IPv6 Startup

Doug Hardie bc979 at lafn.org
Sun Mar 14 02:27:31 UTC 2021 

> On 13 March 2021, at 17:03, Doug Hardie <doug at sermon-archive.info> wrote:
> 
> I have two systems on the same ethernet.  One is configured as a router, the other as a host.  rtadvd is running on the router, rtsold on the host, and route6d on both.  The router was up and running and I initiated tcpdump of ip6 packets on the interface.  Then I booted the host.  The results are interesting:
> 
> 22:26:17.963393 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 16) fe80::aa60:b6ff:fe1d:8dbc > ff02::2: [icmp6 sum ok] ICMP6, router solicitation, length 16
> 	  source link-address option (1), length 8 (1): a8:60:b6:1d:8d:bc
> 	0x0000:  6000 0000 0010 3aff fe80 0000 0000 0000
> 	0x0010:  aa60 b6ff fe1d 8dbc ff02 0000 0000 0000
> 	0x0020:  0000 0000 0000 0002 8500 a2b8 0000 0000
> 	0x0030:  0101 a860 b61d 8dbc
> 
> 22:26:17.997455 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 56) fe80::3e18:a0ff:fe44:765b > ff02::1: [icmp6 sum ok] ICMP6, router advertisement, length 56
> 	hop limit 64, Flags [none], pref medium, router lifetime 1800s, reachable time 0ms, retrans timer 0ms
> 	  source link-address option (1), length 8 (1): 3c:18:a0:44:76:5b
> 	  prefix info option (3), length 32 (4): fec2::/64, Flags [onlink, auto], valid time 2592000s, pref. time 604800s
> 	0x0000:  6000 0000 0038 3aff fe80 0000 0000 0000
> 	0x0010:  3e18 a0ff fe44 765b ff02 0000 0000 0000
> 	0x0020:  0000 0000 0000 0001 8600 8356 4000 0708
> 	0x0030:  0000 0000 0000 0000 0101 3c18 a044 765b
> 	0x0040:  0304 40c0 0027 8d00 0009 3a80 0000 0000
> 	0x0050:  fec2 0000 0000 0000 0000 0000 0000 0000
> 
> 22:26:18.011402 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 32) :: > ff02::1:ff00:210: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has fec2::210
> 	  unknown option (14), length 8 (1): 
> 	  0x0000:  cc1a 5611 b76a
> 	0x0000:  6000 0000 0020 3aff 0000 0000 0000 0000
> 	0x0010:  0000 0000 0000 0000 ff02 0000 0000 0000
> 	0x0020:  0000 0001 ff00 0210 8700 9025 0000 0000
> 	0x0030:  fec2 0000 0000 0000 0000 0000 0000 0210
> 	0x0040:  0e01 cc1a 5611 b76a
> 
> 22:26:18.098774 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 32) :: > ff02::1:ff1d:8dbc: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has fec2::aa60:b6ff:fe1d:8dbc
> 	  unknown option (14), length 8 (1): 
> 	  0x0000:  c983 4557 f1d3
> 	0x0000:  6000 0000 0020 3aff 0000 0000 0000 0000
> 	0x0010:  0000 0000 0000 0000 ff02 0000 0000 0000
> 	0x0020:  0000 0001 ff1d 8dbc 8700 f218 0000 0000
> 	0x0030:  fec2 0000 0000 0000 aa60 b6ff fe1d 8dbc
> 	0x0040:  0e01 c983 4557 f1d3
> 
> The first packet is the host sending a router solicitation.  The second is the router responding with the advertisement with the various routes it has.  The third and fourth packets appear to be the Duplicate Address Detection packets for the two addresses on the host.  There is no response to either.  After this, a number of other packets continue on and on.
> 
> The question is, why are the host addresses being used before DAD is attempted?  It appears there could be some really interesting problems if the link-layer address actually was duplicated.  The problems would happen before DAD was even attempted?


I reduced the configuration to the host settings:
ifconfig_bge0_ipv6="inet6 accept_rtadv"

The router to:
ifconfig_ue0_ipv6="up"

Ran tcpdump on the router (obviously not acting as a router) and restarted the host.  Got the following:

tcpdump: listening on ue0, link-type EN10MB (Ethernet), capture size 262144 bytes
19:05:00.048637 IP6 (hlim 1, next-header Options (0) payload length: 56) fe80::aa60:b6ff:fe1d:8dbc > ff02::16: HBH (padn)(rtalert: 0x0000)  [icmp6 sum ok] ICMP6, multicast listener report v2, 2 group record(s) [gaddr ff02::2:ec7d:574c to_ex, 0 source(s)] [gaddr ff02::2:ffec:7d57 to_ex, 0 source(s)]

19:05:00.171029 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 16) fe80::aa60:b6ff:fe1d:8dbc > ff02::2: [icmp6 sum ok] ICMP6, router solicitation, length 16
	  source link-address option (1), length 8 (1): a8:60:b6:1d:8d:bc

19:05:04.198640 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 16) fe80::aa60:b6ff:fe1d:8dbc > ff02::2: [icmp6 sum ok] ICMP6, router solicitation, length 16
	  source link-address option (1), length 8 (1): a8:60:b6:1d:8d:bc

19:05:08.449844 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 16) fe80::aa60:b6ff:fe1d:8dbc > ff02::2: [icmp6 sum ok] ICMP6, router solicitation, length 16
	  source link-address option (1), length 8 (1): a8:60:b6:1d:8d:bc

The first packet is a multicast listener report.  However, as I understand RFC 3590 section 3 <http://tools.ietf.org/html/rfc3590#section-3>, That should have been sent using the :: address, not the link-local address as the link-local address is still tentative. 

Then follows 3 packets that look like DAD.  However, they also come from the tentative link-local address.  I believe they should come from :: also, at least the first one.  There is not a lot of time between the first two.  These two devices are the only ones on that LAN so nothing is going to respond.

Is this a bug in the software, or in my understanding?

-- Doug

More information about the freebsd-net mailing list