it’s enabled similar to what you have didn’t change anything.
  • Yes, the hosts entry is exactly as you have
  • Don’t think I changed anything in ‘/etc/sysconfig/network/dhcp’, at least not intentionally.
  • Again, no changes to ‘/etc/sysconfig/network/config’ (else than setting a higher debug level for wicked)
  • Here is my `/etc/resolv.conf’ file:
### /etc/resolv.conf is a symlink to /var/run/netconfig/resolv.conf 
### autogenerated by netconfig! 
# 
# Before you change this file manually, consider to define the 
# static DNS configuration using the following variables in the 
# /etc/sysconfig/network/config file: 
#     NETCONFIG_DNS_STATIC_SEARCHLIST 
#     NETCONFIG_DNS_STATIC_SERVERS 
#     NETCONFIG_DNS_FORWARDER 
# or disable DNS configuration updates via netconfig by setting: 
#     NETCONFIG_DNS_POLICY='' 
# 
# See also the netconfig(8) manual page and other documentation. 
# 
### Call "netconfig update -f" to force adjusting of /etc/resolv.conf. 
search lan 
nameserver fdb9:f2d6:d596:1::1 
nameserver 192.168.1.1
  • For the journal output that you showed me, you seem to have managed to only output the network-related services. Would you mind sharing what command you use to do that?

Finally, @arvidjaar, here is the output of “sysctl -a | grep accept_ra”. I’ve trimmed it a bit to only show the relevant interfaces:


net.ipv6.conf.all.**accept_ra** = 1 
net.ipv6.conf.all.**accept_ra**_defrtr = 1 
net.ipv6.conf.all.**accept_ra**_from_local = 0 
net.ipv6.conf.all.**accept_ra**_min_hop_limit = 1 
net.ipv6.conf.all.**accept_ra**_mtu = 1 
net.ipv6.conf.all.**accept_ra**_pinfo = 1 
net.ipv6.conf.all.**accept_ra**_rt_info_max_plen = 0 
net.ipv6.conf.all.**accept_ra**_rt_info_min_plen = 0 
net.ipv6.conf.all.**accept_ra**_rtr_pref = 1
[FONT=monospace]net.ipv6.conf.default.**accept_ra** = 1 
net.ipv6.conf.default.**accept_ra**_defrtr = 1 
net.ipv6.conf.default.**accept_ra**_from_local = 0 
net.ipv6.conf.default.**accept_ra**_min_hop_limit = 1 
net.ipv6.conf.default.**accept_ra**_mtu = 1 
net.ipv6.conf.default.**accept_ra**_pinfo = 1 
net.ipv6.conf.default.**accept_ra**_rt_info_max_plen = 0 
net.ipv6.conf.default.**accept_ra**_rt_info_min_plen = 0 
net.ipv6.conf.default.**accept_ra**_rtr_pref = 1
net.ipv6.conf.eth0.**accept_ra** = 1 
net.ipv6.conf.eth0.**accept_ra**_defrtr = 1 
net.ipv6.conf.eth0.**accept_ra**_from_local = 0 
net.ipv6.conf.eth0.**accept_ra**_min_hop_limit = 1 
net.ipv6.conf.eth0.**accept_ra**_mtu = 1 
net.ipv6.conf.eth0.**accept_ra**_pinfo = 1 
net.ipv6.conf.eth0.**accept_ra**_rt_info_max_plen = 0 
net.ipv6.conf.eth0.**accept_ra**_rt_info_min_plen = 0 
net.ipv6.conf.eth0.**accept_ra**_rtr_pref = 1 
net.ipv6.conf.lo.**accept_ra** = 1 
net.ipv6.conf.lo.**accept_ra**_defrtr = 1 
net.ipv6.conf.lo.**accept_ra**_from_local = 0 
net.ipv6.conf.lo.**accept_ra**_min_hop_limit = 1 
net.ipv6.conf.lo.**accept_ra**_mtu = 1 
net.ipv6.conf.lo.**accept_ra**_pinfo = 1 
net.ipv6.conf.lo.**accept_ra**_rt_info_max_plen = 0 
net.ipv6.conf.lo.**accept_ra**_rt_info_min_plen = 0 
net.ipv6.conf.lo.**accept_ra**_rtr_pref = 1[/FONT]
9

Also, this is definitely not a router problem. I just plugged another computer with OpenSUSE 15.3 on it and it gets IPv6 fine. I’m also installing a VM, again Leap 15.3, doesn’t seem to have any problem retrieving IPv6. Still trying to figure out what is the difference in the network config between those boxes. From what I see, there is none.

