From: Sowmini Varadhan <sowmini.varadhan@oracle.com>
To: Hannes Frederic Sowa <hannes@stressinduktion.org>
Cc: "Sowmini Varadhan" <sowmini05@gmail.com>,
"Andreas Hübner" <andreas@k4n.de>,
netdev <netdev@vger.kernel.org>,
"d. caratti" <davide.caratti@gmail.com>
Subject: Re: icmpv6: issue with routing table entries from link local addresses
Date: Mon, 12 Sep 2016 23:05:18 -0400 [thread overview]
Message-ID: <20160913030518.GA30030@oracle.com> (raw)
In-Reply-To: <e2eddc8d-ccd6-682b-265f-55242eef1762@stressinduktion.org>
On (09/13/16 04:42), Hannes Frederic Sowa wrote:
> > But a couple of unexpected things I noticed in linux: the link-local
> > prefix should have a prefixlen of /10 according to
> > http://www.iana.org/assignments/ipv6-address-space/ipv6-address-space.xhtml
> > but "ip -6 route show" lists this as a /64..
>
> The link local subnet is still specified to be a /64 as the other parts
> of the address must be 0. Legally we probably could blackhole them.
> https://tools.ietf.org/html/rfc4291#section-2.5.6
A bit of a gray area. 4291 does not specify this as MBZ, and IANA
registration is a /10. Both Solaris and BSD use /10. And while fec0
is deprecated, I suppose some similar thing could come up in the
future. ymmv.
> We don't have urpf checks for ipv6, those are implemented in netfilter
> only. This could very well be a firewall issue or something like that.
yes, I know that (no rp_filter check for ipv6), and thats why I said it
may be some similar variant. What tripped me up is that onlink prefixes
(which are multipath routes in that they have the same dst, mask, metric)
are not treated as part of the typical IP_ROUTE_MULTIPATH in many places
in the code because the fib_nhs data-structures do not get set up.
(thus, e.g., one ipoib config I was looking at recently, which
had multiple ports connected to the same IB switch, and had the same
onlink prefix on these ports, would not load-spread across all ports
until I explicitly did the 'ip route change' to tell the kernel to
ecmp that prefix).
Lets see what Andreas reports..
--Sowmini
next prev parent reply other threads:[~2016-09-13 3:05 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-09-12 14:27 icmpv6: issue with routing table entries from link local addresses Andreas Hübner
2016-09-12 17:26 ` Hannes Frederic Sowa
2016-09-12 19:17 ` David Ahern
2016-09-13 9:22 ` Andreas Hübner
2016-09-13 11:59 ` Andreas Hübner
2016-09-13 2:03 ` Sowmini Varadhan
2016-09-13 2:42 ` Hannes Frederic Sowa
2016-09-13 3:05 ` Sowmini Varadhan [this message]
2016-09-13 3:01 ` YOSHIFUJI Hideaki
2016-09-13 6:35 ` Andreas Hübner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160913030518.GA30030@oracle.com \
--to=sowmini.varadhan@oracle.com \
--cc=andreas@k4n.de \
--cc=davide.caratti@gmail.com \
--cc=hannes@stressinduktion.org \
--cc=netdev@vger.kernel.org \
--cc=sowmini05@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox