[f-nsp] Problem with IPv6 anycast

harbor235 harbor235 at gmail.com
Thu Sep 2 14:20:35 EDT 2010


There is more .......

On Thu, Sep 2, 2010 at 2:16 PM, harbor235 <harbor235 at gmail.com> wrote:

> Good question, RFC2526 hs more meat concerning anycast reserver addresses,
> I have a couple questions too;
>
> 1) Can you allocate additional anycast addresses out of the unicast space
> other than the 127-n bits identified? (n bits = subnet prefix)
>
> 2) how does your client machine behave when a reservered anycast address is
> used?
>
       all bits of the interface identifier are set to ones except the last
7 bits which range in
       value from 0-125 (126 and 127 are reserverd or assigned)

   3) What OS was the original client machine?


harbor235 ;}

>
>
>
> On Thu, Sep 2, 2010 at 7:53 AM, Philipp Geschke <foundry-nsp at pgmail.net>wrote:
>
>> Hello,
>>
>> I seem to have issues understanding IPv6 anycast on NI MLX/XMR.
>> My understanding is, that any router that does have an IPv6 address in a
>> subnet should be listening on the Subnet-Router anycast address (RFC3513
>> section 2.6.1).
>>
>> When I configure an IPv6 unicast address on a MLX VE it shows that it
>> joins the Subnet-Router anycast address (2001:db8:f1:c:: [Anycast]):
>>
>> Interface VE 200 is up, line protocol is up
>>  [...]
>>  IPv6 is enabled, link-local address is fe80::20c:dbff:fee1:2f00
>> [Preferred]
>>  Global unicast address(es):
>>    2001:db8:f1:c::2 [Preferred],  subnet is 2001:db8:f1:c::/64
>>    2001:db8:f1:c:: [Anycast],  subnet is 2001:db8:f1:c::/64
>>    2001:db8:f1:c::1 [Anycast],  subnet is 2001:db8:f1:c::/64
>>    2001:db8:f1:c:: [Anycast],  subnet is 2001:db8:f1:c::/64
>>  Joined group address(es):
>>    ff02::1:ff00:1
>>    ff02::1:ff00:0
>>    ff02::1:ff00:2
>>    ff02::1:ffe1:2f00
>>    ff02::2
>>    ff02::1
>>  [...]
>>
>> Now when I try to ping that address from a client within the network
>> 2001:db8:f1:c::/64, I get a neighbour advertisement from the MLX
>> announcing
>> it's UNIcast address:
>>
>> 16:02:40.548719 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 32)
>> 2001:db8:f1:c::160 > ff02::1:ff00:0: [icmp6 sum ok] ICMP6, neighbor
>> solicitation, length 32, who has 2001:db8:f1:c::
>>          source link-address option (1), length 8 (1): 00:16:3e:19:16:a9
>>            0x0000:  0016 3e19 16a9
>> 16:02:40.548719 IP6 (class 0xc0, hlim 255, next-header ICMPv6 (58) payload
>> length: 32) 2001:db8:f1:c::2 > 2001:db8:f1:c::160: [icmp6 sum ok] ICMP6,
>> neighbor advertisement, length 32, tgt is 2001:db8:f1:c::2, Flags [router,
>> solicited]
>>          destination link-address option (2), length 8 (1):
>> 00:0c:db:e1:2f:00
>>            0x0000:  000c dbe1 2f00
>>
>> This causes the asking client to create an entry in its neighbour cache
>> for the routers unicast address, but not realising, that this was the
>> answer to its question, hence it keeps on sending solicitation messages
>> for
>> the anycast address.
>> In my understanding the neighbour advertisement should have the unicast
>> address as source, but should announce the anycast address.
>>
>> If I take a Linux box and enable ip6 forwarding in the kernel, it also
>> joins that very same anycast group. If I do the same test again, you can
>> see,
>> that the Linux box answers with its unicast address, announcing the
>> anycast address:
>>
>> 12:50:36.194948 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 32)
>> 2001:db8:f1:c::160 > 2001:db8:f1:c::21: [icmp6 sum ok] ICMP6, neighbor
>> advertisement, length 32, tgt is 2001:db8:f1:c::, Flags [router,
>> solicited]
>>          destination link-address option (2), length 8 (1):
>> 00:16:3e:19:16:a9
>>            0x0000:  0016 3e19 16a9
>>
>> This works and the client creates an entry in its neighbour cache for the
>> anycast address and can now communicate with the address.
>>
>> Same goes for the explicitly configured anycast address 2001:db8:f1:c::1
>> you can see in the output of the interface.
>>
>> If it matters, I do have ipv6 nd suppress-ra active on that VE.
>>
>>
>> So what does this mean, is it
>>
>> a) Me not understanding the concept of the anycast address (basicaly I
>> want to use it as a default gateway)?
>> b) A problem with my configuration (which is pretty plain for v6 right
>> now)?
>> c) A bug?
>> d) ??
>>
>> Does anyone have experience with that they are able to share?
>>
>>
>> Thanks for any hints,
>> Philipp
>>
>> _______________________________________________
>> foundry-nsp mailing list
>> foundry-nsp at puck.nether.net
>> http://puck.nether.net/mailman/listinfo/foundry-nsp
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/foundry-nsp/attachments/20100902/a7a88974/attachment.html>


More information about the foundry-nsp mailing list