[JOIN-IPv6] eigenartiges verhalten

Tue, 12 Jun 2007 06:19:59 -0700 

hallo,
ich habe hier ein eigenartiges verhalten bei dem ich nicht so richtig weiterkomme: IPv6 faehige Rechner, welche einige Minuten keinen IPv6 Traffic gehabt haben und wieder ein Paket versenden wollen, senden die IPv6 Pakete voruebergebend an eine falsche MAC-addresse. 

klingt etwas dubios, aber hier mal ein beispiel:

host (linux): ifconfig eth0

eth0      Link encap:Ethernet  HWaddr 00:50:56:95:16:FB
          inet6 addr: 2001:638:902:200f:250:56ff:fe95:16fb/64 Scope:Global
          inet6 addr: fe80::250:56ff:fe95:16fb/64 Scope:Link


gateway (netbsd): ifconfig vlan307

vlan307: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        vlan: 307 parent: wm1
        address: 00:04:23:c1:c4:35
        inet6 fe80::204:23ff:fec1:c435%vlan307 prefixlen 64 scopeid 0xf
        inet6 2001:638:902:200f::1 prefixlen 64



jetzt ein ping6 vom client auf einen beliebigen rechner ausserhalb des 
netzwerkes:


PING www.ipng.nl(bfib.ipng.nl) 56 data bytes
64 bytes from bfib.ipng.nl: icmp_seq=9 ttl=55 time=34.7 ms

--- www.ipng.nl ping statistics ---
9 packets transmitted, 1 received, 88% packet loss, time 8003ms
rtt min/avg/max/mdev = 34.772/34.772/34.772/0.000 ms



Wie man erkennt, gehen die ersten 8 Pakete verloren, danach kommen ALLE 
pakete durch. das ipv6 funktioniert jetzt einwandfrei. das angehaengte 
tcpdump zeigt, dass die ersten 8 Pakte an eine falsche MAC-adresse 
geschickt werden. danach pegelt sich die sache ein. der effekt tritt bei 
windows und linux hosts auf. die konfiguration erfolgt stateless mit 
quagga.



Jemand eine Idee wo man mit der Fehlersuche anfangen kann? Einen Angriff 
kann ich relativ sicher ausschliessen.



danke
Uwe


hier noch das tcpdump vom host:


16:37:19.367118 00:50:56:95:16:fb > 00:04:23:c1:c4:00, ethertype IPv6 
(0x86dd), length 118: 2001:638:902:200f:250:56ff:fe95:16fb > 
2001:7b8:3:1e:290:27ff:fe0c:5c5e: ICMP6, echo request, seq 1, length 64
16:37:20.370703 00:50:56:95:16:fb > 00:04:23:c1:c4:00, ethertype IPv6 
(0x86dd), length 118: 2001:638:902:200f:250:56ff:fe95:16fb > 
2001:7b8:3:1e:290:27ff:fe0c:5c5e: ICMP6, echo request, seq 2, length 64
16:37:21.370676 00:50:56:95:16:fb > 00:04:23:c1:c4:00, ethertype IPv6 
(0x86dd), length 118: 2001:638:902:200f:250:56ff:fe95:16fb > 
2001:7b8:3:1e:290:27ff:fe0c:5c5e: ICMP6, echo request, seq 3, length 64
16:37:22.370606 00:50:56:95:16:fb > 00:04:23:c1:c4:00, ethertype IPv6 
(0x86dd), length 118: 2001:638:902:200f:250:56ff:fe95:16fb > 
2001:7b8:3:1e:290:27ff:fe0c:5c5e: ICMP6, echo request, seq 4, length 64
16:37:23.370575 00:50:56:95:16:fb > 00:04:23:c1:c4:00, ethertype IPv6 
(0x86dd), length 118: 2001:638:902:200f:250:56ff:fe95:16fb > 
2001:7b8:3:1e:290:27ff:fe0c:5c5e: ICMP6, echo request, seq 5, length 64
16:37:24.370468 00:50:56:95:16:fb > 00:04:23:c1:c4:00, ethertype IPv6 
(0x86dd), length 86: fe80::250:56ff:fe95:16fb > fe80::204:23ff:fec1:c435: 
ICMP6, neighbor solicitation, who has fe80::204:23ff:fec1:c435, length 32
16:37:24.370481 00:50:56:95:16:fb > 00:04:23:c1:c4:00, ethertype IPv6 
(0x86dd), length 118: 2001:638:902:200f:250:56ff:fe95:16fb > 
2001:7b8:3:1e:290:27ff:fe0c:5c5e: ICMP6, echo request, seq 6, length 64
16:37:25.370440 00:50:56:95:16:fb > 00:04:23:c1:c4:00, ethertype IPv6 
(0x86dd), length 86: fe80::250:56ff:fe95:16fb > fe80::204:23ff:fec1:c435: 
ICMP6, neighbor solicitation, who has fe80::204:23ff:fec1:c435, length 32
16:37:25.370531 00:50:56:95:16:fb > 00:04:23:c1:c4:00, ethertype IPv6 
(0x86dd), length 118: 2001:638:902:200f:250:56ff:fe95:16fb > 
2001:7b8:3:1e:290:27ff:fe0c:5c5e: ICMP6, echo request, seq 7, length 64
16:37:26.370391 00:50:56:95:16:fb > 00:04:23:c1:c4:00, ethertype IPv6 
(0x86dd), length 86: fe80::250:56ff:fe95:16fb > fe80::204:23ff:fec1:c435: 
ICMP6, neighbor solicitation, who has fe80::204:23ff:fec1:c435, length 32
16:37:26.370470 00:50:56:95:16:fb > 00:04:23:c1:c4:00, ethertype IPv6 
(0x86dd), length 118: 2001:638:902:200f:250:56ff:fe95:16fb > 
2001:7b8:3:1e:290:27ff:fe0c:5c5e: ICMP6, echo request, seq 8, length 64
16:37:27.380341 00:50:56:95:16:fb > 33:33:ff:c1:c4:35, ethertype IPv6 
(0x86dd), length 86: 2001:638:902:200f:250:56ff:fe95:16fb > 
ff02::1:ffc1:c435: ICMP6, neighbor solicitation, who has 
fe80::204:23ff:fec1:c435, length 32
16:37:27.380714 00:04:23:c1:c4:35 > 00:50:56:95:16:fb, ethertype IPv6 
(0x86dd), length 86: 2001:638:902:200f::1 > 
2001:638:902:200f:250:56ff:fe95:16fb: ICMP6, neighbor advertisement, tgt 
is fe80::204:23ff:fec1:c435, length 32
16:37:27.380744 00:50:56:95:16:fb > 00:04:23:c1:c4:35, ethertype IPv6 
(0x86dd), length 118: 2001:638:902:200f:250:56ff:fe95:16fb > 
2001:7b8:3:1e:290:27ff:fe0c:5c5e: ICMP6, echo request, seq 9, length 64
16:37:27.405150 00:04:23:c1:c4:35 > 00:50:56:95:16:fb, ethertype IPv6 
(0x86dd), length 118: 2001:7b8:3:1e:290:27ff:fe0c:5c5e > 
2001:638:902:200f:250:56ff:fe95:16fb: ICMP6, echo reply, seq 9, length 64

-- 
ipv6 mailing list
[email protected]
http://listserv.uni-muenster.de/mailman/listinfo/ipv6






















					Antwort per Email an