IPv6 not responding on some aliases (recent 8-stable)
Jason Hellenthal
jhell at DataIX.net
Fri Dec 30 14:59:06 UTC 2011
On Fri, Dec 23, 2011 at 09:17:09AM +0000, Bjoern A. Zeeb wrote:
>
> On 22. Dec 2011, at 20:39 , Marcin Cieslak wrote:
>
> >>> Bjoern A. Zeeb <bzeeb-lists at lists.zabbadoz.net> wrote:
> >>> I initially thought it's a transport layer issue, since previously (before
> >>> I changed configuration) 30%-50% SSH connection attempts succeeded
> >>> (but prefix was wrong on the "primary" IPv6 address :1000).
> >>> Now I get no packets on receiving side at all for those "broken" IPv6 addresses.
> >>
> >> Talk to ywhomever is providing in front of you to
> >> 1) either relax nd6 table limits or
> >> 2) to route a /64 to your host to only have 1 entry in the neighbour table.
> >>
> >> That's most likely the problem given my crystal ball and experience.
> >
> > Thank you for insightful analysis!
> > Seems like this provider has some significant IPv6 takeup, which is
> > good news - sorry for hassle, but problems started after upgrade.
> >
> > I'll talk to my upstream then, thanks!
>
> Please let us know of the results, especially if my crystal ball was wrong.
>
I have seen this behavior before when one of the addresses on an interface is in a DMZ while the others are not. But this was with IPv4. I would assume IPv6 would have acted the same way but left it untested as it was not critical. Take this as informational only and double check your switches, firewalls, etc...
--
;s =;
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 455 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-net/attachments/20111230/03a519bf/attachment.pgp
More information about the freebsd-net
mailing list