IPv6 ND timeouts

Posted on 2009-01-30 by Lasse Karstensen

IPv6 router advertisements (RA) is a method where a router notifies clients on a network/subnet that it is available. It also (for now) doubles as a stand-in for DHCP, since it can carry information about which prefix (network number) clients should choose an address from. Just about all IPv6 capable hosts configure their v6 address with the help of RA. It is specified in RFC2461.

There are default timeouts on these router and prefix advertised. Routes expire after 1 hour. Autoconfigured addresses have a lifetime of 30 days, and are preferred for 7 days. These values are updated for each sent route advertisement, which usually every 200 seconds. I guess the people behind RFC2461 have thought this properly through, and have good reasons.

There don’t seem to be much empirical data on what these timeouts should be. I tried looking it up with Google, but nothing useful came up. They look like good timeouts for office desktop clients or home computers. For laptops, they seem to cause a small problem.

I usually bring my laptop between work and home. When I’m done working, I suspend it and carry it home. I plug in the ethernet cable at home, and opens the lid (ie, resume my session). At this point Linux accepts a new RA from the router at home, and configures an additional IPv6 address on eth0.

The problem is now in getting Linux to choose the correct address for outgoing connections. If it chooses the address from work, BCP38 filtering removes the packets and my attempt at browsing/sshing stops.

I’ve read somewhere that Linux should pick the IPv6 address added last. This doesn’t seem to be the case always.

This easiest solution here seems to lower the route and prefix lifetime.

So. For now I’m adjusting the route to live for 600 seconds (10minutes) on client VLANs, and the prefix to live for a day, and be preferred for 5 minutes.

On your favorite catalyst 6500 with 12.2SXF you can use:

gw(config-if)#ipv6 nd ra-lifetime 200

gw(config-if)#ipv6 nd prefix default 86400 300

Result is:

gw#show ipv6 interface vlan  75
Vlan75 is up, line protocol is up

[..]

ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds
ND advertised reachable time is 0 milliseconds
ND advertised retransmit interval is 0 milliseconds
ND router advertisements are sent every 200 seconds
ND router advertisements live for 600 seconds
Hosts use stateless autoconfig for addresses.
gw#show ipv6 interface vlan 75 prefix
IPv6 Prefix Advertisements Vlan75
Codes: A – Address, P – Prefix-Advertisement, O – Pool
U – Per-user prefix, D – Default
N – Not advertised, C – Calendar

AD   2001:700:300:22::/64 [LA] Valid lifetime 86400, preferred lifetime 300
gw#

I’ve adjusted the values on the radvd at home as well. With some luck this will solve my problem.

Advertisement
This entry was posted in stuff and tagged , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s