bridge-utils ifupdown script should disable IPv6 address autoconfiguration for underlying interface

Bug #377474 reported by Davíð Steinn Geirsson
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
bridge-utils (Ubuntu)
Fix Released
Wishlist
Unassigned

Bug Description

Binary package hint: bridge-utils

When an interface is configured for bridging in /etc/network/interfaces, the ifup script should disable IPv6 address autoconfiguration on the underlying physical interface. If this is not done, the interface will autoconfigure the same IPv6 address as the bridge to which it is assigned, resulting in two seperate routes for the same subnet. This results in intermittent connectivity, depending on which route is selected, as only the route through the bridge interface will work.

I've fixed this for my machine by adding the following to /etc/sysctl.conf:
net.ipv6.conf.eth1.accept_ra = 0

See further information on this issue in the following blog post:
http://automatthias.wordpress.com/2008/11/16/bridge-and-ipv6-autoconfiguration/

I'm running a fully updated hardy as of 17/05/2009.

Revision history for this message
Chuck Short (zulcss) wrote :

Thanks this might be considered for karmic+1.

Regards
chuck

Changed in bridge-utils (Ubuntu):
status: New → Triaged
Chuck Short (zulcss)
Changed in bridge-utils (Ubuntu):
importance: Undecided → Wishlist
Revision history for this message
Olaf Krische (public-ecopatz) wrote :

Salute,

just wanna bring to notice, that the suggested solution fixed our problem with some of the virtual machines (kvm-85, debian lenny + latest backport, tho).

Not sure, if it belongs into "wishlist" then.

The virtual machines use the bridge "br0" for having their own interface, they run Java and get network traffic constantly.

We had the phenomenon of broken sockets. On the virtual machine the "serving" socket was already gone while on the client side the socket was still intact (established). As if the traffic gets swallowed somewhere.

On the physical machine:

$ cat /etc/network/interfaces

...
auto br0
iface br0 inet static
      address ...
      netmask ...
      network ...
      broadcast ...
      gateway ...
      bridge_ports eth0
      bridge_fd 9
      bridge_hello 2
      bridge_maxage 12
      bridge_stp off

The template for the virtual machine shows:

$ sudo virsh edit virtualmachine
...
    <interface type='bridge'>
      <mac address='53:52:00:24:95:90'/>
      <source bridge='br0'/>
      <target dev='vnet0'/>
      <model type='virtio'/>
...

So when i start the virtual machine:

$ sudo virsh start virtualmachine

it shows:

$ sudo ip -6 route show

fe80::/64 dev br0 ...
fe80::/64 dev eth0 ...
fe80::/64 dev vnet0 ...

And since we did this, as suggested:

$ sudo ip -6 route del fe80::/64 dev eth0
$ sudo ip -6 route del fe80::/64 dev vnet0

everything seems to work fine. The machines are stable now for several days.

Revision history for this message
Santiago Garcia Mantinan (manty) wrote :

Note for the Maintainer: This is fixed on Debian's 1.5-1

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package bridge-utils - 1.5-2ubuntu1

---------------
bridge-utils (1.5-2ubuntu1) oneiric; urgency=low

  * Merge from Debian unstable (LP: #483427, LP: #377474). Remaining changes:
    - Add an upstart job which triggers on each net-device-added event, to
      see whether we need to add this to a bridge.
  * Changes merged in Debian:
    - debian/rules, debian/bridge-utils.sh, debian/dirs, debian/ifupdown.sh:
      factor out the parsing of bridge_ports into a reusable shell library.
  * Replace the upstart job with a udev rule instead; thanks to Manty for
    the suggestion.

bridge-utils (1.5-2) unstable; urgency=low

  * Include Ubuntu's patch to factor out parsing of bridge_ports into
    a reusable shell library.

bridge-utils (1.5-1) unstable; urgency=low

  * New upstream version. Closes: #611761.
  * Relocate ifupdown.sh to /lib/bridge-utils and brctl to /sbin.
    Closes: #569350.
  * Removed SMPNOTES, upstream updated FIREWALL. Closes: #518649.
  * Removed the 30 seconds wait. Closes: #549696.
  * Only suggest ifupdown. Closes: #595115.
  * Remove the versioning from the description. Closes: #595116.
  * Disable ipv6 on the interfaces of the bridge. Closes: #607741.
  * On newer kernels we wait only till we forward. Closes: #549696.
  * Use sleep 0.1 (0.01 was too much), thanks Mikhail. Closes: #572835.
  * Set ret to -1 on errno to avoid returning 0. Closes: #574363.
  * Fix manpage setageing explanation. Closes: #523141.
  * Make it lintian clean again.
 -- Steve Langasek <email address hidden> Sun, 08 May 2011 23:02:24 +0200

Changed in bridge-utils (Ubuntu):
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.