For a long time now I had a very annoying problem with IPv6 under Linux.
My setup is as follows: Linux box <-> Switch <-> Router
The Linux box uses a bridge interface (br0) and usually only has one physical interface attached to it (eth0). That’s a very convenient setup.
The problem is that after a couple of minutes the IPv6 connectivity of the host will go away. Now, the host has a static IPv6 assigned to it and it’s not that it loses the address or any route. Instead it just stops communicating with everything.
Troubleshooting this showed that the box loses the MAC address of the router and the ND protocol does not work, so it never recovers.
When the problem occurs, the neighbor information becomes stale:
# ip neigh 2a01:XXX:YYY:1::1 dev br0 lladdr 00:11:12:13:14:c4 router STALE fe80::20c:XXff:feXX:YYYY dev br0 lladdr 00:11:12:13:14:c4 router STALE
I.e the entry remains in a ‘STALE’ state and never recovers.
My workarounds so far have been:
- Enable promiscuous mode on the interface (ifconfig br0 promisc)
- Clear neighbors (ip neigh flush)
Everything pointed out to multicast issues (what IPv6 ND uses).
Long-story-short, this was an eye opener: http://troglobit.com/blog/2013/07/09/multicast-howto/
What needs to be done is to disable IGMP snooping on the bridge interface because it causes these issues. This is done with:
# echo 0 > /sys/devices/virtual/net/br0/bridge/multicast_snooping
So do yourself a favor and add this to /etc/network/interfaces, in the relevant interface:
up echo 0 > /sys/devices/virtual/net/$IFACE/bridge/multicast_snooping
Apparently I have the same problem, but neither promiscuous mode nor disabling multicast snooping improved the situation.
LikeLike
Hooray! This fixed my issue. I think it was a combination of a few things though.
1. Make sure /etc/sysconfig/network (assuming Centos/Redhat) has:
IPV6FORWARDING=no
IPV6_AUTOCONF=no
IPV6_DEFAULTGW=%
2. The the bridging interface script should also have:
IPV6INIT=yes
IPV6_AUTOCONF=no
3. Then after booting make sure to do the ‘echo 0 >/sys/devices/virtual/net/brX/bridge/multicast_snooping as stated above
This fixed the issue for me on Centos 6 and Centos 7 machines.
LikeLike