Bug 670465 - IPv6 will break in very confusing ways after "ifdown lo" / "ifup lo"
Summary: IPv6 will break in very confusing ways after "ifdown lo" / "ifup lo"
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: initscripts
Version: 5.5
Hardware: Unspecified
OS: Unspecified
low
medium
Target Milestone: rc
: ---
Assignee: Lukáš Nykrýn
QA Contact: qe-baseos-daemons
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-01-18 11:43 UTC by Phil Mayers
Modified: 2013-03-12 09:21 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-03-12 09:21:05 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Phil Mayers 2011-01-18 11:43:24 UTC 
Description of problem:

This is a slightly odd problem, and it may just need a documentation pointer.

On Linux, IPv6 addresses are actually bound internally to the "lo" interface. This can be seen with "ip -6 route show table local":

local 2001:630:12:... via :: dev lo  proto none  metric ...

If you (erroneously?) do:

ifdown lo
ifup lo

...this kills IPv6 in a very confusing way; the (non-loopback) IPv6 addresses /128 routes are stripped off the "lo" interface and not re-added. IPv6 connectivity is broken, but:

ip addr
ifconfig
ip -6 route

...all appear to show working connectivity. The only way to fix it is a subsequent re-start of the physical interface, to re-acquire the IPv6 autoconfig addresses.

There are comments in the kernel source saying "Longer term, all of the dependencies ipv6 has upon the loopback device and it being up should be removed":

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=blob;f=net/ipv6/addrconf.c;h=5b189c97c2fc16d28961955673c1fa94f3df21ad;hb=e6f597a1425b5af64917be3448b29e2d5a585ac8#l4705

...but obviously that's a (very?) long-term fix.

I'm by no means certain this is a RedHat bug, or what the fix would be if it were. Arguably it makes no sense to actually set "link down" on loopback, so maybe modify the initscripts to instead flush addresses; or print a warning as the interface goes down?

In case anyone is curious; we discovered this because we were adding /128 IPs to loopback, which are routed to the box by static routing from our network. This allows e.g. DNS & SMTP servers to be on well-known IPs that can move with the box regardless of the underlying network and anycast routed (in the traditional sense, rather than the new IPv6-specific anycast stuff)


Version-Release number of selected component (if applicable):

AFAIK all versions of RHEL and Fedora are affected.

How reproducible:

Always


Steps to Reproduce:
1. Test ipv6 connectivity is working
2. Do "ifdown lo", "ifup lo"
3. Test ipv6 connectivity is broken
  
Actual results:

IPv6 connectivity breaks when loopback interfaces goes down and is not restored when loopback comes back

Expected results:

IPv6 connectivity would only depend on the interface via which connectivity is present.

Additional info:
Comment 1 Lukáš Nykrýn 2013-03-12 09:21:05 UTC 
I am sorry, but it is now too late in the RHEL-5 release cycle.
RHEL-5.10 (the next RHEL-5 minor release) is going to be the first
production phase 2 [1] release of RHEL-5. Since phase 2 we'll be
addressing only security and critical issues.

[1] https://access.redhat.com/support/policy/updates/errata/
Note You need to log in before you can comment on or make changes to this bug.