Re: Wired behaviour with IPv6 over PPP

From: Pascal Hambourg
Date: Wed May 28 2008 - 06:34:35 EST


Hello all,

Willy Tarreau a écrit/wrote :
On Thu, May 22, 2008 at 09:05:47PM +0200, Matthias Cramer wrote:

James Chapman wrote:

Andrew Morton wrote:

On Wed, 21 May 2008 14:56:43 +0200 Matthias Cramer
<matthias.cramer@xxxxxxxxxxx> wrote:

I have a very wired behaviour when doing IPv6 over PPPoE.

The situation:

A linux box connected to a DSL Modem, on the other side is a Cisco
LNS which terminates the PPP session (actually L2TP).
I have control over both ends.

When I have net.ipv6.conf.all.forwarding set to 0 then the ppp
Interface gets a IPv6 address from the Cisco via IP6CP.
When I have net.ipv6.conf.all.forwarding set to 1 them the ppp
Interface does not get an address, it has only a normal link local
address.

AFAIK IPV6CP/PPP only allows to negotiate link local addresses. So I guess the global address and default route is assigned by another mechanism, maybe stateless autoconfiguration using router advertisement, although I was not aware it could be used on a PPP link because of the absence of MAC address. Enabling global forwarding (net.ipv6.conf.all.forwarding=1) disables stateless autoconfiguration (see ip-sysctl.txt in kernel documentation) on all interfaces. I believe this is consistent with the observed behaviour.

When I start the ppp session with forwarding set to 0 I can ping out
and there exists a default route to ppp0 , then I switch forwarding to 1
the default route disappears and therefore routing does not work any
longer.

I have read reports about this. I guess the logic is that enabling forwarding turns the box into a router, so the default route learned from another router's advertisements by autoconfiguration should be deleted. Even the autoconfigured global address will eventually expire.

Well, at least it has been working for years in kernel 2.4 for me with
pppd 2.4.2b3 to 2.4.4 (I've not upgraded my firewall to 2.6 yet). So
it has definitely been working at some point.

What exactly has been working ?

PS : Willy, do you plan to backport the security fix for the sit module from 2.6.25.3 into 2.4 ?
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/