Bug 200360 - dom0 and ipv6 autoconf conflict
dom0 and ipv6 autoconf conflict
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: xen (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Berrange
Brian Brock
:
: 203243 212989 (view as bug list)
Depends On:
Blocks: FC6Blocker 216504 221063
  Show dependency treegraph
 
Reported: 2006-07-27 01:20 EDT by Rik van Riel
Modified: 2007-11-30 17:11 EST (History)
5 users (show)

See Also:
Fixed In Version: xen-3.0.3-6.fc6
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-03-09 09:20:56 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
Disable ra on xen bridge. (732 bytes, patch)
2006-07-27 21:43 EDT, Herbert Xu
no flags Details | Diff
Disable addrconf on ~multicast interfaces. (300 bytes, patch)
2006-10-05 01:32 EDT, Herbert Xu
no flags Details | Diff
Disable IPv6 on xen bridge interface. (616 bytes, patch)
2006-10-09 04:19 EDT, Herbert Xu
no flags Details | Diff
[LINUX] ipv6: Disable addrconf on Xen bridge device (2.98 KB, patch)
2007-01-30 05:05 EST, Herbert Xu
no flags Details | Diff

  None (edit)
Description Rik van Riel 2006-07-27 01:20:14 EDT
Description of problem:

IPv6 autoconfig addresses do not work right from domain 0, since dom0 traffic
often originates from the autoconf address associated with xenbr0, which has an
essentially random MAC address.

This means that the reply packets from the other host (on the same subnet) are
not received by the network card of the system that is trying to make the
connection.

Outgoing IPv6 packets really should use the IPv6 address associated with eth0,
not peth0 or xenbr0...
Comment 1 Herbert Xu 2006-07-27 07:02:43 EDT
Hmm, I can't reproduce this.  Could you please attach the output of "ip a", "ip
-6 r", and a tcpdump of the offending traffic (plus whatever you did to generate
the traffic)?

Thanks,
Comment 2 Rik van Riel 2006-07-27 10:14:11 EDT
[riel@bree FC-5]$ /sbin/ip a
1: lo: <LOOPBACK,UP,10000> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: vif0.0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc noqueue
    link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
    inet6 fe80::fcff:ffff:feff:ffff/64 scope link
       valid_lft forever preferred_lft forever
3: eth0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc noqueue
    link/ether 00:13:72:17:4a:9c brd ff:ff:ff:ff:ff:ff
    inet 10.0.13.9/24 brd 10.0.13.255 scope global eth0
    inet6 2002:425c:4d62:1:213:72ff:fe17:4a9c/64 scope global dynamic
       valid_lft 2591999sec preferred_lft 3599sec
    inet6 fe80::213:72ff:fe17:4a9c/64 scope link
       valid_lft forever preferred_lft forever
4: vif0.1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
    link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
5: veth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
    link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
6: vif0.2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
    link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
7: veth2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
    link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
8: vif0.3: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
    link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
9: veth3: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
    link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
10: vif0.4: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
    link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
11: veth4: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
    link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
12: vif0.5: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
    link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
13: veth5: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
    link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
14: vif0.6: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
    link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
15: veth6: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
    link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
16: vif0.7: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
    link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
17: veth7: <BROADCAST,MULTICAST> mtu 1500 qdisc noop
    link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
18: peth0: <BROADCAST,MULTICAST,NOARP,UP,10000> mtu 1500 qdisc pfifo_fast qlen 100
    link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
    inet6 fe80::fcff:ffff:feff:ffff/64 scope link
       valid_lft forever preferred_lft forever
19: sit0: <NOARP> mtu 1480 qdisc noop
    link/sit 0.0.0.0 brd 0.0.0.0
20: xenbr0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc noqueue
    link/ether 3a:1a:86:33:12:41 brd ff:ff:ff:ff:ff:ff
    inet6 2002:425c:4d62:1:1070:3aff:febb:a5eb/64 scope global deprecated dynamic
       valid_lft 2539783sec preferred_lft -48617sec
    inet6 2002:425c:4d62:1:28b9:ebff:fe78:d776/64 scope global deprecated dynamic
       valid_lft 2539410sec preferred_lft -48990sec
    inet6 2002:425c:4d62:1:81d:28ff:fe02:c4e1/64 scope global deprecated dynamic
       valid_lft 2539042sec preferred_lft -49358sec
    inet6 2002:425c:4d62:1:381a:86ff:fe33:1241/64 scope global dynamic
       valid_lft 2591999sec preferred_lft 3599sec
    inet6 2002:425c:4d62:1:b837:efff:fede:8e2c/64 scope global deprecated dynamic
       valid_lft 2533874sec preferred_lft -54526sec
    inet6 2002:425c:4d62:1:fcff:ffff:feff:ffff/64 scope global deprecated dynamic
       valid_lft 2533869sec preferred_lft -54531sec
    inet6 fe80::200:ff:fe00:0/64 scope link
       valid_lft forever preferred_lft forever
25: vif4.0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc noqueue
    link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
    inet6 fe80::fcff:ffff:feff:ffff/64 scope link
       valid_lft forever preferred_lft forever
26: tun1: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen 500
    link/ether 3a:1a:86:33:12:41 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::381a:86ff:fe33:1241/64 scope link
       valid_lft forever preferred_lft forever
41: vif12.0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc noqueue
    link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff
    inet6 fe80::fcff:ffff:feff:ffff/64 scope link
       valid_lft forever preferred_lft forever
42: tun0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen 500
    link/ether 4a:1a:7c:af:68:ad brd ff:ff:ff:ff:ff:ff
    inet6 fe80::481a:7cff:feaf:68ad/64 scope link
       valid_lft forever preferred_lft forever




