Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. nsp>
  3. ipv6
1 2  View All
Linux and ULA support and default route
brian.e.carpenter at gmail
Oct 12, 2016, 3:51 PM
Post #1 of 38 (11131 views)
Permalink
Hi,

I've just hit a problem and I want to know if I'm missing something.

Consider a Linux host that *only* has a ULA address. I find that it
cannot send packets to any global unicast address that not in the same
/4 prefix as the ULA. But in fact it should be able to send to *any*
unicast address; ULAs are routeable, they're just not globally routeable.
This is a clear bug. It's not a problem in Windows, connected to the same
interface of the same router.

So, here's the outupt from route -A inet6. (Please ignore the fact
that the ULA prefix is lame; that's the fault of my FritzBox):

Kernel IPv6 routing table
Destination Next Hop Flag Met Ref Use If
fd00::/64 fe80::be05:43ff:fe8e:ce39 UG 600 1 12 wlp2s0
fe80::/64 :: U 256 0 0 wlp2s0
::/0 :: !n -1 1 137 lo
::1/128 :: Un 0 3 7 lo
fd00::c5bb:40f2:f3d5:94e4/128 :: Un 0 3 19 lo
fe80::9051:543a:4c9e:e93e/128 :: Un 0 2 11 lo
ff00::/8 :: U 256 2 1763 wlp2s0
::/0 :: !n -1 1 137 lo

The ULA prefix route is correctly marked as Global and points to the router.
But there is no default route to the router.

(There are two default routes marked as 'reject' on the lo (Ethernet) interface,
which is correct since it's not connected. The problem only concerns the wlp2s0
(Wi-Fi) interface.)

I can manually add the necessary default route:
ip -6 route add ::/0 via fe80::be05:43ff:fe8e:ce39 dev wlp2s0
but I shouldn't have to! Linux should have created it.

(Linux version: 4.4.0-38-generic #57-Ubuntu SMP Tue Sep 6 15:42:33 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux)

Any insights welcome!

Rgds
Brian Carpenter
Re: Linux and ULA support and default route [ In reply to ]
jeroen at massar
Oct 12, 2016, 4:16 PM
Post #2 of 38 (11118 views)
Permalink
On 2016-10-13 00:51, Brian E Carpenter wrote:
[..]
> Kernel IPv6 routing table
> Destination Next Hop Flag Met Ref Use If
> fd00::/64 fe80::be05:43ff:fe8e:ce39 UG 600 1 12 wlp2s0
> fe80::/64 :: U 256 0 0 wlp2s0
> ::/0 :: !n -1 1 137 lo
> ::1/128 :: Un 0 3 7 lo
> fd00::c5bb:40f2:f3d5:94e4/128 :: Un 0 3 19 lo
> fe80::9051:543a:4c9e:e93e/128 :: Un 0 2 11 lo
> ff00::/8 :: U 256 2 1763 wlp2s0
> ::/0 :: !n -1 1 137 lo

Do you receive those prefixes over RA or manual config?
Is forwarding enabled? What does the ra_accept sysctl say?

Also 'ip -6 ro get <prefix>' can be very useful to check where the
routing table thinks packets are supposed to go.

In general on a Linux install from the last decade or so, avoid
'netstat' and 'ifconfig' and use iproute: 'ip ro sho' or 'ip -6 ro sho',
'ip -6 addr show'

Greets,
Jeroen
Re: Linux and ULA support and default route [ In reply to ]
lorenzo at google
Oct 12, 2016, 5:05 PM
Post #3 of 38 (11115 views)
Permalink
On Wed, Oct 12, 2016 at 3:51 PM, Brian E Carpenter <
brian.e.carpenter@gmail.com> wrote:

> ::/0 :: !n -1 1 137
> lo
>

I think !n means network unreachable. Please provide the output of "ip -6
route".
Re: Linux and ULA support and default route [ In reply to ]
jeroen at massar
Oct 12, 2016, 5:18 PM
Post #4 of 38 (11114 views)
Permalink
On 2016-10-13 02:05, Lorenzo Colitti wrote:
> On Wed, Oct 12, 2016 at 3:51 PM, Brian E Carpenter
> <brian.e.carpenter@gmail.com <mailto:brian.e.carpenter@gmail.com>> wrote:
>
> ::/0 :: !n -1
> 1 137 lo
>
>
> I think !n means network unreachable. Please provide the output of "ip
> -6 route".

That is indeed the default unreachable route, basically the root node of
the prefix tree ;)

Hence indeed why one should be using 'ip -6 ro sho' to check for the
actual routes, netstat output is just odd.

If only the system was using DHCPv6 eh ;)

Greets,
Jeroen
Re: Linux and ULA support and default route [ In reply to ]
brian.e.carpenter at gmail
Oct 12, 2016, 5:30 PM
Post #5 of 38 (11114 views)
Permalink
Hi Jeroen,
On 13/10/2016 12:16, Jeroen Massar wrote:
> On 2016-10-13 00:51, Brian E Carpenter wrote:
> [..]
>> Kernel IPv6 routing table
>> Destination Next Hop Flag Met Ref Use If
>> fd00::/64 fe80::be05:43ff:fe8e:ce39 UG 600 1 12 wlp2s0
>> fe80::/64 :: U 256 0 0 wlp2s0
>> ::/0 :: !n -1 1 137 lo
>> ::1/128 :: Un 0 3 7 lo
>> fd00::c5bb:40f2:f3d5:94e4/128 :: Un 0 3 19 lo
>> fe80::9051:543a:4c9e:e93e/128 :: Un 0 2 11 lo
>> ff00::/8 :: U 256 2 1763 wlp2s0
>> ::/0 :: !n -1 1 137 lo
>
> Do you receive those prefixes over RA or manual config?

RA of course

> Is forwarding enabled?

No

> What does the ra_accept sysctl say?

accept_ra = 1

>
> Also 'ip -6 ro get <prefix>' can be very useful to check where the
> routing table thinks packets are supposed to go.

Well, once I create the default route it tells me exactly what it should,
for any global-scope address. But after reboot it says "unreachable"
for any address outside the ULA /64 (i.e. even the rest of the ULA /48
is unreachable).

It's broken, is all.

Brian


>
> In general on a Linux install from the last decade or so, avoid
> 'netstat' and 'ifconfig' and use iproute: 'ip ro sho' or 'ip -6 ro sho',
> 'ip -6 addr show'
>
> Greets,
> Jeroen
>
>
Re: Linux and ULA support and default route [ In reply to ]
lorenzo at google
Oct 12, 2016, 5:34 PM
Post #6 of 38 (11115 views)
Permalink
On Wed, Oct 12, 2016 at 5:30 PM, Brian E Carpenter <
brian.e.carpenter@gmail.com> wrote:

> It's broken, is all.
>

"ip -6 route show" or it didn't happen.
Re: Linux and ULA support and default route [ In reply to ]
brian.e.carpenter at gmail
Oct 12, 2016, 5:39 PM
Post #7 of 38 (11114 views)
Permalink
On 13/10/2016 13:05, Lorenzo Colitti wrote:
> On Wed, Oct 12, 2016 at 3:51 PM, Brian E Carpenter <
> brian.e.carpenter@gmail.com> wrote:
>
>> ::/0 :: !n -1 1 137
>> lo
>>
>
> I think !n means network unreachable.

Sure. But that's the Ethernet interface which isn't connected, so that's correct.
The problem is the complete absence of a default route for the working (WiFi)
interface.

>Please provide the output of "ip -6
> route".

It's very unenlightening. The full table from "route" is more use.
But what it says (before I install the correct default route) is

fd00::/64 via fe80::be05:43ff:fe8e:ce39 dev wlp2s0 proto ra metric 600 pref medium
fe80::/64 dev wlp2s0 proto kernel metric 256 pref medium

No default, as you can see.

Brian
Re: Linux and ULA support and default route [ In reply to ]
lorenzo at google
Oct 12, 2016, 5:47 PM
Post #8 of 38 (11114 views)
Permalink
On Wed, Oct 12, 2016 at 5:39 PM, Brian E Carpenter <
brian.e.carpenter@gmail.com> wrote:

> But what it says (before I install the correct default route) is
>
> fd00::/64 via fe80::be05:43ff:fe8e:ce39 dev wlp2s0 proto ra metric 600
> pref medium
> fe80::/64 dev wlp2s0 proto kernel metric 256 pref medium
>
> No default, as you can see.
>

Do you have a tcpdump of the RA?
Re: Linux and ULA support and default route [ In reply to ]
brian.e.carpenter at gmail
Oct 12, 2016, 6:10 PM
Post #9 of 38 (11114 views)
Permalink
On 13/10/2016 13:47, Lorenzo Colitti wrote:
> On Wed, Oct 12, 2016 at 5:39 PM, Brian E Carpenter <
> brian.e.carpenter@gmail.com> wrote:
>
>> But what it says (before I install the correct default route) is
>>
>> fd00::/64 via fe80::be05:43ff:fe8e:ce39 dev wlp2s0 proto ra metric 600
>> pref medium
>> fe80::/64 dev wlp2s0 proto kernel metric 256 pref medium
>>
>> No default, as you can see.
>>
>
> Do you have a tcpdump of the RA?

No. Any suggestions how I can catch one? Would a Wireshark capture be useful?

Brian
Re: Linux and ULA support and default route [ In reply to ]
brian.e.carpenter at gmail
Oct 12, 2016, 8:25 PM
Post #10 of 38 (11115 views)
Permalink
I'll send you the RA packet off-list.

Brian

On 13/10/2016 14:10, Brian E Carpenter wrote:
> On 13/10/2016 13:47, Lorenzo Colitti wrote:
>> On Wed, Oct 12, 2016 at 5:39 PM, Brian E Carpenter <
>> brian.e.carpenter@gmail.com> wrote:
>>
>>> But what it says (before I install the correct default route) is
>>>
>>> fd00::/64 via fe80::be05:43ff:fe8e:ce39 dev wlp2s0 proto ra metric 600
>>> pref medium
>>> fe80::/64 dev wlp2s0 proto kernel metric 256 pref medium
>>>
>>> No default, as you can see.
>>>
>>
>> Do you have a tcpdump of the RA?
>
> No. Any suggestions how I can catch one? Would a Wireshark capture be useful?
>
> Brian
>
Re: Linux and ULA support and default route [ In reply to ]
lorenzo at google
Oct 12, 2016, 8:55 PM
Post #11 of 38 (11114 views)
Permalink
The linux host is correctly not adding a default route because the RA
specifies a router lifetime of 0, likely due to RFC 7084 requirement G-4.

On Wed, Oct 12, 2016 at 8:25 PM, Brian E Carpenter <
brian.e.carpenter@gmail.com> wrote:

> I'll send you the RA packet off-list.
>
> Brian
>
> On 13/10/2016 14:10, Brian E Carpenter wrote:
> > On 13/10/2016 13:47, Lorenzo Colitti wrote:
> >> On Wed, Oct 12, 2016 at 5:39 PM, Brian E Carpenter <
> >> brian.e.carpenter@gmail.com> wrote:
> >>
> >>> But what it says (before I install the correct default route) is
> >>>
> >>> fd00::/64 via fe80::be05:43ff:fe8e:ce39 dev wlp2s0 proto ra metric
> 600
> >>> pref medium
> >>> fe80::/64 dev wlp2s0 proto kernel metric 256 pref medium
> >>>
> >>> No default, as you can see.
> >>>
> >>
> >> Do you have a tcpdump of the RA?
> >
> > No. Any suggestions how I can catch one? Would a Wireshark capture be
> useful?
> >
> > Brian
> >
>
Re: Linux and ULA support and default route [ In reply to ]
brian.e.carpenter at gmail
Oct 12, 2016, 9:16 PM
Post #12 of 38 (11114 views)
Permalink
This creates a tricky problem for homenet, I think, but I agree that my CE
is doing what that requirement says. This also creates a truly annoying
coding problem for me, which I won't go into here (except to gripe that Linux
makes it very annoying indeed to discover your own global unicast address).

Thanks
Brian

On 13/10/2016 16:55, Lorenzo Colitti wrote:
> The linux host is correctly not adding a default route because the RA
> specifies a router lifetime of 0, likely due to RFC 7084 requirement G-4.
>
> On Wed, Oct 12, 2016 at 8:25 PM, Brian E Carpenter <
> brian.e.carpenter@gmail.com> wrote:
>
>> I'll send you the RA packet off-list.
>>
>> Brian
>>
>> On 13/10/2016 14:10, Brian E Carpenter wrote:
>>> On 13/10/2016 13:47, Lorenzo Colitti wrote:
>>>> On Wed, Oct 12, 2016 at 5:39 PM, Brian E Carpenter <
>>>> brian.e.carpenter@gmail.com> wrote:
>>>>
>>>>> But what it says (before I install the correct default route) is
>>>>>
>>>>> fd00::/64 via fe80::be05:43ff:fe8e:ce39 dev wlp2s0 proto ra metric
>> 600
>>>>> pref medium
>>>>> fe80::/64 dev wlp2s0 proto kernel metric 256 pref medium
>>>>>
>>>>> No default, as you can see.
>>>>>
>>>>
>>>> Do you have a tcpdump of the RA?
>>>
>>> No. Any suggestions how I can catch one? Would a Wireshark capture be
>> useful?
>>>
>>> Brian
>>>
>>
>
Re: Linux and ULA support and default route [ In reply to ]
ek at google
Oct 12, 2016, 9:19 PM
Post #13 of 38 (11115 views)
Permalink
If the RA included an RIO (and your kernel has RIO support built in)
then you should have also seen installed a /48 for that ULA prefix.
That would be the preferable thing for homenet purposes, IMHO.

On 13 October 2016 at 13:16, Brian E Carpenter
<brian.e.carpenter@gmail.com> wrote:
> This creates a tricky problem for homenet, I think, but I agree that my CE
> is doing what that requirement says. This also creates a truly annoying
> coding problem for me, which I won't go into here (except to gripe that Linux
> makes it very annoying indeed to discover your own global unicast address).
>
> Thanks
> Brian
>
> On 13/10/2016 16:55, Lorenzo Colitti wrote:
>> The linux host is correctly not adding a default route because the RA
>> specifies a router lifetime of 0, likely due to RFC 7084 requirement G-4.
>>
>> On Wed, Oct 12, 2016 at 8:25 PM, Brian E Carpenter <
>> brian.e.carpenter@gmail.com> wrote:
>>
>>> I'll send you the RA packet off-list.
>>>
>>> Brian
>>>
>>> On 13/10/2016 14:10, Brian E Carpenter wrote:
>>>> On 13/10/2016 13:47, Lorenzo Colitti wrote:
>>>>> On Wed, Oct 12, 2016 at 5:39 PM, Brian E Carpenter <
>>>>> brian.e.carpenter@gmail.com> wrote:
>>>>>
>>>>>> But what it says (before I install the correct default route) is
>>>>>>
>>>>>> fd00::/64 via fe80::be05:43ff:fe8e:ce39 dev wlp2s0 proto ra metric
>>> 600
>>>>>> pref medium
>>>>>> fe80::/64 dev wlp2s0 proto kernel metric 256 pref medium
>>>>>>
>>>>>> No default, as you can see.
>>>>>>
>>>>>
>>>>> Do you have a tcpdump of the RA?
>>>>
>>>> No. Any suggestions how I can catch one? Would a Wireshark capture be
>>> useful?
>>>>
>>>> Brian
>>>>
>>>
>>
Re: Linux and ULA support and default route [ In reply to ]
jeroen at massar
Oct 12, 2016, 11:21 PM
Post #14 of 38 (11113 views)
Permalink
On 2016-10-13 02:30, Brian E Carpenter wrote:
> Hi Jeroen,
> On 13/10/2016 12:16, Jeroen Massar wrote:
>> On 2016-10-13 00:51, Brian E Carpenter wrote:
>> [..]
>>> Kernel IPv6 routing table
>>> Destination Next Hop Flag Met Ref Use If
>>> fd00::/64 fe80::be05:43ff:fe8e:ce39 UG 600 1 12 wlp2s0
>>> fe80::/64 :: U 256 0 0 wlp2s0
>>> ::/0 :: !n -1 1 137 lo
>>> ::1/128 :: Un 0 3 7 lo
>>> fd00::c5bb:40f2:f3d5:94e4/128 :: Un 0 3 19 lo
>>> fe80::9051:543a:4c9e:e93e/128 :: Un 0 2 11 lo
>>> ff00::/8 :: U 256 2 1763 wlp2s0
>>> ::/0 :: !n -1 1 137 lo
>>
>> Do you receive those prefixes over RA or manual config?
>
> RA of course
>
>> Is forwarding enabled?
>
> No
>
>> What does the ra_accept sysctl say?
>
> accept_ra = 1
>
>>
>> Also 'ip -6 ro get <prefix>' can be very useful to check where the
>> routing table thinks packets are supposed to go.
>
> Well, once I create the default route it tells me exactly what it should,
> for any global-scope address. But after reboot it says "unreachable"
> for any address outside the ULA /64 (i.e. even the rest of the ULA /48
> is unreachable).

RA's only install the /64 and when default announced a default.

Thus 'the rest of the ULA /48' would require a default route to be
installed to reach that...

When the device does not install a default route, there won't be an
entry for anything in that /48, just the /64 and thus that space won't
be reachable.


Btw: IMHO ULAs are in 99% of the cases the wrong thing to use anyway.
But note, this is not specific to ULA at all. (Except maybe that your
device chose to not push a default route, as there is no default route
to the Internet).

You might want to check with tcpdump with the exact details of the RA are.

Greets,
Jeroen
Re: Linux and ULA support and default route [ In reply to ]
tore at fud
Oct 13, 2016, 12:36 AM
Post #15 of 38 (11113 views)
Permalink
* Jeroen Massar <jeroen@massar.ch>

> RA's only install the /64 and when default announced a default.
>
> Thus 'the rest of the ULA /48' would require a default route to be
> installed to reach that...
>
> When the device does not install a default route, there won't be an
> entry for anything in that /48, just the /64 and thus that space won't
> be reachable.

Not if you set the accept_ra_rt_info_max_plen sysctl to >= 48 (and the
router implements RFC 7084 L-3). As far as I know, this sysctl is 0 by
default which causes the kernel to ignore RIOs.

I believe that Windows do accept RIOs by default so that's probably why
it worked for Brian. NetworkManager user-space RA processing will also
respect RIOs by default.

Tore
Re: Linux and ULA support and default route [ In reply to ]
lorenzo at google
Oct 13, 2016, 1:14 AM
Post #16 of 38 (11113 views)
Permalink
Of note is the fact that the ULA prefix being announced is the ubiquitous
fd00::/64.

Great idea, ULAs.

On Wed, Oct 12, 2016 at 9:16 PM, Brian E Carpenter <
brian.e.carpenter@gmail.com> wrote:

