On 02/08/15 02:28, Chris Woodfield wrote:
TL;DR: IPv6 forwarding breaks when my DHCPv6 client lease expires, even though
CLI output claims it’s been renewed.
I have an SRX210 as my home gateway, running 12.1X46-D35.1. This is running
dual stack to Comcast, receiving a /56 DHCPv6 delegation and RA’ing a /64 to my
home LAN.
I’ve noticed that after the 4-day lease time expires, I can no longer route
IPv6; my outbound trace routes break at the device, like so:
admin@CAW-SRX210-HOME> traceroute 2a03:2880:2130:cf05:face:b00c::1
traceroute6 to 2a03:2880:2130:cf05:face:b00c::1
(2a03:2880:2130:cf05:face:b00c:0:1) from 2001:558:600a:5a:38f8:139:bba0:e7bb,
64 hops max, 12 byte packets
traceroute: sendto: No route to host
1 traceroute6: wrote 2a03:2880:2130:cf05:face:b00c::1 12 chars, ret=-1
^C
This is true despite a default ::/0 route in table going to the right place (confirmed via
"show route table inet6" and “show ipv6 nd” to verify route->link address->MAC
association.
The fix is apparently to clear and renew the DHCPv6 client binding, via "clear dhcpv6
client binding interface <int>” then
"request system dhcvp6 client renew interface <int>”. IPv6 packets immediately
start flowing again :)
I’ve confirmed (via "show dhcpv6 client binding") bindings are identical before
and after the clear/renew, as well as the next-hop for ::/0.
This clearly seems buggy to me; has anyone else noticed this issue? Anyone know
if this is a known issue (or even better, fixed in 12.1X47 or 12.3X48
releases)? Any additional diags I should run next Wednesday morning when this
happens again?
I have a related bug in 12.3X48-D10.3 that I kept meaning to post about.
Every now and again (once every few weeks) the dhcpv6 client will simply
expire and not attempt to renew, "request ... renew ..." works fine. No
obvious log messages go with it, although I haven't enabled tracing.
_______________________________________________
juniper-nsp mailing list [email protected]
https://puck.nether.net/mailman/listinfo/juniper-nsp
