Linux, multicast, bridging and IPv6 troubles (i.e. why my IPv6 connectivity goes missing)

For a long time now I had a very annoying problem with IPv6 under Linux.

My setup is as follows: Linux box <-> Switch <-> Router

The Linux box uses a bridge interface (br0) and usually only has one physical interface attached to it (eth0). That’s a very convenient setup.

The problem is that after a couple of minutes the IPv6 connectivity of the host will go away. Now, the host has a static IPv6 assigned to it and it’s not that it loses the address or any route. Instead it just stops communicating with everything.

Troubleshooting this showed that the box loses the MAC address of the router and the ND protocol does not work, so it never recovers.

When the problem occurs, the neighbor information becomes stale:

# ip neigh
2a01:XXX:YYY:1::1 dev br0 lladdr 00:11:12:13:14:c4 router STALE
fe80::20c:XXff:feXX:YYYY dev br0 lladdr 00:11:12:13:14:c4 router STALE

I.e the entry remains in a ‘STALE’ state and never recovers.

My workarounds so far have been:

  • Enable promiscuous mode on the interface (ifconfig br0 promisc)
  • Clear neighbors (ip neigh flush)

Everything pointed out to multicast issues (what IPv6 ND uses).

Long-story-short, this was an eye opener: http://troglobit.com/blog/2013/07/09/multicast-howto/

What needs to be done is to disable IGMP snooping on the bridge interface because it causes these issues. This is done with:

# echo 0 > /sys/devices/virtual/net/br0/bridge/multicast_snooping

So do yourself a favor and add this to /etc/network/interfaces, in the relevant interface:

    up    echo 0 > /sys/devices/virtual/net/$IFACE/bridge/multicast_snooping

 

2 Comments

    • Hooray! This fixed my issue. I think it was a combination of a few things though.

      1. Make sure /etc/sysconfig/network (assuming Centos/Redhat) has:
      IPV6FORWARDING=no
      IPV6_AUTOCONF=no
      IPV6_DEFAULTGW=%

      2. The the bridging interface script should also have:
      IPV6INIT=yes
      IPV6_AUTOCONF=no

      3. Then after booting make sure to do the ‘echo 0 >/sys/devices/virtual/net/brX/bridge/multicast_snooping as stated above

      This fixed the issue for me on Centos 6 and Centos 7 machines.

Leave a Reply

Your email address will not be published. Required fields are marked *