> This creates a tricky problem for homenet, I think, but I agree that my CE
> is doing what that requirement says. This also creates a truly annoying
> coding problem for me, which I won't go into here (except to gripe that
> Linux
> makes it very annoying indeed to discover your own global unicast address).
>
> Thanks
> Brian
>
> On 13/10/2016 16:55, Lorenzo Colitti wrote:
> > The linux host is correctly not adding a default route because the RA
> > specifies a router lifetime of 0, likely due to RFC 7084 requirement G-4.
> >
> > On Wed, Oct 12, 2016 at 8:25 PM, Brian E Carpenter <
> > brian.e.carpenter@gmail.com> wrote:
> >
> >> I'll send you the RA packet off-list.
> >>
> >> Brian
> >>
> >> On 13/10/2016 14:10, Brian E Carpenter wrote:
> >>> On 13/10/2016 13:47, Lorenzo Colitti wrote:
> >>>> On Wed, Oct 12, 2016 at 5:39 PM, Brian E Carpenter <
> >>>> brian.e.carpenter@gmail.com> wrote:
> >>>>
> >>>>> But what it says (before I install the correct default route) is
> >>>>>
> >>>>> fd00::/64 via fe80::be05:43ff:fe8e:ce39 dev wlp2s0 proto ra metric
> >> 600
> >>>>> pref medium
> >>>>> fe80::/64 dev wlp2s0 proto kernel metric 256 pref medium
> >>>>>
> >>>>> No default, as you can see.
> >>>>>
> >>>>
> >>>> Do you have a tcpdump of the RA?
> >>>
> >>> No. Any suggestions how I can catch one? Would a Wireshark capture be
> >> useful?
> >>>
> >>> Brian
> >>>
> >>
> >
>
Re: Linux and ULA support and default route [ In reply to ]
jeroen at massar
Oct 13, 2016, 1:27 AM
Post #17 of 38 (11113 views)
Permalink
On 2016-10-13 09:36, Tore Anderson wrote:
> * Jeroen Massar <jeroen@massar.ch>
>
>> RA's only install the /64 and when default announced a default.
>>
>> Thus 'the rest of the ULA /48' would require a default route to be
>> installed to reach that...
>>
>> When the device does not install a default route, there won't be an
>> entry for anything in that /48, just the /64 and thus that space won't
>> be reachable.
>
> Not if you set the accept_ra_rt_info_max_plen sysctl to >= 48 (and the
> router implements RFC 7084 L-3).

Which is why looking at the exact RA is important.

> As far as I know, this sysctl is 0 by
> default which causes the kernel to ignore RIOs.

Correct. See among st others here for reasoning:
https://patchwork.ozlabs.org/patch/331802/

and as it is default 0, unless one does already salt/puppet/etc to
change that default, it won't easily get deployed; and if one does
salt/puppet/etc then adding static routes can also work.

Much easier and better to let the actual routers decide on routing
though and not end-hosts.

> I believe that Windows do accept RIOs by default so that's probably why
> it worked for Brian. NetworkManager user-space RA processing will also
> respect RIOs by default.

Only silly people run broken software like "NetworkManager" ;)

Greets,
Jeroen
Re: Linux and ULA support and default route [ In reply to ]
brian.e.carpenter at gmail
Oct 13, 2016, 12:56 PM
Post #18 of 38 (11100 views)
Permalink
On 13/10/2016 21:14, Lorenzo Colitti wrote:
> Of note is the fact that the ULA prefix being announced is the ubiquitous
> fd00::/64.

0 is a perfectly random number, just like the ubiquitous PIN code 1234.

But yes, this a sloppy job by the FritzBox. Hopefully they've fixed this in
more recent models.

> Great idea, ULAs.

In the right circumstances, yes, actually. And actually my circumstances
yesterday were right for a ULA prefix: the ISP failed to give my CE a prefix.
Today, they gave me a prefix, and so Linux gives me a default route.

