Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
If you are certain that routing is not an issue, that is good. And actually you don't need to mess with iptables to begin with to check connnectivity. All you need to begin with is ip forwarding via sysctl.
If you are certain that routing is not an issue, that is good. And actually you don't need to mess with iptables to begin with to check connnectivity. All you need to begin with is ip forwarding via sysctl.
See screenshot.
I am not sure what you are getting at. I don't see any sysctl commands in your screenshot?
What I see is that AP01 knows two ways to reach the network 2003::/64.
1. Out the WLAN1 interface to the link local address of AP02 wlan1
2. Out the eth0 interface to the link local address of AP02 eth0
I need to eliminate option 2 from the equation I think. If I could configure IP6TABLES to drop packets to/from the link local address of AP02 eth0 I think the route should go down and it will use the one I want. I need help achieving this. If you think I can achieve the same with sysctl please provide the commands
you have to do # sysctl -p
to load the settings , just -w is not enough
isn't correct. "-p" is "load from a file" "-w" is "write it now". If you do both, you may overwrite what you just did. Use -w first, then once you get the whole thing worked out, put those commands in a file so you can load them all at next reboot with "sysctl -p /etc/whatever.file".
2. You shouldn't have to mess with ip6tables at all, unless you already blocked off yourself using it. Check ip6tables -L INPUT (and OUTPUT, FORWARD). If those tables are blank and policy is ACCEPT, let it like that, at least until you get this problem figured out.
3. In ipv6, a machine is either a host, or a router. Then was added (maybe only to Linux?) a "both". It's set via 'net.ipv6.conf.$INTERFACE.accept_ra'. That means is this a router (accept_ra=0), a host (accept_ra=1), or both (accept_ra=2). "ra" is Router Advertisement, whether to accept them or not. Figuring this out took a day or so when I was trying to get ipv6 up and working. If you're using Stateless Auto Configuration and everything is set right, ipv6 should configure addresses and routes for everything right on down the line using radvd. ipv6 really is a lot better to work with than ipv4.
4. Wouldn't it be simplier to just use one /64 prefix from your ISP? Certainly there is enough addresses in there? Pardon me if I mis-read your setup, as mine is somewhat different and sometimes it's hard to picture another's setup in terms of what one already knows. I'm not using mesh, but routing packets should be similar.
You don't need layer 3 switch, layer 2 is good enough. You can use AP01 and AP02 as inter-VLAN routing. The VLAN on switch is just used to separate advertising, don't mixing up advertising of two networks.
3. In ipv6, a machine is either a host, or a router. Then was added (maybe only to Linux?) a "both". It's set via 'net.ipv6.conf.$INTERFACE.accept_ra'. That means is this a router (accept_ra=0), a host (accept_ra=1), or both (accept_ra=2). "ra" is Router Advertisement, whether to accept them or not. Figuring this out took a day or so when I was trying to get ipv6 up and working. If you're using Stateless Auto Configuration and everything is set right, ipv6 should configure addresses and routes for everything right on down the line using radvd. ipv6 really is a lot better to work with than ipv4.
4. Wouldn't it be simplier to just use one /64 prefix from your ISP? Certainly there is enough addresses in there? Pardon me if I mis-read your setup, as mine is somewhat different and sometimes it's hard to picture another's setup in terms of what one already knows. I'm not using mesh, but routing packets should be similar.
The goal here is to send simulated VOIP traffic from Client 1 to Client 2. It should follow a wired connection to AP01 then hop over wireless to AP02 before finally being sent to Client 2 over wired again. It should NOT use wired between AP01 and AP02.
The other important goal is that there must be routing involved. The main goal is to investigate if varying the routing protocol used on the mesh has any impact on the VOIP performance. This is why I don't use a single /64
With these two goals in mind, if there is a way to prevent/deny the wired route between AP01 and AP02?
The goal here is to send simulated VOIP traffic from Client 1 to Client 2. It should follow a wired connection to AP01 then hop over wireless to AP02 before finally being sent to Client 2 over wired again. It should NOT use wired between AP01 and AP02.
This is a fair requirement. Isn't it one of the goals is to get them connected regardless of medium? You can simply 's/wired/wireless/'.
Quote:
The other important goal is that there must be routing involved. The main goal is to investigate if varying the routing protocol used on the mesh has any impact on the VOIP performance. This is why I don't use a single /64
Once routing table has been populated (and assuming it is the optimal route), the traffic does not distinguish or even care if the source of route comes from static source or from routing protocols. So I do not think there is any impact at all unless you introduce a more efficient route where the dynamic protocols can notice.
Quote:
With these two goals in mind, if there is a way to prevent/deny the wired route between AP01 and AP02?
This is a fair requirement. Isn't it one of the goals is to get them connected regardless of medium? You can simply 's/wired/wireless/'.
This is test lab for a Masters. The goal is to test the performance of VOIP over a wireless mesh, so yes it matters.
Quote:
Once routing table has been populated (and assuming it is the optimal route), the traffic does not distinguish or even care if the source of route comes from static source or from routing protocols. So I do not think there is any impact at all unless you introduce a more efficient route where the dynamic protocols can notice.
In reality there is a a large Mesh network between AP01 and AP05 over which the routing protocol will decide the best path at any one time. This information was not relevant to the question I was asking so I simplified the topology to eliminate the problem.
Quote:
Don't connect a cable?
If you don't connect a cable, how does Client 1 get to his first hop which is eth0 on AP01?
you said there is AP05 , so how does AP01 know that it has to send to AP02 ?
This is me just getting confused between the actual mesh and the simplified version I presented in the question. AP02 is AP05 here, sorry for confusion.
The problem is that the two access points have a choice of path. Wired or wireless. Both are working but wired is preferred as it is a better route. I need to find a way to make it not better or not work at all.
I used the command below to drop all traffic on AP01 coming from the AP02 link local address in the active route. The wireless route was used instead and I can now ping end to end.
sudo ip6tables -A INPUT -s fe80::cdf9:b2a5:629e:f201 -j DROP
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.