Hi,
I'm testing IPv6 and using PPPoE to get IPv6 and IPv4. However, when I issue below command, the IPv6 entries in /proc/net/nf_conntrack don't disappear immediately and last for a long time if the flow is TCP. I can see the IPv4 entries disappear immediately. Is this expected behavior? My Openwrt branch of FW is 22.03.
ifconfig pppoe-wan down
I would say so...
With IPv4 you normally have NATed connections. If the interface with it's IPv4 address goes down the connection can be thrown away.
With IPv6 however there is normally and hopefully no NAT involved therefore the connection tracking can not simply throw away the connection (edit: because it's end to end or host to host and the router just routes). I.e. if you have 2 wan interfaces and your routing engine switches outgoing routes then the connection can just continue.
Thanks, good example. Yeah, I thought the difference between NAT and routing may be the reason,but I did not find the application scenarios.
Minor addition: Even without 2 WAN interfaces it should behave this way... Like if the WAN goes down, or gets renumbered, but comes back/available later, then the connection can still continue.
With IPv4 it is the same, IF / WHEN no NAT is involved...
The main point is that the address on WAN interface is part of the connection, and if this address goes away, the kernel does not need to keep the connection.
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.