Brian

>
> On Wed, Oct 12, 2016 at 9:16 PM, Brian E Carpenter <
> brian.e.carpenter@gmail.com> wrote:
>
>> This creates a tricky problem for homenet, I think, but I agree that my CE
>> is doing what that requirement says. This also creates a truly annoying
>> coding problem for me, which I won't go into here (except to gripe that
>> Linux
>> makes it very annoying indeed to discover your own global unicast address).
>>
>> Thanks
>> Brian
>>
>> On 13/10/2016 16:55, Lorenzo Colitti wrote:
>>> The linux host is correctly not adding a default route because the RA
>>> specifies a router lifetime of 0, likely due to RFC 7084 requirement G-4.
>>>
>>> On Wed, Oct 12, 2016 at 8:25 PM, Brian E Carpenter <
>>> brian.e.carpenter@gmail.com> wrote:
>>>
>>>> I'll send you the RA packet off-list.
>>>>
>>>> Brian
>>>>
>>>> On 13/10/2016 14:10, Brian E Carpenter wrote:
>>>>> On 13/10/2016 13:47, Lorenzo Colitti wrote:
>>>>>> On Wed, Oct 12, 2016 at 5:39 PM, Brian E Carpenter <
>>>>>> brian.e.carpenter@gmail.com> wrote:
>>>>>>
>>>>>>> But what it says (before I install the correct default route) is
>>>>>>>
>>>>>>> fd00::/64 via fe80::be05:43ff:fe8e:ce39 dev wlp2s0 proto ra metric
>>>> 600
>>>>>>> pref medium
>>>>>>> fe80::/64 dev wlp2s0 proto kernel metric 256 pref medium
>>>>>>>
>>>>>>> No default, as you can see.
>>>>>>>
>>>>>>
>>>>>> Do you have a tcpdump of the RA?
>>>>>
>>>>> No. Any suggestions how I can catch one? Would a Wireshark capture be
>>>> useful?
>>>>>
>>>>> Brian
>>>>>
>>>>
>>>
>>
>
Re: Linux and ULA support and default route [ In reply to ]
thomas at cis
Oct 14, 2016, 1:07 AM
Post #19 of 38 (11076 views)
Permalink
Am 13.10.2016 um 21:56 schrieb Brian E Carpenter:
> On 13/10/2016 21:14, Lorenzo Colitti wrote:
>> Of note is the fact that the ULA prefix being announced is the ubiquitous
>> fd00::/64.
>
> 0 is a perfectly random number, just like the ubiquitous PIN code 1234.
>
> But yes, this a sloppy job by the FritzBox. Hopefully they've fixed this in
> more recent models.

It is fixed. In newer versions it is a random number and can
additionally changed manually.

Thomas




--

There’s no place like ::1

Thomas Schäfer (Systemverwaltung)
Ludwig-Maximilians-Universität
Centrum für Informations- und Sprachverarbeitung
Oettingenstraße 67 Raum C109
80538 München ☎ +49/89/2180-9706 ℻ +49/89/2180-9701
Re: Linux and ULA support and default route [ In reply to ]
Holger.Zuleger at hznet
Oct 14, 2016, 3:00 AM
Post #20 of 38 (11076 views)
Permalink
>> Great idea, ULAs.
>
> In the right circumstances, yes, actually. And actually my circumstances
> yesterday were right for a ULA prefix: the ISP failed to give my CE a prefix.
> Today, they gave me a prefix, and so Linux gives me a default route.
Hmm, what's so bad with still using the global prefix until the global
connectivity comes back and the CPE gets a new one?
Than it's early enough to set the preferred time of the former prefix to
0 and let them time out.
In this way all local communication will not be interrupted if your
Internet connection fails.

And sending the old prefix as a hint in the DHCPv6-PD reqest let a
chance open to get the same prefix again.
Then local communication will not be affected by the upstream failure at
all.

Of course the default route should *not* be withdrawn.
The RA default router announcement says just, "Hey hosts, I'm the way
out of your local subnet", and not "Hey host, I have a upstream
connection to the rest of the internet".

BR
Holger

Attached Files:

Re: Linux and ULA support and default route [ In reply to ]
thomas at cis
Oct 14, 2016, 3:20 AM
Post #21 of 38 (11075 views)
Permalink
I was wrong. Randomly set: no, manually change possible: yes.
The reason for my confusion was "::" versus ":"
Sometimes reading ipv6-addresses is hard.
Re: Linux and ULA support and default route [ In reply to ]
gert at space
Oct 14, 2016, 3:32 AM
Post #22 of 38 (11077 views)
Permalink
Hi,

On Fri, Oct 14, 2016 at 12:00:04PM +0200, Holger Zuleger wrote:
> Of course the default route should *not* be withdrawn.
> The RA default router announcement says just, "Hey hosts, I'm the way
> out of your local subnet", and not "Hey host, I have a upstream
> connection to the rest of the internet".

