operational reasons to disable IPv6 link-level on some interfaces

[Michael Richardson <mcr%sandelman.ca@localhost>]

I have a machine at a colo running NetBSD-5.1. 
It is a utility machine, doing many routing things that can't be done by
expensive hardware assisted systems...  I am about to use it to build an
IPv6-in-v4 tunnel to he.net, because Cogent and he.net can't get along.

I have dual connections to two switches, and I have vlan tags:

vr0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        address: 00:40:63:e2:0b:04
        media: Ethernet autoselect (100baseTX full-duplex)
        status: active
vr1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        address: 00:40:63:e2:0a:8c
        media: Ethernet autoselect (100baseTX full-duplex)
        status: active

agr0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        agrport: vr0, flags=0x3<COLLECTING,DISTRIBUTING>
        agrport: vr1, flags=0x3<COLLECTING,DISTRIBUTING>
        address: 00:40:63:e2:0b:04
        inet 123.123.99.123 netmask 0xffffffc0 broadcast 123.123.11.123
        inet6 fe80::240:63ff:fee2:b04%agr0 prefixlen 64 scopeid 0x5

vlan82: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1496
        vlan: 82 parent: agr0
        address: 00:40:63:e2:0b:04
        inet 11.222.33.444 netmask 0xffffffe0 broadcast 11.222.33.255
        inet6 fe80::240:63ff:fee2:b04%vlan82 prefixlen 64 scopeid 0x6
        inet6 2001:abc:efg:82::251 prefixlen 64

When I look at the network, I see:

rtr3-[~] root 6 #tcpdump -v -e -i agr0 -n -p 
  (btw: without -p, the NetBSD-5.1-rc2 sometimes crashed)

15:37:02.715610 00:40:63:e2:0b:04 > 33:33:ff:00:02:54, ethertype 802.1Q 
(0x8100), length 90: vlan 82, p 0, ethertype IPv6, (hlim 255, next-header: 
ICMPv6 (58), length: 32) 2001:abc:efg:82::251 > ff02::1:ff00:254: [icmp6 sum 
ok] ICMP6, neighbor solicitation, length 32, who has 2001:abc:efg:82::254
          source link-address option (1), length 8 (1): 00:40:63:e2:0b:04

15:37:02.715925 00:24:38:ef:20:81 > 00:40:63:e2:0b:04, ethertype IPv6 (0x86dd), 
length 86: (class 0xc0, hlim 255, next-header: ICMPv6 (58), length: 32) 
2001:abc:efg:82::254 > 2001:abc:efg:82::251: [icmp6 sum ok] ICMP6, neighbor 
advertisement, length 32, tgt is 2001:abc:efg:82::254, Flags [router, 
solicited, override]
          destination link-address option (2), length 8 (1): 00:24:38:ef:20:81

(addresses changed to protect the guilty)

Notice how it comes in on vlan82, but goes out without a vlan82 tag.
The two interfaces, which technically are in seperate broadcast domains,
have the same mac-address by default.  I could try changing that.

What I think is happening is that the outgoing NA is going out with the
wrong ifindex on it, or I don't know.  

I THINK that if I could turn off IPv6 on agr0, then the problem would go
away.

-- 
]       He who is tired of Weird Al is tired of life!           |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] mcr%sandelman.ottawa.on.ca@localhost http://www.sandelman.ottawa.on.ca/ 
|device driver[
   Kyoto Plus: watch the video <http://www.youtube.com/watch?v=kzx1ycLXQSE>
                       then sign the petition.