[Bloat] ipv6 fe80:: addresses, vlans and bridges... borked?

Dave Taht dave.taht at gmail.com
Wed May 11 09:46:41 EDT 2011


On Tue, May 10, 2011 at 10:40 PM, Roland Bless <roland.bless at kit.edu> wrote:

> Hi Dave,
>
> On 11.05.2011 05:32, Dave Taht wrote:
> > 1) in a wireshark analysis, the %interface part is lost
>
> But your wireshark is listening on some specific interface,
> isn't it?


No. It is listening on the wildcard interface. Of which there are 8.


> This interface is your context then and link locals are
> unique on that particular link (which is assured by
> Duplicate Address Detection).


I wouldn't be so sure in the case of link-local addresses and vlans and
bridges. At least: I'm no longer sure...

After digging into the code in openwrt (very) late last night I spotted this
in base-files/files/lib/network/config.sh

                   config_get macaddr "$config" macaddr
                        [ -x /usr/sbin/brctl ] && {
                                ifconfig "br-$config" 2>/dev/null >/dev/null
&& {
                                        local newdevs devices
                                        config_get devices "$config" device
                                        for dev in $(sort_list "$devices"
"$iface"); do
                                                append newdevs "$dev"
                                        done
                                        uci_set_state network "$config"
device "$newdevs"
                                        $DEBUG ifconfig "$iface" 0.0.0.0
                                        $DEBUG do_sysctl
"net.ipv6.conf.$iface.disable_ipv6" 1
                                        $DEBUG brctl addif "br-$config"
"$iface"
                                        # Bridge existed already. No further
processing necesary
                                } || {
                                        local stp
                                        config_get_bool stp "$config" stp 0
                                        $DEBUG brctl addbr "br-$config"
                                        $DEBUG brctl setfd "br-$config" 0
                                        $DEBUG ifconfig "$iface" 0.0.0.0
                                        $DEBUG do_sysctl
"net.ipv6.conf.$iface.disable_ipv6" 1
                                        $DEBUG brctl addif "br-$config"
"$iface"
                                        $DEBUG brctl stp "br-$config" $stp
                                        $DEBUG ifconfig "br-$config" up

it looks like I can "prepend" rather than "append" in order to get the wlan*
interface first in the bridge (rather than eth*), or defer bridge creation
until the other interfaces are brought up....

Each wlan has a unique MAC id, and thus I hope will create a unique bridge
id EUI-64.

And as for why it disables ipv6 on the underlying interface...



> Are you facing the problem from the
> switch's perspective (e.g., that you can determine the receiving
> i/f from the destination address of received packets) or from another
> another device's perspective?
>
> routers' perspective.


> > 2) we have 2^64 possible choices for fe80 addresses. I don't see what
> > having them all be the same buys me.
>
> You can assign an individual fe80:: address to an interface, e.g.,
> fe80::b101 for bridge one interface 1,  fe80::b102 bridge one
> interface 2 etc. if that helps. But be aware that it may create
> address collisions in case you have two such bridges on the same
> link :-( Therefore, using (modified) EUI-64 addresses within the
> 64-bit seems to be a good choice.
>
>
I think using ::b101 is a bad idea. EUI-64 is the way to go. I wanted to use
up the extra 52 bits though in some sane manner....


> > 3) It worries me in the babel routing protocol
>
> Sorry, I didn't study the spec so far. What is the
> particular problem there? Maybe there is a problem
> with the assumptions in the protocol.
>
>
It's a new RFC. Could be. It's a neat protocol tho.


> > 4) My bridges are misbehaving over ipv6 in the general case and I'm
> > willing to grasp at straws.
>
> What is that misbehavior? That a bridge is using the same link local
> address on each of its links? That's ok as long as its unique on that
> particular on-link subnet.
>
>
They be misbehaving - multicast weirdnesses.


> Regards,
>  Roland
>



-- 
Dave Täht
SKYPE: davetaht
US Tel: 1-239-829-5608
http://the-edge.blogspot.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.bufferbloat.net/pipermail/bloat/attachments/20110511/80bc4c3f/attachment-0003.html>


More information about the Bloat mailing list