[j-nsp] DHCPv6 client on SRX210 - IPv6 forwarding breaks at lease expiration
Chris Woodfield
rekoil at semihuman.com
Sat Aug 1 12:28:50 EDT 2015
TL;DR: IPv6 forwarding breaks when my DHCPv6 client lease expires, even though CLI output claims it’s been renewed.
I have an SRX210 as my home gateway, running 12.1X46-D35.1. This is running dual stack to Comcast, receiving a /56 DHCPv6 delegation and RA’ing a /64 to my home LAN.
I’ve noticed that after the 4-day lease time expires, I can no longer route IPv6; my outbound trace routes break at the device, like so:
admin at CAW-SRX210-HOME> traceroute 2a03:2880:2130:cf05:face:b00c::1
traceroute6 to 2a03:2880:2130:cf05:face:b00c::1 (2a03:2880:2130:cf05:face:b00c:0:1) from 2001:558:600a:5a:38f8:139:bba0:e7bb, 64 hops max, 12 byte packets
traceroute: sendto: No route to host
1 traceroute6: wrote 2a03:2880:2130:cf05:face:b00c::1 12 chars, ret=-1
^C
This is true despite a default ::/0 route in table going to the right place (confirmed via "show route table inet6" and “show ipv6 nd” to verify route->link address->MAC association.
The fix is apparently to clear and renew the DHCPv6 client binding, via "clear dhcpv6 client binding interface <int>” then
"request system dhcvp6 client renew interface <int>”. IPv6 packets immediately start flowing again :)
I’ve confirmed (via "show dhcpv6 client binding") bindings are identical before and after the clear/renew, as well as the next-hop for ::/0.
This clearly seems buggy to me; has anyone else noticed this issue? Anyone know if this is a known issue (or even better, fixed in 12.1X47 or 12.3X48 releases)? Any additional diags I should run next Wednesday morning when this happens again?
Thanks,
-Chris
More information about the juniper-nsp
mailing list