[opensuse] No duplicate address detection or gratuitous ARP on 15.0
I was just doing some checking with Wireshark and noticed Leap 15.0 does not appear to use either DAD or gratuitous ARP on an Ethernet connection. Gratuitious ARP is an older method of detecting address conflict and DAD is newer. But it appears 15.0 does neither. Not only do they detect address conflicts, but also let switches and other devices know that the NIC is connected. Why is this not happening? I'm running 15.0 with KDE and connecting with Network Manager. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
James Knott wrote:
I was just doing some checking with Wireshark and noticed Leap 15.0 does not appear to use either DAD or gratuitous ARP on an Ethernet connection. Gratuitious ARP is an older method of detecting address conflict and DAD is newer. But it appears 15.0 does neither. Not only do they detect address conflicts, but also let switches and other devices know that the NIC is connected. Why is this not happening?
Fwiw, it works on ipv6 - I've just assigned a static address, and I mistyped it: 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 7a:11:a2:11:4b:41 brd ff:ff:ff:ff:ff:ff inet 185.85.248.5/24 brd 185.85.248.255 scope global eth1 valid_lft forever preferred_lft forever inet6 2a03:7520:4c68::4/64 scope global tentative dadfailed valid_lft forever preferred_lft forever inet6 fe80::7811:a2ff:fe11:4b41/64 scope link valid_lft forever preferred_lft forever Notice 'dadfailed'.
I'm running 15.0 with KDE and connecting with Network Manager.
This is a xen guest with wicked. Wrt gratuitous ARP - don't you usually have to explicitly enable that? -- Per Jessen, Zürich (17.9°C) http://www.hostsuisse.com/ - virtual servers, made in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 09/06/2018 03:16 AM, Per Jessen wrote:
James Knott wrote:
I was just doing some checking with Wireshark and noticed Leap 15.0 does not appear to use either DAD or gratuitous ARP on an Ethernet connection. Gratuitious ARP is an older method of detecting address conflict and DAD is newer. But it appears 15.0 does neither. Not only do they detect address conflicts, but also let switches and other devices know that the NIC is connected. Why is this not happening? Fwiw, it works on ipv6 - I've just assigned a static address, and I mistyped it:
Yes, it's mandatory with IPv6. I was referring to IPv4, as indicated by ARP, though I supposed I should have mentioned it specifically. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
James Knott wrote:
On 09/06/2018 03:16 AM, Per Jessen wrote:
James Knott wrote:
I was just doing some checking with Wireshark and noticed Leap 15.0 does not appear to use either DAD or gratuitous ARP on an Ethernet connection. Gratuitious ARP is an older method of detecting address conflict and DAD is newer. But it appears 15.0 does neither. Not only do they detect address conflicts, but also let switches and other devices know that the NIC is connected. Why is this not happening? Fwiw, it works on ipv6 - I've just assigned a static address, and I mistyped it:
Yes, it's mandatory with IPv6. I was referring to IPv4, as indicated by ARP, though I supposed I should have mentioned it specifically.
Looking at a few older systems, I only see kernel dad settings for IPv6, none for ipv4. You are sure something changed with 15.0 ? -- Per Jessen, Zürich (21.8°C) http://www.hostsuisse.com/ - virtual servers, made in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 09/06/2018 08:43 AM, Per Jessen wrote:
Yes, it's mandatory with IPv6. I was referring to IPv4, as indicated by ARP, though I supposed I should have mentioned it specifically. Looking at a few older systems, I only see kernel dad settings for IPv6, none for ipv4. You are sure something changed with 15.0 ?
I'm not saying it changed with 15.0. In fact, I noticed the same thing with an earlier version. My question is why Linux does not seem to be doing this at all for IPv4. Gratuitous ARP has been around for a long time and DAD is now being used in Windows. The idea behind both is to prevent address conflicts. DAD has been part of the IPv4 spec since 2008 and IPv6, 2007. https://tools.ietf.org/html/rfc5227 https://tools.ietf.org/html/rfc4862 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
James Knott wrote:
On 09/06/2018 08:43 AM, Per Jessen wrote:
Yes, it's mandatory with IPv6. I was referring to IPv4, as indicated by ARP, though I supposed I should have mentioned it specifically. Looking at a few older systems, I only see kernel dad settings for IPv6, none for ipv4. You are sure something changed with 15.0 ?
I'm not saying it changed with 15.0.
Sorry, that's what I read $SUBJ to suggest.
In fact, I noticed the same thing with an earlier version. My question is why Linux does not seem to be doing this at all for IPv4.
I think you'll have to revert to google. Googling "rfc5227 linux" I saw one or teo interesting hits. -- Per Jessen, Zürich (21.8°C) http://www.hostsuisse.com/ - dedicated server rental in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 09/06/2018 09:21 AM, Per Jessen wrote:
I think you'll have to revert to google. Googling "rfc5227 linux" I saw one or teo interesting hits.
I didn't see anything about why Linux doesn't do either, however I did see the comment about it not being needed with static configuration. The first time I came across an address conflict was over 20 years ago, when I was at IBM. I was setting up static addresses and got an error message about an address being in use. On IPv6, DAD is mandatory for all addresses, static or not. There was a list of RFCs Linux supports and RFC 5227 (DAD) wasn't included. Neither was RFC 2002, which says: - A Gratuitous ARP [23 <https://tools.ietf.org/html/rfc2002#ref-23>] is an ARP packet sent by a node in order to spontaneously cause other nodes to update an entry in their ARP cache. A gratuitous ARP MAY use either an ARP Request or an ARP Reply packet. In either case, the ARP Sender Protocol Address and ARP Target Protocol Address are both set to the IP address of the cache entry to be updated, and the ARP Sender Hardware Address is set to the link-layer address to which this cache entry should be updated. When using an ARP Reply packet, the Target Hardware Address is also set to the link-layer address to which this cache entry should be updated (this field is not used in an ARP Request packet). In either case, for a gratuitous ARP, the ARP packet MUST be transmitted as a local broadcast packet on the local link. As specified in [16 <https://tools.ietf.org/html/rfc2002#ref-16>], any node receiving any ARP packet (Request or Reply) MUST update its local ARP cache with the Sender Protocol and Hardware Addresses in the ARP packet, if the receiving node has an entry for that IP address already in its ARP cache. This requirement in the ARP protocol applies even for ARP Request packets, and for ARP Reply packets that do not match any ARP Request transmitted by the receiving node [16 <https://tools.ietf.org/html/rfc2002#ref-16>]. Why is Linux ignoring these RFCs that are supposed to prevent address conflict? Since DAD is already there for IPv6, why not IPv4? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
James Knott wrote:
On 09/06/2018 09:21 AM, Per Jessen wrote:
I think you'll have to revert to google. Googling "rfc5227 linux" I saw one or teo interesting hits.
I didn't see anything about why Linux doesn't do either,
True, I didn't see anyone offering an explanation, just a couple of hits on how to do it. Btw, we went over this last year in July :-) https://lists.opensuse.org/opensuse/2017-07/msg00013.html No satisfactory answer though.
however I did see the comment about it not being needed with static configuration.
Funny, isn't that exactly when it might be useful? With dhcp, the dhcp server looks after it.
The first time I came across an address conflict was over 20 years ago, when I was at IBM. I was setting up static addresses and got an error message about an address being in use.
I just tried it - adding an existing IPv4 address to another interface on the same network worked fine.
There was a list of RFCs Linux supports and RFC 5227 (DAD) wasn't included. Neither was RFC 2002, which says:
- A Gratuitous ARP [23
I think I only see gratuitous ARP mentioned in one place - HP ILO and other BMCs (IBM, Supermicro). I know there is kernel setting too, I have just never had any need for it. -- Per Jessen, Zürich (22.4°C) http://www.dns24.ch/ - your free DNS host, made in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 09/06/2018 10:06 AM, Per Jessen wrote:
I didn't see anything about why Linux doesn't do either, True, I didn't see anyone offering an explanation, just a couple of hits on how to do it.
Btw, we went over this last year in July :-)
https://lists.opensuse.org/opensuse/2017-07/msg00013.html
No satisfactory answer though.
I guess we'll just have to keep on reminding them. I often wonder why some organizations make certain decisions that don't make sense. Another example is the refusal to support DHCPv6 on Android, or why Windows sets the IPv4 Do not Fragment (DF) flag on TCP, but not UDP or ICMP. Linux does it on all three, in the trend away from fragmentation by routers. Lack of DHCPv6 support keeps a lot of companies from using Android devices. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
James Knott wrote:
On 09/06/2018 10:06 AM, Per Jessen wrote:
I didn't see anything about why Linux doesn't do either, True, I didn't see anyone offering an explanation, just a couple of hits on how to do it.
Btw, we went over this last year in July :-)
https://lists.opensuse.org/opensuse/2017-07/msg00013.html
No satisfactory answer though.
I guess we'll just have to keep on reminding them.
Maybe this isn't quite the right forum? There must be some mailing lists more specific to Linux networking. -- Per Jessen, Zürich (23.6°C) http://www.dns24.ch/ - your free DNS host, made in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (2)
-
James Knott -
Per Jessen