Data can still be sent over a TCP session after the IPv6 alias has been deleted.
Issue
-
Data can still be sent over a TCP session after the IPv6 alias has been deleted.
-
Reproducer sample:
- srv(IPv6: 2001:db8:0:1::79, 2001:db8:0:1::100)
root@srv:/# cat /etc/redhat-release; uname -r
Red Hat Enterprise Linux release 10.1 (Coughlan)
6.12.0-124.21.1.el10_1.x86_64
root@srv:/# nmcli con add con-name enp7s0 type ethernet ifname enp7s0 ipv4.method disable ipv6.method manual ipv6.addresses 2001:db8:0:1::79/64
root@srv:/# ip addr add 2001:db8:0:1::100/64 scope global dev enp7s0
root@srv:/# nc -k -l 15
- cli(IPv6: 2001:db8:0:1::77)
root@cli:/# nc 2001:db8:0:1::100 15
Establish a TCP session to the IP alias 2001:db8:0:1::100.
- srv
root@srv:/# ip addr del 2001:db8:0:1::100/64 scope global dev enp7s0
root@srv:/# tcpdump -i enp7s0 -Snn port 15 or icmp6 2>/tmp/stderr
15:23:07.624348 IP6 2001:db8:0:1::100.15 > 2001:db8:0:1::77.40720: Flags [P.], seq 938555635:938555640, ack 4237828269, win 502, options [nop,nop,TS val 1683947399 ecr 2748275920], length 5
15:23:07.625188 IP6 2001:db8:0:1::77.40720 > 2001:db8:0:1::100.15: Flags [.], ack 938555640, win 225, options [nop,nop,TS val 2748303201 ecr 1683947399], length 0
15:23:07.826093 IP6 2001:db8:0:1::100.15 > 2001:db8:0:1::77.40720: Flags [P.], seq 938555635:938555640, ack 4237828269, win 502, options [nop,nop,TS val 1683947601 ecr 2748275920], length 5
15:23:07.826452 IP6 2001:db8:0:1::77.40720 > 2001:db8:0:1::100.15: Flags [.], ack 938555640, win 225, options [nop,nop,TS val 2748303402 ecr 1683947601,nop,nop,sack 1 {938555635:938555640}], length 0
15:23:08.034265 IP6 2001:db8:0:1::100.15 > 2001:db8:0:1::77.40720: Flags [P.], seq 938555635:938555640, ack 4237828269, win 502, options [nop,nop,TS val 1683947809 ecr 2748275920], length 5
15:23:08.035122 IP6 2001:db8:0:1::77.40720 > 2001:db8:0:1::100.15: Flags [.], ack 938555640, win 225, options [nop,nop,TS val 2748303611 ecr 1683947809,nop,nop,sack 1 {938555635:938555640}], length 0
15:23:08.442185 IP6 2001:db8:0:1::100.15 > 2001:db8:0:1::77.40720: Flags [P.], seq 938555635:938555640, ack 4237828269, win 502, options [nop,nop,TS val 1683948217 ecr 2748275920], length 5
15:23:08.443069 IP6 2001:db8:0:1::77.40720 > 2001:db8:0:1::100.15: Flags [.], ack 938555640, win 225, options [nop,nop,TS val 2748304019 ecr 1683948217,nop,nop,sack 1 {938555635:938555640}], length 0
15:23:09.282092 IP6 2001:db8:0:1::100.15 > 2001:db8:0:1::77.40720: Flags [P.], seq 938555635:938555640, ack 4237828269, win 502, options [nop,nop,TS val 1683949057 ecr 2748275920], length 5
15:23:09.282509 IP6 2001:db8:0:1::77.40720 > 2001:db8:0:1::100.15: Flags [.], ack 938555640, win 225, options [nop,nop,TS val 2748304858 ecr 1683949057,nop,nop,sack 1 {938555635:938555640}], length 0
15:23:10.946243 IP6 2001:db8:0:1::100.15 > 2001:db8:0:1::77.40720: Flags [P.], seq 938555635:938555640, ack 4237828269, win 502, options [nop,nop,TS val 1683950721 ecr 2748275920], length 5
15:23:10.947347 IP6 2001:db8:0:1::77.40720 > 2001:db8:0:1::100.15: Flags [.], ack 938555640, win 225, options [nop,nop,TS val 2748306523 ecr 1683950721,nop,nop,sack 1 {938555635:938555640}], length 0
15:23:13.082191 IP6 fe80::e157:6c94:52da:b782 > 2001:db8:0:1::100: ICMP6, neighbor solicitation, who has 2001:db8:0:1::100, length 32
15:23:14.106149 IP6 fe80::e157:6c94:52da:b782 > 2001:db8:0:1::100: ICMP6, neighbor solicitation, who has 2001:db8:0:1::100, length 32
...
Remove the IP alias, 2001:db8:0:1::100 and enter a string into the nc session on the srv side.
As shown above, data was sent at 15:23:07.624348, but srv apparently failed to receive the ACK from cli.
-
This phenomenon also occurs with TCP keep-alive probes.
-
This does not occur when using IPv4 aliases.
Environment
- Red Hat Enterprise Linux 7 and later
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
