Daemon warning in log

Peacefuleight · February 22, 2023, 12:52am

Can I do something about it?

ue Feb 21 18:18:08 2023 daemon.warn odhcpd[2058]: No default route present, overriding ra_lifetime!
Tue Feb 21 18:21:10 2023 daemon.warn odhcpd[2058]: No default route present, overriding ra_lifetime!
Tue Feb 21 18:27:26 2023 daemon.warn odhcpd[2058]: No default route present, overriding ra_lifetime!
Tue Feb 21 18:32:13 2023 daemon.warn odhcpd[2058]: No default route present, overriding ra_lifetime!
Tue Feb 21 18:41:48 2023 daemon.warn odhcpd[2058]: No default route present, overriding ra_lifetime!
Tue Feb 21 18:48:16 2023 daemon.warn odhcpd[2058]: No default route present, overriding ra_lifetime!
Tue Feb 21 18:52:45 2023 daemon.warn odhcpd[2058]: No default route present, overriding ra_lifetime!
Tue Feb 21 18:57:21 2023 daemon.warn odhcpd[2058]: No default route present, overriding ra_lifetime!
Tue Feb 21 19:04:35 2023 daemon.warn odhcpd[2058]: No default route present, overriding ra_lifetime!
Tue Feb 21 19:13:55 2023 daemon.warn odhcpd[2058]: No default route present, overriding ra_lifetime!

mk24 · February 22, 2023, 1:26am

This is coming from the lan by default configured to try to advertise itself as an IPv6 capable router, but the existing wan connection does not support IPv6.

If your ISP is IPv4 only, make the lan also IPv4 only by disabling ra and dchpv6 in the LAN dhcp configuration.

Peacefuleight · February 22, 2023, 2:06am

I have that, dont have ra.

config dnsmasq
        option domainneeded '1'
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option local '/lan/'
        option domain 'lan'
        option expandhosts '1'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option localservice '1'
        option ednspacket_max '1232'
        option confdir '/tmp/dnsmasq.d'
        option noresolv '1'
        list server '127.0.0.53#53'

config dhcp 'lan'
        option interface 'lan'
        option start '100'
        option limit '150'
        option leasetime '12h'
        option dhcpv4 'server'
        option dhcpv6 'server'
        option ra 'server'
        list ra_flags 'managed-config'
        list ra_flags 'other-config'

config dhcp 'wan'
        option interface 'wan'
        option ignore '1'

config odhcpd 'odhcpd'
        option maindhcp '0'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'
        option loglevel '4'

config dhcp 'guest'
        option interface 'guest'
        option start '100'
        option limit '150'
        option leasetime '12h'

psherman · February 22, 2023, 2:11am

Yes you do.

Peacefuleight · February 22, 2023, 2:15am

you're right sorry, thanks

anon11662642 · February 22, 2023, 7:53pm

@stintel

These new commits are the culprits:

github.com/openwrt/odhcpd

router: always check ra_default

committed 12:27PM - 17 Feb 23 UTC

stintel

+9 -6

We currently only check ra_default when an interface has valid addresses. This r…esults in ra_default being ignored in case we have an interface with only link-local addresses. This effectively breaks the use of value 2 for the ra_default parameter. Fix this by always checking ra_lifetime, regardless of the interface having public addresses or not. Fixes: #11930 Fixes: 83e14f455817 ("router: advertise removed addresses as invalid in 3 consecutive RAs") Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Acked-by:Hans Dedecker <dedeckeh@gmail.com>

github.com/openwrt/odhcpd

router: improve RA logging

committed 12:27PM - 17 Feb 23 UTC

stintel

+11 -9

We only set the RA lifetime to what is configured in UCI when there is a default… route and valid prefix. In any other case, we set it to 0. This leads to confusion where people believe ra_lifetime is completely ignored. In case there is a default route, but no valid prefix, a debug message explains this, but if there is no default route, we silently override ra_lifetime. Add a debug message for the latter case, and explicitly mention overriding ra_lifetime in both cases. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Acked-by: Hans Dedecker <dedeckeh@gmail.com>

stintel · February 22, 2023, 8:25pm

These warnings are there to tell you something in your config is not right. It has already been suggested to disable ra, this will make the warnings go away.

anon11662642 · February 22, 2023, 8:42pm

So, now you need to disable the IPv6 settings of the DHCP server on the LAN interface to not have the log full of spam like the one shown in the first post, when it wasn't needed before.

stintel · February 22, 2023, 9:36pm

If you read the commit message for https://github.com/openwrt/odhcpd/commit/5a1775178bfbaf3327df99998b60d1c48b2dad9d you'll understand why this was added.

Enabling RA on your LAN when you don't have a default route doesn't make a lot of sense, unless maybe in some niche case as discussed in https://github.com/openwrt/openwrt/issues/11930.

RA is enabled by default, because it is 2023 and if you don't have IPv6 you should talk to your ISP or seriously consider replacing it with a less ignorant one.

At least now you're made aware that something is not entirely right, while before this was just hidden.

anon11662642 · February 22, 2023, 9:50pm

If you can't explain it to a six year old, you don't understand it yourself. - Albert Einstein

Now I understand you.

Thank you so much.

stintel · February 22, 2023, 10:07pm

So I've given this some more thought, and for a brief moment was considering increasing the log level for this message, but I really think we shouldn't.

Consider the following scenario: your ISP offers proper IPv6 connectivity, your OpenWrt router is announcing an IPv6 prefix to your LAN, and you have working IPv6 connectivity on your clients. One day your ISP messes up and breaks that IPv6 connectivity. In the previous scenario, it would stop working, but no log messages appear in your router, so you assume everything is fine...

You might find out accidentally, but I'd prefer the router being noisy about it.

Peacefuleight · February 26, 2023, 1:08pm

so ipv4 is not good anymore? no safe or what?

slh · February 27, 2023, 12:30am

These days, thanks to the proliferation of cgNAT among new ISPs, IPv4 is indeed not 'enough' anymore.

After switching from VDSL to ftth, I only get cgNAT and a semi-static /56 IPv6 prefix - if IPv6 fails for some reason, my incoming (road-warrior) VPN connections are gone, that would be a significant problem for me. With the cgNAT IPv4 address (only), I'd also be hassled a lot more with captchas and other server side defenses against against weird usage patterns and access throttling.

Due to my home VPN gateway naturally being IPv6-only (as I have no external IPv4 address), I obviously care a lot about having IPv6 connectivity client-side as well (mobile uses, LTE/ 5g, etc.).

system · March 9, 2023, 12:31am

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.