IPv6 duplicate DAD packets from Android clients?

Erik Kline ek at google.com
Tue Oct 8 02:02:29 CEST 2013


On 8 October 2013 08:22, Phil Mayers <p.mayers at imperial.ac.uk> wrote:
> All,
>
> Since our student body have returned, we've been seeing a trickle of:
>
> %IPV6_ND-6-DUPLICATE_INFO: DAD attempt detected for FE80::5:73FF:FEA0:1 on
> VlanNNN
>
> ...on our Cisco 6500s. The vlan points to a bunch of Cisco WLC controllers
> running 7.4 and with all the IPv6 FHS turned on.
>
> When I capture the packets (thanks for not logging the source MAC, Cisco!) I
> see it's coming from the MAC address of a couple of Android devices.
>
> Source IP is :: dest is ff02::1:ffa0:1 (obviously) and the IP is a HSRPv2
> virtual IP on the router itself.
>
> So, two things:
>
>  1. Should the Cisco WLC IPv6 FHS stuff be blocking these, given the target
> IP is the HSRP VIP and is obviously not on a client? Do I need to be worried
> about them?
>
>  2. Where are they coming from? Is the client buggy and actually emitting
> the packet, or is it relaying these somehow from another network?

It could be a bug, i.e. a client trying to do an NS for the router but
for some reason not using its link-local address (whacky race
condition where DAD for link-local hasn't completed?).



More information about the ipv6-ops mailing list