Dataone Posted November 30, 2019 Share Posted November 30, 2019 (edited) UPDATE - Bug report submitted here: https://forums.unraid.net/bug-reports/stable-releases/672-ipv6-internet-access-despite-ipv4-only-r754/ UnRaid 6.8.0-rc7. Diagnositcs attached. As the title says, I can access the internet via ipv6 even though I have set ipv4 to only. I am not skilled by any means when it comes to networking, but surely ipv6 should be disabled? br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.1.101 netmask 255.255.255.0 broadcast 0.0.0.0 inet6 fe80::2cb5:9cff:fe94:fd69 prefixlen 64 scopeid 0x20<link> inet6 2404:4408:2375:d500:4216:7eff:fe63:b6ba prefixlen 64 scopeid 0x0<global> ether 40:16:7e:63:b6:ba txqueuelen 1000 (Ethernet) RX packets 254036 bytes 50807042 (48.4 MiB) RX errors 0 dropped 141 overruns 0 frame 0 TX packets 254523 bytes 66927758 (63.8 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 eth0: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST> mtu 1500 inet6 fe80::4216:7eff:fe63:b6ba prefixlen 64 scopeid 0x20<link> ether 40:16:7e:63:b6:ba txqueuelen 1000 (Ethernet) RX packets 258001 bytes 54625894 (52.0 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 254559 bytes 66932531 (63.8 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 wg0: flags=209<UP,POINTOPOINT,RUNNING,NOARP> mtu 1420 inet 10.64.16.210 netmask 255.255.255.255 destination 10.64.16.210 unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 1000 (UNSPEC) RX packets 4796 bytes 3301888 (3.1 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 5047 bytes 789600 (771.0 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 If I manually remove the ipv6 routes through the GUI, ipv6 is disabled for a minute or two before the routes re-populate. If someone could help me figure out why IPv6 is enabled, that would be great. Looks like I might need to just use ipv6.disable=1 as a kernel parameter Thanks tower-diagnostics-20191130-0037.zip Edited December 2, 2019 by Dataone Quote Link to comment
Dataone Posted November 30, 2019 Author Share Posted November 30, 2019 Bump. Would someone with 6.8.0-rc7 be able to verify that with "IPv4 only" all IPv6 access is disabled? Quote Link to comment
Dataone Posted December 1, 2019 Author Share Posted December 1, 2019 "IPv4 + IPv6": root@tower:~# ip route show table all default dev wg0 table 51820 scope link default via 192.168.1.1 dev br0 192.168.1.0/24 dev br0 proto kernel scope link src 192.168.1.101 local 10.64.16.210 dev wg0 table local proto kernel scope host src 10.64.16.210 broadcast 127.0.0.0 dev lo table local proto kernel scope link src 127.0.0.1 local 127.0.0.0/8 dev lo table local proto kernel scope host src 127.0.0.1 local 127.0.0.1 dev lo table local proto kernel scope host src 127.0.0.1 broadcast 127.255.255.255 dev lo table local proto kernel scope link src 127.0.0.1 broadcast 192.168.1.0 dev br0 table local proto kernel scope link src 192.168.1.101 local 192.168.1.101 dev br0 table local proto kernel scope host src 192.168.1.101 broadcast 192.168.1.255 dev br0 table local proto kernel scope link src 192.168.1.101 local ::1 dev lo proto kernel metric 0 pref medium ::1 dev lo proto kernel metric 256 pref medium local 2404:4408:2375:d500:bdb9:e06b:cd34:24bd dev br0 proto kernel metric 0 pref medium 2404:4408:2375:d500::/64 dev br0 proto ra metric 225 pref medium local fe80::4216:7eff:fe63:b6ba dev eth0 proto kernel metric 0 pref medium local fe80::f083:abff:fe7d:721a dev br0 proto kernel metric 0 pref medium fe80::/64 dev br0 proto kernel metric 256 pref medium fe80::/64 dev eth0 proto kernel metric 256 pref medium ff00::/8 dev wg0 metric 256 pref medium ff00::/8 dev br0 metric 256 pref medium ff00::/8 dev eth0 metric 256 pref medium default via fe80::1af1:45ff:fea4:9ff0 dev br0 proto ra metric 225 pref medium "IPv4 only": root@tower:~# ip route show table all default dev wg0 table 51820 scope link default via 192.168.1.1 dev br0 192.168.1.0/24 dev br0 proto kernel scope link src 192.168.1.101 local 10.64.16.210 dev wg0 table local proto kernel scope host src 10.64.16.210 broadcast 127.0.0.0 dev lo table local proto kernel scope link src 127.0.0.1 local 127.0.0.0/8 dev lo table local proto kernel scope host src 127.0.0.1 local 127.0.0.1 dev lo table local proto kernel scope host src 127.0.0.1 broadcast 127.255.255.255 dev lo table local proto kernel scope link src 127.0.0.1 broadcast 192.168.1.0 dev br0 table local proto kernel scope link src 192.168.1.101 local 192.168.1.101 dev br0 table local proto kernel scope host src 192.168.1.101 broadcast 192.168.1.255 dev br0 table local proto kernel scope link src 192.168.1.101 local ::1 dev lo proto kernel metric 0 pref medium ::1 dev lo proto kernel metric 256 pref medium local 2404:4408:2375:d500:4216:7eff:fe63:b6ba dev br0 proto kernel metric 0 pref medium 2404:4408:2375:d500::/64 dev br0 proto kernel metric 256 expires 691200sec pref medium local fe80::1c3a:dcff:fede:bb53 dev br0 proto kernel metric 0 pref medium local fe80::4216:7eff:fe63:b6ba dev eth0 proto kernel metric 0 pref medium fe80::/64 dev br0 proto kernel metric 256 pref medium fe80::/64 dev eth0 proto kernel metric 256 pref medium ff00::/8 dev wg0 metric 256 pref medium ff00::/8 dev br0 metric 256 pref medium ff00::/8 dev eth0 metric 256 pref medium default via fe80::1af1:45ff:fea4:9ff0 dev br0 proto ra metric 1024 expires 298sec hoplimit 64 pref medium The only difference I see between the two is a different IPv6 IP for the br0 interface. Quote Link to comment
Frank1940 Posted December 2, 2019 Share Posted December 2, 2019 By any chance does your router and/or modem support IPv6 and is it turned on? As I recall, all IPv4 addresses map seamlessly into IPv6 space so the issue may be largely academic if everything is compatible with IPv6. I believe it is when you attempt to use IPv6 in an IPv4 only system that things get wacky. The problem is that the world is running out of addresses in the IPV4 environment. I understand that India is already in that state. Again relying on my memory, I think cellphones are one of the major drivers in the demand for IP addresses as many of them are using the Internet for more of their features. Quote Link to comment
Dataone Posted December 2, 2019 Author Share Posted December 2, 2019 (edited) 10 minutes ago, Frank1940 said: By any chance does your router and/or modem support IPv6 and is it turned on? Hi, My modem does support IPv6, and Unraid appears to be using it to access certain domains. (Notably google) I suppose my issue here is that I believe Unraid should not be assigning IPv6 adresses to interfaces nor even have the routes available when set to "IPv4 only". However, ideally yes, I should be setting up my network to be compatible with IPv6 but for the moment I'd prefer if everything was disabled rather than left in a default state until I decide to manually configure it. (I believe it's using DHCPv6?) Cheers Edited December 2, 2019 by Dataone Quote Link to comment
ken-ji Posted December 2, 2019 Share Posted December 2, 2019 Its not DHCPv6, but rather SLAAC which built in to the Linux kernel if the IPv6 module is loaded (or compiled in) your router is sending RA (router advertisement) packets, which tells IPv6 devices that support SLAAC what the /64 prefix should be and the (client generates the other 64bits via MAC to EUI-64 or some RNG (privacy address) You could turn it off with the following sysctl tunables net.ipv6.conf.default.accept_ra = 0 net.ipv6.conf.all.accept_ra = 0 Quote Link to comment
Dataone Posted December 2, 2019 Author Share Posted December 2, 2019 3 minutes ago, ken-ji said: Its not DHCPv6, but rather SLAAC which built in to the Linux kernel if the IPv6 module is loaded (or compiled in) your router is sending RA (router advertisement) packets, which tells IPv6 devices that support SLAAC what the /64 prefix should be and the (client generates the other 64bits via MAC to EUI-64 or some RNG (privacy address) You could turn it off with the following sysctl tunables net.ipv6.conf.default.accept_ra = 0 net.ipv6.conf.all.accept_ra = 0 Thanks for the info, do you know if the routes showing with "IPv4 only" is a bug/unintended behaviour? It still doesn't seem like IPv6 should be doing anything with that network setting presumably disabled. Cheers Quote Link to comment
ken-ji Posted December 2, 2019 Share Posted December 2, 2019 I think the IPv6 setting is just for the UI to allow setting a static address or enable DHCPv6 Perhaps you can file a bug report/ feature request to properly enable/disable the IPv6 address (SLAAC or not) Quote Link to comment
Dataone Posted December 2, 2019 Author Share Posted December 2, 2019 Alright, will do. Thanks Quote Link to comment
Dataone Posted December 2, 2019 Author Share Posted December 2, 2019 Bug report submitted here: https://forums.unraid.net/bug-reports/stable-releases/672-ipv6-internet-access-despite-ipv4-only-r754/ Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.