Effectivement, par rapport aux règles ip6tables, il me manquait la DSCP 48 sur ICMPv6 et DHCPv6. Je les ai rajoutées avec:
ip6tables -t mangle -A POSTROUTING -o wan -p ipv6-icmp -j DSCP --set-dscp 48
ip6tables -t mangle -A POSTROUTING -o wan -p udp -m udp --sport 68 --dport 67 -j DSCP --set-dscp 48
Mais pas de réponse sur le DHCP non plus.
Voilà ce que me sort tshark quand j'écoute sur l'interface SFP:
4 trames:
ICMPv6 143
DHCPv6 SOLICIT
DHCPv4 SOLICIT
ICMPv6 133
VLAN 832, COS 6, DSCP 48. Pas de réponse.
{
"_index": "packets-2024-10-20",
"_type": "doc",
"_score": null,
"_source": {
"layers": {
"frame": {
"frame.section_number": "1",
"frame.interface_id": "0",
"frame.interface_id_tree": {
"frame.interface_name": "eth0"
},
"frame.encap_type": "1",
"frame.time": "Oct 20, 2024 21:57:28.073391600 CEST",
"frame.time_utc": "Oct 20, 2024 19:57:28.073391600 UTC",
"frame.time_epoch": "1729454248.073391600",
"frame.offset_shift": "0.000000000",
"frame.time_delta": "0.000028640",
"frame.time_delta_displayed": "0.000028640",
"frame.time_relative": "0.197895880",
"frame.number": "4",
"frame.len": "288",
"frame.cap_len": "288",
"frame.marked": "0",
"frame.ignored": "0",
"frame.protocols": "eth:ethertype:vlan:ethertype:ipv6:udp:dhcpv6"
},
"eth": {
"eth.dst": "33:33:00:01:00:02",
"eth.dst_tree": {
"eth.dst_resolved": "IPv6mcast_01:00:02",
"eth.dst.oui": "3355392",
"eth.dst.lg": "1",
"eth.dst.ig": "1",
"eth.addr": "33:33:00:01:00:02",
"eth.addr_resolved": "IPv6mcast_01:00:02",
"eth.addr.oui": "3355392",
"eth.lg": "1",
"eth.ig": "1"
},
"eth.src": "xx:xx:xx:xx:xx:xx",
"eth.src_tree": {
"eth.src_resolved": "SagemcomBroa_af:ac:f0",
"eth.src.oui": "4510804",
"eth.src.oui_resolved": "Sagemcom Broadband SAS",
"eth.src.lg": "0",
"eth.src.ig": "0",
"eth.addr": "xx:xx:xx:xx:xx:xx",
"eth.addr_resolved": "SagemcomBroa_af:ac:f0",
"eth.addr.oui": "4510804",
"eth.addr.oui_resolved": "Sagemcom Broadband SAS",
"eth.lg": "0",
"eth.ig": "0"
},
"eth.type": "0x8100",
"eth.stream": "1"
},
"vlan": {
"vlan.priority": "6",
"vlan.dei": "0",
"vlan.id": "832",
"vlan.etype": "0x86dd"
},
"ipv6": {
"ipv6.version": "6",
"ip.version": "6",
"ipv6.tclass": "0x000000c0",
"ipv6.tclass_tree": {
"ipv6.tclass.dscp": "48",
"ipv6.tclass.ecn": "0"
},
"ipv6.flow": "0x0dd792",
"ipv6.plen": "230",
"ipv6.nxt": "17",
"ipv6.hlim": "1",
"ipv6.src": "fe80::xxxx:xxxx:xxxx:xxxx",
"ipv6.src_tree": {
"ipv6.src_addr_space": "Link-Local Unicast",
"ipv6.src_special_purpose": "Link-Local Unicast",
"ipv6.src_special_purpose_tree": {
"ipv6.src_special_purpose_source": "1",
"ipv6.src_special_purpose_destination": "1",
"ipv6.src_special_purpose_forwardable": "0",
"ipv6.src_special_purpose_global": "0",
"ipv6.src_special_purpose_reserved": "1"
}
},
"ipv6.addr": "fe80::xxxx:xxxx:xxxx:xxxx",
"ipv6.addr_tree": {
"ipv6.addr_space": "Link-Local Unicast",
"ipv6.addr_special_purpose": "Link-Local Unicast",
"ipv6.addr_special_purpose_tree": {
"ipv6.addr_special_purpose_source": "1",
"ipv6.addr_special_purpose_destination": "1",
"ipv6.addr_special_purpose_forwardable": "0",
"ipv6.addr_special_purpose_global": "0",
"ipv6.addr_special_purpose_reserved": "1"
}
},
"ipv6.src_host": "fe80::xxxx:xxxx:xxxx:xxxx",
"ipv6.host": "fe80::xxxx:xxxx:xxxx:xxxx",
"ipv6.dst": "ff02::1:2",
"ipv6.dst_tree": {
"ipv6.dst_addr_space": "Multicast",
"ipv6.dst_multicast_flags": "0x0000",
"ipv6.dst_multicast_flags_tree": {
"ipv6.dst_multicast_flags.reserved": "0",
"ipv6.dst_multicast_flags.embed_rp": "0",
"ipv6.dst_multicast_flags.network_prefix": "0",
"ipv6.dst_multicast_flags.transient": "0"
},
"ipv6.dst_multicast_scope": "0x0002"
},
"ipv6.addr": "ff02::1:2",
"ipv6.addr_tree": {
"ipv6.addr_space": "Multicast",
"ipv6.multicast_flags": "0x0000",
"ipv6.multicast_flags_tree": {
"ipv6.multicast_flags.reserved": "0",
"ipv6.multicast_flags.embed_rp": "0",
"ipv6.multicast_flags.network_prefix": "0",
"ipv6.multicast_flags.transient": "0"
},
"ipv6.multicast_scope": "0x0002"
},
"ipv6.dst_host": "ff02::1:2",
"ipv6.host": "ff02::1:2",
"ipv6.src_slaac_mac": "xx:xx:xx:xx:xx:xx",
"ipv6.slaac_mac": "xx:xx:xx:xx:xx:xx",
"ipv6.stream": "1"
},
"udp": {
"udp.srcport": "546",
"udp.dstport": "547",
"udp.port": "546",
"udp.port": "547",
"udp.length": "230",
"udp.checksum": "0x45f2",
"udp.checksum.status": "2",
"udp.stream": "0",
"udp.stream.pnum": "1",
"Timestamps": {
"udp.time_relative": "0.000000000",
"udp.time_delta": "0.000000000"
},
"udp.payload": "01:e7:85:b3:00:03:00:0c:32:5a:30:c5:00:00:00:00:00:00:00:00:00:19:00:0c:32:5a:30:c5:00:00:00:00:00:00:00:00:00:27:00:10:01:0e:63:6c:65:61:72:66:6f:67:2d:67:74:2d:38:6b:00:0f:00:2d:00:2b:46:53:56:44:53:4c:5f:6c:69:76:65:62:6f:78:2e:49:6e:74:65:72:6e:65:74:2e:73:6f:66:74:61:74:68:6f:6d:65:2e:4c:69:76:65:62:6f:78:36:00:06:00:04:00:52:00:67:00:01:00:0a:00:03:00:01:xx:xx:xx:xx:xx:xx:00:0b:00:46:AUTH_BINARY:00:10:00:0b:00:00:04:0e:00:05:73:61:67:65:6d:00:08:00:02:00:00"
},
"dhcpv6": {
"dhcpv6.msgtype": "1",
"dhcpv6.xid": "0xe785b3",
"dhcpv6.option.type_str": "Identity Association for Non-temporary Address",
"dhcpv6.option.type_str_tree": {
"dhcpv6.option.type": "3",
"dhcpv6.option.length": "12",
"dhcpv6.iaid": "325a30c5",
"dhcpv6.iaid.t1": "0",
"dhcpv6.iaid.t2": "0"
},
"dhcpv6.option.type_str": "Identity Association for Prefix Delegation",
"dhcpv6.option.type_str_tree": {
"dhcpv6.option.type": "25",
