# IPv6 problem with /48 routed over link-local



## Taos (Jul 24, 2012)

Hello,

I am having a problem that I do not understand.  I can reboot the machine and send approximately 8 pings before it will no longer ping an outside address.

The configuration and output is as follows:

rc.conf

```
ipv6_network_interface="em0"
ipv6_defaultrouter="fe80::1%em0"

ipv6_router_enable="YES"
ipv6_route="/usr/sbin/route6d"
ipv6_ifconfig_em0="2607:f2f8:a7c4:: prefixlen 64"
ipv6_ifconfig_em0_alias0="2607:f2f8:a7c4::1 prefixlen 64"
ipv6_ifconfig_em0_alias1="2607:f2f8:a7c4::2 prefixlen 64"

ipv6_gateway_enable="YES"
rtadvd_enable="YES"
rtadvd_interfaces="em0"
```

ifconfig output:

```
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	options=209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC>
	ether 52:54:00:27:28:36
	inet6 fe80::5054:ff:fe27:2836%em0 prefixlen 64 scopeid 0x1 
	inet6 2607:f2f8:a7c4:: prefixlen 64 
	inet6 2607:f2f8:a7c4::1 prefixlen 64 
	inet6 2607:f2f8:a7c4::2 prefixlen 64 
	nd6 options=3<PERFORMNUD,ACCEPT_RTADV>
	media: Ethernet autoselect (1000baseT <full-duplex>)
	status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
	options=3<RXCSUM,TXCSUM>
	inet 127.0.0.1 netmask 0xff000000 
	inet6 ::1 prefixlen 128 
	inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2 
	nd6 options=3<PERFORMNUD,ACCEPT_RTADV>
```

rtadvd.conf

```
em0:\
:addrs#1:addr="2607:f2f8:a7c4::":prefixlen#64:tc=default:
```

ping output:

```
ping6 ipv6.google.com
PING6(56=40+8+8 bytes) 2607:f2f8:a7c4:: --> 2607:f8b0:4007:800::1014
16 bytes from 2607:f8b0:4007:800::1014, icmp_seq=0 hlim=58 time=1.936 ms
16 bytes from 2607:f8b0:4007:800::1014, icmp_seq=1 hlim=58 time=1.694 ms
16 bytes from 2607:f8b0:4007:800::1014, icmp_seq=2 hlim=58 time=1.506 ms
16 bytes from 2607:f8b0:4007:800::1014, icmp_seq=3 hlim=58 time=1.632 ms
16 bytes from 2607:f8b0:4007:800::1014, icmp_seq=4 hlim=58 time=1.995 ms
16 bytes from 2607:f8b0:4007:800::1014, icmp_seq=5 hlim=58 time=1.392 ms
16 bytes from 2607:f8b0:4007:800::1014, icmp_seq=6 hlim=58 time=1.511 ms
16 bytes from 2607:f8b0:4007:800::1014, icmp_seq=7 hlim=58 time=2.350 ms
^C
--- ipv6.l.google.com ping6 statistics ---
10 packets transmitted, 8 packets received, 20.0% packet loss
round-trip min/avg/max/std-dev = 1.392/1.752/2.350/0.299 ms
```

