[Dnsmasq-discuss] dnsmasq can be tricked to send invalid RAs
myxal.mxl at gmail.com
Sun Jan 5 13:25:51 GMT 2020
I recently decided to move my dnsmasq+6in4 tunnel setup from Raspbian
to the latest Ubuntu. To keep a long story short, after some
(mis)configuration I ended up with an interface with an IPv6 GUA, but
with no LLA  (a bug/oversight in netplan, I guess ). dnsmasq
does not protest this and will send RAs sourced with GUA, which will
fail validation according to RFC 4861, section 6.1.2.
Not really a problem for my case (AFAIK, an interface should never
lose/stay without its LLA) , just thought you should know.
 Should be reproducible by:
ip addr add dev <device> 2001:db8::1/64
ip -6 addr flush dev <device> scope link
Then for dnsmasq config, use
More information about the Dnsmasq-discuss