Web lists-archives.com

Re: Fwd: Re: Unknown URL


On Thu, Feb 22, 2018 at 12:29:12PM -0500, Stephen P. Molnar wrote:
> After installing tcpdump I got:
> root@AbNormal:/home/comp# tcpdump -ni any -s0 -w /tmp/fastly.pcap tcp port
> 80 or icmp6 or \
> > udp port 53
> tcpdump: listening on any, link-type LINUX_SLL (Linux cooked), capture size
> 262144 bytes
> ^C6 packets captured
> 6 packets received by filter
> 0 packets dropped by kernel
> root@AbNormal:/home/comp#

The file. Please send the file.

The next part *looks* normal, but it ain't.

> root@AbNormal:/home/comp# ip a l
> 2: enp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state
> UP group default qlen 1000
>     link/ether bc:ee:7b:5e:83:36 brd ff:ff:ff:ff:ff:ff
>     inet6 2600:1700:4280:3690::46/128 scope global dynamic
>        valid_lft 1201940sec preferred_lft 1201940sec
>     inet6 2600:1700:4280:3690:800c:68fc:ea2c:23c0/64 scope global temporary
> dynamic
>        valid_lft 597140sec preferred_lft 78692sec
>     inet6 2600:1700:4280:3690:beee:7bff:fe5e:8336/64 scope global mngtmpaddr
> noprefixroute dynamic
>        valid_lft 1209054sec preferred_lft 1209054sec

These are your usual run-of-the-mill IPv6 addresses procured via RA,
except for 2600:1700:4280:3690::46/128.
I fail to imagine why would *anyone* provide a /128 address via RA.
Unless they are controlled by aliens or work for IBM, of course.

> root@AbNormal:/home/comp# ip ro l table all
> 2600:1700:4280:3690::46 dev enp2s0 proto kernel metric 256  expires
> 1201893sec pref medium
> 2600:1700:4280:3690::/64 dev enp2s0 proto ra metric 100  pref medium
> 2600:1700:4280:3690::/60 via fe80::3e04:61ff:feb3:3c20 dev enp2s0 proto ra
> metric 100  pref medium

These are, well, uncommon.
2600:1700:4280:3690::46 is there because you have /128 address.
/64 route is there because you have IPv6 addresses with the same mask
/60 route was provided you by RA. Probably means that your ISP is
generous, and by itself it could be the source of your trouble.

> default via fe80::3e04:61ff:feb3:3c20 dev enp2s0 proto static metric 100
> pref medium

And this is your "default gateway" route.

> root@AbNormal:/home/comp# traceroute -n 2a04:4e42:b::204
> traceroute to 2a04:4e42:b::204 (2a04:4e42:b::204), 30 hops max, 80 byte
> packets
>  1  * * *

This is bad. Your IPv6 traffic cannot pass even a default gateway.

Meaning, I require a couple of additional tests.

1) ping -c2 fe80::3e04:61ff:feb3:3c20%enp2s0

Should work, but never hurts to check.

2) ip a d 2600:1700:4280:3690::46/128

traceroute -n 2a04:4e42:b::204

3) ip -6 ro d 2600:1700:4280:3690::/60

traceroute -n 2a04:4e42:b::204