tcpdump output:

```
tcpdump -iem0 |grep IP6
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on em0, link-type EN10MB (Ethernet), capture size 96 bytes
22:40:46.022380 IP6 fe80::5054:ff:fe27:2836 > ff02::1: ICMP6, router advertisement, length 56
22:40:47.280576 IP6 2607:f2f8:a7c4:: > ff02::1:ff00:1: ICMP6, neighbor solicitation, who has fe80::1, length 32
22:40:47.281079 IP6 2607:f2f8:a7c0::1 > 2607:f2f8:a7c4::: ICMP6, neighbor advertisement, tgt is fe80::1, length 32
22:40:47.281121 IP6 2607:f2f8:a7c4:: > lax04s08-in-x14.1e100.net: ICMP6, echo request, seq 0, length 16
22:40:47.282267 IP6 lax04s08-in-x14.1e100.net > 2607:f2f8:a7c4::: ICMP6, echo reply, seq 0, length 16
22:40:48.292474 IP6 2607:f2f8:a7c4:: > lax04s08-in-x14.1e100.net: ICMP6, echo request, seq 1, length 16
22:40:48.293873 IP6 lax04s08-in-x14.1e100.net > 2607:f2f8:a7c4::: ICMP6, echo reply, seq 1, length 16
22:40:49.282503 IP6 2607:f2f8:a7c4:: > lax04s08-in-x14.1e100.net: ICMP6, echo request, seq 2, length 16
22:40:49.283715 IP6 lax04s08-in-x14.1e100.net > 2607:f2f8:a7c4::: ICMP6, echo reply, seq 2, length 16
22:40:50.275046 IP6 2607:f2f8:a7c4:: > lax04s08-in-x14.1e100.net: ICMP6, echo request, seq 3, length 16
22:40:50.276376 IP6 lax04s08-in-x14.1e100.net > 2607:f2f8:a7c4::: ICMP6, echo reply, seq 3, length 16
22:40:51.275130 IP6 2607:f2f8:a7c4:: > lax04s08-in-x14.1e100.net: ICMP6, echo request, seq 4, length 16
22:40:51.276840 IP6 lax04s08-in-x14.1e100.net > 2607:f2f8:a7c4::: ICMP6, echo reply, seq 4, length 16
22:40:52.277561 IP6 2607:f2f8:a7c0::1 > 2607:f2f8:a7c4::: ICMP6, neighbor solicitation, who has 2607:f2f8:a7c4::, length 32
22:40:52.282525 IP6 2607:f2f8:a7c4:: > lax04s08-in-x14.1e100.net: ICMP6, echo request, seq 5, length 16
22:40:52.283704 IP6 lax04s08-in-x14.1e100.net > 2607:f2f8:a7c4::: ICMP6, echo reply, seq 5, length 16
22:40:53.277262 IP6 2607:f2f8:a7c0::1 > 2607:f2f8:a7c4::: ICMP6, neighbor solicitation, who has 2607:f2f8:a7c4::, length 32
22:40:53.285170 IP6 2607:f2f8:a7c4:: > lax04s08-in-x14.1e100.net: ICMP6, echo request, seq 6, length 16
22:40:53.286379 IP6 lax04s08-in-x14.1e100.net > 2607:f2f8:a7c4::: ICMP6, echo reply, seq 6, length 16
22:40:54.275226 IP6 2607:f2f8:a7c4:: > lax04s08-in-x14.1e100.net: ICMP6, echo request, seq 7, length 16
22:40:54.277233 IP6 2607:f2f8:a7c0::1 > 2607:f2f8:a7c4::: ICMP6, neighbor solicitation, who has 2607:f2f8:a7c4::, length 32
22:40:54.277269 IP6 lax04s08-in-x14.1e100.net > 2607:f2f8:a7c4::: ICMP6, echo reply, seq 7, length 16
22:40:55.280213 IP6 2607:f2f8:a7c4:: > lax04s08-in-x14.1e100.net: ICMP6, echo request, seq 8, length 16
22:40:55.281220 IP6 fe80::1 > ff02::1:ff00:2: ICMP6, neighbor solicitation, who has fe80::2, length 32
22:40:56.276676 IP6 fe80::1 > ff02::1:ff00:2: ICMP6, neighbor solicitation, who has fe80::2, length 32
22:40:56.280355 IP6 2607:f2f8:a7c4:: > lax04s08-in-x14.1e100.net: ICMP6, echo request, seq 9, length 16
```

