[systemd-devel] networkd: IPv6 prefix delegation not updated when prefix changes
Andrei Borzenkov
arvidjaar at gmail.com
Mon Apr 13 17:42:16 UTC 2020
13.04.2020 18:18, Tobias Brink пишет:
> Hello systemd devs and users,
>
> my internet connection is established by a router provided by my ISP (a
> Fritz Box to be precise). It can hand out delegated IPv6 prefixes via
> DHCPv6. I use a Linux box in between this router and my internal network
> to provide additional firewalling, OpenVPN, etc. For this, I request an
> IPv6 prefix for the internal network using networkd. This works. But the
> provider (like most non-business offerings) resets the public IPv4
> address and IPv6 prefix from time to time. The prefix delegation on my
> Linux box is not updated at this point and the old delegated prefix
> expires. Only "networkctl reconfigure" on the external interface leads
> to a new prefix delegation being obtained. Routes for the old prefixes,
> though, remain indefinitely, potentially causing trouble.
>
> I do believe this to be a problem with networkd, but I'm new to IPv6 and
> wanted to ask here first if there's a problem with my configuration or
> if the ISP-provided router is maybe buggy instead. If I should instead
> open an issue on GitHub or if more information is needed, please tell
> me.
>
DHCPv6 IA prefix option includes lifetime. Client is expected to renew
delegation before lifetime expires. If information handed out to client
expires before this timer, standard defines Reconfigure message that can
be used by server to inform client that it needs to renew lease. In both
cases it is really up to provider and its equipment.
Still even if all of this is implemented there is still some short
period of lost connectivity, before client has renewed delegation and
pushed updated information downstream. To make it completely transparent
provider would need to keep both prefixes as valid for some transitional
time.
Do you have packet trace at the time prefix is changed? If CPE sends
Reconfigure message, then it is networkd fault by not acting on it.
Otherwise I do not think anything ca be done on this level.
More information about the systemd-devel
mailing list