[f-nsp] IPv6 neighbour discovery across an old Foundry FGS648P

Winston Sorfleet wls at romanus.ca
Mon Oct 10 19:01:33 EDT 2016 

I picked up an old and out-of-support FGS648P for my basement (overkill,
yes, but the PoE was nice for $110 CAD!  Plus I wanted to play with a
managed switch).  Software version 04.1.00aT7e1, Feb 19 2008 vintage.

I used to have IPV6 enabled on the internal network based on my ISP's
allocated /56, which I advertise on my router's LAN interface using
radvd (/64).  All this worked on my old, unmanaged switch.

With the Foundry, I have found that non-link-local IPV6 traffic internal
to my home network won't transit the switch, or rather, that neighbour
discovery won't, saying that the destination was unreachable. 
Link-local /does/ transit the switch.  Swapping out the Foundry for the
unmanaged switch, the neighbour discovery works again, so that all IPV6
traffic can transit; it is definitely the switch at fault.  Can anybody
suggest what I might be able to correct?  Do I need a new software image
(and, where the heck could I get a newer image given that I cannot even
buy support if I wanted to)?

SSH at FGS648P Switch(config)#show flash  
Compressed Pri Code size = 2864799, Version 04.1.00aT7e1 (FGS04100a.bin)
Compressed Sec Code size = 2864799, Version 04.1.00aT7e1 (FGS04100a.bin)
Compressed BootROM Code size = 405217, Version 04.0.00T7e5
Code Flash Free Space = 2424832

SSH at FGS648P Switch>show ipv6
Global Settings
  IPv6 is enabled
  Link-local address(es):
    fe80::212:f2ff:fe89:ef80 [Preferred]
  Global unicast address(es):
    2607:f2c2:f00e:b700:212:f2ff:fe89:ef80 [Preferred],  subnet is
2607:f2c2:f00e:b700::/64
  Joined group address(es):
    ff02::1:ff89:ef80
    ff02::1
  MTU is 1500 bytes
  ND DAD is enabled, number of DAD attempts: 3
  ND reachable time is 30 seconds
  ND retransmit interval is 1 seconds
  Current Hop Limit is 64
  Hosts use stateless autoconfig for addresses
  No Inbound Access List Set
  No Outbound Access List Set
  IPv6 Domain Name: romanus.ca
  IPv6 DNS Server Address:
   2607:f2c0::1

I can ping the switch on it's link-local address, but not the global
unicast that I manually assigned (out of my /64).

SSH at FGS648P Switch(config)#ipv6 ?
  access-class   Filter incoming/outgoing connections
  access-list    Build ipv6 access lists
  address        Assign IPv6 address to this switch router
  dns            Set DNS properties
  enable         Enable IPv6
  mld-snooping   Set MLD snooping globally

(There doesn't seem to be a lot I can configure here....)

SSH at FGS648P Switch#debug ipv6 ?
  address   Packet for ipv6 address
  cache     IPv6 cache entry
  icmp      ICMPv6
  mld       MLD protocol activity
  nd        Neighbor Discovery
  packet    IPv6 packet
  ra        Router Advertisement

SSH at FGS648P Switch#show debug
Debug message destination:  Console
Enabling ACL log
IPv6 Routing:
      ipv6:  address fe80::212:f2ff:fe89:ef80 debugging is on
      ipv6:  icmp debugging is on
      ipv6:  nd debugging is on
      ipv6:  ra debugging is on
      ipv6:  packet debugging is on


I've turned these on, but I don't know where the debug messages go to...
if console, as implied by show debug, I see nothing even when I
successfully ping fe80::212:f2ff:fe89:ef80
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/foundry-nsp/attachments/20161010/bdaab8fe/attachment.html>

More information about the foundry-nsp mailing list