perfsonar-user - Re: [perfsonar-user] ip6tables and DHCPv6
Subject: perfSONAR User Q&A and Other Discussion
List archive
- From: Andrew Lake <>
- To: Sobhi Malas (Alumni) <>
- Cc:
- Subject: Re: [perfsonar-user] ip6tables and DHCPv6
- Date: Wed, 20 Aug 2014 08:20:01 -0400
Hi,
You can unsubscribe from our lists at the following URLs:
https://lists.internet2.edu/sympa/sigrequest/perfsonar-user
https://lists.internet2.edu/sympa/sigrequest/perfsonar-announce
Thanks,
Andy
On Aug 20, 2014, at 7:47 AM, Sobhi Malas (Alumni)
<>
wrote:
> Hello,
>
> How can I unsubscribe from all perfsonar emails? I subscribed 6 years ago
> for a school project and no longer need it.
>
> Many Thanks
> SM
> ________________________________________
> From:
>
>
> <>
> on behalf of Andrew Lake
> <>
> Sent: Wednesday, August 20, 2014 1:25 PM
> To: Marek Elias
> Cc:
> ;
>
>
> Subject: Re: [perfsonar-user] ip6tables and DHCPv6
>
> Hi,
>
> Thanks for pointing this out. We also noticed this awhile back and it is
> corrected in the forthcoming 3.4 release.
>
> Thanks,
> Andy
>
>
> On Aug 20, 2014, at 5:56 AM, Marek Elias
> <>
> wrote:
>
>> hello,
>>
>> perfsonar /etc/sysconfig/ip6tables does not contain an rule like this:
>> -A INPUT -m state --state NEW -m udp -p udp --dport 546 --sport 547 -s
>> fe80::/10 -d fe80::/10 -j ACCEPT
>> this rule ACCEPTs the DHCPv6 replies. this is merely a kernel connection
>> tracking bug since this reply should fit to the ESTABLISHED,RELATED
>> rule, but unfortunately it does not.
>>
>> see this for more info:
>> https://bugzilla.redhat.com/show_bug.cgi?id=656334
>>
>> without this rule, dhclient -6 properly asks for lease and the server
>> properly replies, but dhclient does not get the reply. After adding this
>> rule, everything works fine.
>>
>> I see that they decided to repair this in kernel, but I still think that
>> in this case, when a special ip6tables rules are shipped with perfsonar,
>> the workaround should be applied within these rules.
>>
>> This is not a major issue for the rest of our machines since they
>> generaly don't use iptables. But the perfsonars are an exception, they
>> use ip6tables and without this rule they have problems with DHCPv6.
>>
>> [root@ps01-l
>> ~]# cat /etc/redhat-release
>> CentOS release 6.5 (Final)
>> [root@ps01-l
>> ~]# uname -a
>> Linux ps01-l.farm.particle.cz 2.6.32-431.20.3.el6.aufs.web100.i686 #1
>> SMP Fri Jun 20 20:09:03 UTC 2014 i686 i686 i386 GNU/Linux
>>
>> toolkit version: 3.3.2
>>
>> marek elias
>
- [perfsonar-user] ip6tables and DHCPv6, Marek Elias, 08/20/2014
- Re: [perfsonar-user] ip6tables and DHCPv6, Andrew Lake, 08/20/2014
- Message not available
- Re: [perfsonar-user] ip6tables and DHCPv6, Andrew Lake, 08/20/2014
- Message not available
- Re: [perfsonar-user] ip6tables and DHCPv6, Andrew Lake, 08/20/2014
Archive powered by MHonArc 2.6.16.