10

It is impossible to say anything without seeing full command invocation and its response as well as output of “ip a”, “ip r”, “ip -6 r”.

11

I admit that, I edited the output of this command –

 # journalctl --this-boot --output=short-monotonic --no-hostname | grep -Ei 'r8169|8168h|8111h|eth0|wicked|network|DHCP|chrony|avahi|dns|ntp|tpm'
  • And yes, I have UEFI Secure Boot and Trusted Platform Management enabled on this Leap 15.3 Desktop system – with Oracle VirtualBox installed « used for a Redmond Windows 10 license and openSUSE Beta testing » … >:)
12

Sure, here it is. Again, I am only showing the relevant interfaces for some commands:


jonapap@delta ~> **ping** google.com -6 -vv
ping: socket: Permission denied, attempting raw socket... 
connect: Network is unreachable



jonapap@delta ~> **ip **a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 
    inet 127.0.0.1/8 scope host lo 
       valid_lft forever preferred_lft forever 
    inet6 ::1/128 scope host  
       valid_lft forever preferred_lft forever 
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 
    link/ether 70:85:c2:c7:80:ad brd ff:ff:ff:ff:ff:ff 
    inet 192.168.1.144/24 brd 192.168.1.255 scope global eth0 
       valid_lft forever preferred_lft forever 
    inet6 fdb9:f2d6:d596:1::144/128 scope global  
       valid_lft forever preferred_lft forever 
    inet6 2607:fea8:bddd:2901::144/128 scope global dynamic  
       valid_lft 553794sec preferred_lft 121794sec 
    inet6 fe80::7285:c2ff:fec7:80ad/64 scope link  
       valid_lft forever preferred_lft forever



jonapap@delta ~> **ip** r
default via 192.168.1.1 dev eth0 proto dhcp  
10.8.0.0/24 dev wg0 proto kernel scope link src 10.8.0.1  
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown  
172.18.0.0/16 dev br-1bb21614c05e proto kernel scope link src 172.18.0.1  
172.19.0.0/16 dev br-5f4a0e33cbc6 proto kernel scope link src 172.19.0.1  
172.24.0.0/16 dev br-363ad951c7bc proto kernel scope link src 172.24.0.1  
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.144



jonapap@delta ~> **ip** -6 r
::1 dev lo proto kernel metric 256 pref medium 
2607:fea8:bddd:2901::144 dev eth0 proto kernel metric 256 expires 553639sec pref medium 
fdb9:f2d6:d596:1::144 dev eth0 proto kernel metric 256 pref medium 
fe80::/64 dev br-1bb21614c05e proto kernel metric 256 pref medium 
fe80::/64 dev br-363ad951c7bc proto kernel metric 256 pref medium 
fe80::/64 dev vethad75810 proto kernel metric 256 pref medium 
fe80::/64 dev veth5e65da1 proto kernel metric 256 pref medium 
fe80::/64 dev veth19acc6a proto kernel metric 256 pref medium 
fe80::/64 dev vethed0dddb proto kernel metric 256 pref medium 
fe80::/64 dev veth2499263 proto kernel metric 256 pref medium 
fe80::/64 dev vethcc38bd5 proto kernel metric 256 pref medium 
fe80::/64 dev br-5f4a0e33cbc6 proto kernel metric 256 pref medium 
fe80::/64 dev veth9d42296 proto kernel metric 256 pref medium 
fe80::/64 dev vethcf8457e proto kernel metric 256 pref medium 
fe80::/64 dev vethf14261d proto kernel metric 256 pref medium 
fe80::/64 dev veth0bf4dd8 proto kernel metric 256 pref medium 
fe80::/64 dev vnet1 proto kernel metric 256 pref medium 
fe80::/64 dev eth0 proto kernel metric 256 pref medium

There don’t seem to be any errors in the journal.

13

@jonapap:

It’s a bit strange that, various commands are reporting “Network is unreachable” and “linkdown” …

  • Please check the output of –
 # systemctl status network.service
14

@dcurtisfra


[FONT=monospace]jonapap@delta ~> **sudo **systemctl status network.service
**●** wicked.service - wicked managed network interfaces 
     Loaded: loaded (/usr/lib/systemd/system/wicked.service; enabled; vendor preset: disabled) 
     Active: **active (exited)** since Mon 2021-07-19 20:44:48 EDT; 13h ago 
   Main PID: 1508 (code=exited, status=0/SUCCESS) 
      Tasks: 0 (limit: 4915) 
     CGroup: /system.slice/wicked.service 

Jul 19 20:44:40 delta systemd[1]: Starting wicked managed network interfaces... 
Jul 19 20:44:48 delta wicked[1508]: lo              up 
Jul 19 20:44:48 delta wicked[1508]: eth0            up 
Jul 19 20:44:48 delta wicked[1508]: br0             up 
Jul 19 20:44:48 delta wicked[1508]: vlan3           enslaved 
Jul 19 20:44:48 delta systemd[1]: Finished wicked managed network interfaces.
[/FONT]
15

You do not have default route so of course any attempt to contact outside world fails.

It starts to sound like something is blocking router advertisements. Do you have firewall active on your host or between your host and router? Try to stop it. Does it help?

Your interface must acquire valid IPv6 address and default router without wicked. Run

systemctl stop wicked
systemctl stop wickedd
ip a
ip -6 r
ip link set up dev eth0
ip a
ip -6 r

What is the result?

16

@arvidjaar](https://forums.opensuse.org/member.php/69818-arvidjaar)

I’m using the default firewall, firewalld, on the host. I did try to disable it and set the zone to trusted. Didn’t change a thing. Do you know what else could be blocking those requests? There shouldn’t be anything else between the host and the router.

Regarding the commands you sent me, I can’t run them for now. This is a headless machine controlled over the network, and I do not have access to it physically for now. Running those commands will lock me out of the host.

17

“Disable” is rather ambiguous on a system using systemd. As usual actual command that was used to “disable” firewalld is much better. Did you verify that no iptables rules remained after you disabled firewalld?

18

I ran these commands:


sudo systemctl disable firewalld
sudo systemctl stop firewalld
sudo systemctl mask --now firewalld
sudo reboot

Here is the output for iptables:


jonapap@delta ~> **sudo** ip6tables -S 
[sudo] password for root:  
-P INPUT ACCEPT 
-P FORWARD ACCEPT 
-P OUTPUT ACCEPT

Ipv4 has some rules remaining, but I don’t think these should matter:


