Subject: kern/33423: IPF blocks IPv6 RS packets without any options
To: None <kern-bug-people@netbsd.org, gnats-admin@netbsd.org,>
From: None <martti.kuparinen@iki.fi>
List: netbsd-bugs
Date: 05/04/2006 11:45:00
>Number: 33423
>Category: kern
>Synopsis: IPF blocks IPv6 RS packets without any options
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: kern-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Thu May 04 11:45:00 +0000 2006
>Originator: Martti Kuparinen
>Release: NetBSD 3.0_STABLE
>Organization:
>Environment:
System: NetBSD p130.mydomain.com 3.0_STABLE NetBSD 3.0_STABLE (P130) #0: Fri Apr 28 07:25:35 EEST 2006 root@p130.mydomain.com:/usr/src/sys/arch/i386/compile/P130 i386
Architecture: i386
Machine: i386
>Description:
While trying to understand why our NetBSD 3.0 router fails to answer
incoming Router Solicitation (RS) messages we found out that IPF 4.1.x
is blocking some RS messages. The blocked messages are sent from unspecified
source address (::) and contain no options. The packets looks like this
(the following output is produced by ethereal):
Internet Protocol Version 6
Version: 6
Traffic class: 0x00
Flowlabel: 0x00000
Payload length: 8
Next header: ICMPv6 (0x3a)
Hop limit: 255
Source address: :: (::)
Destination address: ff02::2 (ff02::2)
Internet Control Message Protocol v6
Type: 133 (Router solicitation)
Code: 0
Checksum: 0x7bb8 [correct]
>How-To-Repeat:
Use this /etc/ipf6.conf:
pass in quick on lo0 from any to any
pass out quick on lo0 from any to any
pass in quick on pcn0 from any to any
pass out quick on pcn0 from any to any
Then send RS from unspecified source address without any options.
See how those packets are never delivered to the rtadvd daemon.
We have tested NetBSD/i386 3.0 (IPF 4.1.8) and NetBSD/i386 3.99.18
(IPF 4.1.13) and both fail.
>Fix: