[ipv6hackers] IPv6 host scanning in IPv6

Christiaan Ottow chris at 6core.net
Sun Apr 22 09:13:40 CEST 2012


Hi Fernando,

On Apr 21, 2012, at 22:33 , Fernando Gont wrote:

> Hi, Chris,
> 
> On 04/21/2012 04:30 PM, Christiaan Ottow wrote:
>> vic0:
>> flags=48843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,INET6_PRIVACY> mtu
>> 1500 lladdr 00:0c:29:50:3c:79 priority: 0 groups: egress media:
>> Ethernet autoselect status: active inet6
>> fe80::20c:29ff:fe50:3c79%vic0 prefixlen 64 scopeid 0x1 inet
>> 192.168.170.134 netmask 0xffffff00 broadcast 192.168.170.255 inet6
>> 2000:1337::2c7d:ff20:4029:8590 prefixlen 64 deprecated pltime 0
>> vltime infty </snip>
>> 
>> When a new router advertisement comes along, a new tempaddr is
>> configured:
> 
> That means that there's a period of time during which the host has no
> IPv6 connectivity.

Well, not exactly, given the behavior shown below. Apparently, vltime changes to infty to prevent loss of connectivity.

> 
> 
>> <snip> # ifconfig vic0 vic0:
>> flags=48843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,INET6_PRIVACY> mtu
>> 1500 lladdr 00:0c:29:50:3c:79 priority: 0 groups: egress media:
>> Ethernet autoselect status: active inet6
>> fe80::20c:29ff:fe50:3c79%vic0 prefixlen 64 scopeid 0x1 inet
>> 192.168.170.134 netmask 0xffffff00 broadcast 192.168.170.255 inet6
>> 2000:1337::2c7d:ff20:4029:8590 prefixlen 64 deprecated pltime 0
>> vltime infty inet6 2000:1337::a8ed:ca9e:e408:3d08 prefixlen 64
>> autoconf autoconfprivacy pltime 14368 vltime 86368 </snip>
>> 
>> So, this setup would not break connections I suppose, 
> 
> vltime becomes infinity when pltime becomes o? -- that's kind of wierd.

I suspect this is done since no new address has been acquired yet. I discovered that my router doesn't send unsolicited RA's, and OpenBSD was waiting for one of those to configure a new temporary address. My hypotheses is that when pltime nears zero, a new temporary address is configured using an unsolicited RA. If no RA is received, vltime is changed to infty to prevent loss of connectivity. The man page states:

<snip>
Temporary addresses are deprecated after 24 hours.  Once a temporary
address has been deprecated, a new temporary address will be
configured upon reception of a router advertisement indicating
that the prefix is still valid.  Deprecated addresses will not be
used for new connections as long as a non-deprecated address
remains available.  Temporary addresses become invalid after one
week, at which time they will be removed from the interface.
Address lifetime extension through router advertisements is
ignored for temporary addresses.
</snip>

> 
> 
>> but would leave
>> garbage addresses. I've leave the system running for a while to see
>> when vltime becomes infty, and how long deprecated addresses stay
>> behind when new addresses have been acquired.
> 
> Cool! --Please post the results when you have them.

Will do.

-- chris

> 
> Thanks!
> 
> Best regards,
> -- 
> Fernando Gont
> SI6 Networks
> e-mail: fgont at si6networks.com
> PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
> 
> 
> 




More information about the Ipv6hackers mailing list