Bug #12173
closedIPv6 RA DNSSL lifetime is too short, not compliant with RFC 8106
100%
Description
This issue is almost exactly the same as issue 11105 [1] but for the DNSSL setting.
The 'AdvDNSSLLifetime' value in the 'DNSSL' section of radvd.conf should be set to 3*MaxRtrAdvInterval (per [2]), otherwise the Lifetime value in the RAs is only set to MaxRtrAdvInterval (defaults to 20). On my home network with somewhat weak WiFi, these RAs were getting lost frequently enough to where Mac OS X would tell Chrome that network connectivity had changed, which would cause long-running file downloads to fail consistently. [3] Looks like these defaults lifetime values have been increased in radvd code [4], but values are still needed in radvd.conf for radvd 2.19 to override the low default values in that version.
Also, it seems like the 'Provide DNS configuration via radvd' checkbox in the UI doesn't accurately reflect the value of 'radvd-dns' in the config. When navigating to /services_router_advertisements.php, the box is always checked regardless of whether radvd-dns is currently set to 'disabled' or 'enabled'.
[1] https://redmine.pfsense.org/issues/11105
[2] https://datatracker.ietf.org/doc/html/rfc8106#section-5.2
[3] https://bugs.chromium.org/p/chromium/issues/detail?id=1231856
[4] https://github.com/radvd-project/radvd/pull/151
Updated by Viktor Gurov over 3 years ago
Updated by Jim Pingle over 3 years ago
- Project changed from pfSense Plus to pfSense
- Category changed from IPv6 Router Advertisements (RADVD) to IPv6 Router Advertisements (radvd/rtsold)
- Status changed from New to Pull Request Review
- Target version set to 2.6.0
- Affected Plus Version deleted (
21.05) - Plus Target Version set to 21.09
Updated by Viktor Gurov over 3 years ago
- Status changed from Pull Request Review to Feedback
- Assignee set to Viktor Gurov
Merged
Updated by Jim Pingle over 3 years ago
- Status changed from Feedback to In Progress
Updated by Jim Pingle over 3 years ago
See notes on PR about problematic behavior after this was merged.
Updated by Viktor Gurov over 3 years ago
Jim Pingle wrote in #note-5:
See notes on PR about problematic behavior after this was merged.
fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/352
Updated by Renato Botelho over 3 years ago
- Status changed from In Progress to Feedback
- % Done changed from 0 to 100
Applied in changeset 99dfecb734b11b1729e58cf650df8d058b300732.
Updated by Jim Pingle over 3 years ago
- Status changed from Feedback to Resolved
This all looks correct now on current snapshots.
Updated by Jim Pingle about 3 years ago
- Plus Target Version changed from 21.09 to 22.01