Suite à migration fibre pro de pfSense+ PPPoE 600/600 à LB5 2000/1000 je me suis procuré un ONT officiel HG8010Hv3 (offert par ma boutique Orange après quelques explications au 3901) afin de pouvoir repasser sur un vrais routeur.
L'up à 1Gbps c'est top mais pas les performances de la box en multithread (ça s'éfondre à cause des perfs CPU) exploter le 2Gb n'est pas ma priorité pour l'instant (testé avec succès sur 1 PC en sock5 dispatch sur 2 ports giga...).
Je peux donc passer facilement de la LB5 qui fonctionne; à l'ONT HG8010Hv3 qui arrive à l'étape "O5(Operation state)" + LED fibre OK
J'ai passé toute la journée à tester l'auth DHCP sur mon pfSense (qui a eu l'update officielle pfSense+ en replacement du firmware pfSense communautaire) pour obtenir les infos les plus up to date entre les différents thread de notre cher lafibre.info :
Send Options IPv4 :
dhcp-class-identifier "sagem", user-class "+FSVDSL_livebox.Internet.softathome.Livebox4", rfc3118-auth (chaine hex d'auth)
Request Options IPv4 :
subnet-mask, broadcast-address, dhcp-lease-time, dhcp-renewal-time, dhcp-rebinding-time, domain-search, routers, domain-name-servers, rfc3118-auth
Send Options IPv6 :
ia-pd 0, raw-option 6 00:0b:00:11:00:17:00:18, raw-option 15 00:2b:46:53:56:44:53:4c:5f:6c:69:76:65:62:6f:78:2e:49:6e:74:65:72:6e:65:74:2e:73:6f:66:74:61:74:68:6f:6d:65:2e:6c:69:76:65:62:6f:78:33, raw-option 16 00:00:04:0e:00:05:73:61:67:65:6d, raw-option 11 (chaine hex d'auth)
Script avec lequel j'ai généré la chaine hex d'auth :
#!/bin/bash
login='fti/xxxxxxx'
pass='xxxxxxx'
tohex() {
for h in $(echo $1 | sed "s/\(.\)/\1 /g"); do printf %02x \'$h; done
}
addsep() {
echo $(echo $1 | sed "s/\(.\)\(.\)/:\1\2/g")
}
r=$(dd if=/dev/urandom bs=1k count=1 2>&1 | md5sum | cut -c1-16)
id=${r:0:1}
h=3C12$(tohex ${r})0313$(tohex ${id})$(echo -n ${id}${pass}${r} | md5sum | cut -c1-32)
echo 00:00:00:00:00:00:00:00:00:00:00:1A:09:00:00:05:58:01:03:41:01:0D$(addsep $(tohex ${login})${h})
Et le log DHCP du pfSense+ avec debug DHCPv6 (mixé) :
[21.05.2-RELEASE][admin@firewall.serveurperso.com]/root: tail -f /var/log/dhcpd.log
Feb 7 05:09:07 firewall dhcp6c[96316]: Sending Solicit
Feb 7 05:09:07 firewall dhcp6c[96316]: freeing op data at 0x80066d048
Feb 7 05:09:07 firewall dhcp6c[96316]: freeing op data at 0x800a84330
Feb 7 05:09:07 firewall dhcp6c[96316]: freeing op data at 0x800a5e030
Feb 7 05:09:07 firewall dhcp6c[96316]: freeing op data at 0x800a67140
Feb 7 05:11:06 firewall dhcp6c[96316]: Sending Solicit
Feb 7 05:11:06 firewall dhcp6c[96316]: freeing op data at 0x80066d048
Feb 7 05:11:06 firewall dhcp6c[96316]: freeing op data at 0x800a842d0
Feb 7 05:11:06 firewall dhcp6c[96316]: freeing op data at 0x800a5e040
Feb 7 05:11:06 firewall dhcp6c[96316]: freeing op data at 0x800a67190
Feb 7 05:11:18 firewall dhclient[79622]: connection closed
Feb 7 05:11:18 firewall dhclient[79622]: exiting.
