IPV6 - Web Proxy

[spetrillo]

Hello all,

I am seeing these in my cache log but I have IPV6 turned off:

2021-10-26T16:19:00   squid   | SendEcho ERROR: sending to ICMPv6 packet to [2600:9000:2209:de00:c:ec82:5580:21]: (65) No route to host   
2021-10-26T16:18:59   squid   | SendEcho ERROR: sending to ICMPv6 packet to [2607:f8b0:4006:81e::200a]: (65) No route to host   
2021-10-26T16:18:59   squid   | SendEcho ERROR: sending to ICMPv6 packet to [2606:4700::6810:3355]: (65) No route to host   

Why am I seeing these?

Thanks,
Steve

[bartjsmit]

Hi Steve, my guess is that your DNS is responding with AAAA records for a target and Squid has happy eyeballs turned on (RFC 8305).

Bart...

[spetrillo]

Hmmm...soo strange. I have IPV6 turned off on OPNsense, so I wonder if these are being generated by a host of some kind.

[spetrillo]

In doing some more investigation I have found that my physical NICs and VLANs have IPV6 addresses assigned, yet I have turned off IPV6. Why is this happening?

[fabian]

fe80: + something is a link local address. It is not a routable address and exists only for local connections and packet forwarding but never for the internet traffic.

IPv6 cannot be disabled. It will always be there. However since SLAAC is blocked, IPv6 cannot be used.