IPv6 connectivity stops working after the interface is brought down and back up if ip6tables rules are present

Solution Verified - Updated -

Issue

  • In an environment using IPv6, connectivity can break after the interface is brought down and back up. Packet captures reveal that Neighbour Discovery packets are being sent via an incorrect interface.
  • Note below that after the ifdown and ifup sequence, ping6 no longer works:

    [root@r76 ~]# ping6 -c 1 fd0d:9001:8da4:6c3c::1
    PING fd0d:9001:8da4:6c3c::1(fd0d:9001:8da4:6c3c::1) 56 data bytes
    64 bytes from fd0d:9001:8da4:6c3c::1: icmp_seq=1 ttl=64 time=0.744 ms
    
    --- fd0d:9001:8da4:6c3c::1 ping statistics ---
    1 packets transmitted, 1 received, 0% packet loss, time 0ms
    rtt min/avg/max/mdev = 0.744/0.744/0.744/0.000 ms
    
    [root@r76 ~]# ifdown eth1
    [root@r76 ~]# ifup eth1
    INFO      : [ipv6_wait_tentative] Waiting for interface eth1 IPv6 address(es) to leave the 'tentative' state
    INFO      : [ipv6_wait_tentative] Waiting for interface eth1 IPv6 address(es) to leave the 'tentative' state
    
    [root@r76 ~]# ping6 -c 1 fd0d:9001:8da4:6c3c::1
    PING fd0d:9001:8da4:6c3c::1(fd0d:9001:8da4:6c3c::1) 56 data bytes
    From fd0d:9001:8da4:6c3c::123 icmp_seq=1 Destination unreachable: Address unreachable
    
    --- fd0d:9001:8da4:6c3c::1 ping statistics ---
    1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms
    

Environment

  • Red Hat Enterprise Linux 7
  • IPv6
  • ip6tables

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In