> -----Original Message-----
> From: Stephen Hemminger <step...@networkplumber.org>
> Sent: Thursday, July 27, 2023 2:04 AM
> To: Muggeridge, Matt <matt.muggerid...@hpe.com>
> Cc: systemd-devel@lists.freedesktop.org
> Subject: Re: [systemd-devel] Networkd's IPv6 Compliance Issues
>
> On Wed, 26 Jul 2023 03:23:14 +0000
> "Muggeridge, Matt" <matt.muggerid...@hpe.com> wrote:
>
> > Hi,
> >
> > Recently, we ran a test suite to check networkd's conformance to IPv6
> Protocol (see
> https://www.ipv6ready.org/resources.html
> NpxR!nFJaK0aGQPinj4D6Vhsk6r-oxzcFLJzPNuYIoelLyAa9wFlQ2Eass0RiLOldLz-
> OIADX3SogGJEfZSwSSDPLAFgna4U$ ). I found a large number of test failures
> (more than 80) and after examining a small number of them, it became clear
> that networkd's implementation of IPv6 protocol does not meet various RFC's
> MUST and SHOULD requirements.
> >
> > With so many IPv6 protocol compliance failures, it's not practical for me to
> raise an issue for every failing case. Instead, I created a summary in
> https://github.com/systemd/systemd/issues/28502.
> >
> > How would you like to handle these failing cases?
> >
> > Is there any more information you need from me?
> >
> > Kind regards,
> > Matt.
> > PS: Credit to the developers for quickly responding to a couple of the
> > issues.
> >
> >
>
> Why do you think these are systemd issues?
> A quick look at the list shows most of these are from Linux kernel
> implementation
Hi Stephen,
We ran the same test suite with systemd-networkd stopped and the tests passed.
i.e. the kernel implementation is conformant, the networkd implementation is
not.
Evidently, systemd-networkd injects itself into the protocol exchange by
intercepting IPv6 RAs. In fact, it configures the kernel to disable the sysctl
accept_ra attribute, so the kernel is taken out of the RA conversation.
Unfortunately, networkd does not handle the RAs in a compliant fashion.
Rather than take my word for it, as an example, look at the solutions for
issues: #28437 fixed by PR#28446 and #28439 fixed by PR#28496. I started by
posting issues for each failing case, but there are too many of them.
In summary, networkd is part of the IPv6 protocol and it is not IPv6 compliant.
Matt.
PS: as much as you are dismayed by this, as was I.
