[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
dhcp6 solicit
- Subject: dhcp6 solicit
- From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)
- Date: Wed, 09 Mar 2011 21:44:56 -0500
- In-reply-to: Your message of "Wed, 09 Mar 2011 18:20:12 PST." <[email protected]>
- References: <[email protected]>
On Wed, 09 Mar 2011 18:20:12 PST, Jeroen van Aart said:
> I was doing some packet scanning on one of my IPv6 enabled servers and I
> found traffic such as the following frequently (IPs slightly edited):
>
> 02:23:02.410360 IP6 fe80::ff78.546 > ff02::2.547: dhcp6 solicit
> The addresses are not mine, neither do I run a dhcpv6 daemon (no need
> for it).
The addresses *are* yours (sort of, the same way that in IPv4, 127.0.0.1
belongs to you even though it's in a netblock assigned to IANA rather than
you). fe80: is a prefix for "link level" addresses (basically "only valid on
this subnet"), and is what the machine asking for the dhcp6 uses so it has *an*
address it can use (or more correctly, so that the machine that replies can
fill in a destination for the reply). Meanwhile, ff02::2 is a reserved address
for "all routers on the network segment".
You can probably pull the mac address out of that fe80:: address, as it's
an EUI-64. For example, on my laptop I have:
inet6 addr: fe80::224:d6ff:fe53:c5ba/64 Scope:Link
Pull out the 'ff:fe', take out that first 2, and my MAC address is 00:24:d6:53:c5:ba.
Hope that helps you find the offending box that is under the impression that
dhcp6 *is* needed. ;)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20110309/434abe36/attachment.bin>