Hi,
I’ve installed knot 2.0.2 on one of my server.
It’s configured with three IPv6 and I manage their reliability with some
source-specifi routing:
alarig@bulbizarre ~ $ ip -6 route list | grep default
default from 2001:470:1f13:138:715d:2fa0:b591:532f via fe80::20d:b9ff:fe3a:1fa1 dev eth0
metric 1024
default from 2a00:5881:4008:400::1 dev tun0 metric 1024
default from 2a01:240:fe00:82af:764f:b47e:d131:85e4 via fe80::20d:b9ff:fe3a:1fa1 dev eth0
metric 1024
default via fe80::20d:b9ff:fe3a:1fa1 dev eth0 metric 4
It works fine as I can ping those three IP from the same machine at the
same moment.
But, knot don’t take care of this and answer with the “nearest” IPv6
(like the IP source is calculated when you have several ones).
bulbizarre ~ # tcpdump -i any host mc.swordarmor.fr
23:13:07.276493 IP6 2001:41d0:a:27e4::1.52203 > florizarre.swordarmor.fr.domain: 59831+
SOA? swordarmor.fr. (31)
23:13:07.276647 IP6 bulbizarre.swordarmor.fr.domain > 2001:41d0:a:27e4::1.52203:
59831*- 1/0/0 SOA (86)
You can see that knot answer with 2001:470:1f13:138:715d:2fa0:b591:532f, which
is the one chosen if I’m the initiator of the connection.
Indeed, it works with my IRCd:
23:14:17.684155 IP6 2001:41d0:a:27e4::1.36490 > florizarre.swordarmor.fr.6697: Flags
[P.], seq 53:106, ack 106, win 331, options [nop,nop,TS val 4047617704 ecr 1587664633],
length 53
23:14:17.684301 IP6 florizarre.swordarmor.fr.6697 > 2001:41d0:a:27e4::1.36490: Flags
[P.], seq 106:211, ack 106, win 240, options [nop,nop,TS val 1587724598 ecr 4047617704],
length 105
23:14:22.555891 IP6 2001:41d0:a:27e4::1.34822 > bulbizarre.swordarmor.fr.6697: Flags
[P.], seq 1:62, ack 61, win 331, options [nop,nop,TS val 4047618922 ecr 1587729432],
length 61
23:14:22.555928 IP6 bulbizarre.swordarmor.fr.6697 > 2001:41d0:a:27e4::1.34822: Flags
[.], ack 62, win 274, options [nop,nop,TS val 1587729469 ecr 4047618922], length 0
Is it a known bug?
--
alarig
Show replies by thread
Hello Alarig,
On 22.1.2016 23:48, Alarig Le Lay wrote:
You can see that knot answer with
2001:470:1f13:138:715d:2fa0:b591:532f, which
is the one chosen if I’m the initiator of the connection.
Do I understand correctly, that Knot chooses a different source IP for the
response? I think a similar issue was already reported [1] but we didn't have
time to fix it. Please, give us a few days to investigate.
[1]
https://gitlab.labs.nic.cz/labs/knot/issues/277
Cheers,
Jan
On Sat Jan 23 02:01:43 2016, Jan Včelák wrote:
Hello Alarig,
On 22.1.2016 23:48, Alarig Le Lay wrote:
You can see that knot answer with
2001:470:1f13:138:715d:2fa0:b591:532f, which
is the one chosen if I’m the initiator of the connection.
Do I understand correctly, that Knot chooses a different source IP for the
response? I think a similar issue was already reported [1] but we didn't have
time to fix it. Please, give us a few days to investigate.
[1]
https://gitlab.labs.nic.cz/labs/knot/issues/277
Hello Jan,
Yes, you understood correctly, and this issue is similar excepting I
installed the version 2.0.2 and I saw this with on IPv6.
Cheers,
--
alarig
On 23.1.2016 08:36, Alarig Le Lay wrote:
Yes, you understood correctly, and this issue is similar excepting I
installed the version 2.0.2 and I saw this with on IPv6.
We will include a fix for this issue in 2.1.1. Which will be soon. Stay tuned.
Jan