No IPv6 and "IPv6 duplicate address" with IPv6 privacy extensions on

Bug #1120617 reported by Sander Jonkers on 2013-02-09
28
This bug affects 6 people
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Medium
Unassigned

Bug Description

Short:

I get no public IPv6 address and "IPv6 duplicate address" in dmesg with IPv6 privacy extensions on.
Disabling DAD does not solve it.
Disabling privacy extension with "net.ipv6.conf.all.use_tempaddr=-1" in /etc/sysctl.conf, works as a workaround: I get the public IPv6 address based on my MAC address.

This is a bug; privacy extensions should not disable IPv6.

FWIW: on the same LAN, both Windows 7 and Android 4.x do get a public IPv6. For Windows 7, I'm sure it's IPv6 address with privacy extension.

Long:

Since some time I did not get a public IPv6 address anymore (provided natively by my ISP). Some lines from dmesg:

[51849.455380] IPv6: wlan0: IPv6 duplicate address 2a00:cd8:blabla:1af4:6aff:fe9c:ced4 detected!
[52038.685221] IPv6: wlan0: IPv6 duplicate address 2a00:cd8:blabla:1af4:6aff:fe9c:ced4 detected!
[52208.691846] IPv6: wlan0: IPv6 duplicate address 2a00:cd8:blabla:1af4:6aff:fe9c:ced4 detected!
[52393.831468] IPv6: wlan0: IPv6 duplicate address 2a00:cd8:blabla:1af4:6aff:fe9c:ced4 detected!
[52546.966404] IPv6: wlan0: IPv6 duplicate address 2a00:cd8:blabla:1af4:6aff:fe9c:ced4 detected!
[52713.804952] IPv6: wlan0: IPv6 duplicate address 2a00:cd8:blabla:1af4:6aff:fe9c:ced4 detected!

I tried to disabled duplicate detection like below, but that didn't work:

sander@R540:~$ sudo sysctl net.ipv6.conf.eth0.accept_dad
net.ipv6.conf.eth0.accept_dad = 1

sander@R540:~$ sudo sysctl net.ipv6.conf.eth0.accept_dad=0
net.ipv6.conf.eth0.accept_dad = 0

I got this in dmesg:

[58037.095963] IPv6: wlan0: IPv6 duplicate address 2a00:cd8:blabla:1af4:6aff:fe9c:ced4 detected!
[58037.519619] IPv6: wlan0: IPv6 duplicate address 2a00:cd8:blabla:cdb:467c:e1e6:7532 detected!
[58038.424991] IPv6: wlan0: IPv6 duplicate address 2a00:cd8:blabla:58eb:c65e:25e:b3c7 detected!
[58039.141499] IPv6: wlan0: IPv6 duplicate address 2a00:cd8:blabla:a413:1a:2614:e16a detected!
[58039.141507] IPv6: ipv6_create_tempaddr: regeneration time exceeded - disabled temporary address support

It seemed that after a fresh boot, there was a public IPv6 for a few seconds, which then disappeared.

"rdisc6 wlan0" shows a correct function advertisement.

Somewhere in the trial-and-error process, I also got:

[14790.090074] ICMPv6: NA: someone advertises our address 2a00:0cd8:blabla:1182:7070:8ebf:4fe1 on wlan0!
[14790.090228] ICMPv6: NA: someone advertises our address 2a00:0cd8:blabla:1af4:6aff:fe9c:ced4 on wlan0!

I finally fell back to this workaround:
Disabling privacy extension with "net.ipv6.conf.all.use_tempaddr=-1" in /etc/sysctl.conf, works as a workaround: I get the public IPv6 address based on my MAC address.

See more info here: http://ubuntuforums.org/showthread.php?p=12501110

FWIW: My modem is a Zyxel P-2812HNU-F1 with firmware V3.11(TUE.5)-2_20121211. I don't think this bug is related to the modem, as:
- rdisc6 works
- MAC based IPv6 works
- other devices work

As I'm now forced to use my MAC based IPv6 address, which means less privacy and thus less security, I'll mark this also as a security related bug.

