TL;DR: IPv6 forwarding breaks when my DHCPv6 client lease expires, even though CLI output claims it’s been renewed.
I have an SRX210 as my home gateway, running 12.1X46-D35.1. This is running dual stack to Comcast, receiving a /56 DHCPv6 delegation and RA’ing a /64 to my home LAN. I’ve noticed that after the 4-day lease time expires, I can no longer route IPv6; my outbound trace routes break at the device, like so: admin@CAW-SRX210-HOME> traceroute 2a03:2880:2130:cf05:face:b00c::1 traceroute6 to 2a03:2880:2130:cf05:face:b00c::1 (2a03:2880:2130:cf05:face:b00c:0:1) from 2001:558:600a:5a:38f8:139:bba0:e7bb, 64 hops max, 12 byte packets traceroute: sendto: No route to host 1 traceroute6: wrote 2a03:2880:2130:cf05:face:b00c::1 12 chars, ret=-1 ^C This is true despite a default ::/0 route in table going to the right place (confirmed via "show route table inet6" and “show ipv6 nd” to verify route->link address->MAC association. The fix is apparently to clear and renew the DHCPv6 client binding, via "clear dhcpv6 client binding interface <int>” then "request system dhcvp6 client renew interface <int>”. IPv6 packets immediately start flowing again :) I’ve confirmed (via "show dhcpv6 client binding") bindings are identical before and after the clear/renew, as well as the next-hop for ::/0. This clearly seems buggy to me; has anyone else noticed this issue? Anyone know if this is a known issue (or even better, fixed in 12.1X47 or 12.3X48 releases)? Any additional diags I should run next Wednesday morning when this happens again? Thanks, -Chris _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
