[PATCH] base-files: Don't enable ULA IPv6 addresses by default in new config

Torsten Duwe duwe at lst.de
Fri Sep 9 02:19:31 PDT 2022


On Thu, 8 Sep 2022 19:51:06 +0200
Thibaut <hacks at slashdirt.org> wrote:

> The issue was random. The client had a GUA assigned, below is the ipv6 routing table at the time of the issue:
> 
> $ ip -6 route
> 2a0e:e701:11c2::/64 dev bond0 proto kernel metric 256 expires 7082sec pref medium
> fdc9:6d06:832a::/64 dev bond0 proto kernel metric 256 pref medium

So AFAICS here lies the problem. Same metric, same preference.
The addresses below are usually tagged link local somewhere, but
I assume the ULA is not.

> fe80::/64 dev bond0 proto kernel metric 256 pref medium
> fe80::/64 dev bond0.10 proto kernel metric 256 pref medium
> default via fe80::184f:a7ff:fe21:d230 dev bond0 proto ra metric 1024 expires 1793sec mtu 1492 hoplimit 64 pref medium
> 
> For that matter, this setup only uses SLAAC (no DHCPv6 on LAN).
> 
> Disabling ULA « fixes » this issue.

Sure. Above, it looks like a game of chance which address is used.

From my understanding, router.lan would need to be told to do IPv6 NAT
if clients are to reach outside with their ULAs, right?

If I get a vote, I'd enable ULA generation only iff an IPv6 NAT was also
configured, and, last but not least, I wouldn't randomise it. I'd go for
e.g. fd00:4f57:5254 ("OWRT"), like all AVR use 192.168.178.0/24 on v4.

	Torsten




More information about the openwrt-devel mailing list