Feb 7 05:11:19 firewall dhcp6c[96316]: exiting
Feb 7 05:11:22 firewall dhclient[15186]: PREINIT
Feb 7 05:11:22 firewall dhclient[14871]: Registering receive interface: igb0
Feb 7 05:11:22 firewall dhclient[14871]: Interface igb0 attached to bpf for receiving
Feb 7 05:11:22 firewall dhclient[14871]: Registering sending interface: igb0
Feb 7 05:11:22 firewall dhclient[14871]: VLAN ID: 832, VLAN PCP: 6
Feb 7 05:11:22 firewall dhclient[14871]: Interface igb0 attached to bpf for sending
Feb 7 05:11:22 firewall dhclient[16247]: EXPIRE
Feb 7 05:11:22 firewall dhclient[16885]: Deleting old routes
Feb 7 05:11:22 firewall dhclient[17745]: PREINIT
Feb 7 05:11:22 firewall dhclient[14871]: DHCPDISCOVER on igb0 to 255.255.255.255 port 67 interval 5
Feb 7 05:11:27 firewall dhclient[14871]: DHCPDISCOVER on igb0 to 255.255.255.255 port 67 interval 6
Feb 7 05:11:33 firewall dhclient[14871]: DHCPDISCOVER on igb0 to 255.255.255.255 port 67 interval 21
Feb 7 05:11:54 firewall dhclient[14871]: DHCPDISCOVER on igb0 to 255.255.255.255 port 67 interval 7
Feb 7 05:12:01 firewall dhclient[14871]: DHCPDISCOVER on igb0 to 255.255.255.255 port 67 interval 13
Feb 7 05:12:14 firewall dhclient[14871]: DHCPDISCOVER on igb0 to 255.255.255.255 port 67 interval 9
Feb 7 05:12:24 firewall dhclient[14871]: No DHCPOFFERS received.
Feb 7 05:12:24 firewall dhclient[14871]: No working leases in persistent database - sleeping.
Feb 7 05:12:24 firewall dhclient[30184]: FAIL
Feb 7 05:12:27 firewall dhcp6c[30701]: extracted an existing DUID from /var/db/dhcp6c_duid: 00:01:00:01:1d:82:16:90:04:f0:21:16:8d:87
Feb 7 05:12:27 firewall dhcp6c[30701]: failed to open /usr/local/etc/dhcp6cctlkey: No such file or directory
Feb 7 05:12:27 firewall dhcp6c[30701]: failed initialize control message authentication
Feb 7 05:12:27 firewall dhcp6c[30701]: skip opening control port
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>[interface] (9)
Feb 7 05:12:27 firewall dhcp6c[30701]: <5>[igb0] (4)
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>begin of closure [{] (1)
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>[send] (4)
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>[ia-pd] (5)
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>[0] (1)
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>end of sentence [;] (1)
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>[send] (4)
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>[raw-option] (10)
Feb 7 05:12:27 firewall dhcp6c[30701]: <25>[6] (1)
Feb 7 05:12:27 firewall dhcp6c[30701]: <25>[00:0b:00:11:00:17:00:18] (23)
Feb 7 05:12:27 firewall dhcp6c[30701]: /var/etc/dhcp6c_wan.conf 3: Got raw option: 6 00:0b:00:11:00:17:00:18
Feb 7 05:12:27 firewall dhcp6c[30701]: /var/etc/dhcp6c_wan.conf 3: Raw option 6 length 8 stored at 0x800a84060 with data at 0x80066d028
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>end of sentence [;] (1)
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>[send] (4)
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>[raw-option] (10)
Feb 7 05:12:27 firewall dhcp6c[30701]: <25>[15] (2)
Feb 7 05:12:27 firewall dhcp6c[30701]: <25>[00:2b:46:53:56:44:53:4c:5f:6c:69:76:65:62:6f:78:2e:49:6e:74:65:72:6e:65:74:2e:73:6f:66:74:61:74:68:6f:6d:65:2e:6c:69:76:65:62:6f:78:33] (134)
