Link-Local ICMP messages for Atlas probe
I used WireShark on the WAN interface and I can confirm that the messages are all ping requests. Further, I can confirm that all of the addresses have been mangled. They are logged as fe80:5::, but the correct addresses are fe80::. I created a bug report. -----Original Message----- From: Michel Stam <mstam@ripe.net> Hi Daryl, Can't say I've seen it before, can the firewall be a bit too strict? I read ICMP messages, but I don't see this in the log you post. Do you have any idea what sort of ICMP messages? Regards, Michel
Hi, On Thu, Aug 17, 2023 at 03:50:03PM -0700, Daryl Morse wrote:
I used WireShark on the WAN interface and I can confirm that the messages are all ping requests. Further, I can confirm that all of the addresses have been mangled. They are logged as fe80:5::, but the correct addresses are fe80::. I created a bug report.
Now that might be an API artefact. Some of the BSD based OSes report the interface ID in bits 16..31 when returning a fe80:: address in a sockaddr structure. The usual code to deal with it does something like this... from OpenVPN's "give me the current IPv6 default gateway via a routing socket query" code: /* get gateway addr and interface name */ struct sockaddr_in6 *s6 = (struct sockaddr_in6 *)gate; struct in6_addr gw = s6->sin6_addr; /* You do not really want to know... from FreeBSD's route.c * (KAME encodes the 16 bit scope_id in s6_addr[2] + [3], * but for a correct link-local address these must be :0000: ) */ if (gate->sa_len == sizeof(struct sockaddr_in6) && IN6_IS_ADDR_LINKLOCAL(&gw) ) { gw.s6_addr[2] = gw.s6_addr[3] = 0; } Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard, Michael Emmer Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279
participants (2)
-
Daryl Morse
-
Gert Doering