Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 24 Jan 2018 19:36:54 +0100
From:      Alarig Le Lay <alarig@swordarmor.fr>
To:        freebsd-net@FreeBSD.org
Subject:   CARP link-local address not responding to neighbor solicitations comming from public address
Message-ID:  <20180124183653.yvnfra2lkktalozi@mew.swordarmor.fr>
next in thread | raw e-mail | index | archive | help 

--dorauk5ockqou43g
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hi,

All the machines listed below are 11.1-RELEASE.

I have a setup with a LAN of VMs routed by two routers configured with
CARP. If I reboot a VM, the NDP for the default route is unknown:
	root@:~ # ndp -n fe80::204:92:100:1%em0
	Neighbor                             Linklayer Address  Netif Expire    S =
Flags
	fe80::204:92:100:1%em0 (fe80::204:92:100:1%em0) -- no entry

So, a neighbor solicitation is send, but from the VM public IP:
	19:13:50.766822 IP6 2a00:5884:8211::1 > ff02::1:ff00:1: ICMP6, neighbor so=
licitation, who has fe80::204:92:100:1, length 32

And my router doesn=E2=80=99t answer to it.
But, if I ping the default route from the VM, the neighbor solicitation
is send from the VM link-local address:
	19:14:51.441884 IP6 fe80::14f8:7aff:fedf:4453 > ff02::1:ff00:1: ICMP6, nei=
ghbor solicitation, who has fe80::204:92:100:1, length 32

And then, my router answers it:
	19:14:51.441920 IP6 fe80::215:17ff:fe39:f01b > fe80::14f8:7aff:fedf:4453: =
ICMP6, neighbor advertisement, tgt is fe80::204:92:100:1, length 32
And the VM add it in cache:
	root@:~ # ping6 fe80::204:92:100:1%em0
	PING6(56=3D40+8+8 bytes) fe80::14f8:7aff:fedf:4453%em0 --> fe80::204:92:10=
0:1%em0
	16 bytes from fe80::204:92:100:1%em0, icmp_seq=3D0 hlim=3D64 time=3D1.040 =
ms
	^C
	--- fe80::204:92:100:1%em0 ping6 statistics ---
	1 packets transmitted, 1 packets received, 0.0% packet loss
	round-trip min/avg/max/std-dev =3D 1.040/1.040/1.040/0.000 ms
	root@:~ # ndp -n fe80::204:92:100:1%em0
	Neighbor                             Linklayer Address  Netif Expire    S =
Flags
	fe80::204:92:100:1%em0               00:00:5e:00:01:02    em0 28s       R R

The router is configured as follow:
root@nominoe:~ # ifconfig em1.30
em1.30: flags=3D8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric=
 0 mtu 1500
        description: MacGrif
        options=3D103<RXCSUM,TXCSUM,TSO4>
        ether 00:15:17:39:f0:1b
        inet 89.234.186.7 netmask 0xffffff80 broadcast 89.234.186.127
        inet 80.67.190.194 netmask 0xffffffe0 broadcast 80.67.190.223
        inet 89.234.186.1 netmask 0xffffffff broadcast 89.234.186.1 vhid 1
        inet 80.67.190.193 netmask 0xffffffff broadcast 80.67.190.193 vhid 3
        inet6 fe80::215:17ff:fe39:f01b%em1.30 prefixlen 64 scopeid 0xa
        inet6 2a00:5884::1 prefixlen 64
        inet6 fe80::204:92:100:1%em1.30 prefixlen 128 scopeid 0xa vhid 2
        nd6 options=3D21<PERFORMNUD,AUTO_LINKLOCAL>
        media: Ethernet autoselect (1000baseT <full-duplex>)
        status: active
        vlan: 30 vlanpcp: 0 parent interface: em1
        carp: MASTER vhid 1 advbase 1 advskew 0
        carp: MASTER vhid 2 advbase 1 advskew 0
        carp: MASTER vhid 3 advbase 1 advskew 0
        groups: vlan

And the VM as follow:
root@:~ # ifconfig em0
em0: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	options=3D209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC>
	ether 16:f8:7a:df:44:53
	hwaddr 16:f8:7a:df:44:53
	inet 89.234.186.118 netmask 0xffffffe0 broadcast 89.234.186.127=20
	inet6 fe80::14f8:7aff:fedf:4453%em0 prefixlen 64 scopeid 0x1=20
	inet6 2a00:5884:8211::1 prefixlen 64=20
	nd6 options=3D21<PERFORMNUD,AUTO_LINKLOCAL>
	media: Ethernet autoselect (1000baseT <full-duplex>)
	status: active

Both public and fe80 routes are in the kernel table:
root@nominoe:~ # route -n -6 get 2a00:5884:8211::1
   route to: 2a00:5884:8211::1
destination: 2a00:5884:8211::
       mask: ffff:ffff:ffff::
    gateway: fe80::14f8:7aff:fedf:4453%em1.30
        fib: 0
  interface: em1.30
      flags: <UP,GATEWAY,DONE,STATIC>
 recvpipe  sendpipe  ssthresh  rtt,msec    mtu        weight    expire
       0         0         0         0      1500         1         0
root@nominoe:~ # route -n -6 get fe80::14f8:7aff:fedf:4453%em1.30
   route to: fe80::14f8:7aff:fedf:4453%em1.30
destination: fe80::%em1.30
       mask: ffff:ffff:ffff:ffff::
        fib: 0
  interface: em1.30
      flags: <UP,DONE>
 recvpipe  sendpipe  ssthresh  rtt,msec    mtu        weight    expire
       0         0         0         0      1500         1         0

Does anyone have a clue about it?

Thanks,
--=20
alarig

--dorauk5ockqou43g
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQEzBAABCAAdFiEE+2yGwT0H0n57WkRbrzhKwWsgK4gFAlpo0kIACgkQrzhKwWsg
K4j7dQgAmK/xEell5Ia7UeSnOJ5lA+Js9q5TUj/5Tchrz//Dua24Gpk+rX8EaG3q
8XPimPB+MMmtmibkhdwLY3paZqe54R/T4LPswDUZtqGEXonN6ZEfxzkR4p6MgXiB
VplMeQ9gEZ5erRZut9eKbX+JQ1H8gk74jnvZ3VzwtM4miVrCeOLTHU1qCkjBpYwd
jzMsDjNLAzxYejh5O8LBlYcIGOsgbsRmeCq/UyjWL8s+JCtRGEiZHoozYCPZpEjT
uymAI+q40UpyM38xJ4nYzJ9sqajyxZp40DgBfebmF/A/HB6XELHfQKadhQl29fo2
cLuT+LemtMYf4cVZ+quXwh5rgzOxqA==
=/mTC
-----END PGP SIGNATURE-----

--dorauk5ockqou43g--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20180124183653.yvnfra2lkktalozi>