Linux OpenWRT IPv6 Neighbor discovery
Clash Royale CLAN TAG#URR8PPP
up vote
2
down vote
favorite
My ip -6 nei commands is showing available neighbors only after pinging them. Is there a way to populate the IPv6 neighbor table once the link is up and not only after traffic is being sent?
networking ipv6 openwrt
edited Aug 19 at 18:40
slm♦
238k65493664
asked Aug 19 at 15:00
Tomer Petel
132
add a comment |Â
up vote
2
down vote
favorite
My ip -6 nei commands is showing available neighbors only after pinging them. Is there a way to populate the IPv6 neighbor table once the link is up and not only after traffic is being sent?
networking ipv6 openwrt
edited Aug 19 at 18:40
slm♦
238k65493664
asked Aug 19 at 15:00
Tomer Petel
132
1
It's fundamental to how the ARP caching works, it cannot cache any addresses until it's had traffic from them - linux-ip.net/html/tools-ip-neighbor.html
– slm♦
Aug 19 at 18:44
add a comment |Â
up vote
2
down vote
favorite
up vote
2
down vote
favorite
My ip -6 nei commands is showing available neighbors only after pinging them. Is there a way to populate the IPv6 neighbor table once the link is up and not only after traffic is being sent?
networking ipv6 openwrt
edited Aug 19 at 18:40
slm♦
238k65493664
asked Aug 19 at 15:00
Tomer Petel
132
My ip -6 nei commands is showing available neighbors only after pinging them. Is there a way to populate the IPv6 neighbor table once the link is up and not only after traffic is being sent?
networking ipv6 openwrt
networking ipv6 openwrt
edited Aug 19 at 18:40
slm♦
238k65493664
asked Aug 19 at 15:00
Tomer Petel
132
edited Aug 19 at 18:40
slm♦
238k65493664
asked Aug 19 at 15:00
Tomer Petel
132
edited Aug 19 at 18:40
slm♦
238k65493664
edited Aug 19 at 18:40
slm♦
238k65493664
edited Aug 19 at 18:40
slm♦
238k65493664
238k65493664
asked Aug 19 at 15:00
Tomer Petel
132
asked Aug 19 at 15:00
Tomer Petel
132
asked Aug 19 at 15:00
Tomer Petel
132
132
1
It's fundamental to how the ARP caching works, it cannot cache any addresses until it's had traffic from them - linux-ip.net/html/tools-ip-neighbor.html
– slm♦
Aug 19 at 18:44
add a comment |Â
1
It's fundamental to how the ARP caching works, it cannot cache any addresses until it's had traffic from them - linux-ip.net/html/tools-ip-neighbor.html
– slm♦
Aug 19 at 18:44
1
1
It's fundamental to how the ARP caching works, it cannot cache any addresses until it's had traffic from them - linux-ip.net/html/tools-ip-neighbor.html
– slm♦
Aug 19 at 18:44
It's fundamental to how the ARP caching works, it cannot cache any addresses until it's had traffic from them - linux-ip.net/html/tools-ip-neighbor.html
– slm♦
Aug 19 at 18:44
add a comment |Â
1 Answer
1
active
oldest
votes
up vote
4
down vote
accepted
No. Discovering neighbours requires traffic.
IPv6 introduced something like a broadcast ping, which can discover the IPv6 addresses of neighbours.[*]
This may be useful, if your hosts allow it. I found reports of Windows not responding to multicast ping, including on Windows 7 and 8.1. Even if it did, Windows Firewall blocks ping unless you have set the network type to "Private" ("Home" / "Work").
Discover link local addresses:
ping -c1 ff02::1%br-lan
or, a different way to write the same command:
ping -c1 -I br-lan ff02::1
Discover global addresses:
ping -c1 -I <my-global-ipv6-address> ff02::1
For readers who are not familiar with openwrt, br-lan is a name commonly used for the lan network interface.
Thanks to https://insights.sei.cmu.edu/cert/2008/09/ping-sweeping-in-ipv6.html
[*] These IPv6 multicast pings cannot be sent from off-link. This means they avoid the problem that IPv4 broadcast pings used to have. At one point it was possible to send IPv4 broadcast pings from off-net. This massively amplified traffic. So it could be used as an attack, by spoofing the ping source address of the attackers target. On current Linux, IPv4 broadcast pings are now ignored by default.
answered Aug 19 at 16:43
sourcejedi
20.1k42884
thanks! The broadcast ping is a valid solution indeed :)
– Tomer Petel
Aug 20 at 8:49
add a comment |Â
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
4
down vote
accepted
No. Discovering neighbours requires traffic.
IPv6 introduced something like a broadcast ping, which can discover the IPv6 addresses of neighbours.[*]
This may be useful, if your hosts allow it. I found reports of Windows not responding to multicast ping, including on Windows 7 and 8.1. Even if it did, Windows Firewall blocks ping unless you have set the network type to "Private" ("Home" / "Work").
Discover link local addresses:
ping -c1 ff02::1%br-lan
or, a different way to write the same command:
ping -c1 -I br-lan ff02::1
Discover global addresses:
ping -c1 -I <my-global-ipv6-address> ff02::1
For readers who are not familiar with openwrt, br-lan is a name commonly used for the lan network interface.
