Date: Mon, 15 Mar 2021 17:29:55 -0700 From: Doug Hardie <bc979@lafn.org> To: freebsd-net@freebsd.org Subject: Re: IPv6 Startup Message-ID: <5EDD7B95-A25C-4414-B0CA-8A245A8FA920@sermon-archive.info> In-Reply-To: <06A12556-0C24-48AD-9D1C-C04491AADAF6@sermon-archive.info> References: <06A12556-0C24-48AD-9D1C-C04491AADAF6@sermon-archive.info>
next in thread | previous in thread | raw e-mail | index | archive | help
>=20 > On 13 March 2021, at 17:03, Doug Hardie <doug@sermon-archive.info> = wrote: >=20 > I have two systems on the same ethernet. One is configured as a = router, the other as a host. rtadvd is running on the router, rtsold on = the host, and route6d on both. The router was up and running and I = initiated tcpdump of ip6 packets on the interface. Then I booted the = host. The results are interesting: >=20 > 22:26:17.963393 IP6 (hlim 255, next-header ICMPv6 (58) payload length: = 16) fe80::aa60:b6ff:fe1d:8dbc > ff02::2: [icmp6 sum ok] ICMP6, router = solicitation, length 16 > source link-address option (1), length 8 (1): = a8:60:b6:1d:8d:bc > 0x0000: 6000 0000 0010 3aff fe80 0000 0000 0000 > 0x0010: aa60 b6ff fe1d 8dbc ff02 0000 0000 0000 > 0x0020: 0000 0000 0000 0002 8500 a2b8 0000 0000 > 0x0030: 0101 a860 b61d 8dbc >=20 > 22:26:17.997455 IP6 (hlim 255, next-header ICMPv6 (58) payload length: = 56) fe80::3e18:a0ff:fe44:765b > ff02::1: [icmp6 sum ok] ICMP6, router = advertisement, length 56 > hop limit 64, Flags [none], pref medium, router lifetime 1800s, = reachable time 0ms, retrans timer 0ms > source link-address option (1), length 8 (1): = 3c:18:a0:44:76:5b > prefix info option (3), length 32 (4): fec2::/64, Flags = [onlink, auto], valid time 2592000s, pref. time 604800s > 0x0000: 6000 0000 0038 3aff fe80 0000 0000 0000 > 0x0010: 3e18 a0ff fe44 765b ff02 0000 0000 0000 > 0x0020: 0000 0000 0000 0001 8600 8356 4000 0708 > 0x0030: 0000 0000 0000 0000 0101 3c18 a044 765b > 0x0040: 0304 40c0 0027 8d00 0009 3a80 0000 0000 > 0x0050: fec2 0000 0000 0000 0000 0000 0000 0000 >=20 > 22:26:18.011402 IP6 (hlim 255, next-header ICMPv6 (58) payload length: = 32) :: > ff02::1:ff00:210: [icmp6 sum ok] ICMP6, neighbor solicitation, = length 32, who has fec2::210 > unknown option (14), length 8 (1):=20 > 0x0000: cc1a 5611 b76a > 0x0000: 6000 0000 0020 3aff 0000 0000 0000 0000 > 0x0010: 0000 0000 0000 0000 ff02 0000 0000 0000 > 0x0020: 0000 0001 ff00 0210 8700 9025 0000 0000 > 0x0030: fec2 0000 0000 0000 0000 0000 0000 0210 > 0x0040: 0e01 cc1a 5611 b76a >=20 > 22:26:18.098774 IP6 (hlim 255, next-header ICMPv6 (58) payload length: = 32) :: > ff02::1:ff1d:8dbc: [icmp6 sum ok] ICMP6, neighbor solicitation, = length 32, who has fec2::aa60:b6ff:fe1d:8dbc > unknown option (14), length 8 (1):=20 > 0x0000: c983 4557 f1d3 > 0x0000: 6000 0000 0020 3aff 0000 0000 0000 0000 > 0x0010: 0000 0000 0000 0000 ff02 0000 0000 0000 > 0x0020: 0000 0001 ff1d 8dbc 8700 f218 0000 0000 > 0x0030: fec2 0000 0000 0000 aa60 b6ff fe1d 8dbc > 0x0040: 0e01 c983 4557 f1d3 >=20 > The first packet is the host sending a router solicitation. The = second is the router responding with the advertisement with the various = routes it has. The third and fourth packets appear to be the Duplicate = Address Detection packets for the two addresses on the host. There is = no response to either. After this, a number of other packets continue = on and on. >=20 > The question is, why are the host addresses being used before DAD is = attempted? It appears there could be some really interesting problems = if the link-layer address actually was duplicated. The problems would = happen before DAD was even attempted? I reduced the configuration to the host settings: ifconfig_bge0_ipv6=3D"inet6 accept_rtadv" The router to: ifconfig_ue0_ipv6=3D"up" Ran tcpdump on the router (obviously not acting as a router) and = restarted the host. Got the following: tcpdump: listening on ue0, link-type EN10MB (Ethernet), capture size = 262144 bytes 19:05:00.048637 IP6 (hlim 1, next-header Options (0) payload length: 56) = fe80::aa60:b6ff:fe1d:8dbc > ff02::16: HBH (padn)(rtalert: 0x0000) = [icmp6 sum ok] ICMP6, multicast listener report v2, 2 group record(s) = [gaddr ff02::2:ec7d:574c to_ex, 0 source(s)] [gaddr ff02::2:ffec:7d57 = to_ex, 0 source(s)] 19:05:00.171029 IP6 (hlim 255, next-header ICMPv6 (58) payload length: = 16) fe80::aa60:b6ff:fe1d:8dbc > ff02::2: [icmp6 sum ok] ICMP6, router = solicitation, length 16 source link-address option (1), length 8 (1): = a8:60:b6:1d:8d:bc 19:05:04.198640 IP6 (hlim 255, next-header ICMPv6 (58) payload length: = 16) fe80::aa60:b6ff:fe1d:8dbc > ff02::2: [icmp6 sum ok] ICMP6, router = solicitation, length 16 source link-address option (1), length 8 (1): = a8:60:b6:1d:8d:bc 19:05:08.449844 IP6 (hlim 255, next-header ICMPv6 (58) payload length: = 16) fe80::aa60:b6ff:fe1d:8dbc > ff02::2: [icmp6 sum ok] ICMP6, router = solicitation, length 16 source link-address option (1), length 8 (1): = a8:60:b6:1d:8d:bc The first packet is a multicast listener report. However, as I = understand RFC 3590 section 3, That should have been sent using the :: = address, not the link-local address as the link-local address is still = tentative.=20 Then follows 3 packets that look like DAD. However, they also come from = the tentative link-local address. I believe they should come from :: = also, at least the first one. There is not a lot of time between the = first two. These two devices are the only ones on that LAN so nothing = is going to respond. Is this a bug in the software, or in my understanding? -- Doug=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5EDD7B95-A25C-4414-B0CA-8A245A8FA920>