netstat:

```
netstat -nr -f inet6
Routing tables

Internet6:
Destination                       Gateway                       Flags      Netif Expire
::/96                             ::1                           UGRS        lo0 =>
default                           fe80::1%em0                   UGS         em0
::1                               ::1                           UH          lo0
::ffff:0.0.0.0/96                 ::1                           UGRS        lo0
2607:f2f8:a7c4::                  link#1                        UHS         lo0 =>
2607:f2f8:a7c4::/64               link#1                        U           em0
2607:f2f8:a7c4::1                 link#1                        UHS         lo0
2607:f2f8:a7c4::2                 link#1                        UHS         lo0
2607:f2f8:a7c4:0:de:face:666:666  link#1                        UHS         lo0
2607:f2f8:a7c4:0:de:face:666:1980 link#1                        UHS         lo0
fe80::/10                         ::1                           UGRS        lo0
fe80::%em0/64                     link#1                        U           em0
fe80::5054:ff:fe27:2836%em0       link#1                        UHS         lo0
fe80::%lo0/64                     link#2                        U           lo0
fe80::1%lo0                       link#2                        UHS         lo0
ff01:1::/32                       fe80::5054:ff:fe27:2836%em0   U           em0
ff01:2::/32                       ::1                           U           lo0
ff02::/16                         ::1                           UGRS        lo0
ff02::%em0/32                     fe80::5054:ff:fe27:2836%em0   U           em0
ff02::%lo0/32                     ::1                           U           lo0
```

At what point am I messing this up? Any help would be greatly appreciated.

Thanks,

Taos


----------



## SirDice (Jul 24, 2012)

Taos said:
			
		

> ```
> ipv6_gateway_enable="YES"
> rtadvd_enable="YES"
> rtadvd_interfaces="em0"
> ```


Try turning these off, you don't seem to need them. You only have one interface anyway.


----------



## Taos (Jul 24, 2012)

Hello SirDice,

Thanks for the reply! I actually added these after the fact, but have removed them and am still getting the same problem. 

It seems the problem happens when it attempts to:


```
22:40:55.281220 IP6 fe80::1 > ff02::1:ff00:2: ICMP6, neighbor solicitation, who has fe80::2, length 32
```

At this point it stops receiving the ECHO replies.  There is no interface with the local-link fe80::2 so I'm not sure how it will reply to the who has? 

Any idea as to why this might be happening, or how to resolve this at all?


----------



## SirDice (Jul 24, 2012)

Why don't you use the global address of the router for ipv6_defaultrouter?


----------



## Taos (Jul 24, 2012)

This is what I was initially told from the support staff:


```
We don't assign /48's to VLANs directly (where the first hop is
the first IP).  There is no point to doing so b/c it precludes you
from further subnetting the /48.  And, if you're not going to subnet
a /48, why do you need the /48 in the first place? :)  That's why
/64's are assigned to VLANs and the enclosing /48 reserved for you
should you ever do a subnet'd setup.

In order to subnet the /48, we route it over your VPS' link-local
address (fe80::/64).
```


----------



## Taos (Jul 24, 2012)

What you had mentioned is how I have set this up in the past, however.  So I am a little lost as to what is actually causing the problem and why I am able to communicate briefly over IPv6 before it stops...


----------



## SirDice (Jul 24, 2012)

Use the full fe80:: address. I'm guessing fe80::1 gets assigned somewhere else too.


----------



## Taos (Jul 24, 2012)

I had tried this previously (using the link-local for the em0 interface (fe80::5054:ff:fe27:2836%em0) and it wouldn't send ICMP at all with this.


----------



## SirDice (Jul 24, 2012)

No, you need to use the fe80:: address of the router, not from your own interface.

But don't they supply Router Advertisements? If they do all you have to do is:

```
ifconfig_em0_ipv6="inet6 accept_rtadv"
```


----------



## Taos (Jul 24, 2012)

I don't appear to be receiving anything on the interface.  Could this possibly be a misconfiguration on their end of some sort?

I have added this to to rc.conf, but I believe this was saying the interface was already accepting router advertisements?

nd6 options=3<PERFORMNUD,ACCEPT_RTADV>


The gateway I was given was fe80::1/64

I am not sure if there is miscommunication between myself and the support staff, or if I am just borking the setup...


----------



## SirDice (Jul 24, 2012)

I just checked my VPS and it too has fe80::1 as a default gateway. I do get router advertisements though so it's possible something isn't working correctly on their side.

The only IPv6 related things in my rc.conf are:

```
ipv6_activate_all_interfaces="YES"
ifconfig_em0_ipv6="inet6 accept_rtadv"
```


----------



## Taos (Jul 24, 2012)

I actually had to assign fe80::2 to the em0 interface.

I'll go get my dunce cap now.  Thanks for all the help SirDice!


----------