If the router has no default route, it should not announce one - this
is why PIO exists for more specific info.

Imagine a setup with *two* routers. One of them has broken Internet,
the other is working. How can the hosts decide if both keep announcing
themselves as "I can reach anything"?

Gert Doering
-- NetMaster
--
have you enabled IPv6 on something today...?

SpaceNet AG Vorstand: Sebastian v. Bomhard
Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann
D-80807 Muenchen HRB: 136055 (AG Muenchen)
Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279

Attached Files:

Re: Linux and ULA support and default route [ In reply to ]
otroan at employees
Oct 14, 2016, 3:43 AM
Post #23 of 38 (11076 views)
Permalink
> On 14 Oct 2016, at 12:32, Gert Doering <gert@space.net> wrote:
>
> Hi,
>
> On Fri, Oct 14, 2016 at 12:00:04PM +0200, Holger Zuleger wrote:
>> Of course the default route should *not* be withdrawn.
>> The RA default router announcement says just, "Hey hosts, I'm the way
>> out of your local subnet", and not "Hey host, I have a upstream
>> connection to the rest of the internet".
>
> If the router has no default route, it should not announce one - this
> is why PIO exists for more specific info.
>
> Imagine a setup with *two* routers. One of them has broken Internet,
> the other is working. How can the hosts decide if both keep announcing
> themselves as "I can reach anything"?

in the general case the host still has to take the 'I can reach anything' announcement with a pinch of salt.
and it should be able to try both (or more) connections and react accordingly when one fails.
the first hop router has a very limited view of the end to end path.

cheers,
Ole
Re: Linux and ULA support and default route [ In reply to ]
tore at fud
Oct 14, 2016, 4:05 AM
Post #24 of 38 (11075 views)
Permalink
* Holger Zuleger <Holger.Zuleger@hznet.de>

> Hmm, what's so bad with still using the global prefix until the global
> connectivity comes back and the CPE gets a new one?
> Than it's early enough to set the preferred time of the former prefix to
> 0 and let them time out.
> In this way all local communication will not be interrupted if your
> Internet connection fails.

If the delegated prefix changes, you'll be simply postponing the local
communication failure, not prevent it.

I've run Homewrt for over a year now and have no shortage of annoying
experiences like for instance a movie that is being streamed to my HTPC
from my NAS just suddenly freeze just because the Internet uplink have
gone down and/or the delegated prefix changes.

The last year has convinced me that the best user experience is
achieved by having an in-home stable ULA prefix to complement the
ISP-delegated global prefix[es] [if any], and that all the internal
hostnames should resolve to the IPv6 addresses assigned from the ULA
prefix.

Tore
Re: Linux and ULA support and default route [ In reply to ]
Holger.Zuleger at hznet
Oct 14, 2016, 4:51 AM
Post #25 of 38 (11074 views)
Permalink
On 14.10.2016 12:32, Gert Doering wrote:
> Hi,
>
> On Fri, Oct 14, 2016 at 12:00:04PM +0200, Holger Zuleger wrote:
>> Of course the default route should *not* be withdrawn.
>> The RA default router announcement says just, "Hey hosts, I'm the way
>> out of your local subnet", and not "Hey host, I have a upstream
>> connection to the rest of the internet".
>
> If the router has no default route, it should not announce one - this
> is why PIO exists for more specific info.
For cases where a router provides "in principle" only connectivity to a
limited set of prefixes (think of VPN connection) I'm with you.

> Imagine a setup with *two* routers. One of them has broken Internet,
> the other is working. How can the hosts decide if both keep announcing
> themselves as "I can reach anything"?
This is just a corner case if both routers have directly the upstream
connection. But then this behavior make only sense if the same prefix is
used for both upstreams, which is seldom the case in residential user
scenarios.
Otherwise you have a lot to do with source specific routing, and yes,
you are right: In this case the source specific default route for the
failed prefix should no longer announced.

Holger Zuleger

Attached Files:

1 2  View All

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal