[Bug 263288] IPv6 system not responding to Neighbor Solicitation
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 30 May 2024 02:54:01 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263288 --- Comment #21 from Robert Blayzor <rblayzor@inoc.net> --- I have run into this issue now a few times. I have seen hosts try to ping my IPv6 hosts from off network and they just hang. Upon investigation I have found that the host is hung up on ignoring NS messages from the router, even though on the host we have NDP entries for both the link local and the global IP address. ie: # ndp -an | grep lagg1 | grep 00:09:0f 2607:f058:xx::1 00:09:0f:09:00:01 lagg1 23h34m17s S R fe80::209:fff:fe09:1%lagg1 00:09:0f:09:00:01 lagg1 23h33m53s S R PCAP shows NS messages from the router, but there is zero response, the host just ignores them. No firewall enabled at all.... I can ping from other hosts on the same subnet, that seems to work. The kicker is, if I ping6 FROM the host to the router it takes about 5 seconds (give or take) and then you're able to ping the gateway again. Once this happens, packets from remote are able to ping and traffic flows again. If I stop sending traffic and let things sit for about a minute, the process repeats again. NDP sol messages from the router are ignored again and remain broken until I ping the router from the host again. If I keep a continuous ping from a host off link, it will never fail. This seems to be some type of NDP timeout/cache issue. I have tried setting: net.inet6.icmp6.nd6_onlink_ns_rfc4861=1. but that does not seem to solve the problem. I am currently seeing this on 13.1-RELEASE-p9 which is on a TrueNAS host. While I realize 13.3 is current, TrueNAS seems to lag a little behind. I do have other TrueNAS hosts running this version that don't seem to experience this issue. (at least I've not reliably reproduced it on other machines) I have tried just rebooting the host, but I CAN reliably reproduce this issue. I have no other ND issues from the router to other hosts on this network. I have confirmed the host *is* receiving the NS messages; it just never replies.. -- You are receiving this mail because: You are the assignee for the bug.