[Dnsmasq-discuss] dnsmasq can be tricked to send invalid RAs

Simon Kelley simon at thekelleys.org.uk
Sun Jan 5 17:39:03 GMT 2020

On 05/01/2020 13:25, Michal Zatloukal wrote:
> Hello.
> I recently decided to move my dnsmasq+6in4 tunnel setup from Raspbian
> to the latest Ubuntu. To keep a long story short, after some
> (mis)configuration I ended up with an interface with an IPv6 GUA, but
> with no LLA [0] (a bug/oversight in netplan, I guess [1]). dnsmasq
> does not protest this and will send RAs sourced with GUA, which will
> fail validation according to RFC 4861, section 6.1.2.
> Not really a problem for my case (AFAIK, an interface should never
> lose/stay without its LLA) , just thought you should know.
> Cheers,
> MZ
> [0] Should be reproducible by:
> ip addr add dev <device> 2001:db8::1/64
> ip -6 addr flush dev <device> scope link
> Then for dnsmasq config, use
> dhcp-range=::,constructor:<device>,ra-names
> [1] https://bugs.launchpad.net/ubuntu/+source/netplan.io/+bug/1810971
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

I don't seem to be able to reproduce this easily, the

ip -6 addr flush ....

either doesn't delete the LL address, or it gets added back in very
short order.



should fix the problem is and when it occurs.



More information about the Dnsmasq-discuss mailing list