最近自己在折腾nftables规则,结果radvd宣告ipv6旁路由老是不生效。表现结果为启动radvd时可以在指定设备的路由表看到旁路由地址的路由,然后在一分钟内这条路由规则就被自动删除了。一开始以为是nftables规则配置,结果追踪了好久也没发现什么问题。
今天通过tcpdump观察icmpv6包终于发现了端倪。在指定设备执行 tcpdump -v icmp6
,对比正常的icmp6和不正常的icmp6包。
发现不正常的radvd发送的NA包不包含router标志
fe80::20c:29ff:fea7:1225为指定通过旁路由的设备,fe80::5d23:c704:6a49:387d为旁路由本地链路地址
不正常的:
10:55:52.441699 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 32) fe80::20c:29ff:fea7:1225 > fe80::5d23:c704:6a49:387d: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has fe80::5d23:c704:6a49:387d
source link-address option (1), length 8 (1): 00:xx:xx:xx:12:25
10:55:52.442155 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 24) fe80::5d23:c704:6a49:387d > fe80::20c:29ff:fea7:1225: [icmp6 sum ok] ICMP6, neighbor advertisement, length 24, tgt is fe80::5d23:c704:6a49:387d, Flags [solicited]
正常的:
11:55:25.177706 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 32) fe80::20c:29ff:fea7:1225 > fe80::5d23:c704:6a49:387d: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has fe80::5d23:c704:6a49:387d
source link-address option (1), length 8 (1): 00:xx:xx:xx:12:25
11:55:25.178037 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 24) fe80::5d23:c704:6a49:387d > fe80::20c:29ff:fea7:1225: [icmp6 sum ok] ICMP6, neighbor advertisement, length 24, tgt is fe80::5d23:c704:6a49:387d, Flags [router, solicited]
从而确定了是radvd的问题。
接下来通过执行systemctl status radvd
,得到如下结果:
● radvd.service - Router advertisement daemon for IPv6
Loaded: loaded (/lib/systemd/system/radvd.service; enabled; preset: enabled)
Active: active (running) since Sat 2023-07-29 11:46:25 CST; 1s ago
Docs: man:radvd(8)
Process: 1463 ExecStartPre=/usr/sbin/radvd --logmethod stderr_clean --configtest (code=exited, status=0/SUCCESS)
Process: 1464 ExecStart=/usr/sbin/radvd --logmethod stderr_clean (code=exited, status=0/SUCCESS)
Main PID: 1465 (radvd)
Tasks: 2 (limit: 2046)
Memory: 276.0K
CPU: 242ms
CGroup: /system.slice/radvd.service
├─1465 /usr/sbin/radvd --logmethod stderr_clean
└─1466 /usr/sbin/radvd --logmethod stderr_clean
Jul 29 11:46:25 orangepipc systemd[1]: Starting radvd.service - Router advertisement daemon for IPv6...
Jul 29 11:46:25 orangepipc radvd[1463]: config file, /etc/radvd.conf, syntax ok
Jul 29 11:46:25 orangepipc radvd[1464]: version 2.19 started
Jul 29 11:46:25 orangepipc radvd[1464]: IPv6 forwarding setting is: 0, should be 1 or 2
Jul 29 11:46:25 orangepipc radvd[1464]: IPv6 forwarding seems to be disabled, but continuing anyway
Jul 29 11:46:25 orangepipc systemd[1]: Started radvd.service - Router advertisement daemon for IPv6.
发现可能是ipv6 forwarding未开启的原因。
执行 sysctl net.ipv6.conf.all.forwarding=1
开启ipv6 forwarding
然后就正常工作了。
ipv6网络问题实在太难调试了,而且资料也少,找遍全网也没找到相关问题。记录一下吧
小米20定制版