[j-nsp] IPv6 '::' as source address

Jeroen Massar jeroen at unfix.org
Wed Apr 12 11:12:13 EDT 2006


On Wed, 2006-04-12 at 12:42 +0300, Pekka Savola wrote:
[..]
> While I'm at it, I'll also mention that apparently IPv6 uRPF drops 
> packets with '::' source address which hampers duplicate address 
> detection (RFC 2461).. maybe a ::/128 route should be installed on all 
> the interfaces or something to get away from this issue.

I have noticed that there is certain resolver library/code which sends
out packets using :: as the source. Thus, valid DNS packets going
outbound towards usually IPv6 root/gtld servers. I still have to do some
more investigations on this, but these packets got dropped in our very
simple reverse IPv6 checks we have on the SixXS PoPs. It looks a lot
that some kernel/resolver combo is the guilty party here. I fortunately
do know which interfaces the packets come from and some people provided
feedback on the subject but there has not been much similarities to
discover what is actually generating these packets.

Greets,
 Jeroen

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 313 bytes
Desc: This is a digitally signed message part
Url : https://puck.nether.net/pipermail/juniper-nsp/attachments/20060412/784f8e99/attachment.bin 


More information about the juniper-nsp mailing list