ProblemType: Bug
DistroRelease: Ubuntu 12.10
Package: linux-image-3.5.0-21-generic 3.5.0-21.32
ProcVersionSignature: Ubuntu 3.5.0-21.32-generic 3.5.7.1
Uname: Linux 3.5.0-21-generic x86_64
ApportVersion: 2.6.1-0ubuntu10
Architecture: amd64
AudioDevicesInUse:
 USER PID ACCESS COMMAND
 /dev/snd/controlC0: sander 2644 F.... pulseaudio
CRDA:
 country NL:
  (2402 - 2482 @ 40), (N/A, 20)
  (5170 - 5250 @ 40), (N/A, 20), NO-OUTDOOR
  (5250 - 5330 @ 40), (N/A, 20), NO-OUTDOOR, DFS
  (5490 - 5710 @ 40), (N/A, 27), DFS
Date: Sat Feb 9 22:08:08 2013
HibernationDevice: RESUME=UUID=56ea62f2-0b4c-4dc9-9f41-b3423fccfa31
InstallationDate: Installed on 2012-06-27 (227 days ago)
InstallationMedia: Ubuntu 12.04 LTS "Precise Pangolin" - Release amd64 (20120425)
MachineType: SAMSUNG ELECTRONICS CO., LTD. R530/R730/R540
MarkForUpload: True
ProcEnviron:
 TERM=xterm
 PATH=(custom, no user)
 XDG_RUNTIME_DIR=<set>
 LANG=en_US.UTF-8
 SHELL=/bin/bash
ProcFB: 0 inteldrmfb
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.5.0-21-generic root=UUID=97828b35-0e7b-4cf2-9854-ae33c942d4bd ro quiet splash
RelatedPackageVersions:
 linux-restricted-modules-3.5.0-21-generic N/A
 linux-backports-modules-3.5.0-21-generic N/A
 linux-firmware 1.95
SourcePackage: linux
UpgradeStatus: Upgraded to quantal on 2012-10-19 (113 days ago)
dmi.bios.date: 06/21/2010
dmi.bios.vendor: Phoenix Technologies Ltd.
dmi.bios.version: 08JV.M029.20100621.hkk
dmi.board.asset.tag: Tag 12345
dmi.board.name: R530/R730/R540
dmi.board.vendor: SAMSUNG ELECTRONICS CO., LTD.
dmi.board.version: Not Applicable
dmi.chassis.asset.tag: No Asset Tag
dmi.chassis.type: 9
dmi.chassis.vendor: SAMSUNG ELECTRONICS CO., LTD.
dmi.chassis.version: N/A
dmi.modalias: dmi:bvnPhoenixTechnologiesLtd.:bvr08JV.M029.20100621.hkk:bd06/21/2010:svnSAMSUNGELECTRONICSCO.,LTD.:pnR530/R730/R540:pvrNotApplicable:rvnSAMSUNGELECTRONICSCO.,LTD.:rnR530/R730/R540:rvrNotApplicable:cvnSAMSUNGELECTRONICSCO.,LTD.:ct9:cvrN/A:
dmi.product.name: R530/R730/R540
dmi.product.version: Not Applicable
dmi.sys.vendor: SAMSUNG ELECTRONICS CO., LTD.

Sander Jonkers (jonkers) wrote :
information type: Private Security → Public
Sander Jonkers (jonkers) wrote :

PS:

I also checked my netbook with Ubuntu 11.10, and it showed the same problem. It might be I have turned on privacy extensions on that device.
I also ran a fresh Ubuntu 12.10 from a USB stick, and it showed the same problem
net.ipv6.conf.all.use_tempaddr=0 (instead of -1) also gives a workaround, but it takes about 5 minutes before wlan0 gets a public IPv6 address

This change was made by a bot.

Changed in linux (Ubuntu):
status: New → Confirmed
Sander Jonkers (jonkers) wrote :

Ouch: as described above, I tried

net.ipv6.conf.eth0.accept_dad = 0

which didn't work ... but I'm using wlan0, so I tried

net.ipv6.conf.wlan0.accept_dad = 0

and that works. So turning off DAD / Duplicate Address Detection is a much better workaround:
1) I do get a private extension IPv6 address (on top of the MAC based IPv6 address)
2) no more annoying messages in dmesg

NB: It's still a bug.

Joseph Salisbury (jsalisbury) wrote :

Would it be possible for you to test the latest upstream kernel? Refer to https://wiki.ubuntu.com/KernelMainlineBuilds . Please test the latest v3.8 kernel[0] (Not a kernel in the daily directory) and install both the linux-image and linux-image-extra .deb packages.

If this bug is fixed in the mainline kernel, please add the following tag 'kernel-fixed-upstream'.

If the mainline kernel does not fix this bug, please add the tag: 'kernel-bug-exists-upstream'.

If you are unable to test the mainline kernel, for example it will not boot, please add the tag: 'kernel-unable-to-test-upstream'.
Once testing of the upstream kernel is complete, please mark this bug as "Confirmed".

Thanks in advance.

[0] http://kernel.ubuntu.com/~kernel-ppa/mainline/v3.8-rc7-raring/

Changed in linux (Ubuntu):
importance: Undecided → Medium
status: Confirmed → Incomplete
Sander Jonkers (jonkers) wrote :

Joseph, thanks for your reply.

It's a long time that I upgraded a kernel, so maybe I'm wrong, but I don't see a 3.8 for Quantal (which I'm running). Only for Raring. See below. Tips?

But maybe this is easier for me: run Raring daily from a USB stick. I Checked Raring daily in a VM, and it has 3.8.0.-6-generic.
Would that method be useful and would it answer your question?

Sander

sander@R540:~$ lynx --dump http://kernel.ubuntu.com/~kernel-ppa/mainline/ | grep '3\.8'
   [DIR] [447]v3.3.8-quantal/ 04-Jun-2012 18:11 -
   [DIR] [545]v3.8-rc1-raring/ 22-Dec-2012 02:58 -
   [DIR] [546]v3.8-rc2-raring/ 03-Jan-2013 03:59 -
   [DIR] [547]v3.8-rc3-raring/ 10-Jan-2013 03:59 -
   [DIR] [548]v3.8-rc4-raring/ 18-Jan-2013 05:01 -
   [DIR] [549]v3.8-rc5-raring/ 25-Jan-2013 21:12 -
   [DIR] [550]v3.8-rc6-raring/ 01-Feb-2013 03:02 -
   [DIR] [551]v3.8-rc7-raring/ 08-Feb-2013 22:13 -
 447. http://kernel.ubuntu.com/~kernel-ppa/mainline/v3.3.8-quantal/
 545. http://kernel.ubuntu.com/~kernel-ppa/mainline/v3.8-rc1-raring/
 546. http://kernel.ubuntu.com/~kernel-ppa/mainline/v3.8-rc2-raring/
 547. http://kernel.ubuntu.com/~kernel-ppa/mainline/v3.8-rc3-raring/
 548. http://kernel.ubuntu.com/~kernel-ppa/mainline/v3.8-rc4-raring/
 549. http://kernel.ubuntu.com/~kernel-ppa/mainline/v3.8-rc5-raring/
 550. http://kernel.ubuntu.com/~kernel-ppa/mainline/v3.8-rc6-raring/
 551. http://kernel.ubuntu.com/~kernel-ppa/mainline/v3.8-rc7-raring/
sander@R540:~$

Sander Jonkers (jonkers) wrote :

I'm now running 13.04-to-be Raring Ringtail daily version (so 2013-02-12), with Linux 3.8.0-6-generic, and ... exactly the same behaviour:

After connecting to the Wifi, two public IPv6 address appear on the wlan0, and then disappear within a second or so. And dmesg says:

[ 280.076792] IPv6: wlan0: IPv6 duplicate address 2a00:cd8:blabla:1dc0:6e87:d414:43ad detected!
[ 280.485760] IPv6: wlan0: IPv6 duplicate address 2a00:cd8:blabla:1af4:6aff:fe9c:ced4 detected!
[ 280.894809] IPv6: wlan0: IPv6 duplicate address 2a00:cd8:blabla:94b4:2566:5e86:dfc2 detected!
[ 281.099125] IPv6: wlan0: IPv6 duplicate address 2a00:cd8:blabla:6d25:db13:c7bd:e28d detected!
[ 281.099132] IPv6: ipv6_create_tempaddr: regeneration time exceeded - disabled temporary address support
[ 433.114565] IPv6: wlan0: IPv6 duplicate address 2a00:cd8:blabla:1af4:6aff:fe9c:ced4 detected!
[ 589.423402] IPv6: wlan0: IPv6 duplicate address 2a00:cd8:blabla:1af4:6aff:fe9c:ced4 detected!
[ 773.027247] IPv6: wlan0: IPv6 duplicate address 2a00:cd8:blabla:1af4:6aff:fe9c:ced4 detected!

So, my conclusion: NOT fixed in upstream. I will add the tag 'kernel-bug-exists-upstream'.

FWIW: I did

sudo sysctl net.ipv6.conf.wlan0.accept_dad=0

and after a few minutes, one public IPv6 address (the MAC-based one) appeared on wlan0. So ... same behaviour again.

After disabling Wifi (but still net.ipv6.conf.wlan0.accept_dad=0) and enabling it again, two IPv6 addresses appeared: the MAC-based one, and another one (so: with privacy extensions).

ubuntu@ubuntu:~$ uname -a
Linux ubuntu 3.8.0-6-generic #11-Ubuntu SMP Mon Feb 11 16:02:49 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux

ubuntu@ubuntu:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu Raring Ringtail (development branch)
Release: 13.04
Codename: raring
ubuntu@ubuntu:~$

tags: added: kernel-bug-exists-upstream
Sander Jonkers (jonkers) wrote :

PS:

1) FWIW: I'm running the 13.04 from a live-USB-stick
2) To avoid confusion: I did the "sudo sysctl net.ipv6.conf.wlan0.accept_dad=0" part after seeing the default behaviour was buggy. So the above report is in chronological order.

