Hyper-V NIC cannot pass IPv6 UDP packets by default until protocol offload is disabled
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Confirmed
|
Medium
|
Unassigned |
Bug Description
Hi,
On a client server, I can't get a response from a name server in ipv6+udp. On the same server, it works fine in tcp.
If I log on my name server, I can get a response from himself but, as a client, it can't get a response from another name server.
here are the steps to reproduce :
- Create a new server using Ubuntu server 16.04. Set it to use ipv4 and use your preferred name server. Select absolutely nothing as functionality.
- check some nslookup and apt-get stuff to verify network is OK
- add ipv6 to the interface and refer to an IPV6 nameserver. I have 3 and thats why I noticed the problem >> All 3 ipv6 nameservers are filling the 3 places in resolv.conf.
- if you don't have 3 ipv6 nameservers, just add one and comment the line with the ipv4 name server.
- verify your resolv.conf. Should only content ipv6 reference.
- Now, you can't nslookup anymore...
- add some tests : "dig @ipv4server google.com" works but "dig @ipv6server google.com" don't
Here a more tests :
Nameserver1 : Nameserver1.
Client StandAloneServe
With IPV4
# dig @XXX.YYY.ZZZ.226 www.google.fr
/var/log/
20-May-2016 12:25:02.834 queries: info: client XXX.YYY.
Tcp Dump on Nameserver1:
12:25:02.834092 IP StandAloneServe
12:25:02.834395 IP Nameserver1.
Tcp Dump on Client
12:25:02.668200 IP StandAloneServe
12:25:02.669573 IP Nameserver1.
RESULT:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> @XXX.YYY.ZZZ.226 www.google.fr
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49591
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 5
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.google.fr. IN A
;; ANSWER SECTION:
www.google.fr. 300 IN A 216.58.210.195
;; AUTHORITY SECTION:
google.fr. 171625 IN NS ns1.google.com.
[TRUNCATED]
WITH IPV6
# dig @xxxx:yyyy:
NOTE : I only asked once, it created 3 queries with 5 secs d’intervalle environ
/var/log/
20-May-2016 12:32:34.902 queries: info: client xxxx:yyyy:
20-May-2016 12:32:39.902 queries: info: client xxxx:yyyy:
20-May-2016 12:32:44.902 queries: info: client xxxx:yyyy:
Tcp Dump on Nameserver1:
12:32:34.902598 IP6 StandAloneServe
12:32:34.902994 IP6 Nameserver1.
…
12:32:39.902644 IP6 StandAloneServe
12:32:39.902975 IP6 Nameserver1.
…
12:32:39.902644 IP6 StandAloneServe
12:32:39.902975 IP6 Nameserver1.
Tcp Dump on Client12:
12:32:34.726036 IP6 Nameserver1.
…
12:32:39.725199 IP6 StandAloneServe
12:32:39.726045 IP6 Nameserver1.
…
12:32:44.725288 IP6 StandAloneServe
12:32:44.725944 IP6 Nameserver1.
RESULT
; <<>> DiG 9.10.3-P4-Ubuntu <<>> @xxxx:yyyy:
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached
but, if I do the same query with the tcp flag, all is OK :
# dig +tcp @xxxx:yyyy:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> +tcp xxxx:yyyy:zzzz::226 www.google.fr
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41105
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 5
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.google.fr. IN A
;; ANSWER SECTION:
www.google.fr. 300 IN A 216.58.210.195
One colleague, linux expert, pointed me to this : #1527902
he did some strace and find : {1463755505, 995830}, NULL) = 0 28)={sa_ family= AF_INET6, sin6_port= htons(53) , inet_pton(AF_INET6, "2001:660: 660c:120: :226", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, msg_iov( 1)=[{"\ 236\207\ 1 \ 0\0\0\1\ 3www\6google\ 2fr\0\0\ 1\0\1\0" ..., 42}], msg_controllen=0, msg_flags=0}, 0) = 42 5d0a4, FUTEX_WAIT_PRIVATE, 3, NULL <unfinished ...> 0\0\375\ 377\377\ 377", 8) = 8
60735 gettimeofday(
60735 sendmsg(20, {msg_name(
0\1\0\0\
60735 futex(0x7f7ab32
60737 <... epoll_wait resumed> [{EPOLLIN, {u32=3, u64=3}}], 64, -1) = 1
60737 read(3, "\24\0\
60737 epoll_ctl(5, EPOLL_CTL_ADD, 20, {EPOLLIN, {u32=20, u64=20}}) = 0
60737 read(3, 0x7f7aac706e40, 8) = -1 EAGAIN (Resource temporarily unavailable)
60737 epoll_wait(5, <unfinished ...>
60736 <... futex resumed> ) = -1 ETIMEDOUT (Connection timed out)