Re: [SOLVED] Re: IPv6 forwarding to TAP-interface fails

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Mike Kazantsev a écrit :
> 
> And here's the problem: no link-local address on the interface.

Good catch. I didn't notice it.

> With this address added (or rather preserved), router is able to send
> neighbor solicitation requests from it and everything works fine.
> 
> Anyway, strange thing is that, apparently, VM on the other side is able
> to send these requests without link-local address, using global one
> instead:
[...]
> Guess older kernel (2.6.30.4) there is the cause of it, and that's also
> why it worked before with pretty much the same setup.

I observed that when sending a locally generated packet, Linux uses the
source address (which is one one of its own addresses) of the packet as
the source address in the neighbour solicitation, whereas when
forwarding a packet it uses the link-local address attached to the
output interface. So there may be trouble when forwarding a packet and
the output interface has no link-local address. The tcpdump trace in
your previous message shows a neighbour solicitation packet with
unspecified source address :

> IP6 :: > ff02::1:ff00:22: ICMP6, neighbor solicitation, who has 2001:470:1f0b:11de::22, length 24

This may explain the different results with pings from the LAN and from
the router, and also why VM does not have the problem even though it has
no link-local address.
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux