IPV6 - Web Proxy

Started by spetrillo, October 26, 2021, 10:26:31 PM

Previous topic - Next topic
Hello all,

I am seeing these in my cache log but I have IPV6 turned off:

2021-10-26T16:19:00   squid   | SendEcho ERROR: sending to ICMPv6 packet to [2600:9000:2209:de00:c:ec82:5580:21]: (65) No route to host   
2021-10-26T16:18:59   squid   | SendEcho ERROR: sending to ICMPv6 packet to [2607:f8b0:4006:81e::200a]: (65) No route to host   
2021-10-26T16:18:59   squid   | SendEcho ERROR: sending to ICMPv6 packet to [2606:4700::6810:3355]: (65) No route to host   


Why am I seeing these?

Thanks,
Steve

Hi Steve, my guess is that your DNS is responding with AAAA records for a target and Squid has happy eyeballs turned on (RFC 8305).

Bart...

Hmmm...soo strange. I have IPV6 turned off on OPNsense, so I wonder if these are being generated by a host of some kind.

In doing some more investigation I have found that my physical NICs and VLANs have IPV6 addresses assigned, yet I have turned off IPV6. Why is this happening?

October 27, 2021, 08:59:09 PM #4 Last Edit: October 27, 2021, 09:03:10 PM by fabian
fe80: + something is a link local address. It is not a routable address and exists only for local connections and packet forwarding but never for the internet traffic.

IPv6 cannot be disabled. It will always be there. However since SLAAC is blocked, IPv6 cannot be used.