Sander Jonkers (jonkers) wrote :

FWIW:

I tested OpenSuSE 12.2, and it has the same problem as Ubuntu 12.10. So, conclusion: not a Ubuntu-only problem.

However:

I tested Raspbian (a Debian derivative , Linux 3.6.11 on armv6l) on my Raspberry Pi, and it has NOT the problem. Settings:

pi@raspberrypi ~ $ sudo sysctl net.ipv6.conf.eth0.use_tempaddr
net.ipv6.conf.eth0.use_tempaddr = 2
pi@raspberrypi ~ $ sudo sysctl net.ipv6.conf.eth0.accept_dad
net.ipv6.conf.eth0.accept_dad = 1
pi@raspberrypi ~ $

... so Privacy Extensions on (and the Raspi does show a privacy IPv6 address on eth0), and DAD is on (and shows no problems).

I'm surprised it the problem does not occur on the Raspbian.

Could it be hardware-related? I would say: Not likely, as the problem both on my laptop and on my netbook.
Is it processor related (x86 versus ARM)?

Sander Jonkers (jonkers) wrote :

One Step Further:

A big difference between the Laptop and Netbook versus the Raspi: the laptop and netbook are connected via Wifi, the Raspi via wired ethernet. So is it wlan related?

So let's test that hypothesis.
I booted a fresh Ubuntu on a third laptop, connected via Wifi, and I had the Duplicate problem
I rebooted the system, and connected via wired ethernet, and I did NOT have the duplicate problem!

So the problem is related to Linux on Wifi. It does not happen with Linux on wired (and not on Android via Wifi and not on Windows via Wifi)

Does this ring a bell?

Is there anything I can check with ethereal / wireshark?

JB (joost-w) wrote :

Think it's a modem/modem firmware issue.
I'm experiencing the same behavior on WiFi when using the Zyxel P-2812HNU-F1 with firmware V3.11(TUE.5) ( telfort )
With MacOSX, IOS and Linux. Autogen fails, manual works.
On the wire no problems.

Sander Jonkers (jonkers) wrote :

Thanks to further analysis of Joost, the problem seems to be in the Zyxel firmware, not in Ubunt / Linux: problem occurs after changing the default SSID name to something else. See https://forum.telfort.nl/pilots-feedback-273/ipv6-p-2812hnu-f1-wifi-dad-33361/ (warning: Dutch)

Launchpad Janitor (janitor) wrote :

[Expired for linux (Ubuntu) because there has been no activity for 60 days.]

Changed in linux (Ubuntu):
status: Incomplete → Expired
Sander Jonkers (jonkers) wrote :

In a new setup (Sitecom router, no more Zyxel) and Ubuntu 13.10, I still have the same problem via Wifi:

[ 1782.075212] IPv6: wlan0: IPv6 duplicate address 2001:abc:1234:b45d:1af4:6aff:fe9c:ced4 detected!
[ 1813.616483] IPv6: wlan0: IPv6 duplicate address 2001:abc:1234:b45d:1af4:6aff:fe9c:ced4 detected!
[ 1868.605625] IPv6: wlan0: IPv6 duplicate address 2001:abc:1234:b45d:1af4:6aff:fe9c:ced4 detected!
[ 1899.938703] IPv6: wlan0: IPv6 duplicate address 2001:abc:1234:b45d:1af4:6aff:fe9c:ced4 detected!
[ 1955.019861] IPv6: wlan0: IPv6 duplicate address 2001:abc:1234:b45d:1af4:6aff:fe9c:ced4 detected!
[ 2011.786209] IPv6: wlan0: IPv6 duplicate address 2001:abc:1234:b45d:1af4:6aff:fe9c:ced4 detected!
[ 2069.830439] IPv6: wlan0: IPv6 duplicate address 2001:abc:1234:b45d:1af4:6aff:fe9c:ced4 detected!

and my wlan0 gets no public IPv6 address.

Problem goes away with "sudo sysctl net.ipv6.conf.wlan0.accept_dad=0"

Some analysis would be nice.

BryanFRitt (bryanfritt) wrote :

workarounds:

sudo sysctl net.ipv6.conf.wlan0.accept_dad=0
followed by disconnecting and reconnecting wireless gets IPv6 back for me for the session, and
adding 'net.ipv6.conf.wlan0.accept_dad=0' to '/etc/sysctl.conf' got IPv6 to work on reboots.

without that command:

IPv6 works on my Orange PI (wired/wireless, with the same router).
IPv6 worked on my ethernet port(well it did before it broke - don't force in/out uncrimped cable ends)

IPv6 seamed to work on this system with another router when doing wireless. (brief impromptu test, forgot if I already issued the sysctl command)

(Debian 8)

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers