Univention Bugzilla – Bug 33986
not possible to add multiple IPv6 addresses in same subnet to an interface
Last modified: 2015-06-17 18:15:59 CEST
Created attachment 5748 [details] Fix duplicate IPv6 detection UMC → Basic Settings → Network → IP Network Interfaces 2001:4dd0:ff00:8c42:ff17:5254:008a:19d0 80 default 2001:4dd0:ff00:8c42:ff17:5254:008a:19d1 80 second $ tail /etc/network/interfaces ... # ERROR: duplicate IPv6 address in interfaces/eth0/ipv6/second/* iface eth0 inet6 static # default address 2001:4dd0:ff00:8c42:ff17:5254:008a:19d0 netmask 80 Patch description for base/univention-base-files/conffiles/etc/network/interfaces.d/10-default: 1. Use the IPv6Address and not the IPv6Network for duplicate checking (similar bug was Bug #33258 in USS) 2. ipv6_interfaces only returned the already validated addresses, that is an incomplete address (address/prefix missing or invalid) is never returned, so the message never shows. Use all_interfaces instead, which returns all interfaces.
Unfortunately this fix is not enough. The second address will be added with a netmask of 128 which is obviously wrong. I've applied your patch, `ucr commit`ted, and even rebooted. Here's the result: root@trinculo:~# ucr dump|grep ipv6 dns/ipv6: yes interfaces/eth0/ipv6/acceptRA: false interfaces/eth0/ipv6/default/address: fd01:6f8:13dc:3::8 interfaces/eth0/ipv6/default/prefix: 64 interfaces/eth0/ipv6/ns1/address: fd01:6f8:13dc:3::2 interfaces/eth0/ipv6/ns1/prefix: 64 ipv6/gateway: fd01:6f8:13dc:3::feed:1 root@trinculo:~# ip -6 a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 1000 inet6 fd01:6f8:13dc:3::2/128 scope global tentative dadfailed valid_lft forever preferred_lft forever inet6 fd01:6f8:13dc:3::8/64 scope global valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fe21:a0bf/64 scope link valid_lft forever preferred_lft forever That second address (fd01:6f8:13dc:3::2) will never amount to something useful.
…and the reason is easy to see. /etc/univention/templates/files/etc/network/interfaces.d/10-default does not write the prefix into /etc/network/interfaces. And »ip address add $ipv6 dev $device« defaults to a prefix of 128 if it isn't given.
Meh, sorry for the noise. It does work with /128 as the prefixlen (or no prefixlen given at all); I just failed to see my own SNAFU of the failed DAD detection.
Created attachment 5797 [details] Fix duplicate IPv6 detection, add prefix for multiple IPv6 (In reply to Moritz Bunkus from comment #2) > …and the reason is easy to see. > /etc/univention/templates/files/etc/network/interfaces.d/10-default does not > write the prefix into /etc/network/interfaces. And »ip address add $ipv6 dev > $device« defaults to a prefix of 128 if it isn't given. Thank you for your replay; the patch is indeed incomplete, as your problem is actually a different problem. Fix additional fix looks quiet simple: Just remove the ".ip" from "addr.ip" in both line 108/109 of /etc/univention/templates/files/etc/network/interfaces.d/10-default where the lines "ip -6 addr {add,del} %s dev %s" are printed. After that "ucr commit /etc/network/interfaces" to re-generate that file and to restart the network. I've attached a new patch, which I have only testes briefly. Your feedback is appreciated, either when it works or still doesn't.
The patch works to resolve the duplicate detection issue. Code review: OK
Patch applied. Advisory: 2015-05-13-univention-base-files.yaml
OK: 2015-05-13-univention-base-files.yaml OK: r60679 OK: aptitude install '?source-package(univention-base-files)~i' OK: diff /etc/network/interfaces IGNORED: Bug #35694 by also updating "univention-config"
<http://errata.univention.de/ucs/4.0/206.html>