5

Link-local address:

Routers do not forward packets with link-local addresses.

What I want to know is: that makes sense if the destination is a link-local address, but what if I have a box that only has a link-local address trying to reach a global/site scope address? Can the traffic make it back, or will that fail because the return packets will be to a link-local address?

sebix
  • 4,175
  • 2
  • 25
  • 45
singpolyma
  • 489
  • 2
  • 7
  • 19

1 Answers1

14

A router will never forward a packet with a source unicast link-local ipv6 address.

Please take a look at this example: linux machine with only link-local address trying to ping ipv6.google.com (google's global scope ipv6 address):

root@u1010:~# ifconfig -a

eth0      Link encap:Ethernet  HWaddr 00:0c:29:2d:ff:26
          inet addr:172.16.1.130  Bcast:172.16.1.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fe2d:ff26/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:408884 errors:0 dropped:0 overruns:0 frame:0
          TX packets:43885 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:151390854 (151.3 MB)  TX bytes:6098973 (6.0 MB)
          Interrupt:19 Base address:0x2000

root@u1010:~# ping6 ipv6.google.com
PING ipv6.google.com(pw-in-x68.1e100.net) 56 data bytes
From fe80::223:33ff:fe71:6827 icmp_seq=1 Destination unreachable: Beyond scope of source address
From fe80::223:33ff:fe71:6827 icmp_seq=2 Destination unreachable: Beyond scope of source address
From fe80::223:33ff:fe71:6827 icmp_seq=3 Destination unreachable: Beyond scope of source address
From fe80::223:33ff:fe71:6827 icmp_seq=4 Destination unreachable: Beyond scope of source address

and debug ipv6 packet on the router shows the following...

Mar  5 14:14:17.240: IPv6: Looking up 2001:XXXX:20::2 [Source FE80::20C:29FF:FE2D:FF26] in FIB
Mar  5 14:14:17.240: IPv6: FIB lookup for 2001:XXXX:20::2 succeeded. if=Tunnel0, nexthop 2001:XXXX:20::2
Mar  5 14:14:17.240: IPV6: source FE80::20C:29FF:FE2D:FF26 (Vlan200)
Mar  5 14:14:17.240:       dest 2001:XXXX:20::2 (Tunnel0)
Mar  5 14:14:17.240:       traffic class 0, flow 0x0, len 81+14, prot 17, hops 63, forwarding
Mar  5 14:14:17.240: IPv6-Fwd: Beyond scope of source address
jliendo
  • 1,568
  • 11
  • 13
  • 2
    More specifically, this happens because there needs to be a public IP address to send responses back to. Send only would only be useful in very specific cases, and that's probably why this hasn't been made valid. – yuriks Apr 27 '11 at 00:13