"dhcpv6.option.length": "12",
"dhcpv6.iaid": "325a30c5",
"dhcpv6.iaid.t1": "0",
"dhcpv6.iaid.t2": "0"
},
"dhcpv6.option.type_str": "Client Fully Qualified Domain Name",
"dhcpv6.option.type_str_tree": {
"dhcpv6.option.type": "39",
"dhcpv6.option.length": "16",
"dhcpv6.client_fqdn_flags": "0x01",
"dhcpv6.client_fqdn_flags_tree": {
"dhcpv6.clientfqdn.client.n": "0",
"dhcpv6.clientfqdn.client.s": "1"
},
"dhcpv6.client_domain": "clearfog-gt-8k"
},
"dhcpv6.option.type_str": "User Class",
"dhcpv6.option.type_str_tree": {
"dhcpv6.option.type": "15",
"dhcpv6.option.length": "45",
"User Class suboption": {
"dhcpv6.userclass.length": "43",
"dhcpv6.userclass.opaque_data": "46:53:56:44:53:4c:5f:6c:69:76:65:62:6f:78:2e:49:6e:74:65:72:6e:65:74:2e:73:6f:66:74:61:74:68:6f:6d:65:2e:4c:69:76:65:62:6f:78:36"
}
},
"dhcpv6.option.type_str": "Option Request",
"dhcpv6.option.type_str_tree": {
"dhcpv6.option.type": "6",
"dhcpv6.option.length": "4",
"dhcpv6.requested_option_code": "82",
"dhcpv6.requested_option_code": "103"
},
"dhcpv6.option.type_str": "Client Identifier",
"dhcpv6.option.type_str_tree": {
"dhcpv6.option.type": "1",
"dhcpv6.option.length": "10",
"dhcpv6.duid.bytes": "00:03:00:01:xx:xx:xx:xx:xx:xx",
"dhcpv6.duid.type": "3",
"dhcpv6.duidll.hwtype": "1",
"dhcpv6.duidll.link_layer_addr": "xx:xx:xx:xx:xx:xx",
"dhcpv6.duidll.link_layer_addr_ether": "xx:xx:xx:xx:xx:xx"
},
"dhcpv6.option.type_str": "Authentication",
"dhcpv6.option.type_str_tree": {
"dhcpv6.option.type": "11",
"dhcpv6.option.length": "70",
"dhcpv6.auth.protocol": "0",
"dhcpv6.auth.algorithm": "0",
"dhcpv6.auth.rdm": "0",
"dhcpv6.auth.replay_detection": "00:00:00:00:00:00:00:00",
"dhcpv6.auth.info": "1a:09:00:00:05:58:01:03:41:01:0d:66:74:69:2f:76:70:66:68:76:74:33:3c:12:36:35:31:31:32:30:39:39:39:39:37:33:36:32:31:30:03:13:41:8f:00:72:37:96:76:a7:da:74:27:d9:99:16:71:d3:4f"
},
"dhcpv6.option.type_str": "Vendor Class",
"dhcpv6.option.type_str_tree": {
"dhcpv6.option.type": "16",
"dhcpv6.option.length": "11",
"dhcpv6.vendorclass.enterprise": "1038",
"dhcpv6.vendorclass.data": "sagem"
},
"dhcpv6.option.type_str": "Elapsed time",
"dhcpv6.option.type_str_tree": {
"dhcpv6.option.type": "8",
"dhcpv6.option.length": "2",
"dhcpv6.elapsed_time": "0"
}
}
}
}
},
{
"_index": "packets-2024-10-20",
"_type": "doc",
"_score": null,
"_source": {
"layers": {
"frame": {
"frame.section_number": "1",
"frame.interface_id": "0",
"frame.interface_id_tree": {
"frame.interface_name": "eth0"
},
"frame.encap_type": "1",
"frame.time": "Oct 20, 2024 21:57:28.073475560 CEST",
"frame.time_utc": "Oct 20, 2024 19:57:28.073475560 UTC",
"frame.time_epoch": "1729454248.073475560",
