Linux Temporary Address - Premature expiry

Daniel Roesen dr at cluenet.de
Fri Jan 13 20:18:07 CET 2012 

On Fri, Jan 13, 2012 at 05:10:00PM +0100, Sebastian Wiesinger wrote:
> > I tried to use them but noticed that temp_prefered_lft (86400) and
> > temp_valid_lft (806400) are ignored. My linux changes temporary
> > addresses every hour and the old address disappears.
> 
> Okay, I think I found the problem:
> 
> My router is sending it's RAs with
> 
> Valid time              :         7200 (0x00001c20) seconds
> Pref. time              :         3600 (0x00000e10) seconds

No, that's not the problem - it's perfectly fine.

The problem is that all Linux kernels before 3.2 did only implement the
older RFC3041 which says:

   1) Process the Prefix Information Option as defined in [ADDRCONF],
      either creating a public address or adjusting the lifetimes of
      existing addresses, both public and temporary.  When adjusting the
      lifetimes of an existing temporary address, only lower the
      lifetimes.  Implementations must not increase the lifetimes of an
      existing temporary address when processing a Prefix Information
      Option.

While RFC4941 (updated version of 3041) says:

   1.  Process the Prefix Information Option as defined in [ADDRCONF],
       either creating a new public address or adjusting the lifetimes
       of existing addresses, both public and temporary.  If a received
       option will extend the lifetime of a public address, the
       lifetimes of temporary addresses should be extended, subject to
       the overall constraint that no temporary addresses should ever
       remain "valid" or "preferred" for a time longer than
       (TEMP_VALID_LIFETIME) or (TEMP_PREFERRED_LIFETIME -
       DESYNC_FACTOR), respectively.  The configuration variables
       TEMP_VALID_LIFETIME and TEMP_PREFERRED_LIFETIME correspond to
       approximate target lifetimes for temporary addresses.

So the behaviour you see is a shortcoming of the original specification,
fixed by RFC4941.

Lorenzo Colitti posted a patch to fix that mid last year:
http://comments.gmane.org/gmane.linux.network/202411

This one went into Linux 3.2


Best regards,
Daniel

-- 
CLUE-RIPE -- Jabber: dr at cluenet.de -- dr at IRCnet -- PGP: 0xA85C8AA0

More information about the ipv6-ops mailing list