On 27-09-20, Baptiste Jonglez wrote: > 1) failing IPv6 neighbours, what Alarig reported. We are seeing this > on a full-view BGP router with rather low amount of IPv6 traffic > (around 10-20 Mbps)
Ok, I found a quick way to reproduce this issue:
# for net in {1..9999}; do ip -6 route add 2001:db8:ffff:${net}::/64 via
fe80::4242 dev lo; done
and then:
# for net in {1..9999}; do ping -c1 2001:db8:ffff:${net}::1; done
This quickly gets to a situation where ping fails early with:
ping: connect: Network is unreachable
At this point, IPv6 connectivity is broken. The kernel is no longer
replying to IPv6 neighbor solicitation from other hosts on local
networks.
When this happens, the "fib_rt_alloc" field from /proc/net/rt6_stats
is roughly equal to net.ipv6.route.max_size (a bit more in my tests).
Interestingly, the system appears to stay in this broken state
indefinitely, even without trying to send new IPv6 traffic. The
fib_rt_alloc statistics does not decrease.
Hopes this helps,
Baptiste
signature.asc
Description: PGP signature
