CARP link-local address not responding to neighbor solicitations comming from public address
Alarig Le Lay
alarig at swordarmor.fr
Wed Jan 24 18:36:59 UTC 2018
Hi,
All the machines listed below are 11.1-RELEASE.
I have a setup with a LAN of VMs routed by two routers configured with
CARP. If I reboot a VM, the NDP for the default route is unknown:
root@:~ # ndp -n fe80::204:92:100:1%em0
Neighbor Linklayer Address Netif Expire S Flags
fe80::204:92:100:1%em0 (fe80::204:92:100:1%em0) -- no entry
So, a neighbor solicitation is send, but from the VM public IP:
19:13:50.766822 IP6 2a00:5884:8211::1 > ff02::1:ff00:1: ICMP6, neighbor solicitation, who has fe80::204:92:100:1, length 32
And my router doesn’t answer to it.
But, if I ping the default route from the VM, the neighbor solicitation
is send from the VM link-local address:
19:14:51.441884 IP6 fe80::14f8:7aff:fedf:4453 > ff02::1:ff00:1: ICMP6, neighbor solicitation, who has fe80::204:92:100:1, length 32
And then, my router answers it:
19:14:51.441920 IP6 fe80::215:17ff:fe39:f01b > fe80::14f8:7aff:fedf:4453: ICMP6, neighbor advertisement, tgt is fe80::204:92:100:1, length 32
And the VM add it in cache:
root@:~ # ping6 fe80::204:92:100:1%em0
PING6(56=40+8+8 bytes) fe80::14f8:7aff:fedf:4453%em0 --> fe80::204:92:100:1%em0
16 bytes from fe80::204:92:100:1%em0, icmp_seq=0 hlim=64 time=1.040 ms
^C
--- fe80::204:92:100:1%em0 ping6 statistics ---
1 packets transmitted, 1 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 1.040/1.040/1.040/0.000 ms
root@:~ # ndp -n fe80::204:92:100:1%em0
Neighbor Linklayer Address Netif Expire S Flags
fe80::204:92:100:1%em0 00:00:5e:00:01:02 em0 28s R R
The router is configured as follow:
root at nominoe:~ # ifconfig em1.30
em1.30: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: MacGrif
options=103<RXCSUM,TXCSUM,TSO4>
ether 00:15:17:39:f0:1b
inet 89.234.186.7 netmask 0xffffff80 broadcast 89.234.186.127
inet 80.67.190.194 netmask 0xffffffe0 broadcast 80.67.190.223
inet 89.234.186.1 netmask 0xffffffff broadcast 89.234.186.1 vhid 1
inet 80.67.190.193 netmask 0xffffffff broadcast 80.67.190.193 vhid 3
inet6 fe80::215:17ff:fe39:f01b%em1.30 prefixlen 64 scopeid 0xa
inet6 2a00:5884::1 prefixlen 64
inet6 fe80::204:92:100:1%em1.30 prefixlen 128 scopeid 0xa vhid 2
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
vlan: 30 vlanpcp: 0 parent interface: em1
carp: MASTER vhid 1 advbase 1 advskew 0
carp: MASTER vhid 2 advbase 1 advskew 0
carp: MASTER vhid 3 advbase 1 advskew 0
groups: vlan
And the VM as follow:
root@:~ # ifconfig em0
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC>
ether 16:f8:7a:df:44:53
hwaddr 16:f8:7a:df:44:53
inet 89.234.186.118 netmask 0xffffffe0 broadcast 89.234.186.127
inet6 fe80::14f8:7aff:fedf:4453%em0 prefixlen 64 scopeid 0x1
inet6 2a00:5884:8211::1 prefixlen 64
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
Both public and fe80 routes are in the kernel table:
root at nominoe:~ # route -n -6 get 2a00:5884:8211::1
route to: 2a00:5884:8211::1
destination: 2a00:5884:8211::
mask: ffff:ffff:ffff::
gateway: fe80::14f8:7aff:fedf:4453%em1.30
fib: 0
interface: em1.30
flags: <UP,GATEWAY,DONE,STATIC>
recvpipe sendpipe ssthresh rtt,msec mtu weight expire
0 0 0 0 1500 1 0
root at nominoe:~ # route -n -6 get fe80::14f8:7aff:fedf:4453%em1.30
route to: fe80::14f8:7aff:fedf:4453%em1.30
destination: fe80::%em1.30
mask: ffff:ffff:ffff:ffff::
fib: 0
interface: em1.30
flags: <UP,DONE>
recvpipe sendpipe ssthresh rtt,msec mtu weight expire
0 0 0 0 1500 1 0
Does anyone have a clue about it?
Thanks,
--
alarig
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-net/attachments/20180124/317fdc7b/attachment.sig>
More information about the freebsd-net
mailing list