VRRPv3: IPv6 MACVLAN doesn't sets protodown on and announcements are sent from MACVLAN instead main interface
EasyNetDev opened this issue · comments
Description
Looks like the VRRPv3 for IPv6 doesn't set protodown on
properly and also the announcement are send from the MACVLAN instead the main interface.
This leads to some de-synchronizations between the VRRP routers and the IPv6 it gets offline.
Version
FRRouting 10.0 (R02) on Linux(6.6.15-amd64).
Copyright 1996-2005 Kunihiro Ishiguro, et al.
configured with:
'--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=${prefix}/include' '--mandir=${prefix}/share/man' '--infodir=${prefix}/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--disable-option-checking' '--disable-silent-rules' '--libdir=${prefix}/lib/x86_64-linux-gnu' '--libexecdir=${prefix}/lib/x86_64-linux-gnu' '--disable-maintainer-mode' '--sbindir=/usr/lib/frr' '--with-vtysh-pager=/usr/bin/pager' '--libdir=/usr/lib/x86_64-linux-gnu/frr' '--with-moduledir=/usr/lib/x86_64-linux-gnu/frr/modules' '--disable-dependency-tracking' '--enable-rpki' '--disable-scripting' '--disable-pim6d' '--with-libpam' '--enable-doc' '--enable-doc-html' '--enable-snmp' '--enable-fpm' '--disable-protobuf' '--disable-zeromq' '--enable-ospfapi' '--enable-bgp-vnc' '--enable-multipath=256' '--enable-user=frr' '--enable-group=frr' '--enable-vty-group=frrvty' '--enable-configfile-mask=0640' '--enable-logfile-mask=0640' 'build_alias=x86_64-linux-gnu' 'LIBS= -latomic' 'PYTHON=python3'
How to reproduce
Configure a VRRP session with IPv6. My config is like this: NIC -> Teaming -> Bridge -> VLAN 11
interface lan0.11
description SERVERS / VLAN 11 / VRID 11
ip address 89.XX.XX.190/26
ipv6 address 2aXX:XXXX:2:11::3/64
ipv6 address fc00:10:30::3/64
no ipv6 nd suppress-ra
vrrp 11
vrrp 11 priority 110
vrrp 11 ip 89.XX.XX.129
vrrp 11 ipv6 2aXX:XXXX:2:11::1
exit
!
interface v00997a2e-0b-4
description lan0.11 / vrid 11
ip address 89.XX.XX.129/32
exit
!
interface v00997a2e-0b-6
description lan0.11 / vrid 11
ipv6 address 2aXX:XXXX:2:11::1/128
exit
R02# show interface lan0.11
Interface lan0.11 is up, line protocol is up
Link ups: 13 last: 2024/05/13 18:31:57.74
Link downs: 1 last: 2024/05/12 18:06:03.50
vrf: servers
Description: SERVERS / VLAN 11 / VRID 11
index 25 metric 0 mtu 1500 speed 40000 txqlen 1000
flags: <UP,BROADCAST,RUNNING,MULTICAST>
Type: Ethernet
HWaddr: ce:2c:XX:XX:XX:4d
inet 89.XX.XX.190/26
inet6 2aXX:XXXX:2:11::3/64
inet6 fc00:10:30::3/64
inet6 fe80::cc2c:XXff:feXX:XX4d/64
Interface Type Vlan
Interface Slave Type Vrf
VLAN Id 11
protodown: off
Parent interface: lan0
ND advertised reachable time is 0 milliseconds
ND advertised retransmit interval is 0 milliseconds
ND advertised hop-count limit is 64 hops
ND router advertisements sent: 175 rcvd: 863
ND router advertisements are sent every 600 seconds
ND router advertisements lifetime tracks ra-interval
ND router advertisement default router preference is medium
Hosts use stateless autoconfig for addresses.
Neighbor address(s):
inet6 fe80::ac3e:aac4:a6f9:67ac/128
R02# show interface v00997a2e-0b-6
Interface v00997a2e-0b-6 is up, line protocol is up
Link ups: 5 last: 2024/05/12 19:09:06.56
Link downs: 9 last: 2024/05/12 19:09:06.33
vrf: servers
Description: lan0.11 / vrid 11
index 27 metric 0 mtu 1500 speed 40000 txqlen 1000
flags: <UP,BROADCAST,RUNNING,MULTICAST>
Type: Ethernet
HWaddr: 00:00:5e:00:02:0b
inet6 fe80::24e7:fede:9d67:7a7d/64
inet6 2aXX:XXXX:2:11::1/128
Interface Type macvlan
Interface Slave Type Vrf
protodown: off
Parent interface: lan0.11
ND advertised reachable time is 0 milliseconds
ND advertised retransmit interval is 0 milliseconds
ND advertised hop-count limit is 64 hops
ND router advertisements sent: 5273 rcvd: 0
ND router advertisements are sent every 16 seconds
ND router advertisements lifetime tracks ra-interval
ND router advertisement default router preference is medium
Hosts use stateless autoconfig for addresses.
On tcpdump results this:
18:12:56.111431 IP6 (class 0xc0, flowlabel 0xac34e, hlim 255, next-header VRRP (112) payload length: 24) fe80::24e7:fede:9d67:7a7d > ff02::12: VRRPv3, Advertisement, vrid 11, prio 110, intvl 100cs, length 24, addrs: 2aXX:XXXX:2:11::1
18:12:57.111504 IP6 (class 0xc0, flowlabel 0xac34e, hlim 255, next-header VRRP (112) payload length: 24) fe80::24e7:fede:9d67:7a7d > ff02::12: VRRPv3, Advertisement, vrid 11, prio 110, intvl 100cs, length 24, addrs: 2aXX:XXXX:2:11::1
Expected behavior
In RFC 5798 doesn't say that the packet should be generated from local-link of MACVLAN:
Page 27:
- else // ipv6
+ Set the source MAC address to virtual router MAC Address
+ Set the source IPv6 address to interface link-local IPv6
address
-endif
I'm expecting to be generated from lan0.11 interface with local-link fe80::cc2c:XXff:feXX:XX4d
, similar to IPv4 packet.
Actual behavior
The packets are generated from MACVLAN interface with its local-link.
Additional context
No response
Checklist
- I have searched the open issues for this bug.
- I have not included sensitive information in this report.