Feb 7 05:12:27 firewall dhcp6c[30701]: /var/etc/dhcp6c_wan.conf 4: Got raw option: 15 00:2b:46:53:56:44:53:4c:5f:6c:69:76:65:62:6f:78:2e:49:6e:74:65:72:6e:65:74:2e:73:6f:66:74:61:74:68:6f:6d:65:2e:6c:69:76:65:62:6f:78:33
Feb 7 05:12:27 firewall dhcp6c[30701]: /var/etc/dhcp6c_wan.conf 4: Raw option 15 length 45 stored at 0x800a840f0 with data at 0x800a84120
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>end of sentence [;] (1)
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>[send] (4)
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>[raw-option] (10)
Feb 7 05:12:27 firewall dhcp6c[30701]: <25>[16] (2)
Feb 7 05:12:27 firewall dhcp6c[30701]: <25>[00:00:04:0e:00:05:73:61:67:65:6d] (32)
Feb 7 05:12:27 firewall dhcp6c[30701]: /var/etc/dhcp6c_wan.conf 5: Got raw option: 16 00:00:04:0e:00:05:73:61:67:65:6d
Feb 7 05:12:27 firewall dhcp6c[30701]: /var/etc/dhcp6c_wan.conf 5: Raw option 16 length 11 stored at 0x800a841e0 with data at 0x800a5e010
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>end of sentence [;] (1)
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>[send] (4)
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>[raw-option] (10)
Feb 7 05:12:27 firewall dhcp6c[30701]: <25>[11] (2)
Feb 7 05:12:27 firewall dhcp6c[30701]: <25>[00:00:00:00:00:00:00:00:00:00:00:1a:09:00:00:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:20:20:20:20:20:20:20:20:20:20:20:20:20:20:03:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:f6:b9:3d:d4:92:4f] (209)
Feb 7 05:12:27 firewall dhcp6c[30701]: /var/etc/dhcp6c_wan.conf 6: Got raw option: 11 00:00:00:00:00:00:00:00:00:00:00:1a:09:00:00:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:20:20:20:20:20:20:20:20:20:20:20:20:20:20:03:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:f6:b9:3d:d4:92:4f
Feb 7 05:12:27 firewall dhcp6c[30701]: /var/etc/dhcp6c_wan.conf 6: Raw option 11 length 70 stored at 0x800a84270 with data at 0x800a67050
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>end of sentence [;] (1)
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>[script] (6)
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>["/var/etc/dhcp6c_wan_dhcp6withoutra_script.sh"] (46)
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>end of sentence [;] (1)
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>end of closure [}] (1)
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>end of sentence [;] (1)
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>[id-assoc] (8)
Feb 7 05:12:27 firewall dhcp6c[30701]: <13>[pd] (2)
Feb 7 05:12:27 firewall dhcp6c[30701]: <13>[0] (1)
Feb 7 05:12:27 firewall dhcp6c[30701]: <13>begin of closure [{] (1)
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>[prefix-interface] (16)
Feb 7 05:12:27 firewall dhcp6c[30701]: <5>[igb1] (4)
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>begin of closure [{] (1)
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>[sla-id] (6)
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>[0] (1)
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>end of sentence [;] (1)
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>[sla-len] (7)
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>[8] (1)
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>end of sentence [;] (1)
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>end of closure [}] (1)
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>end of sentence [;] (1)
