Getting IPv6 SLAAC to work in my network

JKnott

@ionutit

I think you'll find capture filters work better than display filters. Capture filters affect what's captured and display filters affect what packets of the capture are displayed. Of course, you can use both for more flexibility. However, I mostly use capture filters. So, you'd filter on ICMP6, which should capture all ICMP6 packets. Once you have some of those, you can use display filters. However, just capturing ICMP6 and quickly scanning the captured packets should reveal the RAs.

JKnott

@bob-dig

He's running Wireshark, which means he's using a computer on the LAN.

JKnott

@ionutit said in Getting IPv6 SLAAC to work in my network:

I had to create a firewall rule to allow “any” to “ff02::fb” on UDP 5353.

????

mDNS is using ff02, which means it's a link local multicast. It's not supposed to pass through a router.

IonutIT

@jknott

Yeah but for some reason the source is ULA fdcd:: instead of the link-local address so it does go through the firewall. I think that hosts using mDNS broadcast through all available addresses.

JKnott

@ionutit said in Getting IPv6 SLAAC to work in my network:

Yeah but for some reason the source is ULA fdcd:: instead of the link-local address so it does go through the firewall.

That's not an issue. packets for multicast addresses often come from ULA or GUA addresses. Since the address starts with ff02, it's scope is link local and won't pass through the router (pfSense).

IPv6 has address scopes, which IPv4 does not. This means how far a packet can go depends on the destination address. An address that starts with ff02 is link local. Even on IPv4, you can have public or RFC1918 addresses as the source for local network only destinations.

So, even though a router may receive a packet with a ff02 destination, it will not forward it.

IonutIT

@jknott and @Bob-Dig

So after a bit more troubleshooting I finally found the source of my ULA network.

It seems that the RA for this fdcd::/64 ULA network is my Apple TV 4K (2021), and the reason for it doing that is for Thread. Because the device is a Thread bridge, and because this protocol is IPv6 only, it pushes this ULA inside my network to be able to communicate with other Thread enabled devices inside the LAN.

Hopefully this will be helpful for others searching for this issue in the future.

MarioG

@ionutit FYI I just read over on the avsforum that tvOS 16.1 beta fixed this. The advertisements stopped.

IonutIT

@mariog

Really? I wasn’t aware that this was a bug, seeing that Thread needs IPv6 to function.

MarioG

@ionutit I don't know, I just saw this and thought it was related: https://www.avsforum.com/threads/apple-tv-owners-thread-faq-in-first-post.1278071/page-2178#post-62047363
Hope it helps.

IonutIT

@mariog Thanks for the link. I'll keep an eye on this.