[f-nsp] IPv6 neighbour discovery across an old Foundry FGS648P

Eldon Koyle ekoyle+puck.nether.net at gmail.com
Mon Oct 10 19:17:58 EDT 2016


That firmware is ancient... You would probably have better luck if you can
upgrade it...

-- 
Eldon

On Oct 10, 2016 5:02 PM, "Winston Sorfleet" <wls at romanus.ca> wrote:

> I picked up an old and out-of-support FGS648P for my basement (overkill,
> yes, but the PoE was nice for $110 CAD!  Plus I wanted to play with a
> managed switch).  Software version 04.1.00aT7e1, Feb 19 2008 vintage.
>
> I used to have IPV6 enabled on the internal network based on my ISP's
> allocated /56, which I advertise on my router's LAN interface using radvd
> (/64).  All this worked on my old, unmanaged switch.
>
> With the Foundry, I have found that non-link-local IPV6 traffic internal
> to my home network won't transit the switch, or rather, that neighbour
> discovery won't, saying that the destination was unreachable.  Link-local
> *does* transit the switch.  Swapping out the Foundry for the unmanaged
> switch, the neighbour discovery works again, so that all IPV6 traffic can
> transit; it is definitely the switch at fault.  Can anybody suggest what I
> might be able to correct?  Do I need a new software image (and, where the
> heck could I get a newer image given that I cannot even buy support if I
> wanted to)?
>
> SSH at FGS648P Switch(config)#show flash
> Compressed Pri Code size = 2864799, Version 04.1.00aT7e1 (FGS04100a.bin)
> Compressed Sec Code size = 2864799, Version 04.1.00aT7e1 (FGS04100a.bin)
> Compressed BootROM Code size = 405217, Version 04.0.00T7e5
> Code Flash Free Space = 2424832
>
> SSH at FGS648P Switch>show ipv6
> Global Settings
>   IPv6 is enabled
>   Link-local address(es):
>     fe80::212:f2ff:fe89:ef80 [Preferred]
>   Global unicast address(es):
>     2607:f2c2:f00e:b700:212:f2ff:fe89:ef80 [Preferred],  subnet is
> 2607:f2c2:f00e:b700::/64
>   Joined group address(es):
>     ff02::1:ff89:ef80
>     ff02::1
>   MTU is 1500 bytes
>   ND DAD is enabled, number of DAD attempts: 3
>   ND reachable time is 30 seconds
>   ND retransmit interval is 1 seconds
>   Current Hop Limit is 64
>   Hosts use stateless autoconfig for addresses
>   No Inbound Access List Set
>   No Outbound Access List Set
>   IPv6 Domain Name: romanus.ca
>   IPv6 DNS Server Address:
>    2607:f2c0::1
>
> I can ping the switch on it's link-local address, but not the global
> unicast that I manually assigned (out of my /64).
>
> SSH at FGS648P Switch(config)#ipv6 ?
>   access-class   Filter incoming/outgoing connections
>   access-list    Build ipv6 access lists
>   address        Assign IPv6 address to this switch router
>   dns            Set DNS properties
>   enable         Enable IPv6
>   mld-snooping   Set MLD snooping globally
>
> (There doesn't seem to be a lot I can configure here....)
>
> SSH at FGS648P Switch#debug ipv6 ?
>   address   Packet for ipv6 address
>   cache     IPv6 cache entry
>   icmp      ICMPv6
>   mld       MLD protocol activity
>   nd        Neighbor Discovery
>   packet    IPv6 packet
>   ra        Router Advertisement
>
> SSH at FGS648P Switch#show debug
> Debug message destination:  Console
> Enabling ACL log
> IPv6 Routing:
>       ipv6:  address fe80::212:f2ff:fe89:ef80 debugging is on
>       ipv6:  icmp debugging is on
>       ipv6:  nd debugging is on
>       ipv6:  ra debugging is on
>       ipv6:  packet debugging is on
>
>
> I've turned these on, but I don't know where the debug messages go to...
> if console, as implied by show debug, I see nothing even when I
> successfully ping fe80::212:f2ff:fe89:ef80
>
> _______________________________________________
> foundry-nsp mailing list
> foundry-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/foundry-nsp
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/foundry-nsp/attachments/20161010/c0b270a0/attachment.html>


More information about the foundry-nsp mailing list