From: Stefano Brivio <sbrivio@redhat.com>
To: Tj <tj.iam.tj@proton.me>
Cc: "Íñigo Huguet" <ihuguet@redhat.com>,
"Thorsten Leemhuis" <regressions@leemhuis.info>,
"Fernando Fernandez Mancera" <fmancera@suse.de>,
"Jakub Kicinski" <kuba@kernel.org>,
netdev@vger.kernel.org, "Yumei Huang" <yuhuang@redhat.com>,
"Ido Schimmel" <idosch@idosch.org>,
"Justin Iurman" <justin.iurman@gmail.com>,
"David Ahern" <dsahern@kernel.org>,
"David Gibson" <david@gibson.dropbear.id.au>,
"Linux kernel regressions list" <regressions@lists.linux.dev>,
"Beniamino Galvani" <bgalvani@redhat.com>
Subject: Re: Problem with IPv6 privacy addresses in 7.0
Date: Fri, 29 May 2026 22:04:15 +0200 (CEST) [thread overview]
Message-ID: <20260529220415.22d0be8d@elisabeth> (raw)
In-Reply-To: <ahnaz3ppxyVHl3xB@mail.iam.tj>
On Fri, 29 May 2026 18:28:58 +0000
Tj <tj.iam.tj@proton.me> wrote:
> I believe I hit this on a router using Debian 13 with v7.0.* kernel this week that
> uses systemd-networkd to configure IPV6 RA and prefix delegation after
> moving from v6.19.*.
>
> Symptom was the router could no longer reach public IPv6 addresses
> itself but forwarding was unaffected.
>
> The ISP (Starlink) provides a /64 prefix via RA and a /56 via DHCPv6. networkd
> allocates a static suffix address from both to the WAN-side interface.
>
> I discovered after much experimentation that instead of the usual /56
> address being the source it was choosing the /64 and failing.
Do you really mean an address configured as /56, or a /64 address that
systemd-networkd derives from a /56 delegated prefix?
Because more specific addresses / longest matching prefixes (RFC 6724
Section 5., Rule 8, implemented by ipv6_get_saddr_eval()) should anyway
be preferred as source addresses, regardless of the order of insertion
of addresses with the same scope.
I'm looking into possible assumptions made by systemd-networkd in this
case. *If* this is confirmed, I also start thinking that a revert and
exporting the correct implementation as non-default using a netlink
flag would be preferable. at this point.
> Router uses policy routing so my work-around was to add a rule so the
> /64 address is added to the WAN interface's route table.
>
> [RoutingPolicyRule]
> To=::/0
> From=2a0d:3344:aaaa:bbbb::/64
> Priority=30100
> Table=starlink
>
> The WAN interface config for RA and PD is:
>
> [IPv6AcceptRA]
> UseGateway=yes
> UseDNS=no
> UseDomains=no
> Token=static:::ff
> # when RouteTable is set a table name is explicitly required in any [Route] section without a Table= of its own
> # names defined in /etc/systemd/networkd.conf.d/51-RouteTable.conf as: [Network] RouteTable=
> RouteTable=starlink
>
> [DHCPv6]
> UseAddress=no
> UseDNS=no
> UseNTP=no
> UseHostname=no
> UseDomains=no
> UseDelegatedPrefix=yes
> PrefixDelegationHint=::/56
> ## asked for in RFE https://github.com/systemd/systemd/issues/31566
> ##RouteTable=starlink
>
> [DHCPPrefixDelegation]
> Announce=false
> UplinkInterface=:self
> Assign=yes
> Token=static:::1
> SubnetId=0xff
--
Stefano
next prev parent reply other threads:[~2026-05-29 20:04 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-29 18:28 Problem with IPv6 privacy addresses in 7.0 Tj
2026-05-29 20:04 ` Stefano Brivio [this message]
2026-05-29 20:18 ` Tj
2026-06-01 8:08 ` Stefano Brivio
-- strict thread matches above, loose matches on Subject: below --
2026-05-21 13:53 Chris Adams
2026-05-27 0:57 ` Jakub Kicinski
2026-05-27 1:06 ` Chris Adams
2026-05-27 1:31 ` Jakub Kicinski
2026-05-27 21:13 ` Chris Adams
2026-05-27 21:16 ` Fernando Fernandez Mancera
2026-05-27 21:51 ` Jakub Kicinski
2026-05-27 21:51 ` Chris Adams
2026-05-27 21:59 ` Fernando Fernandez Mancera
2026-05-27 23:07 ` Jakub Kicinski
2026-05-28 5:38 ` Stefano Brivio
2026-05-28 10:46 ` Fernando Fernandez Mancera
2026-05-28 11:12 ` Stefano Brivio
2026-05-28 11:29 ` Fernando Fernandez Mancera
2026-05-28 12:29 ` Thorsten Leemhuis
2026-05-28 13:32 ` Stefano Brivio
2026-05-28 14:02 ` Thorsten Leemhuis
2026-05-28 14:15 ` Íñigo Huguet
2026-05-28 14:53 ` Stefano Brivio
2026-05-28 15:24 ` Íñigo Huguet
2026-05-28 16:01 ` Beniamino Galvani
2026-05-28 17:21 ` Stefano Brivio
2026-05-28 18:42 ` Fernando Fernandez Mancera
2026-05-28 18:50 ` Fernando Fernandez Mancera
2026-05-28 19:22 ` Stefano Brivio
2026-05-29 4:47 ` David Gibson
2026-05-29 8:40 ` Beniamino Galvani
2026-05-29 17:40 ` Stefano Brivio
2026-05-28 14:34 ` Andrew Lunn
2026-05-28 15:17 ` Stefano Brivio
2026-05-29 4:48 ` David Gibson
2026-05-29 9:42 ` Stefano Brivio
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260529220415.22d0be8d@elisabeth \
--to=sbrivio@redhat.com \
--cc=bgalvani@redhat.com \
--cc=david@gibson.dropbear.id.au \
--cc=dsahern@kernel.org \
--cc=fmancera@suse.de \
--cc=idosch@idosch.org \
--cc=ihuguet@redhat.com \
--cc=justin.iurman@gmail.com \
--cc=kuba@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=regressions@leemhuis.info \
--cc=regressions@lists.linux.dev \
--cc=tj.iam.tj@proton.me \
--cc=yuhuang@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.