From owner-freebsd-hackers@freebsd.org  Fri Apr 30 22:15:56 2021
Return-Path: <owner-freebsd-hackers@freebsd.org>
Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id E0CA662C036
 for <freebsd-hackers@mailman.nyi.freebsd.org>;
 Fri, 30 Apr 2021 22:15:56 +0000 (UTC)
 (envelope-from leres@freebsd.org)
Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4FX6C038dpz3jW2
 for <freebsd-hackers@freebsd.org>; Fri, 30 Apr 2021 22:15:56 +0000 (UTC)
 (envelope-from leres@freebsd.org)
Received: from ice.alameda.xse.com (unknown
 [IPv6:2600:1700:a570:e20:f2ad:4eff:fe0b:a065])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client did not present a certificate) (Authenticated sender: leres)
 by smtp.freebsd.org (Postfix) with ESMTPSA id 2C8C329C52
 for <freebsd-hackers@freebsd.org>; Fri, 30 Apr 2021 22:15:56 +0000 (UTC)
 (envelope-from leres@freebsd.org)
From: Craig Leres <leres@freebsd.org>
To: freebsd-hackers@freebsd.org
Subject: Listen on IPv6 address on a downed interface fails, but IPv4 works?
Message-ID: <6eec4dfb-ec5e-f39e-4c7c-1561c0a0eb23@freebsd.org>
Date: Fri, 30 Apr 2021 15:15:54 -0700
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:78.0) Gecko/20100101
 Thunderbird/78.10.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Technical discussions relating to FreeBSD
 <freebsd-hackers.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers/>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Apr 2021 22:15:56 -0000


We provide anycast recursive dns service to our users with a number of 
FreeBSD servers running bind916. The IPv4 and IPv6 addresses used are 
configured on lo1 and we have a daemon that ifconfig's lo1 up when 
queries seem to be working, otherwise down. And we use bird2 to 
advertise the lo1 anycast addresses via ospf. This has been in use for 
the last decade.

Today when I upgraded the anycast resolvers to bind 9.16.15 I found that 
none of the named's were listening on the IPv6 anycast addresses 
anymore. The procedure is:

     ifconfig lo1 down [by stopping the daemon]
     [wait for the routes to be withdrawn]
     service named restart
     [wait for named to startup]
     ifconfig lo1 up [by starting the daemon]
     [verify the routes come back]

When named starts up it creates socket for, and listens on each 
interface address. This works for the IPv4 addresses on the downed lo1 
interface but not the IPv6 addresses. I see now that named is throwing 
errors, e.g:

     Apr 30 11:06:11 XXX.lbl.gov named[68006]: listening on IPv6 
interface lo1, XXXX:XXXX:8000:XXXX:XXXX::1#53
     Apr 30 11:06:11 ns1.lbl.gov named[68006]: creating IPv6 interface 
lo1 failed; interface ignored

I thought this used to work. But it seems unreasonable to me that it 
works for IPv4 but not IPv6. Is this a problem with bind or with the 
IPv6 kernel stack?

		Craig