I’m having trouble with my IPv6 DHCP connection when using nftables. Here’s what’s going on:
My nftables setup seems to be working fine for most things. But when I run dhclient -6, I only see outgoing messages and no incoming responses. Here’s a snippet of what I’m seeing:
The weird thing is, I’m not getting any Advertise messages (RCV) back. When I disable nftables, everything works perfectly with my router.
I’ve double-checked my nftables config, and it looks okay to me. I’ve got rules for input, forward, and output chains. I’m allowing ICMPv6 and have some specific rules for services like FTP.
Has anyone run into this before? I’m thinking there must be something wrong with my nftables setup, but I can’t figure out what. Any ideas on what I might be missing or what else I should check?
yo luna, that’s a tough one! have u checked if ur nftables is allowing udp traffic on ports 546 and 547? thats crucial for dhcpv6. also, maybe try adding a specific rule to allow dhcpv6 traffic? sometimes that does the trick. good luck figuring it out!
hey there Luna_Dreamy! that sounds like a real head-scratcher you’ve got there with your ipv6 dhcp and nftables setup. i’m curious, have you tried monitoring the traffic with something like tcpdump or wireshark while dhclient is running? that might give you some clues about what’s happening to those incoming packets.
also, i wonder if you’ve double-checked your nftables rules for udp port 546? that’s the one dhcpv6 clients use to receive messages. maybe there’s a sneaky rule blocking it somewhere?
oh, and here’s a random thought - have you looked at your router’s logs? sometimes they can be surprisingly helpful in figuring out what’s going on on the other end.
let us know what you find out! i’m really interested to see what the issue turns out to be. ipv6 can be such a pain sometimes, right?
I encountered a similar issue with IPv6 DHCP and nftables recently. The problem was in my nftables configuration, specifically related to UDP ports for DHCPv6. To resolve it, I added explicit rules to allow traffic on UDP ports 546 and 547 in both directions. Additionally, I found it helpful to temporarily enable logging for dropped packets, which revealed some unexpected blocks. Another key point was ensuring ICMPv6 traffic was properly allowed, as it’s crucial for IPv6 operation. After making these adjustments, my IPv6 DHCP started working correctly with nftables enabled. It might be worth reviewing your configuration with these points in mind.