jonapap@delta ~> **sudo** iptables -S 
-P INPUT ACCEPT 
-P FORWARD ACCEPT 
-P OUTPUT ACCEPT 
-N DOCKER 
-N DOCKER-ISOLATION-STAGE-1 
-N DOCKER-ISOLATION-STAGE-2 
-N DOCKER-USER 
-A FORWARD -j DOCKER-USER 
-A FORWARD -j DOCKER-ISOLATION-STAGE-1 
-A FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT 
-A FORWARD -o docker0 -j DOCKER 
-A FORWARD -i docker0 ! -o docker0 -j ACCEPT 
-A FORWARD -i docker0 -o docker0 -j ACCEPT 
-A FORWARD -o br-5f4a0e33cbc6 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT 
-A FORWARD -o br-5f4a0e33cbc6 -j DOCKER 
-A FORWARD -i br-5f4a0e33cbc6 ! -o br-5f4a0e33cbc6 -j ACCEPT 
-A FORWARD -i br-5f4a0e33cbc6 -o br-5f4a0e33cbc6 -j ACCEPT 
-A FORWARD -o br-363ad951c7bc -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT 
-A FORWARD -o br-363ad951c7bc -j DOCKER 
-A FORWARD -i br-363ad951c7bc ! -o br-363ad951c7bc -j ACCEPT 
-A FORWARD -i br-363ad951c7bc -o br-363ad951c7bc -j ACCEPT 
-A FORWARD -o br-1bb21614c05e -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT 
-A FORWARD -o br-1bb21614c05e -j DOCKER 
-A FORWARD -i br-1bb21614c05e ! -o br-1bb21614c05e -j ACCEPT 
-A FORWARD -i br-1bb21614c05e -o br-1bb21614c05e -j ACCEPT 
-A DOCKER -d 172.19.0.2/32 ! -i br-5f4a0e33cbc6 -o br-5f4a0e33cbc6 -p tcp -m tcp --dport 25501 -j ACCEPT 
-A DOCKER -d 172.19.0.2/32 ! -i br-5f4a0e33cbc6 -o br-5f4a0e33cbc6 -p tcp -m tcp --dport 25500 -j ACCEPT 
-A DOCKER -d 172.19.0.2/32 ! -i br-5f4a0e33cbc6 -o br-5f4a0e33cbc6 -p tcp -m tcp --dport 8448 -j ACCEPT 
-A DOCKER -d 172.19.0.2/32 ! -i br-5f4a0e33cbc6 -o br-5f4a0e33cbc6 -p tcp -m tcp --dport 8080 -j ACCEPT 
-A DOCKER -d 172.19.0.2/32 ! -i br-5f4a0e33cbc6 -o br-5f4a0e33cbc6 -p tcp -m tcp --dport 80 -j ACCEPT 
-A DOCKER-ISOLATION-STAGE-1 -i docker0 ! -o docker0 -j DOCKER-ISOLATION-STAGE-2 
-A DOCKER-ISOLATION-STAGE-1 -i br-5f4a0e33cbc6 ! -o br-5f4a0e33cbc6 -j DOCKER-ISOLATION-STAGE-2 
-A DOCKER-ISOLATION-STAGE-1 -i br-363ad951c7bc ! -o br-363ad951c7bc -j DOCKER-ISOLATION-STAGE-2 
-A DOCKER-ISOLATION-STAGE-1 -i br-1bb21614c05e ! -o br-1bb21614c05e -j DOCKER-ISOLATION-STAGE-2 
-A DOCKER-ISOLATION-STAGE-1 -j RETURN 
-A DOCKER-ISOLATION-STAGE-2 -o docker0 -j DROP 
-A DOCKER-ISOLATION-STAGE-2 -o br-5f4a0e33cbc6 -j DROP 
-A DOCKER-ISOLATION-STAGE-2 -o br-363ad951c7bc -j DROP 
-A DOCKER-ISOLATION-STAGE-2 -o br-1bb21614c05e -j DROP 
-A DOCKER-ISOLATION-STAGE-2 -j RETURN 
-A DOCKER-USER -j RETURN
19

Reading a bit more on this, it seems that I should also check the output of nft for firewall stuff. Again, nothing here:


jonapap@delta ~> **sudo** nft list ruleset
jonapap@delta ~>
20

Ok, finally got IPv6 to work! I had to disable IPv6 forwarding. So now my /etc/sysctl.d/70-yast.conf looks like this:


jonapap@delta:~> cat /etc/sysctl.d/70-yast.conf  
net.ipv4.ip_forward = 1 
net.ipv6.conf.all.forwarding = 0 
net.ipv6.conf.all.disable_ipv6 = 0

Thing is, it could be nice to have IPv6 forwarding on that machine. I’ll troubleshoot and if it looks like this is a bug, I’ll raise one on the Bugzilla.

Anyway, thanks for the help @arvidjaar and @dcurtisfra! Let me know if you have an idea why IPv6 forwading causes this.