"frame.offset_shift": "0.000000000",
"frame.time_delta": "0.000083960",
"frame.time_delta_displayed": "0.000083960",
"frame.time_relative": "0.197979840",
"frame.number": "5",
"frame.len": "441",
"frame.cap_len": "441",
"frame.marked": "0",
"frame.ignored": "0",
"frame.protocols": "eth:ethertype:vlan:ethertype:ip:udp:dhcp"
},
"eth": {
"eth.dst": "ff:ff:ff:ff:ff:ff",
"eth.dst_tree": {
"eth.dst_resolved": "Broadcast",
"eth.dst.oui": "16777215",
"eth.dst.lg": "1",
"eth.dst.ig": "1",
"eth.addr": "ff:ff:ff:ff:ff:ff",
"eth.addr_resolved": "Broadcast",
"eth.addr.oui": "16777215",
"eth.lg": "1",
"eth.ig": "1"
},
"eth.src": "xx:xx:xx:xx:xx:xx",
"eth.src_tree": {
"eth.src_resolved": "SagemcomBroa_af:ac:f0",
"eth.src.oui": "4510804",
"eth.src.oui_resolved": "Sagemcom Broadband SAS",
"eth.src.lg": "0",
"eth.src.ig": "0",
"eth.addr": "xx:xx:xx:xx:xx:xx",
"eth.addr_resolved": "SagemcomBroa_af:ac:f0",
"eth.addr.oui": "4510804",
"eth.addr.oui_resolved": "Sagemcom Broadband SAS",
"eth.lg": "0",
"eth.ig": "0"
},
"eth.type": "0x8100",
"eth.stream": "2"
},
"vlan": {
"vlan.priority": "6",
"vlan.dei": "0",
"vlan.id": "832",
"vlan.etype": "0x0800"
},
"ip": {
"ip.version": "4",
"ip.hdr_len": "20",
"ip.dsfield": "0xc0",
"ip.dsfield_tree": {
"ip.dsfield.dscp": "48",
"ip.dsfield.ecn": "0"
},
"ip.len": "423",
"ip.id": "0x0000",
"ip.flags": "0x00",
"ip.flags_tree": {
"ip.flags.rb": "0",
"ip.flags.df": "0",
"ip.flags.mf": "0"
},
"ip.frag_offset": "0",
"ip.ttl": "64",
"ip.proto": "17",
"ip.checksum": "0x7887",
"ip.checksum.status": "2",
"ip.src": "0.0.0.0",
"ip.addr": "0.0.0.0",
"ip.src_host": "0.0.0.0",
"ip.host": "0.0.0.0",
"ip.dst": "255.255.255.255",
"ip.addr": "255.255.255.255",
"ip.dst_host": "255.255.255.255",
"ip.host": "255.255.255.255",
"ip.stream": "0"
},
"udp": {
"udp.srcport": "68",
"udp.dstport": "67",
"udp.port": "68",
"udp.port": "67",
"udp.length": "403",
"udp.checksum": "0xf790",
"udp.checksum.status": "2",
"udp.stream": "1",
"udp.stream.pnum": "1",
"Timestamps": {
"udp.time_relative": "0.000000000",
"udp.time_delta": "0.000000000"
},
"udp.payload": "01:01:06:00:4c:57:70:55:00:01:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:xx:xx:xx:xx:xx:xx:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:63:82:53:63:35:01:01:3d:07:01:xx:xx:xx:xx:xx:xx:37:09:01:03:06:0c:0f:21:72:78:79:39:02:05:c0:50:00:3c:05:73:61:67:65:6d:4d:2c:2b:46:53:56:44:53:4c:5f:6c:69:76:65:62:6f:78:2e:49:6e:74:65:72:6e:65:74:2e:73:6f:66:74:61:74:68:6f:6d:65:2e:4c:69:76:65:62:6f:78:36:5a:46:AUTH_BINARY:ff"
},
"dhcp": {
"dhcp.type": "1",
"dhcp.hw.type": "0x01",
"dhcp.hw.len": "6",
"dhcp.hops": "0",
"dhcp.id": "0x4c577055",
"dhcp.secs": "1",
