[systemd-devel] IPv6AcceptRA: RDNSS Lifetime is not expiring

Petr Menšík pemensik at redhat.com
Mon Jul 17 09:39:32 UTC 2023 

I would suggest creating issue at github.com/systemd/systemd repository. 
I have not tested it, but sounds like it should be fixed.

On 12. 07. 23 0:39, Muggeridge, Matt wrote:
>
> Hello there!
>
> In our IPv6 network, the address of a Recursive DNS Server (RDNSS) is 
> supplied in a Router Advertisement (RA), with a lifetime of 60 seconds.
>
> It appears that RDNSS lifetime is not being honoured (RFC 8106, 
> section 5.1 
> <https://www.rfc-editor.org/rfc/rfc8106.html#section-5.1:~:text=in the 
> option.-,Lifetime,-32-bit unsigned>).  I reviewed the code and can see 
> where the RDNSS lifetime is being saved 
> <https://github.com/systemd/systemd-stable/blob/4a31fa2fb040005b73253da75cf84949b8485175/src/network/networkd-ndisc.c#L712>, 
> though I was unable to determine how it was being handled upon expiry.
>
> How do I configure networkd so that the RA’s RDNSS lifetime is honoured?
>
> Here is a summary of the simple protocol exchange:
>
>  1. Router: Send RA [RDNSS address of “nameserver60s”, lifetime: “60”]
>  2. Host: “resolvectl” shows the link’s DNS server now lists the RDNSS
>     address of “nameserver60s”
>  3. ** Wait for more than 60 seconds – the RDNSS entry should expire **
>  4. Host:
>      1. “resolvectl” continues to list the address of “nameserver60s”
>         on the link.
>      2. Using tcpdump to trace “ping test.example.com”, the
>         “nameserver60s” is still being used.  It never timed out.
>
> Here is my network configuration, showing UseDNS and UseDomains both 
> set to “yes”:
>
> ------------------------------------------------------------
>
> $ cat /etc/systemd/network/10-eno0.network
>
> [Match]
>
> KernelCommandLine=!nfsroot
>
> Name=eno0
>
> [DHCP]
>
> ClientIdentifier=mac
>
> RouteMetric=10
>
> UseDomains=yes
>
> UseHostname=yes
>
> UseMTU=yes
>
> [Network]
>
> #DHCP=ipv6
>
> Address=10.1.1.1/24
>
> #DNS=1.2.3.6
>
> Gateway=1.1.1.2
>
> IPv6AcceptRA=yes
>
> [IPv6AcceptRA]
>
> UseDNS=yes
>
> UseDomains=yes
>
> ------------------------------------------------------------
>
> Grateful for any suggestions.
>
> Kind regards,
>
> Matt.
>
> PS: We’re on systemd 250.  I’ve searched later versions of the release 
> notes <https://github.com/systemd/systemd/releases> and it seems there 
> have been no changes in this area.
>
-- 
Petr Menšík
Software Engineer, RHEL
Red Hat,http://www.redhat.com/
PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/systemd-devel/attachments/20230717/eb49a434/attachment.htm>

More information about the systemd-devel mailing list