From owner-freebsd-net@freebsd.org Tue Mar 16 10:55:05 2021 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 820B45A89BE for ; Tue, 16 Mar 2021 10:55:05 +0000 (UTC) (envelope-from lutz@iks-jena.de) Received: from annwfn.iks-jena.de (annwfn.iks-jena.de [IPv6:2001:4bd8::19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4F09D83xTZz3tWG for ; Tue, 16 Mar 2021 10:55:04 +0000 (UTC) (envelope-from lutz@iks-jena.de) X-SMTP-Sender: IPv6:2001:4bd8:0:666:248:54ff:fe12:ee3f Received: from belenus.iks-jena.de (belenus.iks-jena.de [IPv6:2001:4bd8:0:666:248:54ff:fe12:ee3f]) by annwfn.iks-jena.de (8.15.2/8.15.2) with ESMTPS id 12GAsiCX007415 (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 16 Mar 2021 11:54:45 +0100 X-MSA-Host: belenus.iks-jena.de Received: (from lutz@localhost) by belenus.iks-jena.de (8.14.3/8.14.1/Submit) id 12GAsiWc016040; Tue, 16 Mar 2021 11:54:44 +0100 Date: Tue, 16 Mar 2021 11:54:44 +0100 From: Lutz Donnerhacke To: Doug Hardie Cc: freebsd-net@freebsd.org Subject: Re: IPv6 Startup Message-ID: <20210316105444.GA15531@belenus.iks-jena.de> References: <06A12556-0C24-48AD-9D1C-C04491AADAF6@sermon-archive.info> <5EDD7B95-A25C-4414-B0CA-8A245A8FA920@sermon-archive.info> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <5EDD7B95-A25C-4414-B0CA-8A245A8FA920@sermon-archive.info> X-message-flag: Please send plain text messages only. Thank you. User-Agent: Mutt/1.5.17 (2007-11-01) X-Rspamd-Queue-Id: 4F09D83xTZz3tWG X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of lutz@iks-jena.de designates 2001:4bd8::19 as permitted sender) smtp.mailfrom=lutz@iks-jena.de X-Spamd-Result: default: False [-3.00 / 15.00]; RCVD_TLS_ALL(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2001:4bd8::/48]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[donnerhacke.de]; RBL_DBL_DONT_QUERY_IPS(0.00)[2001:4bd8::19:from]; SPAMHAUS_ZRD(0.00)[2001:4bd8::19:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-1.00)[-0.999]; RCPT_COUNT_TWO(0.00)[2]; FORGED_SENDER(0.30)[lutz@donnerhacke.de,lutz@iks-jena.de]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:15725, ipnet:2001:4bd8::/29, country:DE]; FROM_NEQ_ENVFROM(0.00)[lutz@donnerhacke.de,lutz@iks-jena.de]; MAILMAN_DEST(0.00)[freebsd-net]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Mar 2021 10:55:05 -0000 On Mon, Mar 15, 2021 at 05:29:55PM -0700, Doug Hardie wrote: > I reduced the configuration to the host settings: > ifconfig_bge0_ipv6="inet6 accept_rtadv" > > The router to: > ifconfig_ue0_ipv6="up" > > Ran tcpdump on the router (obviously not acting as a router) and restarted the host. Got the following: > > tcpdump: listening on ue0, link-type EN10MB (Ethernet), capture size 262144 bytes The device is using a EUI-64 link local address, which is unique by definition. Therefore no DAD is necessary, the address can be used immediatly. If you use a manually generated address, even if it has a EUI-64 form, DAD is required. DAD consists of Neighbour Solication messages. I understand your point, questioning if DAD should be done in any case or not. That's a complicated topic, which requires a lot of RFC exegesis, studying interop tests results from the IETF and IPv6 certificate organisations, and practical market dominance. > 19:05:00.048637 IP6 (hlim 1, next-header Options (0) payload length: 56) fe80::aa60:b6ff:fe1d:8dbc > ff02::16: HBH (padn)(rtalert: 0x0000) [icmp6 sum ok] ICMP6, multicast listener report v2, 2 group record(s) [gaddr ff02::2:ec7d:574c to_ex, 0 source(s)] [gaddr ff02::2:ffec:7d57 to_ex, 0 source(s)] Because IPv6 uses unicast and multicast only, the device registers itself for the necessary link local multicast groups. > 19:05:00.171029 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 16) fe80::aa60:b6ff:fe1d:8dbc > ff02::2: [icmp6 sum ok] ICMP6, router solicitation, length 16 > source link-address option (1), length 8 (1): a8:60:b6:1d:8d:bc The device will use SLAAC for address configuration, but do not want to wait for the next Router Advertisement, so it asks for an immediate response from the router. > 19:05:04.198640 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 16) fe80::aa60:b6ff:fe1d:8dbc > ff02::2: [icmp6 sum ok] ICMP6, router solicitation, length 16 > source link-address option (1), length 8 (1): a8:60:b6:1d:8d:bc No router answered, maybe the packet was lost. So the device ask again for a router in order to complete SLAAC. > 19:05:08.449844 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 16) fe80::aa60:b6ff:fe1d:8dbc > ff02::2: [icmp6 sum ok] ICMP6, router solicitation, length 16 > source link-address option (1), length 8 (1): a8:60:b6:1d:8d:bc No router answered, maybe the packet was lost. So the device ask again for a router in order to complete SLAAC.