"dhcp.flags": "0x0000",
"dhcp.flags_tree": {
"dhcp.flags.bc": "0",
"dhcp.flags.reserved": "0x0000"
},
"dhcp.ip.client": "0.0.0.0",
"dhcp.ip.your": "0.0.0.0",
"dhcp.ip.server": "0.0.0.0",
"dhcp.ip.relay": "0.0.0.0",
"dhcp.hw.mac_addr": "xx:xx:xx:xx:xx:xx",
"dhcp.hw.addr_padding": "00:00:00:00:00:00:00:00:00:00",
"dhcp.server": "",
"dhcp.file": "",
"dhcp.cookie": "99.130.83.99",
"dhcp.option.type": "53",
"dhcp.option.type_tree": {
"dhcp.option.length": "1",
"dhcp.option.value": "01",
"dhcp.option.dhcp": "1"
},
"dhcp.option.type": "61",
"dhcp.option.type_tree": {
"dhcp.option.length": "7",
"dhcp.option.value": "01:xx:xx:xx:xx:xx:xx",
"dhcp.hw.type": "0x01",
"dhcp.hw.mac_addr": "xx:xx:xx:xx:xx:xx"
},
"dhcp.option.type": "55",
"dhcp.option.type_tree": {
"dhcp.option.length": "9",
"dhcp.option.value": "01:03:06:0c:0f:21:72:78:79",
"dhcp.option.request_list_item": "1",
"dhcp.option.request_list_item": "3",
"dhcp.option.request_list_item": "6",
"dhcp.option.request_list_item": "12",
"dhcp.option.request_list_item": "15",
"dhcp.option.request_list_item": "33",
"dhcp.option.request_list_item": "114",
"dhcp.option.request_list_item": "120",
"dhcp.option.request_list_item": "121"
},
"dhcp.option.type": "57",
"dhcp.option.type_tree": {
"dhcp.option.length": "2",
"dhcp.option.value": "05:c0",
"dhcp.option.dhcp_max_message_size": "1472"
},
"dhcp.option.type": "80",
"dhcp.option.type_tree": {
"dhcp.option.length": "0",
"dhcp.option.value": ""
},
"dhcp.option.type": "60",
"dhcp.option.type_tree": {
"dhcp.option.length": "5",
"dhcp.option.value": "73:61:67:65:6d",
"dhcp.option.vendor_class_id": "sagem"
},
"dhcp.option.type": "77",
"dhcp.option.type_tree": {
"dhcp.option.length": "44",
"dhcp.option.value": "2b:46:53:56:44:53:4c:5f:6c:69:76:65:62:6f:78:2e:49:6e:74:65:72:6e:65:74:2e:73:6f:66:74:61:74:68:6f:6d:65:2e:4c:69:76:65:62:6f:78:36",
"dhcp.option.user_class": "0",
"dhcp.option.user_class_tree": {
"dhcp.option.user_class.length": "43",
"dhcp.option.user_class.data": "46:53:56:44:53:4c:5f:6c:69:76:65:62:6f:78:2e:49:6e:74:65:72:6e:65:74:2e:73:6f:66:74:61:74:68:6f:6d:65:2e:4c:69:76:65:62:6f:78:36"
}
},
"dhcp.option.type": "90",
"dhcp.option.type_tree": {
"dhcp.option.length": "70",
"dhcp.option.value": "AUTH_BINARY",
"dhcp.option.dhcp_authentication.protocol": "0",
"dhcp.option.dhcp_authentication.algorithm": "0",
"dhcp.option.dhcp_authentication.rdm": "0",
"dhcp.option.dhcp_authentication.rdm_replay_detection": "0x0000000000000000",
"dhcp.option.dhcp_authentication.information": "\u001a\t"
},
"dhcp.option.type": "0",
"dhcp.option.type_tree": {
"dhcp.option.end": "255"
}
}
}
}
},
Remplacer la LiveBox par un routeur