[f-nsp] Problem with IPv6 anycast

Wido den Hollander wido at widodh.nl
Wed Dec 1 05:57:42 EST 2010 

Hi Philipp,

Thank you! I'll get in touch with Brocade and address this issue.

Regards,

Wido

On Tue, 2010-11-30 at 19:52 +0100, Philipp Geschke wrote:
> Hi Wido,
> 
> Yes, the combination of responding with Target: 2a00:f10:10a:5::2
> (2a00:f10:10a:5::2) and setting the solicited bit to 1 is a violation of
> RFC2461 Section 4.4.
> 
> I suggest you contact whoever you have a support contract for the RX with
> and ask them about it. Expect resistance, because unfortunately only few
> contractors have a good knowledge of IPv6.
> It is the same behaviour Netiron MLX/XMR shows.
> 
> 
> Regards,
> Philipp
> 
> On Tue, 30 Nov 2010 19:01:57 +0100, Wido den Hollander <wido at widodh.nl>
> wrote:
> > Hi Philipp,
> > 
> > Attached is my pcap from Wireshark.
> > 
> > My subnet is: 2a00:f10:10a:5::/64
> > 
> > RX-8 #1: 2a00:f10:010a:5::1
> > RX-8 #2: 2a00:f10:010a:5::2
> > Anycast: 2a00:f10:010a:5::3
> > 
> > My client: 2a00:f10:010a:5:0:1337:6:79
> > 
> > If you check the pcap file, it seems that the RX is responding
> > incorrect, isn't it?
> > 
> > As you can see, the ::3 address is working fine on the internet (You can
> > ping it), but not in the local network.
> > 
> > Is this a bug in RX-8?
> > 
> > Regards,
> > 
> > Wido
> > 
> > On Tue, 2010-11-30 at 18:24 +0100, Philipp Geschke wrote:
> >> Hello,
> >> 
> >> On Tue, 30 Nov 2010 15:36:20 +0100, Wido den Hollander <wido at widodh.nl>
> >> wrote:
> >> > When analyzing the traffic with Wireshark I see that the RX-8
> responds
> >> > to the ND with it's unicast address, the ::2 in this case.
> >> 
> >> Depending on what you mean this is a wrong behaviour.
> >> The router MUST respond with it's UNIcast address as source address (as
> >> anycast addresses must not be the source address of an IPv6 packet, see
> >> RFC
> >> 3513 section 2.6) but the Target field of the ICMP message MUST be the
> >> Target field of the Neighbor solicitation that prompted the
> advertisement
> >> (See RFC2461 Section 4.4). If you specified the anycast address as the
> >> gateway this should be the anycast address.
> >> 
> >> So a correct Neighbor Solicitation for an IPv6 anycast address with a
> >> Linux client that has ::10 would basically look like this:
> >> 
> >> Client: Source ::10, Target field ::3
> >> Router: Source ::2, Target field ::3
> >> 
> >> This would work with Linux, at least tested with Debian.
> >> 
> >> What NI MLX does is:
> >> 
> >> Client: Source ::10, Target field ::3
> >> Router: Source ::2, Target field ::2
> >> 
> >> This will not work and is a bug. I have opened a bug report with
> Brocade
> >> and it's a confirmed defect.
> >> 
> >> If you want, send me a pcap or tcpdump output of your Neighbor
> >> Solicitation and I will tell you what the RX does wrong.
> >> 
> >> > Strange thing is, a Windows 2k3 machine works fine with the anycast
> >> > address as it's default gateway.
> >> 
> >> I have no working knowledge of IPv6 behaviour of Windows, so I really
> >> can't tell you why it is working. :(
> >> 
> >> 
> >> Regards,
> >> Philipp
> >> 
> >> 
> >>

More information about the foundry-nsp mailing list