Thread (3 messages) 3 messages, 2 authors, 2024-07-31

Re: IPv6 max_addresses?

From: Kyle Rose <hidden>
Date: 2024-07-31 11:52:53 

On Wed, Jul 31, 2024, 4:08 AM Paolo Abeni [off-list ref] wrote:
On 7/31/24 02:05, Kyle Rose wrote:
quoted
max_addresses, how does it work?

$ ip -6 addr show scope global temporary dev sfp0 | grep inet6 | wc -l
21
$ sysctl -ar 'sfp0.*max_add'
net.ipv6.conf.sfp0.max_addresses = 16

They seem to be growing without bound. What's supposed to be happening here?
 From the related sysctl documentation:

max_addresses - INTEGER
         Maximum number of autoconfigured addresses per interface.


'max_address' only applies to the ipv6 assigned via prefix delegation,
not to address explicitly assigned from the user-space via the `ip` tool.
These are all autoconfigured (SLAAC) privacy addresses from the same
prefix. (I don't think you mean prefix delegation, which is something
else: presumably you mean PIO, or prefix information option, included
in router advertisements. This machine is not a router.)

What is the mechanism by which old deprecated addresses are supposed
to get culled? Until now, I would have imagined it was some kind of
FIFO, but I also seem to recall sometime in the past valid_lft for a
temporary address continuing to march toward 0, after which presumably
it went away; now, valid_lft seems to be updated for every address,
even deprecated ones, to match what is received in the PIO from router
advertisements, so they never reach 0. And I don't know if there is
any other means by which they might get removed.

Up to 25 as of the writing of this response:

4: sfp0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc mq state UP
group default qlen 1000
    inet6 2601:XXXX:XXXX:XXXX:c37c:cad6:ad09:b296/64 scope global
temporary dynamic
       valid_lft 6974sec preferred_lft 148sec
    inet6 2601:XXXX:XXXX:XXXX:71ae:3a57:b823:f83b/64 scope global
temporary deprecated dynamic
       valid_lft 6974sec preferred_lft 0sec
    inet6 2601:XXXX:XXXX:XXXX:a6db:6a36:1ebc:af96/64 scope global
temporary deprecated dynamic
       valid_lft 6974sec preferred_lft 0sec
    inet6 2601:XXXX:XXXX:XXXX:6a99:7d72:af9f:65d1/64 scope global
temporary deprecated dynamic
       valid_lft 6974sec preferred_lft 0sec
    inet6 2601:XXXX:XXXX:XXXX:52fe:9140:f9f9:99e3/64 scope global
temporary deprecated dynamic
       valid_lft 6974sec preferred_lft 0sec
    inet6 2601:XXXX:XXXX:XXXX:66ed:a8ba:508e:9bc6/64 scope global
temporary deprecated dynamic
       valid_lft 6974sec preferred_lft 0sec
    inet6 2601:XXXX:XXXX:XXXX:e428:6b1c:4e2:532/64 scope global
temporary deprecated dynamic
       valid_lft 6974sec preferred_lft 0sec
    inet6 2601:XXXX:XXXX:XXXX:9de1:cd15:6727:c1a6/64 scope global
temporary deprecated dynamic
       valid_lft 6974sec preferred_lft 0sec
    inet6 2601:XXXX:XXXX:XXXX:df23:336d:d4d9:a3be/64 scope global
temporary deprecated dynamic
       valid_lft 6974sec preferred_lft 0sec
    inet6 2601:XXXX:XXXX:XXXX:36e4:b05e:cf68:6956/64 scope global
temporary deprecated dynamic
       valid_lft 6974sec preferred_lft 0sec
    inet6 2601:XXXX:XXXX:XXXX:2f56:1ac1:a835:2291/64 scope global
temporary deprecated dynamic
       valid_lft 6974sec preferred_lft 0sec
    inet6 2601:XXXX:XXXX:XXXX:24ae:893d:c7c9:a6d3/64 scope global
temporary deprecated dynamic
       valid_lft 6974sec preferred_lft 0sec
    inet6 2601:XXXX:XXXX:XXXX:7be5:d00a:2c4:ca2d/64 scope global
temporary deprecated dynamic
       valid_lft 6974sec preferred_lft 0sec
    inet6 2601:XXXX:XXXX:XXXX:f392:43:eeed:adb9/64 scope global
temporary deprecated dynamic
       valid_lft 6974sec preferred_lft 0sec
    inet6 2601:XXXX:XXXX:XXXX:e0b1:e8b2:96bc:2d37/64 scope global
temporary deprecated dynamic
       valid_lft 6974sec preferred_lft 0sec
    inet6 2601:XXXX:XXXX:XXXX:e6e3:5f1e:2674:4da1/64 scope global
temporary deprecated dynamic
       valid_lft 6974sec preferred_lft 0sec
    inet6 2601:XXXX:XXXX:XXXX:5a0e:576d:544a:151f/64 scope global
temporary deprecated dynamic
       valid_lft 6974sec preferred_lft 0sec
    inet6 2601:XXXX:XXXX:XXXX:689f:c19f:85f4:9c10/64 scope global
temporary deprecated dynamic
       valid_lft 6974sec preferred_lft 0sec
    inet6 2601:XXXX:XXXX:XXXX:2008:988e:316:113a/64 scope global
temporary deprecated dynamic
       valid_lft 6974sec preferred_lft 0sec
    inet6 2601:XXXX:XXXX:XXXX:415a:8dbf:997d:e36/64 scope global
temporary deprecated dynamic
       valid_lft 6974sec preferred_lft 0sec
    inet6 2601:XXXX:XXXX:XXXX:d07a:9db9:a3ed:c7a6/64 scope global
temporary deprecated dynamic
       valid_lft 6974sec preferred_lft 0sec
    inet6 2601:XXXX:XXXX:XXXX:2f70:b871:4cc8:7add/64 scope global
temporary deprecated dynamic
       valid_lft 6974sec preferred_lft 0sec
    inet6 2601:XXXX:XXXX:XXXX:6481:3fd2:69e:5875/64 scope global
temporary deprecated dynamic
       valid_lft 6974sec preferred_lft 0sec
    inet6 2601:XXXX:XXXX:XXXX:7861:f451:a5ab:8671/64 scope global
temporary deprecated dynamic
       valid_lft 6974sec preferred_lft 0sec
    inet6 2601:XXXX:XXXX:XXXX:5ad9:184:856d:8ee3/64 scope global
temporary deprecated dynamic
       valid_lft 6974sec preferred_lft 0sec

For reference, the address assignment (this one via PD from my
provider) for the associated prefix on the router:

5: sfp0.10@sfp0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc
noqueue state UP group default qlen 1000
    inet6 2601:XXXX:XXXX:XXXX::1/64 scope global dynamic noprefixroute
       valid_lft 6843sec preferred_lft 6843sec

Kyle
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help