[j-nsp] Problem with IPv6 ND and NS

[John Neiberger]

I'm running into an odd problem that seems to be related to v6
neighbor discovery on an MX960 running 9.6R4. Here is a simplified
topology for explanation:

[RouterA] ---- [RouterB] ---- [Host]

The host server is connected to a switch that is connected to RouterB.
If you try to ping the host from RouterA, RouterB will check is
neighbor cache to see if it already has a link layer address for the
host. If it doesn't, it is supposed to send a neighbor solicitation.
I'm beginning to think that this is not happening. The output of "show
ipv6 neighbors" shows the state as incomplete, which you would think
means that it sent it and just didn't get a response. However, I don't
think it is even sending it.

If we instead ping from RouterB, the same process has to occur, but
this always works. The neighbor cache will be correctly populated and
pings will work. And, as expected, pings from RouterA will work now
because RouterB has the neighbor in its cache.

Have any of you run into this type of situation? it sure is starting
to look like a bug in this code where it isn't actually sending an NS
message upon the arrival of traffic destined for a neighbor not in the
cache.

I'm about to do some testing with the server owner to verify. I'm
going to have them do a packet capture on the server to see if it ever
sees the NS message.

Thanks,
John