NetBSD-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

RE: kern/60323: IPv6 NDP issue since upgrade to 11.0_RC4

Hi

I'm not using any firewall on Linux or NetBSD, it's done by HW firewall.

I don't see such case, just FYI.

Linux: 2001:67c:21ec:1000::c/64
NetBSD: 2001:67c:21ec:1000:6e4b:90ff:fea3:6ec3/64

Linux:

inferno:~ # uname -a
Linux inferno.e-utp.net 7.0.9-1-default #1 SMP PREEMPT_DYNAMIC Sun May 17 19:37:08 UTC 2026 (9b5964b) aarch64 aarch64 aarch64 GNU/Linux
inferno:~ # ip -6 neigh show
fe80::e223:ffff:fe9f:26f dev end0 lladdr e0:23:ff:9f:02:6f router REACHABLE
2001:67c:21ec::53 dev end0 lladdr b4:96:91:29:ce:c8 STALE
2001:67c:21ec:1000:6e4b:90ff:fea3:6ec3 dev end0 lladdr b4:96:91:29:ce:c8 STALE
fe80::b696:91ff:fe29:cec8 dev end0 lladdr b4:96:91:29:ce:c8 STALE
fe80::e223:ffff:fe9f:270 dev end0 FAILED
inferno:~ # ping -c 4 devil.e-utp.net
PING devil.e-utp.net (2001:67c:21ec:1000:6e4b:90ff:fea3:6ec3) 56 data bytes
64 bytes from devil.e-utp.net (2001:67c:21ec:1000:6e4b:90ff:fea3:6ec3): icmp_seq=1 ttl=64 time=0.190 ms
64 bytes from devil.e-utp.net (2001:67c:21ec:1000:6e4b:90ff:fea3:6ec3): icmp_seq=2 ttl=64 time=0.233 ms
64 bytes from devil.e-utp.net (2001:67c:21ec:1000:6e4b:90ff:fea3:6ec3): icmp_seq=3 ttl=64 time=0.261 ms
64 bytes from devil.e-utp.net (2001:67c:21ec:1000:6e4b:90ff:fea3:6ec3): icmp_seq=4 ttl=64 time=0.241 ms

--- devil.e-utp.net ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3057ms
rtt min/avg/max/mdev = 0.190/0.231/0.261/0.025 ms
inferno:~ #

NetBSD 11.0_RC4:
[NetBSD-root@devil:~]$ uname -a
NetBSD devil.e-utp.net 11.0_RC4 NetBSD 11.0_RC4 (DEVIL) #12: Mon May 25 20:18:27 CEST 2026  root%devil.e-utp.net@localhost:/usr/obj/sys/arch/amd64/compile/DEVIL amd64
[NetBSD-root@devil:~]$ ping6 -c 4 inferno.e-utp.net
PING6(56=40+8+8 bytes) 2001:67c:21ec:1000:6e4b:90ff:fea3:6ec3 --> 2001:67c:21ec:1000::c
16 bytes from 2001:67c:21ec:1000::c, icmp_seq=0 hlim=64 time=0.331 ms
16 bytes from 2001:67c:21ec:1000::c, icmp_seq=1 hlim=64 time=0.261 ms
16 bytes from 2001:67c:21ec:1000::c, icmp_seq=2 hlim=64 time=0.288 ms
16 bytes from 2001:67c:21ec:1000::c, icmp_seq=3 hlim=64 time=0.278 ms

--- inferno.e-utp.net ping6 statistics ---
4 packets transmitted, 4 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.261/0.290/0.331/0.030 ms
[NetBSD-root@devil:~]$ ndp -an
Neighbor                                Linklayer Address  Netif Expire    S Fl
fe80::e65f:1ff:fe4b:ccf1%ixg0           e4:5f:01:4b:cc:f1   ixg0 20s       R
2001:67c:21ec:1000::c                   e4:5f:01:4b:cc:f1   ixg0 15s       R
fe80::e223:ffff:fe9f:26f%ixg0           e0:23:ff:9f:02:6f   ixg0 5s        R R
2001:67c:21ec:1000:219:e2ff:feec:41c0   e0:23:ff:9f:02:6f   ixg0 21s       R R
[NetBSD-root@devil:~]$

Thanks,

--
Marcin Gondek / Drixter
http://fido.e-utp.net/
AS56662

-----Original Message-----
From: netbsd-bugs-owner%NetBSD.org@localhost <netbsd-bugs-owner%NetBSD.org@localhost> On Behalf Of df4nx%gmx.net@localhost via gnats
Sent: Friday, June 12, 2026 9:40 AM
To: kern-bug-people%netbsd.org@localhost; gnats-admin%netbsd.org@localhost; netbsd-bugs%netbsd.org@localhost
Subject: kern/60323: IPv6 NDP issue since upgrade to 11.0_RC4

>Number:         60323
>Category:       kern
>Synopsis:       Neighbor Discovery Protocol on 11.0_RC4
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Fri Jun 12 07:40:00 +0000 2026
>Originator:     =09
>Release:        NetBSD 11.0_RC4
>Organization:
	home user
>Environment:
=09
=09
System: NetBSD at166.local 11.0_RC4 NetBSD 11.0_RC4 (GENERIC) #0: Tue May =
12 04:23:51 UTC 2026 mkrepro%mkrepro.NetBSD.org@localhost:/usr/src/sys/arch/amd64/co=
mpile/GENERIC amd64
Architecture: x86_64
Machine: amd64
>Description:
	The host runs IPv6 with a static assigned IPv6 address. Trying
	to ping6 this address from a Linux host on the LAN failes.
	ping6 from a other NetBSD or OpenBSD host on the same LAN works.
	Ping6 and connect from the internet to the static IPv6 address
	works. `tcpdump icmp6` on the Linux host on the same LAN shows
	outgoing NDP Packets, but no incoming answer.
	The problem did not occur on NetBSD 10.1.
	For test purposes I have switched off NPF, but this did not fix
	the issue.
	It looks like a problem with the Neighbor Discovery Protocol on
	11.0_RC4.
	To double check I have two other hosts without static IPv6
	address. One 10.1, the other 11.0_RC4. The 10.1 host can be
	pinged, the 11.0_RC4 not. I used the dynnamic assigned IPv6
	address. None of these two systems run NPF.
	See also this blogpost:
	https://sirius-a.neocities.org/#v6issue
>How-To-Repeat:
	I used a installed Debian 13.5, a Debian live system (13.5 XFCE)
	and a Fedora Live 44-1.7 to test on the LAN.
	Ping6 and connect from the internet with:
	https://www.ipv6tech.ch/?pingv4v6
	https://www.ipv6tech.ch/?tcpportscan
	Tests with OpenBSD are done with the FuguIta live system:
	https://fuguita.org/
>Fix:
	Work around: Running the following command on the Linux host
	(Debian 13.5) works:
	ip -6 neigh replace XXXX:XXXX:XXXX:XXXX::1 lladdr yy:yy:yy:yy:yy:yy dev e=
no1
	with XXXX is my /64 prefix and yy is my MAC.

>Unformatted:
 =09
 =09
Home | Main Index | Thread Index | Old Index