4 Replies Latest reply on Aug 2, 2018 11:16 PM by noelraxit

    Connected route exists for a DUP IPV6 address.

    noelraxit Employee
    noelraxit Jul 26, 2018 10:37 PM

      Hey Guys,

       

      I have 2 routers connected back to back. R1 and R2.

      On R1, I've configured an IPv6 address 4444::2/64.

      Now on R2, I've configured the same IPV6 address 4444::2/64.

       

      When I see the show ipv6 interface on R2, it detects the address as duplicate and marks it DUP.

      But when I see the routing table of R2, a connected route for that network exists.

       

       

      R2#show ipv6 interface

      Ethernet0/0 is up, line protocol is up

        IPv6 is enabled, link-local address is FE80::CE02:1BFF:FE1C:0

        Global unicast address(es):

          4444::2, subnet is 4444::/64 [DUP]

        Joined group address(es):

          FF02::1

          FF02::2

          FF02::1:FF00:2

          FF02::1:FF1C:0

        MTU is 1500 bytes

        ICMP error messages limited to one every 100 milliseconds

        ICMP redirects are enabled

        ND DAD is enabled, number of DAD attempts: 1

        ND reachable time is 30000 milliseconds

      R2#

      R2#

      R2#show ipv6 route

      IPv6 Routing Table - 3 entries

      Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP

             U - Per-user Static route

             I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary

             O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2

             ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2

      C   4444::/64 [0/0]

           via ::, Ethernet0/0

      L   FE80::/10 [0/0]

           via ::, Null0

      L   FF00::/8 [0/0]

           via ::, Null0

       

       

      Please let me know is this correct?

      I assume that when an interface which has a duplicate IPv6 address should not be processed and therefore corresponding route should be removed or marked as not forwarding.

       

      Kindly help!

      • 366 Views
      • Categories: Routing
      • Tags:
        • Re: Connected route exists for a DUP IPV6 address.
          jayh Hall_of_Fame
          jayh Aug 1, 2018 4:49 PM (in response to noelraxit)

          noelraxit wrote:

           

          Hey Guys,

           

          I have 2 routers connected back to back. R1 and R2.

          On R1, I've configured an IPv6 address 4444::2/64.

          Now on R2, I've configured the same IPV6 address 4444::2/64.

          Don't do that. It won't work. There are over 18 quadrillion addresses in that subnet to choose from.

           

          When I see the show ipv6 interface on R2, it detects the address as duplicate and marks it DUP.

          That's because there is a duplicate address.

           

          But when I see the routing table of R2, a connected route for that network exists.

          That's normal. The subnet is on a directly connected interface which is physically and logically up. You obviously won't be able to pass traffic between R2 and R1 but if there were a third device on the subnet with a different address it would be reachable. Keep in mind that you can have multiple IPv6 addresses on the same interface. Just because one is a duplicate doesn't shut the interface down.

          1 of 1 people found this helpful
            • Re: Connected route exists for a DUP IPV6 address.
              noelraxit Employee
              noelraxit Aug 1, 2018 11:21 PM (in response to jayh)

              Thanks for writing Jayh,

               

              It is clear that when an IP address is duplicate the traffic will not flow.

               

              Keep in mind that you can have multiple IPv6 addresses on the same interface. Just because one is a duplicate doesn't shut the interface down.

              Lets assume we have an IPv6 address from a different subnet, then what is the point to have a connected route of a duplicate IPv6 address in the routing table.

               

              And does the router clears the duplicate IPv6 address after some hold-off time?
              I read somewhere about windows OS that, if a duplicate IPv6 address is detected it would be flushed/removed from the interface. However, I'm not sure about this behavior and also if it is applicable on routers!

                • Re: Connected route exists for a DUP IPV6 address.
                  jayh Hall_of_Fame
                  jayh Aug 2, 2018 9:34 AM (in response to noelraxit)

                  noelraxit wrote:

                   

                  Lets assume we have an IPv6 address from a different subnet, then what is the point to have a connected route of a duplicate IPv6 address in the routing table.

                   

                  And does the router clears the duplicate IPv6 address after some hold-off time?
                  I read somewhere about windows OS that, if a duplicate IPv6 address is detected it would be flushed/removed from the interface. However, I'm not sure about this behavior and also if it is applicable on routers!

                  The router has its address manually configured. Duplicate address detection indeed sees the duplicate address but the device can't determine if it is misconfigured or some other host on the subnet is misconfigured. If a router were to shut down its interface because of a duplicate address it would be trivial to DoS the LAN either deliberately or accidentally simply by configuring a machine with the router's address. Hosts such as Windows boxes will disable a duplicate address. Macintosh does this for IPv4 as well. Having a router shut down its LAN interface due to an addressing conflict somewhere on the LAN wouldn't scale at all well.

                   

                  As far as the local routing table is concerned, the interface is up and connected so the subnet shows as a connected route.