[Pkg-utopia-maintainers] Bug#849392: network-manager: Network manager ignores accept_ra_rt_info_max_plen setting for IPv6
Marcin Kucharczyk
marcin at kucharczyk.im
Mon Dec 26 15:51:35 UTC 2016
Package: network-manager
Version: 1.4.4-1
Severity: normal
Tags: ipv6
Dear Maintainer,
When I checked my IPv6 routes I've noticed that route to my local subnet
has next hop same as my router. In deed local gateway sends IPv6 RA with
this information:
IP6 (hlim 255, next-header ICMPv6 (58) payload length: 128) fe80::5667:51ff:fee7:7cf > ff02::1: [icmp6 sum ok] ICMP6, router advertisement, length 128
hop limit 64, Flags [other stateful], pref high, router lifetime 180s, reachable time 0s, retrans time 0s
prefix info option (3), length 32 (4): <prefix>::/64, Flags [onlink, auto], valid time 1138201s, pref. time 533401s
route info option (24), length 24 (3): <prefix>::/64, pref=medium, lifetime=1143629s
rdnss option (25), length 40 (5): lifetime 360s, addr: <dns1> addr: <dns2>
mtu option (5), length 8 (1): 1500
source link-address option (1), length 8 (1): 54:67:51:e7:07:cf
$ ip -6 r
<prefix>::/64 via fe80::5667:51ff:fee7:7cf dev eth0 proto ra metric 100 pref medium
fe80::5667:51ff:fee7:7cf dev eth0 proto static metric 100 pref medium
fe80::/64 dev eth0 proto kernel metric 256 pref medium
default via fe80::5667:51ff:fee7:7cf dev eth0 proto static metric 100 pref medium
But with settings:
net.ipv6.conf.all.accept_ra_rt_info_max_plen = 0
net.ipv6.conf.default.accept_ra_rt_info_max_plen = 0
net.ipv6.conf.eth0.accept_ra_rt_info_max_plen = 0
net.ipv6.conf.lo.accept_ra_rt_info_max_plen = 0
net.ipv6.conf.wlan0.accept_ra_rt_info_max_plen = 0
I would expect to have NM to ignore this NH and just configure kernel route for local subnet.
This has some security implications and as it forwards all local-LAN traffic via
host who send the route despite kernel settings.
-- System Information:
Debian Release: stretch/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.8.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages network-manager depends on:
ii adduser 3.115
ii dbus 1.10.14-1
ii init-system-helpers 1.46
ii libaudit1 1:2.6.7-1
ii libbluetooth3 5.43-1
ii libc6 2.24-8
ii libglib2.0-0 2.50.2-2
ii libgnutls30 3.5.7-2
ii libgudev-1.0-0 230-3
ii libmm-glib0 1.6.4-1
ii libndp0 1.6-1
ii libnewt0.52 0.52.19-1
ii libnl-3-200 3.2.27-1
ii libnm0 1.4.4-1
ii libpam-systemd 232-8
ii libpolkit-agent-1-0 0.105-17
ii libpolkit-gobject-1-0 0.105-17
ii libreadline7 7.0-1
ii libselinux1 2.6-3
ii libsoup2.4-1 2.56.0-1
ii libsystemd0 232-8
ii libteamdctl0 1.26-1
ii libuuid1 2.29-1
ii lsb-base 9.20161125
ii policykit-1 0.105-17
ii udev 232-8
ii wpasupplicant 2.5-2+v2.4-3+b1
Versions of packages network-manager recommends:
ii crda 3.13-1+b2
ii dnsmasq-base 2.76-5
ii iptables 1.6.0+snapshot20161117-4
ii iputils-arping 3:20161105-1
ii isc-dhcp-client 4.3.5-1
ii modemmanager 1.6.4-1
ii ppp 2.4.7-1+4
Versions of packages network-manager suggests:
pn libteam-utils <none>
-- no debconf information
More information about the Pkg-utopia-maintainers
mailing list