#1187 closed request (pending)

ipv6 temp address rotation(?) on win10 breaks long-lived connections

Reported by: tapio.sokura@… Owned by: panda@…
Priority: tbd Milestone: ietf-100
Component: nat64 Keywords:
Cc: Clemens, Schrimpe, <csch@…> My Current Location:
My MAC Address: My OS:

Description

Hello,

My problem probably isn't due to the ietf-nat64 network, as I've seen 
this happen in other v6 enabled networks as well, but here goes anyway 
as a FYI:

I'm using the ietf-nat64 wifi with a Windows 10 (1709 update) client and 
my long-lived v6-tcp connections like ssh (putty client with keepalive 
set) tend to hang after some time. This has also happened to me reguarly 
on earlier versions of Windwows. For the hangup to occur it usually 
takes between tens of minutes to about an hour or two. After I login to 
the same host again, I see the v6 address I'm coming from has changed 
from the previous address.

So it looks like windows, for some reason or another, is disabling the 
old temp v6 addresses while there still are tcp connections open. It 
should not work like this, but I guess it could just be a feature in 
windows.

Other than long-lived tcp connections breaking for me, the nat64 network 
seems to be working fine. Maybe you could switch within the next couple 
of meetings to a v6 / nat64 mode on the default "ietf" network and 
provide native v4 only on a non-default ssid.

Here's an excerpt from an ipv6 enabled server log (timestamps utc+2):
Nov 14 07:31:47 rerun sshd[29389]: Accepted publickey for oh2kku from 
2001:67c:370:1998:e0f2:6c45:5267:eccb port 49682 ssh2
Nov 14 07:43:16 rerun sshd[29464]: Accepted publickey for oh2kku from 
2001:67c:370:1998:e0f2:6c45:5267:eccb port 49271 ssh2
Nov 14 08:01:32 rerun sshd[29600]: Accepted publickey for oh2kku from 
2001:67c:370:1998:f8f8:3610:14ed:9171 port 49309 ssh2
Nov 14 09:50:38 rerun sshd[29996]: Accepted publickey for oh2kku from 
2001:67c:370:1998:f8f8:3610:14ed:9171 port 63756 ssh2
Nov 14 10:21:35 rerun sshd[30090]: Accepted publickey for oh2kku from 
2001:67c:370:1998:b8f2:7bcf:5b90:7771 port 57115 ssh2
Nov 14 11:00:14 rerun sshd[30214]: Accepted publickey for oh2kku from 
2001:67c:370:1998:c834:4990:2112:ba9b port 55005 ssh2

This is from a v4-only server log, probably only the second last line 
was from a connection terminated due to address change:
2017-11-14T07:51:40.270398+02:00 woodstock sshd[28904]: Accepted 
publickey for oh2kku from 31.130.238.245 port 49279 ssh2
2017-11-14T10:34:23.665509+02:00 woodstock sshd[3739]: Accepted 
publickey for oh2kku from 31.130.238.174 port 53071 ssh2
2017-11-14T10:55:40.395275+02:00 woodstock sshd[4780]: Accepted 
publickey for oh2kku from 31.130.238.126 port 49939 ssh2
2017-11-14T11:13:12.825515+02:00 woodstock sshd[5609]: Accepted 
publickey for oh2kku from 31.130.238.126 port 55528 ssh2


This is what "ipconfig /all" on windows said a moment ago:

Wireless LAN adapter Wi-Fi:

    Connection-specific DNS Suffix  . : meeting.ietf.org
    Description . . . . . . . . . . . : Intel(R) Dual Band Wireless-AC 7265
    Physical Address. . . . . . . . . : 10-02-B5-92-63-05
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes
    IPv6 Address. . . . . . . . . . . : 
2001:67c:370:1998:a002:1880:27bb:f006(Preferred)
    Temporary IPv6 Address. . . . . . : 
2001:67c:370:1998:c834:4990:2112:ba9b(Preferred)
    Link-local IPv6 Address . . . . . : 
fe80::a002:1880:27bb:f006%10(Preferred)
    Autoconfiguration IPv4 Address. . : 169.254.240.6(Preferred)
    Subnet Mask . . . . . . . . . . . : 255.255.0.0
    Default Gateway . . . . . . . . . : fe80::1998:1%10
    DHCPv6 IAID . . . . . . . . . . . : 168821429
    DHCPv6 Client DUID. . . . . . . . : 
00-01-00-01-20-F1-DE-FB-10-02-B5-92-63-05
    DNS Servers . . . . . . . . . . . : 2001:67c:370:229::7
                                        2001:67c:370:229::6
    NetBIOS over Tcpip. . . . . . . . : Enabled
    Connection-specific DNS Suffix Search List :
                                        meeting.ietf.org

   Tapio

Change history (2)

comment:1 Changed 13 months ago by llynch@…

Cc: Clemens Schrimpe <csch@…> added
Component: incomingnat64
Owner: changed from < default > to panda@…
Status: newassigned

Thanks for trying the NAT64 network (SSID ietf-nat64) and reporting
your experience. As far as we can tell, the issue you reported is
either an issue of the NAT64 implementation's handling of that
specific traffic or the given application vendor's implementation.
We're collecting all the issues that come up and will pass the
reports back to the vendor at the end of the week. Hopefully this
will lead to better implementations and greater functionality for
the next meeting. If you're curious about other known issues,
please see https://tickets.meeting.ietf.org/wiki/nat64

If you have additional input on this issue please update the ticket,
if you see new issues please open additional tickets.

Also see: https://tickets.meeting.ietf.org/wiki/nat64
for a list of known issues!

Thanks -

comment:2 Changed 13 months ago by panda@…

Resolution: pending
Status: assignedclosed
Note: See TracTickets for help on using tickets.