Nmap Development mailing list archives

Re: OS X Lion and IPv6

From: Patrik Karlsson <patrik () cqure net>
Date: Sun, 11 Mar 2012 23:15:37 +0100

On Sun, Mar 11, 2012 at 9:30 PM, Dario Ciccarone <dciccaro () cisco com> wrote:

I noticed that my router (a Apple Time Capsule) is advertising it's
link-local address as default gateway. Changing this manually on my OS X
host to the global address fixes the problem with scanning global

addresses

as root. As far as I can tell from a few Google searches it seems as if
Apple Airport and Time Capsule advertise their link-local address as the
default gateway. To the best of my understanding this should be a valid
configuration, as it seems to work for other applications ie. browsing

the

web etc ...

That's isn't a completely accurate description of how this works :)

From the beginning - RFC-4861, section 4.2 - "Router Advertisement

Message Format", IP Fields - "Source Address: MUST be the link-local
address assigned to the interface from which this message is sent.

Router Lifetime <snip>A lifetime of 0 indicates that the router is not a
default router and SHOULD NOT appear on the default router list</snip> -
there is more relevant text.

And then on 6.3.4, Processing Received Router Advertisements - <snip>On
receipt of a valid RA, a host extracts the source address of the packet
and does the following:

- If the address is not already present in the host's Default Router
List, and the advertisement Router Lifetime is non-zero, . . . .</snip>

So your default route(s) should indeed have as a next-hop the link-local
address for the router(s) from which you got that information from.
That's how it should be done - not that "should be a valid
configuration", but that it is THE valid configuration :)


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


Thank's a lot for the clarification, much appreciated!

//Patrik
-- 
Patrik Karlsson
http://www.cqure.net
http://twitter.com/nevdull77
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

OS X Lion and IPv6 Patrik Karlsson (Mar 11)
- Re: OS X Lion and IPv6 Patrik Karlsson (Mar 11)
  - Re: OS X Lion and IPv6 Dario Ciccarone (Mar 11)
    - Re: OS X Lion and IPv6 Patrik Karlsson (Mar 11)
- Re: OS X Lion and IPv6 Dario Ciccarone (Mar 11)
  - Re: OS X Lion and IPv6 Patrik Karlsson (Mar 11)
  - Re: OS X Lion and IPv6 Patrik Karlsson (Mar 12)
- Re: OS X Lion and IPv6 David Fifield (Mar 26)
- Re: OS X Lion and IPv6 David Fifield (Mar 26)
  - Re: OS X Lion and IPv6 Patrik Karlsson (Mar 26)