[PATCH] base-files: Don't enable ULA IPv6 addresses by default in new config
Thibaut
hacks at slashdirt.org
Thu Sep 8 10:51:06 PDT 2022
> Le 8 sept. 2022 à 19:35, Michael Richardson <mcr+ietf at sandelman.ca> a écrit :
>
>
>>>>>> Baptiste Jonglez <git at bitsofnetworks.org> writes:
>> - there have been various bug reports [1, 2, 3] in 19.07 and 21.02
>> where ULA addresses basically break global IPv6 connectivity. These
>> bugs have not been solved in several years, indicating a probable lack
>> of interest for ULA from the OpenWrt developer community.
>
> Seems to be
>
> a) a bug in MacOS.
> b) a bug reported in french, where my reading is that an he.net tunnel is
> involved. I don't see anything about ULAs here.
> c) a bug where a client didn't get a GUA, and not surprisingly, couldn't
> ping the internet.
> "so I suppose IP assignment is fine."
> But they weren't because the router didn't assign a v6 prefix to the LAN.
>
> Having ULAs available is critical to efforts to do HTTPS to the router.
> Please do not change this default.
I’ve personally experienced on a linux client (running 5.18) a situation where ipv6 connectivity was lost, apparently because of foul play from ULA.
The most obvious symptom was: pinging a target ipv6 address resulted in a ping reply from the OpenWrt router’s ULA address with « Destination unreachable: Unknown code 5 », as below:
$ ping6 git.openwrt.org
PING git.openwrt.org(git-01.infra.openwrt.org (2a03:b0c0:3:d0::160e:e001)) 56 data bytes
From router.lan (fdc9:6d06:832a::1) icmp_seq=1 Destination unreachable: Unknown code 5
^C
--- git.openwrt.org ping statistics ---
1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms
A traceroute would similarly stop at the router:
$ traceroute6 git.openwrt.org
traceroute to git.openwrt.org (2a03:b0c0:3:d0::160e:e001), 30 hops max, 80 byte packets
1 router.lan (fdc9:6d06:832a::1) 2.392 ms !<5> 2.351 ms !<5> 2.333 ms !<5>
The issue was random. The client had a GUA assigned, below is the ipv6 routing table at the time of the issue:
$ ip -6 route
2a0e:e701:11c2::/64 dev bond0 proto kernel metric 256 expires 7082sec pref medium
fdc9:6d06:832a::/64 dev bond0 proto kernel metric 256 pref medium
fe80::/64 dev bond0 proto kernel metric 256 pref medium
fe80::/64 dev bond0.10 proto kernel metric 256 pref medium
default via fe80::184f:a7ff:fe21:d230 dev bond0 proto ra metric 1024 expires 1793sec mtu 1492 hoplimit 64 pref medium
For that matter, this setup only uses SLAAC (no DHCPv6 on LAN).
Disabling ULA « fixes » this issue.
HTH
T
More information about the openwrt-devel
mailing list