IPv6 - Linux ping to "network IP" gets a reply. Why?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎02-08-2019 01:09 PM
So I'm still considering myself as being relatively new/inexperienced to IPv6, but I stumbled across something that seems odd to me.
I have a pair of BD8800s (EXOS 16.1.3.6 patch1-9) as core L3 switches. In VR-Default, I configured
BD-1:
BD2:
Now, from a machine out on the Internet, say "2001:db8:beef::7357", I am in fact able to ping6 "2001:db8:0:200::fa" as well as "2001:db8:0:200::fb"
So far, so good. The surprise happened when I started to ping "2001:db8:0:200::" and in fact got a reply back from one of the BDs - albeit with a source address of the "Internet" VLAN IPv6 address (different)
Wireshark captured it as a normal "Echo Reply - 129" to a normal "Echo Request - 128"
Why? From what I understand, IPv6 doesn't have the notion of reserved "network" and "broadcast" addresses, "2001:db8:0:200::" should be a valid IP address that I could assign to a host (regardless if that'd be confusing to humans). I asked for an "echo", not a router/neighbor-solicitation
I fear there's either something that I don't understand, or there's something broken. If anyone could clarify what's happening and why, that would be much appreciated.
Thanks to any and all idea(s)
Frank
I have a pair of BD8800s (EXOS 16.1.3.6 patch1-9) as core L3 switches. In VR-Default, I configured
BD-1:
code:
create vlan test tag 678
configure vlan test ipaddress 2001:db8:0:200::fa/64
configure vlan test add ports 1:1 tagged
enable ipforwarding ipv6 vlan test
BD2:
code:
create vlan test tag 678
configure vlan test ipaddress 2001:db8:0:200::fb/64
configure vlan test add ports 1:1 tagged
enable ipforwarding ipv6 vlan test
Now, from a machine out on the Internet, say "2001:db8:beef::7357", I am in fact able to ping6 "2001:db8:0:200::fa" as well as "2001:db8:0:200::fb"
So far, so good. The surprise happened when I started to ping "2001:db8:0:200::" and in fact got a reply back from one of the BDs - albeit with a source address of the "Internet" VLAN IPv6 address (different)
Wireshark captured it as a normal "Echo Reply - 129" to a normal "Echo Request - 128"
Why? From what I understand, IPv6 doesn't have the notion of reserved "network" and "broadcast" addresses, "2001:db8:0:200::" should be a valid IP address that I could assign to a host (regardless if that'd be confusing to humans). I asked for an "echo", not a router/neighbor-solicitation
I fear there's either something that I don't understand, or there's something broken. If anyone could clarify what's happening and why, that would be much appreciated.
Thanks to any and all idea(s)
Frank
1 REPLY 1
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎02-08-2019 01:25 PM
Oh my... and now that I've typed all that in, I may have found an answer: "Subnet Router Anycast Address"...
This article seems to explain it : https://into6.com.au/2014/03/30/subnet-router-anycast-addresses-what-are-they-how-do-they-work/
In short (meaning I'm copy/pasting):
"Packets sent to the Subnet-Router anycast address will be delivered to one router on the subnet. All routers are required to support the Subnet-Router anycast addresses for the subnets to which they have interfaces." (RFC 4291)
Leaving this here in case that I'm not the only one with a "not-quite complete understanding of all that is IPv6"
Frank
This article seems to explain it : https://into6.com.au/2014/03/30/subnet-router-anycast-addresses-what-are-they-how-do-they-work/
In short (meaning I'm copy/pasting):
"Packets sent to the Subnet-Router anycast address will be delivered to one router on the subnet. All routers are required to support the Subnet-Router anycast addresses for the subnets to which they have interfaces." (RFC 4291)
Leaving this here in case that I'm not the only one with a "not-quite complete understanding of all that is IPv6"
Frank
