Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. nsp>
  3. juniper
Junos and single IPv6 link-local address per IFL
m4rtntns at gmail
Jan 22, 2019, 5:42 AM
Post #1 of 6 (867 views)
Permalink
Hi,

looks like Junos allows to have only a single IPv6 link-local address.
For example, here I tested with Junos 18.2R1.9:

root@vmx1# show | compare
[edit interfaces ge-0/0/9 unit 0 family inet6]
address fe80::206:aff:fe0e:fffa/64 { ... }
+ address fe80:1::206:aff:fe0e:fffa/64;

[edit]
root@vmx1# commit check
[edit interfaces ge-0/0/9 unit 0 family inet6]
'address fe80:1::206:aff:fe0e:fffa/64'
Link Local address exists
error: configuration check-out failed

[edit]
root@vmx1#

..or:

root@vmx1# show | compare
[edit interfaces ge-0/0/9 unit 0 family inet6]
address fe80::206:aff:fe0e:fffa/64 { ... }
+ address fe80::206:aff:fe0e:fffb/64;

[edit]
root@vmx1# commit check
[edit interfaces ge-0/0/9 unit 0 family inet6]
'address fe80::206:aff:fe0e:fffb/64'
Link Local address exists
error: configuration check-out failed

[edit]
root@vmx1#

Just out of curiosity, why there is this limitation? For example
FreeBSD 11, which Junos 18.2R1.9 is based on, does not have this
limitation:

root@FreeBSD-11:~ # ifconfig em0 inet6
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu
1500
options=209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC>
inet6 fe80::fc69:d3ff:feec:7741%em0 prefixlen 64 scopeid 0x1
inet6 fe80::fc69:d3ff:feec:7740%em0 prefixlen 64 scopeid 0x1
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
root@FreeBSD-11:~ #


thanks,
Martin
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: Junos and single IPv6 link-local address per IFL [ In reply to ]
cra at wpi
Jan 22, 2019, 6:10 AM
Post #2 of 6 (867 views)
Permalink
Link-Local addresses should be in fe80::/64, not fe80::/10. Try configuring a second one that meets this criteria, such as:

> + address fe80::206:aff:fe0e:fffb/64;

On Tue, Jan 22, 2019 at 03:42:43PM +0200, Martin T wrote:
> Hi,
>
> looks like Junos allows to have only a single IPv6 link-local address.
> For example, here I tested with Junos 18.2R1.9:
>
> root@vmx1# show | compare
> [edit interfaces ge-0/0/9 unit 0 family inet6]
> address fe80::206:aff:fe0e:fffa/64 { ... }
> + address fe80:1::206:aff:fe0e:fffa/64;
>
> [edit]
> root@vmx1# commit check
> [edit interfaces ge-0/0/9 unit 0 family inet6]
> 'address fe80:1::206:aff:fe0e:fffa/64'
> Link Local address exists
> error: configuration check-out failed
>
> [edit]
> root@vmx1#
>
> ..or:
>
> root@vmx1# show | compare
> [edit interfaces ge-0/0/9 unit 0 family inet6]
> address fe80::206:aff:fe0e:fffa/64 { ... }
> + address fe80::206:aff:fe0e:fffb/64;
>
> [edit]
> root@vmx1# commit check
> [edit interfaces ge-0/0/9 unit 0 family inet6]
> 'address fe80::206:aff:fe0e:fffb/64'
> Link Local address exists
> error: configuration check-out failed
>
> [edit]
> root@vmx1#
>
> Just out of curiosity, why there is this limitation? For example
> FreeBSD 11, which Junos 18.2R1.9 is based on, does not have this
> limitation:
>
> root@FreeBSD-11:~ # ifconfig em0 inet6
> em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu
> 1500
> options=209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC>
> inet6 fe80::fc69:d3ff:feec:7741%em0 prefixlen 64 scopeid 0x1
> inet6 fe80::fc69:d3ff:feec:7740%em0 prefixlen 64 scopeid 0x1
> nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
> root@FreeBSD-11:~ #
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: Junos and single IPv6 link-local address per IFL [ In reply to ]
ekoyle+puck.nether.net at gmail
Jan 22, 2019, 7:19 AM
Post #3 of 6 (866 views)
Permalink
He showed fe80::206:aff:fe0e:fffb/64 in his second example with the same
result.

--
Eldon

On Tue, Jan 22, 2019, 07:11 Anderson, Charles R <cra@wpi.edu wrote:

> Link-Local addresses should be in fe80::/64, not fe80::/10. Try
> configuring a second one that meets this criteria, such as:
>
> > + address fe80::206:aff:fe0e:fffb/64;
>
> On Tue, Jan 22, 2019 at 03:42:43PM +0200, Martin T wrote:
> > Hi,
> >
> > looks like Junos allows to have only a single IPv6 link-local address.
> > For example, here I tested with Junos 18.2R1.9:
> >
> > root@vmx1# show | compare
> > [edit interfaces ge-0/0/9 unit 0 family inet6]
> > address fe80::206:aff:fe0e:fffa/64 { ... }
> > + address fe80:1::206:aff:fe0e:fffa/64;
> >
> > [edit]
> > root@vmx1# commit check
> > [edit interfaces ge-0/0/9 unit 0 family inet6]
> > 'address fe80:1::206:aff:fe0e:fffa/64'
> > Link Local address exists
> > error: configuration check-out failed
> >
> > [edit]
> > root@vmx1#
> >
> > ..or:
> >
> > root@vmx1# show | compare
> > [edit interfaces ge-0/0/9 unit 0 family inet6]
> > address fe80::206:aff:fe0e:fffa/64 { ... }
> > + address fe80::206:aff:fe0e:fffb/64;
> >
> > [edit]
> > root@vmx1# commit check
> > [edit interfaces ge-0/0/9 unit 0 family inet6]
> > 'address fe80::206:aff:fe0e:fffb/64'
> > Link Local address exists
> > error: configuration check-out failed
> >
> > [edit]
> > root@vmx1#
> >
> > Just out of curiosity, why there is this limitation? For example
> > FreeBSD 11, which Junos 18.2R1.9 is based on, does not have this
> > limitation:
> >
> > root@FreeBSD-11:~ # ifconfig em0 inet6
> > em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu
> > 1500
> >
> options=209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC>
> > inet6 fe80::fc69:d3ff:feec:7741%em0 prefixlen 64 scopeid 0x1
> > inet6 fe80::fc69:d3ff:feec:7740%em0 prefixlen 64 scopeid 0x1
> > nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
> > root@FreeBSD-11:~ #
> _______________________________________________
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: Junos and single IPv6 link-local address per IFL [ In reply to ]
m4rtntns at gmail
Jan 24, 2019, 2:02 PM
Post #4 of 6 (854 views)
Permalink
Hi Charles,

> Link-Local addresses should be in fe80::/64, not fe80::/10.

As Eldon already mentioned, then I actually used /64 prefix in my
examples. However, any address from address block fe80::/10 should be
fine. The point is, that for some reason, Junos allows to have only
one link-local address per IFL.


Martin
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: Junos and single IPv6 link-local address per IFL [ In reply to ]
cra at wpi
Jan 24, 2019, 2:12 PM
Post #5 of 6 (854 views)
Permalink
On Fri, Jan 25, 2019 at 12:02:55AM +0200, Martin T wrote:
> Hi Charles,
>
> > Link-Local addresses should be in fe80::/64, not fe80::/10.
>
> As Eldon already mentioned, then I actually used /64 prefix in my
> examples. However, any address from address block fe80::/10 should be
> fine. The point is, that for some reason, Junos allows to have only
> one link-local address per IFL.

Yes, I see that Junos only allows one link-local. But I stand by my comment--you should not be creating link locals outside of fe80:0000:0000:0000::/64.

> root@vmx1# show | compare
> [edit interfaces ge-0/0/9 unit 0 family inet6]
> address fe80::206:aff:fe0e:fffa/64 { ... }
> + address fe80:1::206:aff:fe0e:fffa/64;

fe80:0001:0000:0000::/64 is not valid as a link-local address and I've run into vendors that have issues with such addresses. See RFC 4291 Section 2.5.6.
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: Junos and single IPv6 link-local address per IFL [ In reply to ]
m4rtntns at gmail
Jan 25, 2019, 1:58 AM
Post #6 of 6 (853 views)
Permalink
Hi Charles,

> fe80:0001:0000:0000::/64 is not valid as a link-local address and I've run into vendors that have issues with such addresses.

Oh, ok. I understand now what you meant. Good to know.


Martin
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal