2

I have recently added IPv6 to our network as per the instructions at http://www.chronos-tachyon.net/reference/debian-ipv6-and-hurricane-electric.

However, the hosts on the network automatically configure the default route to the link-local address of the router instead of the global address.

The article at http://ipvsix.me/?p=88 says:

You will find that on the LAN host, their default route and gateway point to the Link-Local address of eth1 on the Linux machine acting as the IPv6 gateway/router. This is entirely normal and expected.

My problem is that the router (running a derivation of Debian) does not respond to NDP requests for its link-local address because it has a global address configured.

Is there any way to either:

  • Get the hosts to automatically use the global address of the router for the default host, or
  • Get the router to reply to NDP requests for its link-local address.

/etc/radvd.conf on the router:

interface eth0 {
    AdvSendAdvert on;
    AdvLinkMTU 1480;
    MinRtrAdvInterval 60;
    MaxRtrAdvInterval 180;
    prefix 2001:xxxx:xxxx:xxxx::1/64 {
        AdvRouterAddr on;
        AdvPreferredLifetime 600;
        AdvValidLifetime 3600;
    };
    route ::/0 {
    };
    RDNSS 2001:xxxx:xxxx:xxxx::2 {};
};
DanielGibbs
  • 573
  • 5
  • 12
  • 31
  • From the router, can you paste `/etc/radvd.conf` and `ip -6 addr`, and from a host machine, `ip -6 route`? Feel free to sanitize your global addresses. – Michael Hampton Jul 28 '12 at 05:10
  • 5
    Your description of why your router isn't responding to NDP makes no sense -- if it were doing that, many things would break on many, many systems. – womble Jul 28 '12 at 05:43
  • Womble is right, either you advertise a router or you don't. If you do, then the clients should do the right thing, either use the link-local address of the router or it has advertised its global-address. "Advertise" equals "NDP", see http://en.wikipedia.org/wiki/Neighbor_Discovery_Protocol – AndreasM Jul 28 '12 at 08:54
  • @womble Agreed, but I read somewhere that that was why it wasn't responding. I'll add the config and other info next time I'm at work, in a few days. – DanielGibbs Jul 29 '12 at 20:41
  • Did you try and *verify* what you read as being correct? Not everything you read on the Internet is gospel truth (including this). – womble Jul 29 '12 at 21:36
  • I know, but I spent ages looking for an answer as to why my router doesn't respond to NDP requests and this was the only explanation I could find. – DanielGibbs Jul 30 '12 at 03:24
  • 1
    *facepalm* Turns out that I had the wrong interface specified in `/etc/radvd.conf`. Thanks all for helping me find it. – DanielGibbs Jul 31 '12 at 21:55
  • Answers are best posted in the Answer box below. Welcome to Server Fault! – Michael Hampton Jul 31 '12 at 22:14

3 Answers3

4

IPv6 back-to-back routing is entirely based on link-local addresses as a consequence it is normal to see the router considering the gateway link-local.

Even if you use IPv6 global addresses, devices will do layer2 resolution using Network Discovery to get the link-local addresses.

AJN
  • 406
  • 1
  • 4
  • 13
3

Turns out that I had the wrong interface specified in /etc/radvd.conf. Correcting it solved the issue.

DanielGibbs
  • 573
  • 5
  • 12
  • 31
1

Check your firewall settings.. my best guess would be that something is blocking icmp6, which breaks IPv6 even worse than the equivalent error with IPv4. Simplest command to list the ipv6 firewall rules (as root):

ip6tables -L -n
Koos van den Hout
  • 1,086
  • 6
  • 9
  • I checked `ebtables` and `iptables` but didn't realise there was an `ip6tables`, but there is nothing in it anyway, and all the default policies are ACCEPT. – DanielGibbs Jul 31 '12 at 21:22