Re: [Bridge] bridge is not forwaring ICMP6 neighbor solicitation to KVM guest

Wed, 05 Mar 2014 10:43:11 -0800 


----- Original Message -----
> From: "Linus Lüssing" <linus.luess...@web.de>
> To: "Jan Stancek" <jstan...@redhat.com>
> Cc: net...@vger.kernel.org, "Florian Westphal" <fwest...@redhat.com>, 
> bridge@lists.linux-foundation.org
> Sent: Tuesday, 4 March, 2014 11:52:54 AM
> Subject: Re: bridge is not forwaring ICMP6 neighbor solicitation to KVM guest
> 
> Hi Jan,
> 
> On Tue, Mar 04, 2014 at 03:02:36AM -0500, Jan Stancek wrote:
> > > For the broken query, ok, it's your manually crafted query. But
> > > did you see a query with such a bogus source address "in the
> > > wild", too? (I'm curious how urgent this sanity check is)
> > 
> > It's real packet I managed to capture during one such occurrence.
> > I'm sending it with small C program over raw socket, but it's byte
> > by byte exact copy of what I captured with tcpdump previously.
> > 
> > I'm not sure how that packet came to existence. Based on IPv6 address
> > it came from host B, but all host B was doing at the time
> > was running RHEL6 with couple qemu-kvm instances. KVM guests were
> > set up to use bridge, so I'm assuming if any of them crafted
> > this packet, source IPv6 address would be different.
> > 
> 
> Ah, okay. Can you check whether it maybe came from the querier
> code in the Linux bridge on host B? Is
> "cat /sys/class/net/br0/bridge/multicast_querier" 1?

# cat /sys/class/net/br0/bridge/multicast_querier
cat: /sys/class/net/br0/bridge/multicast_querier: No such file or directory

> Can you isolate host B and disable any multicast router daemon on it? Then
> check again, if you still see these queries.

Besides those cases where I sent it by myself, I haven't seen host B send
that query for couple days now.

> What kernel version is running on host B?

2.6.32-279.42.1.el6.x86_64
It's a RHEL6.3.z kernel.

> Where does Linux use :: for queries?

I'm not sure if it's Linux (I'm trying to locate that system by MAC), but I see
packets like these on my network every ~125 seconds:

No.     Time        Source                Destination           Protocol Length 
Info
  22675 1334.751135 ::                    ff02::1               ICMPv6   86     
Multicast Listener Query

Internet Control Message Protocol v6
    Type: Multicast Listener Query (130)
    Code: 0
    Checksum: 0x7ac1 [correct]
    Maximum Response Delay [ms]: 1000
    Reserved: 0000
    Multicast Address: :: (::)

Regards,
Jan

Reply via email to