1

So I have a situation in which one physical interface (as a result, one MAC) hosts several VLANs in a bond. Seeing as the link-local address in IPv6 is generated from the MAC address all my VLANs end up with the same link-local address. This causes issues in the system.

Is this a known limitation of IPv6? Is there some accepted workaround beyond going into the kernel code and changing the way link-local addresses are assigned?

TheFooBarWay
  • 594
  • 1
  • 7
  • 17
  • 2
    Can you explain what issue you are facing. As far as I know, link local address is intended to generate from MAC of your NIC. By default it assigns, but you can change them manually. If the frames your system generating is same MAC with different vlan tags, then it should not be an issue – Deepaklal Sep 18 '17 at 05:00

1 Answers1

4

Is this a known limitation of IPv6? Is there some accepted workaround beyond going into the kernel code and changing the way link-local addresses are assigned?

No, this is not an issue, since one link-local address is affected to the physical interface and the other link-local addresses are affected to the vlan interfaces. Each link-local address can be distinguished by its associated network interface.

Here is an example:

  • you have an eth0 physical interface
  • your switch is configured to have several 802.1Q vlans on this interface:
    • the native vlan is, for instance, 200
    • the tagged vlan are 101 and 102

Therefore, you will have the following configuration for your interfaces:

% ifconfig eth0
eth0      Link encap:Ethernet  HWaddr C0:3F:D5:33:13:79
          adr inet6: fe80::c23f:d5ff:fe33:1379/64 Scope:Lien
% ifconfig vlan101
vlan101   Link encap:Ethernet  HWaddr C0:3F:D5:33:13:79
          adr inet6: fe80::c23f:d5ff:fe33:1379/64 Scope:Lien
% ifconfig vlan102
vlan102   Link encap:Ethernet  HWaddr C0:3F:D5:33:13:79
          adr inet6: fe80::c23f:d5ff:fe33:1379/64 Scope:Lien

Note: if you are on Linux, you should use ip address show instead of ifconfig, to use the state-of-the-art iproute2 Linux networking interface.

As you can see, the HWaddr and the link local addresses are the same. But since a link local address need to be scoped in a vlan, there is no problem for the kernel, nor for your switch and other hosts.

To ping the link-local on vlan101, you do:

ping6 fe80::c23f:d5ff:fe33:1379%vlan101

This way, the address is associated with the interface name and no confusion is possible.

Alexandre Fenyo
  • 4,526
  • 1
  • 17
  • 24
  • I see, that makes sense. And when looking at the VLAN in the linux code, does its net_device contain an address that already specifies the relevant VLAN scope/id? At what level does the system know that it's a VLAN and the lik-local address itself is not enough? Would it be transparent for the various protocols like NDP? – TheFooBarWay Sep 18 '17 at 11:23