* Re: [Bug 64011] New: Link-local addresses are used to go outside instead of assigned IPv6 routable address
[not found] <bug-64011-16487@https.bugzilla.kernel.org/>
@ 2013-10-29 19:36 ` Hannes Frederic Sowa
0 siblings, 0 replies; only message in thread
From: Hannes Frederic Sowa @ 2013-10-29 19:36 UTC (permalink / raw)
To: luzemario; +Cc: netdev
Hi!
On Tue, Oct 29, 2013 at 01:36:37PM +0000, bugzilla-daemon@bugzilla.kernel.org wrote:
> https://bugzilla.kernel.org/show_bug.cgi?id=64011
>
> Bug ID: 64011
> Summary: Link-local addresses are used to go outside instead of
> assigned IPv6 routable address
> Product: Networking
> Version: 2.5
> Kernel Version: 3.11.6-200 and earlier
> Hardware: All
> OS: Linux
> Tree: Mainline
> Status: NEW
> Severity: high
> Priority: P1
> Component: IPV6
> Assignee: yoshfuji@linux-ipv6.org
> Reporter: luzemario@gmail.com
> Regression: No
>
> Created attachment 112651
> --> https://bugzilla.kernel.org/attachment.cgi?id=112651&action=edit
> pfSense screenshot of blocked link-local requests to outside
>
> Sometimes kernel tries to estabilish a IPv6 connection to external global
> routable addresses using [FE80::] link-local addresses, instead of using the
> learned DHCPv6 global-unicast address.
>
> In the attached screenshot, the machine got an IPv6 address in the
> [2001:1291:200::] range, and was correctly configured.
>
> Since link-local should not traverse network segments, I am getting lots of
> events in my firewall from several kernel versions of different distros (see
> attachment).
>
> At the time when the kernel attempts to use the link-local address, there is a
> small delay (around 1s) to open IPv6 pages. It appears kernel tries to reach a
> remote machine using link-local address. When it fails, the kernel uses the
> assigned global routable address.
>
> This issue was seen on several major distros, as Fedora, Ubuntu, Mageia, etc.
> yet on the distro's later updates.
Could you provide ip -6 a l, ip -6 r l, ip -6 n l and a copy of /proc/net/ipv6_route
(please check that the lines are not broken up)? The configuration of the
router advertisment daemon on your gateway would be interesting, too.
Thanks,
Hannes
^ permalink raw reply [flat|nested] only message in thread