The upgrade of DD-WRT that I performed this last Saturday brought the version from a 2019 release to a 2022 release. DD-WRT always recommends doing a factory reset of settings before and after flashing a new firmware. As far as I’ve been able to find out, DD-WRT doesn’t provide any way to back up the settings in any form other than a binary download that is not compatible between versions. This shortcoming makes upgrading a router with many customized settings a difficult process.
I performed the flash upgrade without resetting everything to defaults. It wasn’t until I was going to bed on Saturday night that I realized not all things were working properly. All of the ipv4 services appeared to be working properly. The ipv6 services were not working properly on my internal network clients.
I have a Microsoft Windows Server 2016 Essentials machine running several services including file sharing on my internal network. I also have my Windows 10 desktop, and several Raspberry Pi machines. Some of the Pi machines access the file shares on the server for both reading and writing.
I’ve found that when ipv6 is not allocating global addresses for the windows server and clients, file sharing doesn’t work properly. This is an issue I don’t understand, and don’t want to change the default operation of the windows server or windows client machines, which might create more long term maintenance headaches.
Among the customizations I have set in the router:
- Router Name
- Domain Name
- Local IP (v4) address is 192.168.0.1 instead of 192.168.1.1
- close to 35 DHCP reservations for machines that run on my internal network.
- IPv6 enabled and configured for DHCPv6 with Prefix Delegation
- DDNS service configured as in previous post.
- Wireless SSID
- Wireless Password
- SSH access to the router with rsa keys entered for allowed machines.
I figured out that the primary settings for DHCP and DNS resolution are run using dnsmasq, and the configuration file can be viewed by looking at /tmp/dnsmasq.conf in the ssh console. All of the dns reservations are listed in the form of:
dhcp-host=b0:39:56:78:83:b0,GS108Tv2,192.168.0.123,1440m
dhcp-host=28:c6:8e:09:30:cb,GS108Tv2-LR,192.168.0.125,1440m
dhcp-host=04:a1:51:b0:a6:9a,GS108Tv2-OW,192.168.0.124,1440mCopying all of them out of the console as one entry and adding them to the Additional Dnsmasq Options field was much easier than pasting MAC addresses, Hostnames, and IP addresses into separate field for each entry.
After adding them via the web interface here, they look exactly like the entries created in the static leases section of the interface. I was hoping that the system would parse them and display them in the static leases section, but it doesn’t seem to do that.
My SSH terminal program is configured to send a series of commands to the console each time I connect which reminds me of the current setup as well as how to examine it after a long time when I’ve not worked on the device.
- date ; uptime
- route -A inet
- route -A inet6
- ip6tables -vnL
- cat /tmp/dnsmasq.conf
- cat /tmp/dhcp6c.conf
- cat /tmp/radvd.conf
- ifconfig
I’m currently not dumping the iptables (v4) output simply because there are a large number of rules that don’t get used which takes up a lot of extra space scrolling by.
I’ve compared the ipv4 and ipv6 routes from when ipv6 was not working, and they are identical.
root@Netgear-R7000:~# route -A inet
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default br1-mballard-v1 0.0.0.0 UG 0 0 0 vlan2
24.35.91.128 * 255.255.255.192 U 0 0 0 vlan2
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
192.168.0.0 * 255.255.255.0 U 0 0 0 br0
root@Netgear-R7000:~# route -A inet6
Kernel IPv6 routing table
Destination Next Hop Flags Metric Ref Use Iface
2604:4080:1304::/64 :: UA 256 0 0 vlan2
2604:4080:1304:8010::/60 :: U 256 0 0 br0
fe80::/64 :: U 256 0 0 eth0
fe80::/64 :: U 256 0 0 vlan1
fe80::/64 :: U 256 0 0 eth1
fe80::/64 :: U 256 0 0 eth2
fe80::/64 :: U 256 1 23 br0
fe80::/64 :: U 256 0 0 vlan2
::/0 fe80::22c:c8ff:fe42:24bf UGDA 1024 2 302 vlan2
::/0 :: U 2048 2 38 vlan2
::/0 :: !n -1 1 372 lo
::1/128 :: Un 0 3 15 lo
2604:4080:1304::/128 :: Un 0 1 0 lo
2604:4080:1304:0:b27f:b9ff:fe83:6590/128 :: Un 0 3 75 lo
2604:4080:1304:8010::/128 :: Un 0 1 0 lo
2604:4080:1304:8010:b27f:b9ff:fe83:6591/128 :: Un 0 3 64 lo
fe80::/128 :: Un 0 1 0 lo
fe80::/128 :: Un 0 1 0 lo
fe80::/128 :: Un 0 1 0 lo
fe80::/128 :: Un 0 1 0 lo
fe80::/128 :: Un 0 1 0 lo
fe80::/128 :: Un 0 1 0 lo
fe80::b27f:b9ff:fe83:658f/128 :: Un 0 1 0 lo
fe80::b27f:b9ff:fe83:658f/128 :: Un 0 1 0 lo
fe80::b27f:b9ff:fe83:6590/128 :: Un 0 3 61 lo
fe80::b27f:b9ff:fe83:6591/128 :: Un 0 1 0 lo
fe80::b27f:b9ff:fe83:6591/128 :: Un 0 3 24 lo
fe80::b27f:b9ff:fe83:659e/128 :: Un 0 1 0 lo
ff00::/8 :: U 256 0 0 eth0
ff00::/8 :: U 256 0 0 vlan1
ff00::/8 :: U 256 0 0 eth1
ff00::/8 :: U 256 0 0 eth2
ff00::/8 :: U 256 2 580 br0
ff00::/8 :: U 256 2 12 vlan2
::/0 :: !n -1 1 372 lo
I’ve looked at the ip6tables, and it also appears identical, beyond the counters.
root@Netgear-R7000:~# ip6tables -vnL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
12 2289 ACCEPT all * * ::/0 ::/0 state RELATED,ESTABLISHED
5 376 ACCEPT icmpv6 * * ::/0 ::/0
0 0 ACCEPT all * * fe80::/64 ::/0
0 0 ACCEPT all br0 * ::/0 ::/0
0 0 ACCEPT all * * ::/0 ::/0
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all * * ::/0 ::/0 state RELATED,ESTABLISHED
0 0 ACCEPT all * vlan2 ::/0 ::/0
0 0 ACCEPT icmpv6 * * ::/0 ::/0 ipv6-icmptype 128 limit: avg 2/sec burst 5
0 0 ACCEPT all * * ::/0 ::/0
Chain OUTPUT (policy ACCEPT 31 packets, 4287 bytes)
pkts bytes target prot opt in out source destination
I’d tried disabling Radvd on the IPv6 configuration gui and adding “enable-ra” to the Additional Dnsmasq Options, but that didn’t fix my problems. The current configuration has matching radv.conf files to the non working version.
root@Netgear-R7000:~# cat /tmp/radvd.conf
interface br0
{
IgnoreIfMissing on;
AdvSendAdvert on;
MinRtrAdvInterval 3;
MaxRtrAdvInterval 10;
AdvHomeAgentFlag off;
AdvManagedFlag off;
AdvOtherConfigFlag on;
AdvLinkMTU 1452;
prefix 2604:4080:1304:8010::/64
{
AdvOnLink on;
AdvAutonomous on;
AdvValidLifetime 30;
AdvPreferredLifetime 20;
};
RDNSS 2607:f060:2::1 2607:f060:2:1::1{};
};
I spent a lot of time reading up on IPv6 and reminding myself of things I’d known in the past and forgotten. https://blog.dorianbolivar.com/2018/09/going-full-ipv6-with-dd-wrt.html?lr=1 is a well written post with links to more sources that I found especially helpful as it was written specifically using DD-WRT and IPv6. My only issue is that it was written nearly four years ago and may not have the same options in the DD-WRT gui as are currently available.
One of the items I added to the Additional Dnsmasq Options was a couple of host entries so that dnsmasq would resolve IPv6 addresses for my windows machines. It seems to speed up the IPv6 name discovery of my windows server while still pointing default DNS resolution at the router.
My conclusion is that I don’t understand what was different in the non-functioning setup I had with holdovers from the older version of DD-WRT, and going through the pain of re-installing from factory fresh configuration after each upgrade is worth the trouble. I’m still not satisfied with the best way of retrieving all of the configuration data into a text file that I can later run a difference test to see what’s changed, or needs to be changed.
WimsWorld 