Hey guys, I’m a bit stumped and are hoping for some helpful pointers.
I have two machines both running a recent 11-stable (SuperMicro X11SSH-F with a
E3-1240v6); each one is connected to one Ethernet switch through igb0, and
back-to-back connected to the other box through igb1. igb1 only has IPv4 RFC
1918 addresses configured.
To make it easier to give bhyve VMs a public IP, igb0 is added as a member to
brigde0, and all addresses are configured on bridge0. The hosts run a small
number of jails with addresses on bridge0 as well.
Whenever IPv6 is active on bridge0, my ISPs router (which is some version of
Quagga running on Linux) keeps filling up it’s routing table within minutes;
then traffic stops, the routing table is cleared and the normal set of entries
is installed, and traffic resumes. This pattern then repeats. The router
apparent has has full table with ~46000 routes normally, but within minutes,
the Linux kernel routing table gets filled up with multiple copies of that. I
believe that is is likely a problem with Quagga on Linux, and ultimately has to
be resolved there, but the question lingers what my two systems could be
sending that could trigger this.
The ISP and I have looked at NDP config, tcpdumps of NDP, and general IPv6
config, but we cannot identify why Quagga or the Linux kernel would behave that
way. Other FreeBSD boxes connected to the same router (but different IPv6
/64s) do not trigger this behaviour.
My systems are not really loaded, and traffic is light. One box gets about 50
packet/s, the other about 400 (this one is in the NTP pool, and running a DNS
server).
I’ve tried switching off NUD, but that doesn’t change the behaviour of the
Quagga system.
Here’s some output of the current configuration:
# ifconfig igb0; ifconfig bridge0
igb0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu
1500
options=6403bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,VLAN_HWTSO,RXCSUM_IPV6,TXCSUM_IPV6>
ether ac:1f:6b:18:xx:6e
hwaddr ac:1f:6b:18:xx:6e
inet6 fe80::ae1f:6bff:fexx:66e%igb0 prefixlen 64 tentative scopeid 0x1
nd6 options=8<IFDISABLED>
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: vm-bridge0
ether 02:3c:9f:37:xx:00
inet 212.12.xx.225 netmask 0xffffffe0 broadcast 212.12.xx.255
inet 212.12.xx.226 netmask 0xffffffff broadcast 212.12.xx.226
inet 212.12.xx.253 netmask 0xffffffff broadcast 212.12.xx.253
inet 212.12.xx.229 netmask 0xffffffff broadcast 212.12.xx.229
inet6 fe80::3c:9fff:fe37:xx00%bridge0 prefixlen 64 scopeid 0x7
inet6 2a00:14b0:4200:32xx::1e1 prefixlen 64
inet6 2a00:14b0:4200:32xx::1e2 prefixlen 128
inet6 2a00:14b0:4200:32xx::1fd prefixlen 128
inet6 2a00:14b0:4200:32xx::1e5 prefixlen 128
nd6 options=8020<AUTO_LINKLOCAL,DEFAULTIF>
groups: bridge
id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
member: igb0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 1 priority 128 path cost 2000000
# ndp -an
Neighbor Linklayer Address Netif Expire S Flags
2a00:14b0:4200:32xx::1e1 02:3c:9f:37:xx:00 bridge0 permanent R
2a00:14b0:4200:32xx::1 00:50:56:a1:xx:b5 bridge0 23h59m58s S R
2a00:14b0:4200:32xx::1e2 02:3c:9f:37:xx:00 bridge0 permanent R
2a00:14b0:4200:32xx::1e5 02:3c:9f:37:xx:00 bridge0 permanent R
2a00:14b0:4200:32xx::1e7 02:5a:1d:92:xx:00 bridge0 23h59m16s S
2a00:14b0:4200:32xx::1e8 02:5a:1d:92:xx:00 bridge0 23h59m2s S
2a00:14b0:4200:32xx::1eb 02:5a:1d:92:xx:00 bridge0 23h55m7s S
2a00:14b0:4200:32xx::1ea 02:5a:1d:92:xx:00 bridge0 23h2m24s S
fe80::3c:9fff:fe37:2500%bridge0 02:3c:9f:37:xx:00 bridge0 permanent R
fe80::250:56ff:fea1:dfb5%bridge0 00:50:56:a1:xx:b5 bridge0 23h59m57s S R
2a00:14b0:4200:32e0::1fd 02:3c:9f:37:xx:00 bridge0 permanent R
fe80::ae1f:6bff:fe18:xx6f%igb1 ac:1f:6b:18:xx:6f igb1 permanent R
fe80::ae1f:6bff:fe18:xx6e%igb0 ac:1f:6b:18:xx:6e igb0 permanent R
# ndp -i bridge0
linkmtu=0, maxmtu=0, curhlim=64, basereachable=30s0ms, reachable=32s,
retrans=1s0ms
Flags: auto_linklocal
Stefan
--
Stefan Bethke <s...@lassitu.de> Fon +49 151 14070811
signature.asc
Description: Message signed with OpenPGP