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>end of closure [}] (1)
Feb 7 05:12:27 firewall dhcp6c[30701]: <3>end of sentence [;] (1)
Feb 7 05:12:27 firewall dhcp6c[30701]: called
Feb 7 05:12:27 firewall dhcp6c[30701]: freeing op data at 0x80066d028
Feb 7 05:12:27 firewall dhcp6c[30701]: freeing op data at 0x800a84120
Feb 7 05:12:27 firewall dhcp6c[30701]: freeing op data at 0x800a5e010
Feb 7 05:12:27 firewall dhcp6c[30701]: freeing op data at 0x800a67050
Feb 7 05:12:27 firewall dhcp6c[30701]: called
Feb 7 05:12:27 firewall dhcp6c[30885]: reset a timer on igb0, state=INIT, timeo=0, retrans=891
Feb 7 05:12:28 firewall dhcp6c[30885]: Sending Solicit
Feb 7 05:12:28 firewall dhcp6c[30885]: a new XID (43f490) is generated
Feb 7 05:12:28 firewall dhcp6c[30885]: set client ID (len 14)
Feb 7 05:12:28 firewall dhcp6c[30885]: set elapsed time (len 2)
Feb 7 05:12:28 firewall dhcp6c[30885]: set IA_PD
Feb 7 05:12:28 firewall dhcp6c[30885]: raw option 6 length 8 at 0x800a84360
Feb 7 05:12:28 firewall dhcp6c[30885]: set option request (len 8)
Feb 7 05:12:28 firewall dhcp6c[30885]: raw option 15 length 45 at 0x800a84330
Feb 7 05:12:28 firewall dhcp6c[30885]: set user class (len 45)
Feb 7 05:12:28 firewall dhcp6c[30885]: raw option 16 length 11 at 0x800a842d0
Feb 7 05:12:28 firewall dhcp6c[30885]: set vendor class (len 11)
Feb 7 05:12:28 firewall dhcp6c[30885]: raw option 11 length 70 at 0x800a842a0
Feb 7 05:12:28 firewall dhcp6c[30885]: set authentication (len 70)
Feb 7 05:12:28 firewall dhcp6c[30885]: send solicit to ff02::1:2%igb0
Feb 7 05:12:28 firewall dhcp6c[30885]: freeing op data at 0x80066d048
Feb 7 05:12:28 firewall dhcp6c[30885]: freeing op data at 0x800a84300
Feb 7 05:12:28 firewall dhcp6c[30885]: freeing op data at 0x800a5e040
Feb 7 05:12:28 firewall dhcp6c[30885]: freeing op data at 0x800a67190
Feb 7 05:12:28 firewall dhcp6c[30885]: reset a timer on igb0, state=SOLICIT, timeo=0, retrans=1091
Feb 7 05:12:29 firewall dhcp6c[30885]: Sending Solicit
Feb 7 05:12:29 firewall dhcp6c[30885]: set client ID (len 14)
Feb 7 05:12:29 firewall dhcp6c[30885]: set elapsed time (len 2)
Feb 7 05:12:29 firewall dhcp6c[30885]: set IA_PD
Feb 7 05:12:29 firewall dhcp6c[30885]: raw option 6 length 8 at 0x800a842a0
Feb 7 05:12:29 firewall dhcp6c[30885]: set option request (len 8)
Feb 7 05:12:29 firewall dhcp6c[30885]: raw option 15 length 45 at 0x800a842d0
Feb 7 05:12:29 firewall dhcp6c[30885]: set user class (len 45)
Feb 7 05:12:29 firewall dhcp6c[30885]: raw option 16 length 11 at 0x800a84300
Feb 7 05:12:29 firewall dhcp6c[30885]: set vendor class (len 11)
Feb 7 05:12:29 firewall dhcp6c[30885]: raw option 11 length 70 at 0x800a84360
Feb 7 05:12:29 firewall dhcp6c[30885]: set authentication (len 70)
Feb 7 05:12:29 firewall dhcp6c[30885]: send solicit to ff02::1:2%igb0
Feb 7 05:12:29 firewall dhcp6c[30885]: freeing op data at 0x80066d048
Feb 7 05:12:29 firewall dhcp6c[30885]: freeing op data at 0x800a84330
Feb 7 05:12:29 firewall dhcp6c[30885]: freeing op data at 0x800a5e030
Feb 7 05:12:29 firewall dhcp6c[30885]: freeing op data at 0x800a67140
Feb 7 05:12:29 firewall dhcp6c[30885]: reset a timer on igb0, state=SOLICIT, timeo=1, retrans=2083
Feb 7 05:12:30 firewall dhcpd[52624]: Internet Systems Consortium DHCP Server 4.4.2-P1
Feb 7 05:12:30 firewall dhcpd[52624]: Copyright 2004-2021 Internet Systems Consortium.
