Description of problem: IPv6 autoconfig addresses do not work right from domain 0, since dom0 traffic often originates from the autoconf address associated with xenbr0, which has an essentially random MAC address. This means that the reply packets from the other host (on the same subnet) are not received by the network card of the system that is trying to make the connection. Outgoing IPv6 packets really should use the IPv6 address associated with eth0, not peth0 or xenbr0...
Hmm, I can't reproduce this. Could you please attach the output of "ip a", "ip -6 r", and a tcpdump of the offending traffic (plus whatever you did to generate the traffic)? Thanks,
[riel@bree FC-5]$ /sbin/ip a 1: lo: <LOOPBACK,UP,10000> mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: vif0.0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc noqueue link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff inet6 fe80::fcff:ffff:feff:ffff/64 scope link valid_lft forever preferred_lft forever 3: eth0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc noqueue link/ether 00:13:72:17:4a:9c brd ff:ff:ff:ff:ff:ff inet 10.0.13.9/24 brd 10.0.13.255 scope global eth0 inet6 2002:425c:4d62:1:213:72ff:fe17:4a9c/64 scope global dynamic valid_lft 2591999sec preferred_lft 3599sec inet6 fe80::213:72ff:fe17:4a9c/64 scope link valid_lft forever preferred_lft forever 4: vif0.1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff 5: veth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff 6: vif0.2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff 7: veth2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff 8: vif0.3: <BROADCAST,MULTICAST> mtu 1500 qdisc noop link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff 9: veth3: <BROADCAST,MULTICAST> mtu 1500 qdisc noop link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff 10: vif0.4: <BROADCAST,MULTICAST> mtu 1500 qdisc noop link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff 11: veth4: <BROADCAST,MULTICAST> mtu 1500 qdisc noop link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff 12: vif0.5: <BROADCAST,MULTICAST> mtu 1500 qdisc noop link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff 13: veth5: <BROADCAST,MULTICAST> mtu 1500 qdisc noop link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff 14: vif0.6: <BROADCAST,MULTICAST> mtu 1500 qdisc noop link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff 15: veth6: <BROADCAST,MULTICAST> mtu 1500 qdisc noop link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff 16: vif0.7: <BROADCAST,MULTICAST> mtu 1500 qdisc noop link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff 17: veth7: <BROADCAST,MULTICAST> mtu 1500 qdisc noop link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff 18: peth0: <BROADCAST,MULTICAST,NOARP,UP,10000> mtu 1500 qdisc pfifo_fast qlen 100 link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff inet6 fe80::fcff:ffff:feff:ffff/64 scope link valid_lft forever preferred_lft forever 19: sit0: <NOARP> mtu 1480 qdisc noop link/sit 0.0.0.0 brd 0.0.0.0 20: xenbr0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc noqueue link/ether 3a:1a:86:33:12:41 brd ff:ff:ff:ff:ff:ff inet6 2002:425c:4d62:1:1070:3aff:febb:a5eb/64 scope global deprecated dynamic valid_lft 2539783sec preferred_lft -48617sec inet6 2002:425c:4d62:1:28b9:ebff:fe78:d776/64 scope global deprecated dynamic valid_lft 2539410sec preferred_lft -48990sec inet6 2002:425c:4d62:1:81d:28ff:fe02:c4e1/64 scope global deprecated dynamic valid_lft 2539042sec preferred_lft -49358sec inet6 2002:425c:4d62:1:381a:86ff:fe33:1241/64 scope global dynamic valid_lft 2591999sec preferred_lft 3599sec inet6 2002:425c:4d62:1:b837:efff:fede:8e2c/64 scope global deprecated dynamic valid_lft 2533874sec preferred_lft -54526sec inet6 2002:425c:4d62:1:fcff:ffff:feff:ffff/64 scope global deprecated dynamic valid_lft 2533869sec preferred_lft -54531sec inet6 fe80::200:ff:fe00:0/64 scope link valid_lft forever preferred_lft forever 25: vif4.0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc noqueue link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff inet6 fe80::fcff:ffff:feff:ffff/64 scope link valid_lft forever preferred_lft forever 26: tun1: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen 500 link/ether 3a:1a:86:33:12:41 brd ff:ff:ff:ff:ff:ff inet6 fe80::381a:86ff:fe33:1241/64 scope link valid_lft forever preferred_lft forever 41: vif12.0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc noqueue link/ether fe:ff:ff:ff:ff:ff brd ff:ff:ff:ff:ff:ff inet6 fe80::fcff:ffff:feff:ffff/64 scope link valid_lft forever preferred_lft forever 42: tun0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen 500 link/ether 4a:1a:7c:af:68:ad brd ff:ff:ff:ff:ff:ff inet6 fe80::481a:7cff:feaf:68ad/64 scope link valid_lft forever preferred_lft forever [riel@bree FC-5]$ /sbin/ip -6 r 2002:425c:4d62:1::/64 dev xenbr0 proto kernel metric 256 expires 2592158sec mtu 1500 advmss 1440 metric 10 4294967295 2002:425c:4d62:1::/64 dev eth0 proto kernel metric 256 expires 2592158sec mtu 1500 advmss 1440 metric 10 4294967295 fe80::/64 dev xenbr0 metric 256 expires 21276227sec mtu 1500 advmss 1440 metric 10 4294967295 fe80::/64 dev vif0.0 metric 256 expires 21276228sec mtu 1500 advmss 1440 metric 10 4294967295 fe80::/64 dev peth0 metric 256 expires 21276229sec mtu 1500 advmss 1440 metric 10 4294967295 fe80::/64 dev eth0 metric 256 expires 21276230sec mtu 1500 advmss 1440 metric 10 4294967295 fe80::/64 dev tun1 metric 256 expires 21276241sec mtu 1500 advmss 1440 metric 10 4294967295 fe80::/64 dev vif4.0 metric 256 expires 21276242sec mtu 1500 advmss 1440 metric 10 4294967295 fe80::/64 dev tun0 metric 256 expires 21282342sec mtu 1500 advmss 1440 metric 10 4294967295 fe80::/64 dev vif12.0 metric 256 expires 21282343sec mtu 1500 advmss 1440 metric 10 4294967295 ff00::/8 dev xenbr0 metric 256 expires 21276227sec mtu 1500 advmss 1440 metric 10 4294967295 ff00::/8 dev peth0 metric 256 expires 21276229sec mtu 1500 advmss 1440 metric 10 4294967295 ff00::/8 dev vif0.0 metric 256 expires 21276228sec mtu 1500 advmss 1440 metric 10 4294967295 ff00::/8 dev eth0 metric 256 expires 21276230sec mtu 1500 advmss 1440 metric 10 4294967295 ff00::/8 dev tun1 metric 256 expires 21276241sec mtu 1500 advmss 1440 metric 10 4294967295 ff00::/8 dev vif4.0 metric 256 expires 21276242sec mtu 1500 advmss 1440 metric 10 4294967295 ff00::/8 dev tun0 metric 256 expires 21282342sec mtu 1500 advmss 1440 metric 10 4294967295 ff00::/8 dev vif12.0 metric 256 expires 21282343sec mtu 1500 advmss 1440 metric 10 4294967295 default via fe80::250:fcff:feb0:ec43 dev xenbr0 proto kernel metric 1024 expires 26sec mtu 1500 advmss 1440 metric 10 64 default via fe80::250:fcff:feb0:ec43 dev eth0 proto kernel metric 1024 expires 26sec mtu 1500 advmss 1440 metric 10 64 unreachable default dev lo proto none metric -1 error -101 metric 10 255
OK, as a workaround you can change the Xen startup scripts to set the MTU on xenbr0 to 68 in order to disable IPv6. To resolve it properly we need a cleaner way to disable IPv6 on an interface.
Created attachment 133212 [details] Disable ra on xen bridge. Does this patch fix the problem?
*** Bug 203243 has been marked as a duplicate of this bug. ***
Upstream may soon allow IPv6 to be disabled before an interface is brought up. This should allow Xen to disable IPv6 on these interfaces properly. Longer term Xen should lose the loopback interface which should also fix the issue.
Created attachment 137801 [details] Disable addrconf on ~multicast interfaces. While the IPv6 folks are working on the mechanism, we can use a simple fix for this specific problem. Please let me know if this patch lets you use IPv6 in dom0.
Created attachment 138027 [details] Disable IPv6 on xen bridge interface. Please test this patch to see whether it resolves your problem.
*** Bug 212989 has been marked as a duplicate of this bug. ***
I have verified your patch, now that I was rebooting the system anyway, and it works. Cloning the bug for RHEL5 now ...
Created attachment 146903 [details] [LINUX] ipv6: Disable addrconf on Xen bridge device This patch is now upstream and in RHEL5.
Please commit this patch to rawhide when convenient.
Fix added to xen-3.0.3-6.fc6 which is arriving in updates-testing shortly.
Just for your information, there is work ongoing to make sysctl toggles present before interface is up. See netdev thread for more: http://www.spinics.net/lists/netdev/msg24824.html Hopefully, this extension would be also part of RHEL5 to throw some workarounds finally away (also in part of IPv6 related initscript sections).