Date: Thu, 7 Apr 2022 16:22:47 -0500 From: William Carson <freebsd@dsllsn.net> To: freebsd-net@freebsd.org Subject: IPv6 system not responding to Neighbor Solicitation Message-ID: <CB3E819B-1C30-4183-94C3-D9931F4E022F@dsllsn.net>
next in thread | raw e-mail | index | archive | help
Hello, recently after enabling ipv6_privacy in /etc/rc.conf and =
rebooting, I've been unable to get IPv6 connectivity to work in a hosted =
environment. (I don't know if this is a red herring or not.) I've tried =
disabling it, and even after rebooting, it still doesn't work. (Doesn't =
work meaning: I'm unable to ping6 hosts on the Internet that are =
reachable, e.g. ipv6.google.com.) I confirmed ipv6_privacy is actually =
disabled:
# sysctl -a | grep tempaddr
net.inet6.ip6.use_tempaddr: 0
net.inet6.ip6.prefer_tempaddr: 0
If I boot into a Linux environment (the provider has a Rescue mode), I'm =
able to reach IPv6 just fine. Furthermore, if I then reboot back into =
FreeBSD 13.0-RELEASE-p10 it will work for around ~5 minutes and then =
connections time out.
Given the behavior and based on some tcpdumps, it looks like my system =
is not responding to the upstream router's Neighbor Solicitation =
messages. If I boot into Linux, it respond to the NS messages, the =
router caches the MAC address, and IPv6 works. If I'm fast enough and =
reboot into FreeBSD, IPv6 works until the the entry expires, and then I =
just see this:
13:24:58.901780 IP6 2600:3c00::f03c:91ff:feb0:a56f > =
2605:6400:10:968:22:da15:28a6:c800: ICMP6, echo request, seq 40, length =
16
13:24:59.277713 IP6 2600:3c00::8678:acff:fe1c:ec41 > ff02::1:ffb0:a56f: =
ICMP6, neighbor solicitation, who has 2600:3c00::f03c:91ff:feb0:a56f, =
length 32
13:24:59.277799 IP6 2600:3c00::8678:acff:fe1c:ec41 > ff02::1:ffb0:a56f: =
ICMP6, neighbor solicitation, who has 2600:3c00::f03c:91ff:feb0:a56f, =
length 32
3 packets, the echo request, then two NS requests, and no response -- =
and then it just repeats.=20
I confirmed b0:a5:6f is the Device ID part of my MAC:=20
# ifconfig em0
em0: flags=3D8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu =
1500
=
options=3D481209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MA=
GIC,VLAN_HWFILTER,NOMAP>
ether f2:3c:91:b0:a5:6f <---
inet6 fe80::f03c:91ff:feb0:a56f%em0 prefixlen 64 scopeid 0x1
inet6 2600:3c00::f03c:91ff:feb0:a56f prefixlen 64 autoconf
inet6 2600:3c00:e000:137::1 prefixlen 128
inet6 2600:3c00:e000:137::1:1 prefixlen 128
inet6 2600:3c00:e000:137::2:1 prefixlen 128
inet6 2600:3c00:e000:137::3:1 prefixlen 128
inet6 2600:3c00:e000:137:cafe:8a2e:370:7334 prefixlen 128
inet 96.126.127.161 netmask 0xffffff00 broadcast =
96.126.127.255
inet 173.255.203.45 netmask 0xffffffff broadcast =
173.255.203.45
inet 96.126.122.129 netmask 0xffffffff broadcast =
96.126.122.129
inet 50.116.26.213 netmask 0xffffffff broadcast 50.116.26.213
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
nd6 =
options=3D8023<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL,DEFAULTIF>
Therefore the Solicited-node multicast address ff02::1:ffb0:a56f looks =
to be correct. I've also confirmed the router's address is within the =
assigned SLAAC network (Router: 2600:3c00::8678:acff:fe1c:ec41, SLAAC =
address: 2600:3c00::f03c:91ff:feb0:a56f/64).Furthermore, the multicast =
address does show up in `ifmcstat`:
# ifmcstat
em0:
inet6 fe80::f03c:91ff:feb0:a56f%em0 scopeid 0x1
mldv2 flags=3D2<USEALLOW> rv 2 qi 125 qri 10 uri 3
group ff02::1:ff70:7334%em0 scopeid 0x1 mode exclude
mcast-macaddr 33:33:ff:70:73:34
group ff02::1:ff03:1%em0 scopeid 0x1 mode exclude
mcast-macaddr 33:33:ff:03:00:01
group ff02::1:ff02:1%em0 scopeid 0x1 mode exclude
mcast-macaddr 33:33:ff:02:00:01
group ff02::1:ff01:1%em0 scopeid 0x1 mode exclude
mcast-macaddr 33:33:ff:01:00:01
group ff02::1:ff00:1%em0 scopeid 0x1 mode exclude
mcast-macaddr 33:33:ff:00:00:01
inet 96.126.127.161
igmpv3 rv 2 qi 125 qri 10 uri 3
group 224.0.0.1 mode exclude
mcast-macaddr 01:00:5e:00:00:01
inet6 fe80::f03c:91ff:feb0:a56f%em0 scopeid 0x1
mldv2 flags=3D2<USEALLOW> rv 2 qi 125 qri 10 uri 3
group ff01::1%em0 scopeid 0x1 mode exclude
mcast-macaddr 33:33:00:00:00:01
group ff02::2:bdc6:c84d%em0 scopeid 0x1 mode exclude
mcast-macaddr 33:33:bd:c6:c8:4d
group ff02::2:ffbd:c6c8%em0 scopeid 0x1 mode exclude
mcast-macaddr 33:33:ff:bd:c6:c8
group ff02::1%em0 scopeid 0x1 mode exclude
mcast-macaddr 33:33:00:00:00:01
group ff02::1:ffb0:a56f%em0 scopeid 0x1 mode exclude =
<---
mcast-macaddr 33:33:ff:b0:a5:6f
I can even ping the address and it replies!
# ping6 ff02::1:ffb0:a56f
PING6(56=3D40+8+8 bytes) fe80::f03c:91ff:feb0:a56f%em0 --> =
ff02::1:ffb0:a56f
16 bytes from fe80::f03c:91ff:feb0:a56f%em0, icmp_seq=3D0 hlim=3D64 =
time=3D0.451 ms
16 bytes from fe80::f03c:91ff:feb0:a56f%em0, icmp_seq=3D1 hlim=3D64 =
time=3D0.446 ms
16 bytes from fe80::f03c:91ff:feb0:a56f%em0, icmp_seq=3D2 hlim=3D64 =
time=3D0.618 ms
^C
Does anyone have any thoughts why it's not responding to the Neighbor =
Solicitation messages? I've been troubleshooting this for a few days now =
and can't figure it out. I also tried booting kernel.old (which I think =
is -p8 or -p9), but it made no difference. I've tried with and without =
pf enabled -- again, no difference.
I don't know if this is useful, but I validated routes are being =
discovered:
# ndp -na
Neighbor Linklayer Address Netif Expire =
S Flags
2600:3c00:e000:137::1:1 f2:3c:91:b0:a5:6f em0 =
permanent R
2600:3c00:e000:137::1 f2:3c:91:b0:a5:6f em0 =
permanent R
fe80::1%em0 00:05:73:a0:0f:ff em0 =
23h56m36s S R <---
2600:3c00:e000:137::3:1 f2:3c:91:b0:a5:6f em0 =
permanent R
2600:3c00:e000:137::2:1 f2:3c:91:b0:a5:6f em0 =
permanent R
2600:3c00::f03c:91ff:feb0:a56f f2:3c:91:b0:a5:6f em0 =
permanent R
fe80::f03c:91ff:feb0:a56f%em0 f2:3c:91:b0:a5:6f em0 =
permanent R
fe80::8678:acff:fe1c:ec41%em0 84:78:ac:1c:ec:41 em0 23h49m7s =
S R <---
2600:3c00:e000:137:cafe:8a2e:370:7334 f2:3c:91:b0:a5:6f em0 =
permanent R
# netstat -nr6
Routing tables
Internet6:
Destination Gateway Flags =
Netif Expire
::/96 ::1 UGRS =
lo0
default fe80::1%em0 UG =
em0 <---
::1 link#2 UHS =
lo0
::ffff:0.0.0.0/96 ::1 UGRS =
lo0
2600:3c00::f03c:91ff:feb0:a56f link#1 UHS =
lo0
2600:3c00:e000:137::1 link#1 UHS =
lo0
2600:3c00:e000:137::1:1 link#1 UHS =
lo0
2600:3c00:e000:137::2:1 link#1 UHS =
lo0
2600:3c00:e000:137::3:1 link#1 UHS =
lo0
2600:3c00:e000:137:cafe:8a2e:370:7334 link#1 UHS =
lo0
fe80::/10 ::1 UGRS =
lo0
fe80::%em0/64 link#1 U =
em0
fe80::f03c:91ff:feb0:a56f%em0 link#1 UHS =
lo0
fe80::%lo0/64 link#2 U =
lo0
fe80::1%lo0 link#2 UHS =
lo0
ff02::/16 ::1 UGRS =
lo0
And here's the IPv6 part in my rc.conf:
# ipv6
rtsold_enable=3D"YES"
rtsold_flags=3D"-aF"
#ipv6_activate_all_interfaces=3D"YES"
ipv6_network_interfaces=3D"em0"
ipv6_default_interface=3D"em0"
ifconfig_em0_ipv6=3D"inet6 accept_rtadv"
ifconfig_em0_aliases=3D"\
inet6 2600:3c00:e000:0137::0:1/128 \
inet6 2600:3c00:e000:0137::1:1/128 \
inet6 2600:3c00:e000:0137::2:1/128 \
inet6 2600:3c00:e000:0137::3:1/128 \
inet6 2600:3c00:e000:0137:cafe:8a2e:0370:7334/128"
I'm at a complete loss. Any help troubleshooting this would be greatly =
appreciated.
Sincerely,
--wcarson=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CB3E819B-1C30-4183-94C3-D9931F4E022F>