Discussion:
Listen on IPv6 address on a downed interface fails, but IPv4 works?
Craig Leres
2021-04-30 22:15:54 UTC
Permalink
We provide anycast recursive dns service to our users with a number of
FreeBSD servers running bind916. The IPv4 and IPv6 addresses used are
configured on lo1 and we have a daemon that ifconfig's lo1 up when
queries seem to be working, otherwise down. And we use bird2 to
advertise the lo1 anycast addresses via ospf. This has been in use for
the last decade.

Today when I upgraded the anycast resolvers to bind 9.16.15 I found that
none of the named's were listening on the IPv6 anycast addresses
anymore. The procedure is:

ifconfig lo1 down [by stopping the daemon]
[wait for the routes to be withdrawn]
service named restart
[wait for named to startup]
ifconfig lo1 up [by starting the daemon]
[verify the routes come back]

When named starts up it creates socket for, and listens on each
interface address. This works for the IPv4 addresses on the downed lo1
interface but not the IPv6 addresses. I see now that named is throwing
errors, e.g:

Apr 30 11:06:11 XXX.lbl.gov named[68006]: listening on IPv6
interface lo1, XXXX:XXXX:8000:XXXX:XXXX::1#53
Apr 30 11:06:11 ns1.lbl.gov named[68006]: creating IPv6 interface
lo1 failed; interface ignored

I thought this used to work. But it seems unreasonable to me that it
works for IPv4 but not IPv6. Is this a problem with bind or with the
IPv6 kernel stack?

Craig

Loading...