[riel@bree FC-5]$ /sbin/ip -6 r
2002:425c:4d62:1::/64 dev xenbr0  proto kernel  metric 256  expires 2592158sec
mtu 1500 advmss 1440 metric 10 4294967295
2002:425c:4d62:1::/64 dev eth0  proto kernel  metric 256  expires 2592158sec mtu
1500 advmss 1440 metric 10 4294967295
fe80::/64 dev xenbr0  metric 256  expires 21276227sec mtu 1500 advmss 1440
metric 10 4294967295
fe80::/64 dev vif0.0  metric 256  expires 21276228sec mtu 1500 advmss 1440
metric 10 4294967295
fe80::/64 dev peth0  metric 256  expires 21276229sec mtu 1500 advmss 1440 metric
10 4294967295
fe80::/64 dev eth0  metric 256  expires 21276230sec mtu 1500 advmss 1440 metric
10 4294967295
fe80::/64 dev tun1  metric 256  expires 21276241sec mtu 1500 advmss 1440 metric
10 4294967295
fe80::/64 dev vif4.0  metric 256  expires 21276242sec mtu 1500 advmss 1440
metric 10 4294967295
fe80::/64 dev tun0  metric 256  expires 21282342sec mtu 1500 advmss 1440 metric
10 4294967295
fe80::/64 dev vif12.0  metric 256  expires 21282343sec mtu 1500 advmss 1440
metric 10 4294967295
ff00::/8 dev xenbr0  metric 256  expires 21276227sec mtu 1500 advmss 1440 metric
10 4294967295
ff00::/8 dev peth0  metric 256  expires 21276229sec mtu 1500 advmss 1440 metric
10 4294967295
ff00::/8 dev vif0.0  metric 256  expires 21276228sec mtu 1500 advmss 1440 metric
10 4294967295
ff00::/8 dev eth0  metric 256  expires 21276230sec mtu 1500 advmss 1440 metric
10 4294967295
ff00::/8 dev tun1  metric 256  expires 21276241sec mtu 1500 advmss 1440 metric
10 4294967295
ff00::/8 dev vif4.0  metric 256  expires 21276242sec mtu 1500 advmss 1440 metric
10 4294967295
ff00::/8 dev tun0  metric 256  expires 21282342sec mtu 1500 advmss 1440 metric
10 4294967295
ff00::/8 dev vif12.0  metric 256  expires 21282343sec mtu 1500 advmss 1440
metric 10 4294967295
default via fe80::250:fcff:feb0:ec43 dev xenbr0  proto kernel  metric 1024 
expires 26sec mtu 1500 advmss 1440 metric 10 64
default via fe80::250:fcff:feb0:ec43 dev eth0  proto kernel  metric 1024 
expires 26sec mtu 1500 advmss 1440 metric 10 64
unreachable default dev lo  proto none  metric -1  error -101 metric 10 255


Comment 4 Herbert Xu 2006-07-27 20:16:15 EDT
OK, as a workaround you can change the Xen startup scripts to set the MTU on
xenbr0 to 68 in order to disable IPv6.  To resolve it properly we need a cleaner
way to disable IPv6 on an interface.
Comment 5 Herbert Xu 2006-07-27 21:43:11 EDT
Created attachment 133212 [details]
Disable ra on xen bridge.

Does this patch fix the problem?
Comment 6 Herbert Xu 2006-09-18 12:13:35 EDT
*** Bug 203243 has been marked as a duplicate of this bug. ***
Comment 7 Herbert Xu 2006-09-18 12:16:54 EDT
Upstream may soon allow IPv6 to be disabled before an interface is brought up.  This should allow Xen to disable IPv6 on these interfaces properly.  Longer term Xen should lose the loopback interface which should also fix the issue.
Comment 8 Herbert Xu 2006-10-05 01:32:11 EDT
Created attachment 137801 [details]
Disable addrconf on ~multicast interfaces.

While the IPv6 folks are working on the mechanism, we can use a simple fix for
this specific problem.	Please let me know if this patch lets you use IPv6 in
dom0.
Comment 9 Herbert Xu 2006-10-09 04:19:53 EDT
Created attachment 138027 [details]
Disable IPv6 on xen bridge interface.

Please test this patch to see whether it resolves your problem.
Comment 10 Herbert Xu 2006-10-30 20:18:43 EST
*** Bug 212989 has been marked as a duplicate of this bug. ***
Comment 11 Rik van Riel 2006-12-31 14:16:20 EST
I have verified your patch, now that I was rebooting the system anyway, and it
works.  Cloning the bug for RHEL5 now ...
Comment 12 Herbert Xu 2007-01-30 05:05:42 EST
Created attachment 146903 [details]
[LINUX] ipv6: Disable addrconf on Xen bridge device

This patch is now upstream and in RHEL5.
Comment 13 Herbert Xu 2007-01-30 05:10:54 EST
Please commit this patch to rawhide when convenient.
Comment 14 Daniel Berrange 2007-02-15 14:16:09 EST
Fix added to xen-3.0.3-6.fc6  which is arriving in updates-testing shortly.
Comment 15 Peter Bieringer 2007-02-17 05:02:09 EST
Just for your information, there is work ongoing to make sysctl toggles present
before interface is up.

See netdev thread for more: http://www.spinics.net/lists/netdev/msg24824.html

Hopefully, this extension would be also part of RHEL5 to throw some workarounds
finally away (also in part of IPv6 related initscript sections).

Note You need to log in before you can comment on or make changes to this bug.