RE: IPv6 return path filter default active?
Dear list,
I am new to this list, I have searched the list and googled for a long time now, read the kernel source as far as I can understand, but excuse me if I have missed something more or less obvious... I hope someone can help me out with this problem:
Setup:
I have a redundant router setup, where both routers are connected to each other via vlanX. Both routers are connected to the internet with BGP (quagga) over vlanY.
Test:
I setup an IPv6 TCP connection from router A to host C on the internet over vlanY. Since the default route of router A is the BGP route over vlanY, the first packet with the SYN is sent there to the connected BGP router on the internet. The BGP cloud has as default route to our IPv6 space router B, so the SYN/ACK packet reply comes back over BGP using vlanY to router B, which routes it back to router A over vlanX.
Problem:
Router A silently drops the SYN/ACK packet coming in over vlanX, and no connection is established. Ping6 to host C works flawlessly however. I have disabled the firewall already (temporary), flushing all ip6tables rules and setting the default policies to accept, but that has no effect.
I can setup the TCP connection from router B without a problem. If I make the BGP cloud switch to using router A as default router for our IPv6 space, I can setup the connection from router A, but not from router B.
I am familiar with the net.ipv4.conf.all.rp_filter sysctl setting (with is set to 0), but I cannot find something similar for IPv6.
Can anyone point me in the right direction? How can I get these connections right?
--
Best regards,
Reinier Boon
Reinier Boon | Senior software engineer | Telecats bv | KvK Enschede 06069106 | Tel: +31 53 488 99 26 | Fax: +31 53 488 99 10 | E�mail: r.t.boon@telecats.nl
Reply to: