[PATCH] base-files: Don't enable ULA IPv6 addresses by default in new config

Thibaut hacks at slashdirt.org
Thu Sep 8 10:51:06 PDT 2022 


> Le 8 sept. 2022 à 19:35, Michael Richardson <mcr+ietf at sandelman.ca> a écrit :
> 
> 
>>>>>> Baptiste Jonglez <git at bitsofnetworks.org> writes:
>> - there have been various bug reports [1, 2, 3] in 19.07 and 21.02
>> where ULA addresses basically break global IPv6 connectivity.  These
>> bugs have not been solved in several years, indicating a probable lack
>> of interest for ULA from the OpenWrt developer community.
> 
> Seems to be
> 
> a) a bug in MacOS.
> b) a bug reported in french, where my reading is that an he.net tunnel is
>   involved.  I don't see anything about ULAs here.
> c) a bug where a client didn't get a GUA, and not surprisingly, couldn't
>   ping the internet.
>   "so I suppose IP assignment is fine."
>   But they weren't because the router didn't assign a v6 prefix to the LAN.
> 
> Having ULAs available is critical to efforts to do HTTPS to the router.
> Please do not change this default.  

I’ve personally experienced on a linux client (running 5.18) a situation where ipv6 connectivity was lost, apparently because of foul play from ULA.

The most obvious symptom was: pinging a target ipv6 address resulted in a ping reply from the OpenWrt router’s ULA address with « Destination unreachable: Unknown code 5 », as below:

$ ping6 git.openwrt.org
PING git.openwrt.org(git-01.infra.openwrt.org (2a03:b0c0:3:d0::160e:e001)) 56 data bytes
From router.lan (fdc9:6d06:832a::1) icmp_seq=1 Destination unreachable: Unknown code 5
^C
--- git.openwrt.org ping statistics ---
1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms

A traceroute would similarly stop at the router:

$ traceroute6 git.openwrt.org
traceroute to git.openwrt.org (2a03:b0c0:3:d0::160e:e001), 30 hops max, 80 byte packets
 1  router.lan (fdc9:6d06:832a::1)  2.392 ms !<5>  2.351 ms !<5>  2.333 ms !<5>

The issue was random. The client had a GUA assigned, below is the ipv6 routing table at the time of the issue:

$ ip -6 route
2a0e:e701:11c2::/64 dev bond0 proto kernel metric 256 expires 7082sec pref medium
fdc9:6d06:832a::/64 dev bond0 proto kernel metric 256 pref medium
fe80::/64 dev bond0 proto kernel metric 256 pref medium
fe80::/64 dev bond0.10 proto kernel metric 256 pref medium
default via fe80::184f:a7ff:fe21:d230 dev bond0 proto ra metric 1024 expires 1793sec mtu 1492 hoplimit 64 pref medium

For that matter, this setup only uses SLAAC (no DHCPv6 on LAN).

Disabling ULA « fixes » this issue.

HTH
T

More information about the openwrt-devel mailing list