Automatic IPv6 due to broadcast

Ray Soucy rps at maine.edu
Tue Apr 17 10:54:27 UTC 2012


You have a rogue IPv6 router on your network.  It's not a host problem.
 It's along the lines of having a rogue DHCP server on your network but
faster propagation.

It needs to be tracked down and disabled.

You can use tcpdump (as root) to capture IPv6 RA and see who's doing it,
and what's being advertised:

tcpdump -ni eth0 'ip6 dst ff02::1'

06:48:48.044409 IP6 fe80::2d0:1ff:fedf:8400 > ff02::1: ICMP6, router
advertisement, length 64

Then look at your IPv6 neighbor table for the MAC of that host:

ip -6 neigh show

fe80::2d0:1ff:fedf:8400 dev eth0 lladdr 00:d0:01:df:84:00 router REACHABLE

Once you have the MAC, track it down and disable it.

On a Cisco device "show mac address-table" (or "show mac-address-table" on
older hardware).




-- 
Ray Soucy

Epic Communications Specialist

Phone: +1 (207) 561-3526

Networkmaine, a Unit of the University of Maine System
http://www.networkmaine.net/



More information about the NANOG mailing list