Re: [solved] ICMPv6 messages of type RS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Dear Helmut,

Sorry for this letter. I want just to make some aspects of the problem more clear.

Joining all-router multicast group is a kernel option. Your host send Router Solicitation requests (it's ICMPv6 code number 133) to the all-routers multicast group. Sending of RS is controlling by the kernel options through sysctl:

$ sysctl -a | grep net.ipv6.conf.default.router_solicitations

The default number of router solicitation messages to send is 3. You can change it to 0 to disable RS if you want:

# sysctl -w "grep net.ipv6.conf.default.router_solicitations=0"

and write this option value to /etc/sysctl.conf if You want to preserve the value after the system reboot. There are possibility to manage sysctl via Avahi.


There is some security reasons in support of disabling RS in the kernels of Your workstations, esp. if You use unmanaged ethernet switches or managed ones without multicast group management. Where is the problem? It could be almost IPv6 disaster to enable ipv6 forwarding in more than one of Your local stations or servers, especially if the router-enabled kernel is not on router machine (so called "fake router"). If that scenario happens and some or all of Your stations autoconfigure the fake router local-ling address as a default IPv6 nexthop, they'll lost their IPv6 connectivity.

I'll recommend You not to use statefull or stateless auto-configuration unless You can manage the access to You multicast groups in the local ethernet. DHCPv6 (as a statefull host configuration) do not solve the problem with fake routers - it uses RS do discover the router too.

  Best regards
    Vesselin


On 09/06/2011 05:33 PM, Helmut Drodofsky wrote:

 

 

Von: centos-bounces@xxxxxxxxxx [mailto:centos-bounces@xxxxxxxxxx] Im Auftrag von Helmut Drodofsky
Gesendet: Dienstag, 6. September 2011 16:03
An: 'CentOS mailing list'
Betreff: ICMPv6 messages of type RS

 

Hallo,

 

as described by CISCO in

http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_7-2/ipv6_autoconfig.html

 

a router hast to send ICMPv6 messages of type RS to the all-router multicast group: ff02::1 and ff02::2 for stateless autoconfiguration.

 

How can I activate this sending in CentOS?

 

Best regards

Helmut

 


_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux