Bug ID 651772: IPv6 host traffic may use incorrect IPv6 and MAC address after route updates

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
11.6.1, 11.6.2, 12.0.0, 12.0.0 HF1, 12.1.0 HF1, 12.0.0 HF2, 12.1.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2, 12.1.0, 12.1.1, 12.1.2, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3

Fixed In:
13.1.0, 13.0.1, 12.1.3, 11.6.3, 11.5.5

Opened: Mar 16, 2017

Severity: 3-Major

Symptoms

IPv6 traffic generated from the host, either from a host daemon, monitors, or from the command line, may use an MAC and IPv6 source address from a different VLAN.

Impact

Traffic to the destination may fail due to using incorrect source IPv6/MAC address. This may cause monitor traffic to fail.

Conditions

- Multiple VLANs with IPv6 configured addresses. - Multiple routes to the same destination, either the same or more specific, default routes, etc., that cover the traffic destination. - Changes in routes that cause the traffic to the destination to shift from one VLAN and gateway to another. This can be typically observed with dynamic routing updates.

Workaround

Continuous traffic to the IPv6 link-local nexthops can avoid this issue. This may be achieved by a script or an external monitor pinging the nexthop link-local address using the specific VLAN.

Fix Information

IPv6 host traffic no longer use incorrect IPv6 and MAC address after route updates.

Behavior Change

Introduction of sys db ipv6.host.router_probe_interval, to control sysctl net.ipv6.conf.default.router_probe_interval value. This value is default to 5s.

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips