SixXS::Sunset 2017-06-06

Turn off NS on windows interface for router
[us] Shadow Hawkins on Friday, 19 November 2010 14:01:40
Hi all, I have a USB RNDIS interface to a border router that connects to an experimental contiki ipv6 wireless RPL network. RPL configures itself through periodic broadcasts of neighbors and routes, and the normal process of neighbor solicitation/neighbor advertisement through link-local addresses is bypassed (and not implemented). But the RNDIS interface default is to use link-local NS/NA to verify the neighbor before sending out ipv6 addressed packets, without an NA nothing more is sent. On Ubuntu I can do $ifconfig usb0 -arp to bypass the NS/NA and packets are issued and properly routed through RPL. But on Windows I can not find any netsh commands that turn off NS. Routing or not makes no difference, nud=disable seems like it should work but gives a parameter error (nud=enable works). Can't find much through Google but it may be a security issue to keep a remote site from spoofing its ipv6 address as a trusted domain to get past the Windows firewall (firewalling just NS seems to effective block all outgoing interface packets). Apparently in XP/sp3 nud was originally disabled by default, but after all the security updates now it can't be disabled at all? So, anyone know how to tell Windows to skip NS/NA on the RNDIS interface, so that ping aaaa::42 will directly send to aaaa::42 without first sending the NS to fe80::...42?
Turn off NS on windows interface for router
[us] Shadow Hawkins on Tuesday, 23 November 2010 00:19:46
I discovered a workaround by adding all the RPL nodes manually as neighbors: netsh interface ipv6>add neighbor bbbb::11:22ff:fe33:4455 33-33-ff-33-44-55 interface=32 This automatically adds the link-local neighbor as well: netsh interface ipv6>show neighbor bbbb::11:22ff:fe33:4455 33-33-ff-33-44-55 Permanent ff02::1:ff33:4455 33-33-ff-33-44-55 Permanent Interestingly the mac address doesn't seem to matter: netsh interface ipv6>add neighbor bbbb::11:22ff:fe33:4456 33-33-ff-33-44-55 interface=32 netsh interface ipv6>show neighbor bbbb::11:22ff:fe33:4455 33-33-ff-33-44-55 Permanent bbbb::11:22ff:fe33:4456 33-33-ff-33-44-55 Permanent ff02::1:ff33:4456 33-33-ff-33-44-56 Permanent ff02::1:ff33:4455 33-33-ff-33-44-55 Permanent Pings to bbbb::11:22ff:fe33:4455 and :4456 will then go to the interface without issuing the blocking NS, and the router can pass them along. Nud may have nothing to do with it. netsh accepts nud=disabled if you add store=persistent, but still shows nud=enabled on the interface.

Please note Posting is only allowed when you are logged in.
Static Sunset Edition of SixXS
©2001-2017 SixXS - IPv6 Deployment & Tunnel Broker