1

We have a network on which we're setting up a test IPv6 deployment. Here's the layout:

Win2008R2 DHCP VM and Debian Squeeze radvd VM -> vSphere 5.0 vSwitch -(Trunk)-> Catalyst 2960G -(Trunk)-> Catalyst 2960G -> Win7 Laptop

SLAAC works fine, but as soon as I turn off autonomous mode for the prefix, I can see that DHCPv6 is not working properly (the client doesn't get any of the scope options from the Win 2008R2 DHCP Server). Running Wireshark on the client shows that DHCPv6 solicitations are being sent, as expected. Running Wireshark on the DHCP server shows that the packets aren't making it across the network.

My question: I know that DHCPv6 is multicast-based. Could the Catalysts or vSwitches be eating these solicitations? If so - how do I rectify that?

bab
  • 443
  • 1
  • 5
  • 12
  • Additional info: A Win7 VM on the same ESX server also has this problem. So that rules out the Catalysts. – bab Feb 23 '12 at 22:20
  • Interestingly, this all works when I set up a few laptops on a "dumb" physical switch with the same parameters. Looking more and more like a VMware issue. – bab Feb 24 '12 at 16:27

1 Answers1

1

My guess would be the VM. The IPv6 multicast traffic gets sent out as ethernet multicast so it gets flooded to all ports on the segment. Have you tried sniffing the wire at the trunk cable that connects into the vSphere switch?

http://en.wikipedia.org/wiki/Multicast_address#Ethernet

resmon6
  • 1,342
  • 6
  • 8
  • resmon6 - thanks for the reply. We actually have four trunk cables going into the ESX server, so it's a bit hard to tap them. I've ensured that IGMP snooping is on for the VLAN in question on the switch, so I'm not sure if it will get flooded out (unless it isn't picking up correctly). In any case, if it was a problem with the switches, I would expect my Win7 VM on the same ESX server and vSwitch would work. I suspect that perhaps the Win2008R2 box somehow hasn't gotten onto the ff02::1:2 group, but I have no idea why. – bab Feb 23 '12 at 22:46
  • 1
    IPv6 uses MLD, not IGMP. Bad IGMP snooping or a bad implementation actually might cause your problems... – Sander Steffann Feb 23 '12 at 23:16
  • Sander - interesting, I didn't realize that. I have a pretty much stock vSwitch config though (other than VLANs). Is there anything that has to be enabled in ESX to enable MLD on vSwitches? – bab Feb 24 '12 at 00:04
  • Enabled MLD snooping on all Catalysts and IPv6 on the ESX servers - still no luck. – bab Feb 24 '12 at 01:55
  • Is there any way to run wireshark at the vsphere switch? – resmon6 Feb 24 '12 at 14:15
  • Unfortunately, that's a bit like asking if you can run Wireshark on a physical switch. Of course I can add another device to the switch and run Wireshark on that, but if the problem is the switch itself - it won't help me narrow it down. – bab Feb 24 '12 at 15:08