Thanks to https://insights.sei.cmu.edu/cert/2008/09/ping-sweeping-in-ipv6.html
[*] These IPv6 multicast pings cannot be sent from off-link. This means they avoid the problem that IPv4 broadcast pings used to have. At one point it was possible to send IPv4 broadcast pings from off-net. This massively amplified traffic. So it could be used as an attack, by spoofing the ping source address of the attackers target. On current Linux, IPv4 broadcast pings are now ignored by default.
answered Aug 19 at 16:43
sourcejedi
20.1k42884
thanks! The broadcast ping is a valid solution indeed :)
– Tomer Petel
Aug 20 at 8:49
add a comment |Â
up vote
4
down vote
accepted
No. Discovering neighbours requires traffic.
IPv6 introduced something like a broadcast ping, which can discover the IPv6 addresses of neighbours.[*]
This may be useful, if your hosts allow it. I found reports of Windows not responding to multicast ping, including on Windows 7 and 8.1. Even if it did, Windows Firewall blocks ping unless you have set the network type to "Private" ("Home" / "Work").
Discover link local addresses:
ping -c1 ff02::1%br-lan
or, a different way to write the same command:
ping -c1 -I br-lan ff02::1
Discover global addresses:
ping -c1 -I <my-global-ipv6-address> ff02::1
For readers who are not familiar with openwrt, br-lan is a name commonly used for the lan network interface.
Thanks to https://insights.sei.cmu.edu/cert/2008/09/ping-sweeping-in-ipv6.html
[*] These IPv6 multicast pings cannot be sent from off-link. This means they avoid the problem that IPv4 broadcast pings used to have. At one point it was possible to send IPv4 broadcast pings from off-net. This massively amplified traffic. So it could be used as an attack, by spoofing the ping source address of the attackers target. On current Linux, IPv4 broadcast pings are now ignored by default.
answered Aug 19 at 16:43
sourcejedi
20.1k42884
thanks! The broadcast ping is a valid solution indeed :)
– Tomer Petel
Aug 20 at 8:49
add a comment |Â
up vote
4
down vote
accepted
up vote
4
down vote
accepted
No. Discovering neighbours requires traffic.
IPv6 introduced something like a broadcast ping, which can discover the IPv6 addresses of neighbours.[*]
This may be useful, if your hosts allow it. I found reports of Windows not responding to multicast ping, including on Windows 7 and 8.1. Even if it did, Windows Firewall blocks ping unless you have set the network type to "Private" ("Home" / "Work").
Discover link local addresses:
ping -c1 ff02::1%br-lan
or, a different way to write the same command:
ping -c1 -I br-lan ff02::1
Discover global addresses:
ping -c1 -I <my-global-ipv6-address> ff02::1
For readers who are not familiar with openwrt, br-lan is a name commonly used for the lan network interface.
Thanks to https://insights.sei.cmu.edu/cert/2008/09/ping-sweeping-in-ipv6.html
[*] These IPv6 multicast pings cannot be sent from off-link. This means they avoid the problem that IPv4 broadcast pings used to have. At one point it was possible to send IPv4 broadcast pings from off-net. This massively amplified traffic. So it could be used as an attack, by spoofing the ping source address of the attackers target. On current Linux, IPv4 broadcast pings are now ignored by default.
answered Aug 19 at 16:43
sourcejedi
20.1k42884
No. Discovering neighbours requires traffic.
IPv6 introduced something like a broadcast ping, which can discover the IPv6 addresses of neighbours.[*]
This may be useful, if your hosts allow it. I found reports of Windows not responding to multicast ping, including on Windows 7 and 8.1. Even if it did, Windows Firewall blocks ping unless you have set the network type to "Private" ("Home" / "Work").
Discover link local addresses:
ping -c1 ff02::1%br-lan
or, a different way to write the same command:
ping -c1 -I br-lan ff02::1
Discover global addresses:
ping -c1 -I <my-global-ipv6-address> ff02::1
For readers who are not familiar with openwrt, br-lan is a name commonly used for the lan network interface.
Thanks to https://insights.sei.cmu.edu/cert/2008/09/ping-sweeping-in-ipv6.html
[*] These IPv6 multicast pings cannot be sent from off-link. This means they avoid the problem that IPv4 broadcast pings used to have. At one point it was possible to send IPv4 broadcast pings from off-net. This massively amplified traffic. So it could be used as an attack, by spoofing the ping source address of the attackers target. On current Linux, IPv4 broadcast pings are now ignored by default.
answered Aug 19 at 16:43
sourcejedi
20.1k42884
edited Aug 20 at 10:27
answered Aug 19 at 16:43
sourcejedi
20.1k42884
answered Aug 19 at 16:43
sourcejedi
20.1k42884
answered Aug 19 at 16:43
sourcejedi
20.1k42884
20.1k42884
thanks! The broadcast ping is a valid solution indeed :)
– Tomer Petel
Aug 20 at 8:49
add a comment |Â
thanks! The broadcast ping is a valid solution indeed :)
– Tomer Petel
Aug 20 at 8:49
thanks! The broadcast ping is a valid solution indeed :)
– Tomer Petel
Aug 20 at 8:49
thanks! The broadcast ping is a valid solution indeed :)
– Tomer Petel
Aug 20 at 8:49
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f463512%2flinux-openwrt-ipv6-neighbor-discovery%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
1
It's fundamental to how the ARP caching works, it cannot cache any addresses until it's had traffic from them - linux-ip.net/html/tools-ip-neighbor.html
– slm♦
Aug 19 at 18:44