[Dnsmasq-discuss] IPv6 addresses are (almost) immediately deprecated

Simon Kelley simon at thekelleys.org.uk
Mon Oct 2 14:13:09 UTC 2023 


On 22/09/2023 21:48, Graham Leggett via Dnsmasq-discuss wrote:
> On 22 Sep 2023, at 20:27, Geert Stappers <stappers at stappers.nl> wrote:
> 
>>> I have a dnsmasq config on a development machine that looks like this:
>>>
>>> dhcp-range=fd33:xxxx:xxxx:1::, ra-only, 24h
>>>
>>> The intention is for this development machine to announce to anyone
>>> directly connected that the development machine exists, and can be
>>> connected to. No routing, no DNS, only “I exist”.
>>>
>>> This almost works. On MacOS I’m getting an IP address allocated on
>>> the expected interface, but almost immediately the address is declared
>>> “deprecated”.
>>
>> Why?
> 
> I was today-years-old when I learned there was such a thing as a 
> deprecated IPv6 address. I am as confused as you are :)
> 
>>> This causes MacOS to ignore the direct connection and to route packets
>>> to the router, which in turn has no idea what to do with the packets
>>> and (correctly) drops them.
>>>
>>> How do I get dnsmasq to tell anyone who cares that the IPv6 addresses
>>> are valid and not deprecated?
>>
>> I would start with only two computers: One being dnsmasq doing radvd,
>> the other one being told "you exist".
> 
> I am somewhat limited in the hardware I have available to me.
> 
> The development machine is currently running in virtualbox. Virtualbox 
> local only networks appear to ignore IPv6 on the host, there is talk of 
> setting /etc/vbox/networks.conf but this does not appear to work. 
> Ignoring this side-quest for now.
> 
> Virtualbox bridging the development machine directly to the network 
> works - but the IPv6 addresses are deprecated soon after being assigned, 
> and so stop working after a short while.
> 
> The end goal is ease of use - deploy the development machine and off you 
> go, but this seems to be weirdly difficult. Does anyone know what would 
> trigger a deprecated IPv6 address to be created, and how to make it stop?
> 

An IPv6 address gets deprecated if the subnet it's on gets advertised 
with a preferred lifetime of zero. I quick look  through the dnsmasq 
shows ways that this can happen when dnsmasq is doing the advertising. 
The first is setting the lifetime in dhcp-range to "deprecated", which 
isn't the case here, unless you've got other configuration hiding. The 
second is if the relevant address on the advertising machine is 
deprecated, so if the local address in the fd33:xxxx:xxxx:1::/64 subnet 
on development machine that's running dnsmasq and send the adverts is 
deprecated, then dnsmasq will copy that state into it's advertisments.

This is quite sensible, especially when using the "constructed address" 
configuration. As new addresses appear on the advertising machine's 
interface, they get advertised, and as old one's start to die, that gets 
advertised too.

TL/DR; Looks at the network interface config on the machine running 
dnsmasq. That could be the source of the problem.

Cheers,

Simon.


> Regards,
> Graham
>> 
> 
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

More information about the Dnsmasq-discuss mailing list