07
Jun
13

Linux and router advertisements – ignore the prefix

This is just a short one.  I currently working on a project which involves managing a server owned and hosted by multiple different companies.  for me to be able to build the server i need to insist on certain things.  one of these this things is a static ipv6 address.

Now many organisation use Router Advertisements to distribute the default gateway and some use the to dynamically allocate ip addresses.  To my knowledge there is know way of providing a statically mapped address via RA’s.  So you probably know where im going with this.  

The network i was installing in today used RA’s to distribute both a prefix and a default route.  I already have a number of systems that that receive a default route via RA; however known of these networks offers a prefix in the RA.   At this point i could have probably contacted the operator and asked to stop sending out the prefix but where is the fun in that, there must be a way to accept the route and not the prefix.

We use centos so my first search was the [not so] amazingly documented network-scripts to see if there was a special flag i could get to achieve the behaviour i was after.  I found no such variable.  so i decided i would need to set the appropriate kernel parameter in a /sbin/ifup-local script.

The are a number of kernel parameters which we are interested in

accept_ra - BOOLEAN
	Accept Router Advertisements; autoconfigure using them.

	Possible values are:
		0 Do not accept Router Advertisements.
		1 Accept Router Advertisements if forwarding is disabled.
		2 Overrule forwarding behaviour. Accept Router Advertisements
		  even if forwarding is enabled.

	Functional default: enabled if local forwarding is disabled.
			    disabled if local forwarding is enabled.

accept_ra_defrtr - BOOLEAN
	Learn default router in Router Advertisement.

	Functional default: enabled if accept_ra is enabled.
			    disabled if accept_ra is disabled.

accept_ra_pinfo - BOOLEAN
	Learn Prefix Information in Router Advertisement.

	Functional default: enabled if accept_ra is enabled.
			    disabled if accept_ra is disabled.

accept_ra_rt_info_max_plen - INTEGER
	Maximum prefix length of Route Information in RA.

	Route Information w/ prefix larger than or equal to this
	variable shall be ignored.

	Functional default: 0 if accept_ra_rtr_pref is enabled.
			    -1 if accept_ra_rtr_pref is disabled.

accept_ra_rtr_pref - BOOLEAN
	Accept Router Preference in RA.

	Functional default: enabled if accept_ra is enabled.
			    disabled if accept_ra is disabled.

The ones that are really important to use are

accept_ra #needs to be set to 1
accept_ra_defrtr #needs to be set to 1
accept_ra_pinfo #needs to be set to 0

When the network scripts run if IPV6_AUTOCONF=yes then  accept_ra will be set to 1.  this will also cause the other *_ra_* parameters to be set to 1 as documented above.  so the only thing we really need to do is set accept_ra_pinfo to 0.  this is where we use the /sbin/ifup-local script below.

#!/bin/sh
DEVICE="$1"
/sbin/sysctl -e -w net.ipv6.conf.$DEVICE.accept_ra_pinfo=0 >/dev/null 2>&1

Conclusion

if you want router advertisement default gateway but you want to ignore the prefix sent.  Add IPV6_AUTOCONF=yes to your ifcfg-em? file and create /sbin/ifup-local with the above code.

Enjoy

Advertisements

2 Responses to “Linux and router advertisements – ignore the prefix”


  1. 1 Gary
    January 31, 2017 at 9:21 pm

    Could you post your complete ifcfg-ethX file (anonymize any IP information) I’ve been fighting with this on Vultr and it either removes the AC prefix *and* the default route or I end up with the AC prefix.

    • March 25, 2017 at 7:17 pm

      Hi Gary,

      Sorry for the late response i missed your comment. unfortunately this blog post was written when i was at a different company and i no longer use Centos on a day to day basis. Furthermore this blog post is getting close to four years old now so was likely working on Centos 6 and wouldn’t know if it works with centos 7. either way of the top of my head i would think the icfg file looked something like


      DEVICE="eth0"
      ONBOOT="yes"
      BOOTPROTO=static
      IPADDR=192.0.2.2
      NETMASK=255.255.255.0
      GATEWAY=192.0.2.1
      IPV6INIT=yes
      IPV6_AUTOCONF=yes

      and then add the /sbin/ifup-local.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s


%d bloggers like this: