> On 13 March 2021, at 17:03, Doug Hardie <d...@sermon-archive.info> wrote:
>
> I have two systems on the same ethernet. One is configured as a router, the
> other as a host. rtadvd is running on the router, rtsold on the host, and
> route6d on both. The router was up and running and I initiated tcpdump of
> ip6 packets on the interface. Then I booted the host. The results are
> interesting:
>
> 22:26:17.963393 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 16)
> fe80::aa60:b6ff:fe1d:8dbc > ff02::2: [icmp6 sum ok] ICMP6, router
> solicitation, length 16
> source link-address option (1), length 8 (1): a8:60:b6:1d:8d:bc
> 0x0000: 6000 0000 0010 3aff fe80 0000 0000 0000
> 0x0010: aa60 b6ff fe1d 8dbc ff02 0000 0000 0000
> 0x0020: 0000 0000 0000 0002 8500 a2b8 0000 0000
> 0x0030: 0101 a860 b61d 8dbc
>
> 22:26:17.997455 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 56)
> fe80::3e18:a0ff:fe44:765b > ff02::1: [icmp6 sum ok] ICMP6, router
> advertisement, length 56
> hop limit 64, Flags [none], pref medium, router lifetime 1800s,
> reachable time 0ms, retrans timer 0ms
> source link-address option (1), length 8 (1): 3c:18:a0:44:76:5b
> prefix info option (3), length 32 (4): fec2::/64, Flags [onlink,
> auto], valid time 2592000s, pref. time 604800s
> 0x0000: 6000 0000 0038 3aff fe80 0000 0000 0000
> 0x0010: 3e18 a0ff fe44 765b ff02 0000 0000 0000
> 0x0020: 0000 0000 0000 0001 8600 8356 4000 0708
> 0x0030: 0000 0000 0000 0000 0101 3c18 a044 765b
> 0x0040: 0304 40c0 0027 8d00 0009 3a80 0000 0000
> 0x0050: fec2 0000 0000 0000 0000 0000 0000 0000
>
> 22:26:18.011402 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 32) ::
> > ff02::1:ff00:210: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32,
> who has fec2::210
> unknown option (14), length 8 (1):
> 0x0000: cc1a 5611 b76a
> 0x0000: 6000 0000 0020 3aff 0000 0000 0000 0000
> 0x0010: 0000 0000 0000 0000 ff02 0000 0000 0000
> 0x0020: 0000 0001 ff00 0210 8700 9025 0000 0000
> 0x0030: fec2 0000 0000 0000 0000 0000 0000 0210
> 0x0040: 0e01 cc1a 5611 b76a
>
> 22:26:18.098774 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 32) ::
> > ff02::1:ff1d:8dbc: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32,
> who has fec2::aa60:b6ff:fe1d:8dbc
> unknown option (14), length 8 (1):
> 0x0000: c983 4557 f1d3
> 0x0000: 6000 0000 0020 3aff 0000 0000 0000 0000
> 0x0010: 0000 0000 0000 0000 ff02 0000 0000 0000
> 0x0020: 0000 0001 ff1d 8dbc 8700 f218 0000 0000
> 0x0030: fec2 0000 0000 0000 aa60 b6ff fe1d 8dbc
> 0x0040: 0e01 c983 4557 f1d3
>
> The first packet is the host sending a router solicitation. The second is
> the router responding with the advertisement with the various routes it has.
> The third and fourth packets appear to be the Duplicate Address Detection
> packets for the two addresses on the host. There is no response to either.
> After this, a number of other packets continue on and on.
>
> The question is, why are the host addresses being used before DAD is
> attempted? It appears there could be some really interesting problems if the
> link-layer address actually was duplicated. The problems would happen before
> DAD was even attempted?
I reduced the configuration to the host settings:
ifconfig_bge0_ipv6="inet6 accept_rtadv"
The router to:
ifconfig_ue0_ipv6="up"
Ran tcpdump on the router (obviously not acting as a router) and restarted the
host. Got the following:
tcpdump: listening on ue0, link-type EN10MB (Ethernet), capture size 262144
bytes
19:05:00.048637 IP6 (hlim 1, next-header Options (0) payload length: 56)
fe80::aa60:b6ff:fe1d:8dbc > ff02::16: HBH (padn)(rtalert: 0x0000) [icmp6 sum
ok] ICMP6, multicast listener report v2, 2 group record(s) [gaddr
ff02::2:ec7d:574c to_ex, 0 source(s)] [gaddr ff02::2:ffec:7d57 to_ex, 0
source(s)]
19:05:00.171029 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 16)
fe80::aa60:b6ff:fe1d:8dbc > ff02::2: [icmp6 sum ok] ICMP6, router solicitation,
length 16
source link-address option (1), length 8 (1): a8:60:b6:1d:8d:bc
19:05:04.198640 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 16)
fe80::aa60:b6ff:fe1d:8dbc > ff02::2: [icmp6 sum ok] ICMP6, router solicitation,
length 16
source link-address option (1), length 8 (1): a8:60:b6:1d:8d:bc
19:05:08.449844 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 16)
fe80::aa60:b6ff:fe1d:8dbc > ff02::2: [icmp6 sum ok] ICMP6, router solicitation,
length 16
source link-address option (1), length 8 (1): a8:60:b6:1d:8d:bc
The first packet is a multicast listener report. However, as I understand RFC
3590 section 3 <http://tools.ietf.org/html/rfc3590#section-3>, That should have
been sent using the :: address, not the link-local address as the link-local
address is still tentative.
Then follows 3 packets that look like DAD. However, they also come from the
tentative link-local address. I believe they should come from :: also, at
least the first one. There is not a lot of time between the first two. These
two devices are the only ones on that LAN so nothing is going to respond.
Is this a bug in the software, or in my understanding?
-- Doug
_______________________________________________
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
