dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
1202
share rss forum feed


graysonf
Premium,MVM
join:1999-07-16
Fort Lauderdale, FL
kudos:2
reply to camper

Re: Odd log message

LOL.

I disabled IPv6 for now. It's not like I had to have it.



camper
Premium
join:2010-03-21
Bethel, CT
kudos:1

 
I just checked OpenBSD's version control system, and that logging line has been in rtadvd since it was imported from the KAME project in 1999.



NetDog
Premium,VIP
join:2002-03-04
Parker, CO
kudos:77
reply to camper

camper, I will take a look at the CMTS that services your area in the AM.. If I see something odd I will PM you..



camper
Premium
join:2010-03-21
Bethel, CT
kudos:1

thx.



camper
Premium
join:2010-03-21
Bethel, CT
kudos:1
Reviews:
·Comcast
reply to graysonf

said by graysonf:

fe80::1edf:fff:fe02:28e2 is a local link address somewhere.

I don't see the offending address in my routing table either....

 
When I set net.inet6.ip6.accept_rtadv=1 in /etc/sysctl.conf, I see the following entry in the routing table:

Destination                        Gateway                        Flags   Refs      Use   Mtu  Prio Iface Label
fe80::1edf:fff:fe02:28e2%em0       1c:df:0f:02:28:e2              UHLc       0        0     -     4 em0  


So the rtavd message is inserting a route into the routing table here. Which, btw, is not surprising. This is the way things should work.


graysonf
Premium,MVM
join:1999-07-16
Fort Lauderdale, FL
kudos:2

said by camper:

So the rtavd message is inserting a route into the routing table here. Which, btw, is not surprising. This is the way things should work.

How does this explain the log flooding and how can I get it stopped?


camper
Premium
join:2010-03-21
Bethel, CT
kudos:1
Reviews:
·Comcast

My opinion on the log flooding is that the OS is logging things that it should not be logging.

From the source code of rtadvd on OpenBSD:


        /*
         * RA consistency check according to RFC-2461 6.2.7
         */
        if ((rai = if_indextorainfo(pi->ipi6_ifindex)) == 0) {
                log_info("received RA from %s on non-advertising interface(%s)",
                    inet_ntop(AF_INET6, &from->sin6_addr, ntopbuf,
                        INET6_ADDRSTRLEN),
                    if_indextoname(pi->ipi6_ifindex, ifnamebuf));
                goto done;
        }



If you look at the RFC specified (RFC-2461, ¶ 6.2.7), it appears to me that it is talking about the contents of RA packets, not whether or not those packets appear on an interface. So, imo, the logging of the packets is overly aggressive.

As I mentioned in an earlier message, that piece of code goes back to the original KAME project. The code may have never been touched because, until recently, there not has been a major ISP that is providing dual-stack IPv6 capability.


graysonf
Premium,MVM
join:1999-07-16
Fort Lauderdale, FL
kudos:2

Thanks for the info on this. I will pass it onto the m0n0wall developers.



NetDog
Premium,VIP
join:2002-03-04
Parker, CO
kudos:77
Reviews:
·Comcast
reply to camper

said by camper:

My opinion on the log flooding is that the OS is logging things that it should not be logging.

If you look at the RFC specified (RFC-2461, ¶ 6.2.7), it appears to me that it is talking about the contents of RA packets, not whether or not those packets appear on an interface. So, imo, the logging of the packets is overly aggressive.

+1, I agree..
--
Comcaster.. Network Engineer with NETO