Feb 7 05:12:30 firewall dhcpd[52624]: All rights reserved.
Feb 7 05:12:30 firewall dhcpd[52624]: For info, please visit https://www.isc.org/software/dhcp/
Feb 7 05:12:30 firewall dhcpd[52624]: Config file: /etc/dhcpd.conf
Feb 7 05:12:30 firewall dhcpd[52624]: Database file: /var/db/dhcpd.leases
Feb 7 05:12:30 firewall dhcpd[52624]: PID file: /var/run/dhcpd.pid
Feb 7 05:12:30 firewall dhcpd[52624]: Internet Systems Consortium DHCP Server 4.4.2-P1
Feb 7 05:12:30 firewall dhcpd[52624]: Copyright 2004-2021 Internet Systems Consortium.
Feb 7 05:12:30 firewall dhcpd[52624]: All rights reserved.
Feb 7 05:12:30 firewall dhcpd[52624]: For info, please visit https://www.isc.org/software/dhcp/
Feb 7 05:12:30 firewall dhcpd[52624]: Wrote 0 class decls to leases file.
Feb 7 05:12:30 firewall dhcpd[52624]: Wrote 3 leases to leases file.
Feb 7 05:12:30 firewall dhcpd[52624]: Listening on BPF/igb1/00:08:a2:0b:bd:b3/192.168.0.0/24
Feb 7 05:12:30 firewall dhcpd[52624]: Sending on BPF/igb1/00:08:a2:0b:bd:b3/192.168.0.0/24
Feb 7 05:12:30 firewall dhcpd[52624]: Sending on Socket/fallback/fallback-net
Feb 7 05:12:30 firewall dhcpd[52624]: Server starting service.
Feb 7 05:12:31 firewall dhcp6c[30885]: Sending Solicit
Feb 7 05:12:31 firewall dhcp6c[30885]: set client ID (len 14)
Feb 7 05:12:31 firewall dhcp6c[30885]: set elapsed time (len 2)
Feb 7 05:12:31 firewall dhcp6c[30885]: set IA_PD
Feb 7 05:12:31 firewall dhcp6c[30885]: raw option 6 length 8 at 0x800a84360
Feb 7 05:12:31 firewall dhcp6c[30885]: set option request (len 8)
Feb 7 05:12:31 firewall dhcp6c[30885]: raw option 15 length 45 at 0x800a84300
Feb 7 05:12:31 firewall dhcp6c[30885]: set user class (len 45)
Feb 7 05:12:31 firewall dhcp6c[30885]: raw option 16 length 11 at 0x800a84330
Feb 7 05:12:31 firewall dhcp6c[30885]: set vendor class (len 11)
Feb 7 05:12:31 firewall dhcp6c[30885]: raw option 11 length 70 at 0x800a842a0
Feb 7 05:12:31 firewall dhcp6c[30885]: set authentication (len 70)
Feb 7 05:12:31 firewall dhcp6c[30885]: send solicit to ff02::1:2%igb0
Feb 7 05:12:31 firewall dhcp6c[30885]: freeing op data at 0x80066d048
Feb 7 05:12:31 firewall dhcp6c[30885]: freeing op data at 0x800a842d0
Feb 7 05:12:31 firewall dhcp6c[30885]: freeing op data at 0x800a5e040
Feb 7 05:12:31 firewall dhcp6c[30885]: freeing op data at 0x800a67190
Feb 7 05:12:31 firewall dhcp6c[30885]: reset a timer on igb0, state=SOLICIT, timeo=2, retrans=3982
Feb 7 05:12:35 firewall dhcp6c[30885]: Sending Solicit
Je suis dispo pour des essais avec la fibre pro avec des contraintes de ne pas couper les utilisateurs de mon serveurperso:D
Pascal
Remplacer la LiveBox par un routeur