# Too many IPv6 routes (one IPv6 route for each IPv6 subnet)

## nagmat84

Hello,

I use

net-misc/networkmanager-0.9.4.0-r5

kde-misc/networkmanagement-0.9.0.3

in an IPv4/IPv6 dual-stack environment with stateless DHCPv6. Actually everything works fine. After booting my IPv6 configuration looks like that

```

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 1000

    inet6 2001:7c0:409:274:213:77ff:febe:8a56/64 scope global dynamic 

       valid_lft 1764sec preferred_lft 564sec

    inet6 fe80::213:77ff:febe:8a56/64 scope link 

       valid_lft forever preferred_lft forever

```

my routes are

```

fe80::/64 dev eth0  proto kernel  metric 256

ff00::/8 dev eth0  metric 256

default via fe80::ae16:2dff:fef4:2c00 dev eth0  proto static  metric 1 

```

and /etc/resolv.conf equals

```

# Generated by resolvconf

search hek.uni-karlsruhe.de neu.hek.uni-karlsruhe.de neu.hek.uni-karlsruhe.de.

nameserver 172.20.223.177

nameserver 2001:7c0:409:2fe::2

```

The interesting point is, that an additional IPv6 route is added for every IPv6 address my computer connects to. For example, if I open www.google.de in Firefox, Firefox connects to 2a00:1450:4016:800::101f, and I get a new route

```

2a00:1450:4016:800::101f via fe80::ae16:2dff:fef4:2c00 dev eth0  proto static  metric 1024  rtt 13ms rttvar 13ms cwnd 10

```

in my routing table. Obviously the route is not necessary, because it is already covered by the default route. At the end of the day, my routing tables has several hundred entries. I wonder if this is normal IPv6 behavior. But I doubt so.

I have already conducted an wireshark/tcpdump, but I did not find anything suspicious. I only see the normal router announcement of my one and only IPV6 router every 5 minutes.

Yours, MatthiasLast edited by nagmat84 on Fri Jul 27, 2012 8:30 am; edited 1 time in total

----------

## Ant P.

I don't think networkmanager is involved. Do you have any exotic kernel config options turned on for IPv6, or any changed sysctl settings?

----------

## nagmat84

I believe that networkmanager ist ivolved, because I had to upgrade vom stable 0.8 (amd64) to unstable 0.9 (~amd64) due to another bug related to DHCPv6. Before the upgrade I did not notice this behaviour.

Anyway, here ist the important part of my kernel config:

```

#

# Networking options

#

CONFIG_PACKET=y

CONFIG_UNIX=y

# CONFIG_UNIX_DIAG is not set

CONFIG_XFRM=y

# CONFIG_XFRM_USER is not set

# CONFIG_XFRM_SUB_POLICY is not set

# CONFIG_XFRM_MIGRATE is not set

# CONFIG_XFRM_STATISTICS is not set

CONFIG_XFRM_IPCOMP=y

# CONFIG_NET_KEY is not set

CONFIG_INET=y

# CONFIG_IP_MULTICAST is not set

CONFIG_IP_ADVANCED_ROUTER=y

# CONFIG_IP_FIB_TRIE_STATS is not set

# CONFIG_IP_MULTIPLE_TABLES is not set

# CONFIG_IP_ROUTE_MULTIPATH is not set

# CONFIG_IP_ROUTE_VERBOSE is not set

# CONFIG_IP_PNP is not set

# CONFIG_NET_IPIP is not set

# CONFIG_NET_IPGRE_DEMUX is not set

# CONFIG_ARPD is not set

# CONFIG_SYN_COOKIES is not set

# CONFIG_INET_AH is not set

# CONFIG_INET_ESP is not set

# CONFIG_INET_IPCOMP is not set

# CONFIG_INET_XFRM_TUNNEL is not set

CONFIG_INET_TUNNEL=y

# CONFIG_INET_XFRM_MODE_TRANSPORT is not set

# CONFIG_INET_XFRM_MODE_TUNNEL is not set

# CONFIG_INET_XFRM_MODE_BEET is not set

CONFIG_INET_LRO=y

# CONFIG_INET_DIAG is not set

# CONFIG_TCP_CONG_ADVANCED is not set

CONFIG_TCP_CONG_CUBIC=y

CONFIG_DEFAULT_TCP_CONG="cubic"

# CONFIG_TCP_MD5SIG is not set

CONFIG_IPV6=y

CONFIG_IPV6_PRIVACY=y

CONFIG_IPV6_ROUTER_PREF=y

# CONFIG_IPV6_ROUTE_INFO is not set

# CONFIG_IPV6_OPTIMISTIC_DAD is not set

CONFIG_INET6_AH=y

CONFIG_INET6_ESP=y

CONFIG_INET6_IPCOMP=y

# CONFIG_IPV6_MIP6 is not set

CONFIG_INET6_XFRM_TUNNEL=y

CONFIG_INET6_TUNNEL=y

CONFIG_INET6_XFRM_MODE_TRANSPORT=y

CONFIG_INET6_XFRM_MODE_TUNNEL=y

CONFIG_INET6_XFRM_MODE_BEET=y

# CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION is not set

CONFIG_IPV6_SIT=y

# CONFIG_IPV6_SIT_6RD is not set

CONFIG_IPV6_NDISC_NODETYPE=y

# CONFIG_IPV6_TUNNEL is not set

# CONFIG_IPV6_MULTIPLE_TABLES is not set

# CONFIG_IPV6_MROUTE is not set

# CONFIG_NETWORK_SECMARK is not set

# CONFIG_NETWORK_PHY_TIMESTAMPING is not set

CONFIG_NETFILTER=y

# CONFIG_NETFILTER_DEBUG is not set

# CONFIG_NETFILTER_ADVANCED is not set

#

# Core Netfilter Configuration

#

# CONFIG_NETFILTER_NETLINK_LOG is not set

# CONFIG_NF_CONNTRACK is not set

CONFIG_NETFILTER_XTABLES=y

#

# Xtables combined modules

#

# CONFIG_NETFILTER_XT_MARK is not set

#

# Xtables targets

#

# CONFIG_NETFILTER_XT_TARGET_NFLOG is not set

# CONFIG_NETFILTER_XT_TARGET_TCPMSS is not set

#

# Xtables matches

#

CONFIG_NETFILTER_XT_MATCH_POLICY=y

# CONFIG_IP_VS is not set

#

# IP: Netfilter Configuration

#

# CONFIG_NF_DEFRAG_IPV4 is not set

CONFIG_IP_NF_IPTABLES=y

CONFIG_IP_NF_FILTER=y

CONFIG_IP_NF_TARGET_REJECT=y

CONFIG_IP_NF_TARGET_LOG=y

CONFIG_IP_NF_TARGET_ULOG=y

CONFIG_IP_NF_MANGLE=y

# CONFIG_IP_NF_RAW is not set

#

# IPv6: Netfilter Configuration

#

# CONFIG_NF_DEFRAG_IPV6 is not set

CONFIG_IP6_NF_IPTABLES=y

CONFIG_IP6_NF_MATCH_IPV6HEADER=y

CONFIG_IP6_NF_TARGET_LOG=y

CONFIG_IP6_NF_FILTER=y

CONFIG_IP6_NF_TARGET_REJECT=y

CONFIG_IP6_NF_MANGLE=y

# CONFIG_IP6_NF_RAW is not set

# CONFIG_IP_DCCP is not set

# CONFIG_IP_SCTP is not set

# CONFIG_RDS is not set

# CONFIG_TIPC is not set

# CONFIG_ATM is not set

# CONFIG_BRIDGE is not set

# CONFIG_NET_DSA is not set

# CONFIG_VLAN_8021Q is not set

# CONFIG_DECNET is not set

# CONFIG_LLC2 is not set

# CONFIG_IPX is not set

# CONFIG_ATALK is not set

# CONFIG_X25 is not set

# CONFIG_LAPB is not set

# CONFIG_ECONET is not set

# CONFIG_WAN_ROUTER is not set

# CONFIG_PHONET is not set

# CONFIG_IEEE802154 is not set

# CONFIG_NET_SCHED is not set

# CONFIG_DCB is not set

CONFIG_DNS_RESOLVER=y

# CONFIG_BATMAN_ADV is not set

# CONFIG_OPENVSWITCH is not set

CONFIG_RPS=y

CONFIG_RFS_ACCEL=y

CONFIG_XPS=y

CONFIG_BQL=y

CONFIG_HAVE_BPF_JIT=y

# CONFIG_BPF_JIT is not set

```

My sysctl.conf is still in its defautl state, but here it is:

```

# /etc/sysctl.conf

#

# For more information on how this file works, please see

# the manpages sysctl(8) and sysctl.conf(5).

#

# In order for this file to work properly, you must first

# enable 'Sysctl support' in the kernel.

#

# Look in /proc/sys/ for all the things you can setup.

#

# Disables packet forwarding

net.ipv4.ip_forward = 0

# Disables IP dynaddr

#net.ipv4.ip_dynaddr = 0

# Disable ECN

#net.ipv4.tcp_ecn = 0

# Enables source route verification

net.ipv4.conf.default.rp_filter = 1

# Enable reverse path

net.ipv4.conf.all.rp_filter = 1

# Enable SYN cookies (yum!)

# http://cr.yp.to/syncookies.html

#net.ipv4.tcp_syncookies = 1

# Disable source route

#net.ipv4.conf.all.accept_source_route = 0

#net.ipv4.conf.default.accept_source_route = 0

# Disable redirects

#net.ipv4.conf.all.accept_redirects = 0

#net.ipv4.conf.default.accept_redirects = 0

# Disable secure redirects

#net.ipv4.conf.all.secure_redirects = 0

#net.ipv4.conf.default.secure_redirects = 0

# Ignore ICMP broadcasts

#net.ipv4.icmp_echo_ignore_broadcasts = 1

# Disables the magic-sysrq key

#kernel.sysrq = 0

# When the kernel panics, automatically reboot in 3 seconds

#kernel.panic = 3

# Allow for more PIDs (cool factor!); may break some programs

#kernel.pid_max = 999999

# You should compile nfsd into the kernel or add it

# to modules.autoload for this to work properly

# TCP Port for lock manager

#fs.nfs.nlm_tcpport = 0

# UDP Port for lock manager

#fs.nfs.nlm_udpport = 0

```

Matthias

----------

## Ant P.

I can't see anything in the kernel that would cause it so maybe you're right about NM. You could try filing a bug on their tracker.

----------

## nagmat84

I filed a bug in the Gentoo Bug Tracker first: https://bugs.gentoo.org/show_bug.cgi?id=428274

----------

