NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: kern/52554: IPv6 connections not routing to default gateway

On Tue, Sep 19, 2017 at 4:20 AM,  <> wrote:
>>Number:         52554
>>Category:       kern
>>Synopsis:       IPv6 connections not routing to default gateway
>>Confidential:   no
>>Severity:       serious
>>Priority:       medium
>>Responsible:    kern-bug-people
>>State:          open
>>Class:          sw-bug
>>Submitter-Id:   net
>>Arrival-Date:   Mon Sep 18 19:20:00 +0000 2017
>>Originator:     Roy Bixler
>>Release:        8.99.2
> NetBSD localhost 8.99.2 NetBSD 8.99.2 (GENERIC) #0: Mon Sep 18 17:56:40 UTC 2017  root@localhost:/usr/src/sys/arch/amd64/compile/obj/GENERIC amd64
> Problem system has IP addresses assigned via DHCP.  IPv4 works as expected, but IPv6 connections to hosts outside the LAN hang.  The IPv6 address is assigned as expected from DHCP and the routing table looks fine as well.  The test system is in a QEMU KVM and I've verified that other operating systems (Debian and Gentoo Linux, NetBSD 7.1) don't have the IPv6 routing problem.  The issue only occurs when the guest OS is NetBSD-current or NetBSD-8.
> My test connection was to do a command like the following:
> $ telnet www
> Trying 2001:470:a085:999::80...
> and see whether it hangs.  When I do a "tcpdump" command on an affected system, I only see the outbound connection:
> 17:30:28.031786 IP6 2620:105:c000:3:60da:5ed:9c53:69cf.65531 > 2001:470:a085:999::80.http: Flags [S], seq 3456172076, win 32768, options [mss 1440,nop,wscale 3,sackOK,TS val 1 ecr 0], length 0
> 1
> There are no neighbor solicitations.  I do see router advertisements separately.  To compare, I did a "tcpdump" on a good configuration, like NetBSD 7.1, and I see a neighbor solicitation and then an advertisement in response before the outbound connection:
> 17:36:30.890177 IP6 2620:105:c000:3:9ae2:df9b:70eb:1894 > ff02::1:ffda:2df3: ICMP6, neighbor solicitation, who has fe80::ec4:7aff:feda:2df3, length 32
> 17:36:30.890609 IP6 fe80::ec4:7aff:feda:2df3 > 2620:105:c000:3:9ae2:df9b:70eb:1894: ICMP6, neighbor advertisement, tgt is fe80::ec4:7aff:feda:2df3, length 32
> 17:36:30.890744 IP6 2620:105:c000:3:9ae2:df9b:70eb:1894.65535 > 2001:470:a085:999::80.http: Flags [S], seq 3981027458, win 32768, options [mss 1440,nop,wscale 3,sackOK,nop,nop,nop,nop,TS val 1 ecr 0], length 0
> I decided to try the following change (on a slightly older version of NetBSD-current):
> net.inet6.icmp6.nd6_useloopback=0

BTW the option is broken even in netbsd-7; setting 0 to it prevents
ping6 from working (an NS packet is sent but an incoming NA isn't
handled well).

If nobody wants to keep the option, I think we should turn the option always on
and get rid of it. There is no benefit to fix and maintain a unused function.


Home | Main Index | Thread Index | Old Index