Re: DAD problem when a looped interface comes back up
"Ole Troan" <otroan@employees.org> Tue, 27 May 2008 07:12 UTC
Return-Path: <ipv6-bounces@ietf.org>
X-Original-To: ipngwg-archive@lists.ietf.org
Delivered-To: ietfarch-ipngwg-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D09363A67E7; Tue, 27 May 2008 00:12:41 -0700 (PDT)
X-Original-To: ipv6@core3.amsl.com
Delivered-To: ipv6@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 51D813A67E7 for <ipv6@core3.amsl.com>; Tue, 27 May 2008 00:12:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ic-sCPlt-m3i for <ipv6@core3.amsl.com>; Tue, 27 May 2008 00:12:40 -0700 (PDT)
Received: from rv-out-0506.google.com (rv-out-0506.google.com [209.85.198.231]) by core3.amsl.com (Postfix) with ESMTP id 752043A67B2 for <ipv6@ietf.org>; Tue, 27 May 2008 00:12:40 -0700 (PDT)
Received: by rv-out-0506.google.com with SMTP id b25so2328672rvf.49 for <ipv6@ietf.org>; Tue, 27 May 2008 00:12:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; bh=dYAE5VGd90n6Re5ony4sArrXmw9ReCh+2RvdWnY+hrc=; b=XOfFkUNzHbkhfCCli+TCI1S2Z4T+rhjaRLA6RIKzNHSWg5AD36+YwSdpv2rw7yMyxSPeY1ZdItsLJPHxzLy7IcdmcKagZAmz1fGbOkO4yvnDAsfijqcPBRNv4AXs+nAcMSvMsNeQbVy28oeMvwcbKgNFJOZlCB0EkcbPv8TgA68=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=smsO1MX5Nv4WN3Xp6/4qgPDJ10P9mwrpU3pccKxuykS/j/zMnJa5U7sMMfK1WU3tokZXvYpV5cKVj5872WIVz5uWGlvPxj5z0YsBaNB0fbGflV7ZoC9SQfMrkce5VMqjN3aLetsPmkKfkFqbD9fM7kqd7xOzP/2BXJPbvm9Kn9E=
Received: by 10.141.171.6 with SMTP id y6mr399325rvo.85.1211872363471; Tue, 27 May 2008 00:12:43 -0700 (PDT)
Received: by 10.141.212.19 with HTTP; Tue, 27 May 2008 00:12:43 -0700 (PDT)
Message-ID: <2bbba3c10805270012y5cb497ffg12bf581f255b6f52@mail.gmail.com>
Date: Tue, 27 May 2008 09:12:43 +0200
From: Ole Troan <otroan@employees.org>
To: ipv6@ietf.org
Subject: Re: DAD problem when a looped interface comes back up
In-Reply-To: <alpine.LRH.1.10.0805270930570.31523@netcore.fi>
MIME-Version: 1.0
Content-Disposition: inline
References: <5.1.0.14.2.20080527025233.00b1dc60@efes.iucc.ac.il> <20080527061615.GC426@greenie.muc.de> <alpine.LRH.1.10.0805270930570.31523@netcore.fi>
X-Google-Sender-Auth: af821c5e8c64bab9
Cc: Pekka Savola <pekkas@netcore.fi>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://www.ietf.org/mailman/private/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ipv6-bounces@ietf.org
Errors-To: ipv6-bounces@ietf.org
> FYI, > > This issue, from cisco-nsp list, might be of interest here. When an > interface is looped, it will fail DAD, and if the condition lasts long > enough, you might not recover from it automatically. this is a flaw in the way DAD was designed. one solution could be to add a nonce option to ND. another would be to turn DAD off. /ot > On Tue, 27 May 2008, Gert Doering wrote: >> On Tue, May 27, 2008 at 03:00:26AM +0300, Hank Nussbacher wrote: >>> When we did some line testing and did some loop testing on the link we got: >>> %IPV6-4-DUPLICATE: Duplicate address FE80::215:2CFF:FE87:B240 on POS11/0/0 >>> >>> petach-tikva-gp# sho ipv6 int pos11/0/0 >>> POS11/0/0 is up, line protocol is up >>> IPv6 is stalled, link-local address is FE80::215:2CFF:FE87:B240 [DUP] >> [..] >> >>> I know I can use "ipv6 nd dad attempts 5" but wanted to know whether I >>> should open a TAC case for this. >> >> I have seen this as well, and it's especially annoying if it happens >> as consequence of a link outage from the carrier (link going down, going >> into "loop" state, then coming back to "up") - if you're unlucky, a short >> glitch can kill your IPv6 on the line hard until you manually reset the >> interface. >> >> The current behaviour is pretty much a direct consequence from the RFC >> (DAD is mandatory), but I think that IOS could be a bit more smart about >> it, like "restart DAD every 5 minutes" or "recognize a looped->up >> transition on the interface, and then restart DAD". >> >> So - by all means, please open a TAC case. >> >> As a workaround, we have used "ipv6 nd dad attempts 5" on the specific >> line that gave us headaches - so we've never pressed the issue with Cisco. >> >> gert >> >> >> > > -- > Pekka Savola "You each name yourselves king, yet the > Netcore Oy kingdom bleeds." > Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > ipv6@ietf.org > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > -------------------------------------------------------------------- > -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------