On Tue, 30 Dec 2025 20:00:52 GMT, David Higton wrote:
What I particularly like about IPv6 is that NAT/NAPT are simply not necessary, and it's possible to have multiple servers on the same port (e.g. multiple web servers on port 80/443) on one site, because you have effectively unlimited internet-accessible addresses.
What happens if/when you switch provider? Are you allowed to take your IPv6 address block with you?
Because if not, you end up having to assign new addresses to everything on your LAN.
On Mon, 29 Dec 2025 10:59:29 +0000, Richard Kettlewell wrote:
i.e. the interface has two addresses after booting has completed. I
would put network boot at the bottom of the list of possible causes.
AIUI the kernel starts from a blank slate, it doesn’t inherit
interface configuration from the boot loader.
If my reading of this <https://en.wikipedia.org/wiki/Preboot_Execution_Environment> article
on PXE is correct, the kernel can indeed inherit network settings from
a PXE boot. But if you’re not using PXE, then that’s not relevant, of course. I don’t know of any other booting setup that could pass across network parameters from the bootloader to the kernel.
Places I know of where the kernel can get network interface setups:
* DHCP client
* /etc/network/interfaces file (or distro-specific equivalent)
* systemd.network files
* NetworkManager
On 2025-12-30, Jim Diamond <[email protected]> wrote:
My router's DHCP function has a serious case of brain damage. (It is
supplied by my ISP and is not easy to avoid using, because of the way they >> control their fiber optic cable based system.) Right now it thinks the Pi >> in question is using the "mystery" IPv4 address, and it resolutely declares >> that the "proper" address is not connected. The Pi itself disagrees.
My current ISP is Frontier Fiber, and I have a business account with
a static IP address. While they supply a fiber termination unit in
my house wiring closet, they also supply a Sagemcom router/WiFi
device, which I *must* use because my static IP is the creation of a VPN feature inside the router, for which they do not provide any
usable documentation. So I had them bridge that IP to one of the
ethernet ports on the Sagemcom device, and then have my own edge
router attached to that. I can't turn off the WiFi on the Sagemcom, but
I have my own WiFi access point behind my router.
I am not very happy with the arrangement, but my bandwidth is 500 Mbps symmetric, although my (old) edge router is only 10/100 ethernet.
But after spending years on a 15Mbps symmetric network, I am happy to
get 100/100 that WORKS.
On Mon, 29 Dec 2025 21:00:19 -0400, Jim Diamond wrote:
My router's DHCP function has a serious case of brain damage. (It is
supplied by my ISP and is not easy to avoid using, because of the
way they control their fiber optic cable based system.)
I wonder why you would use an ISP-supplied router -- don’t you get to connect your own?
That’s what I have done, here in 🇳🇿. I have turned off its DHCP function, and run my own DHCP server on a separate Linux box, so that I
can more easily keep track of lists of statically-assigned addresses for
my trusted machines.
- "sudo locate systemd.network" only shows the man page.
I guess the mystery continues.
On 2025-12-30 at 01:42 AST, Lawrence D’Oliveiro <[email protected]d> wrote:
I wonder why you would use an ISP-supplied router -- don’t you get
to connect your own?
No. The fiber comes into a box and the box also has the wifi router.
I could try turning off the DHCP server in the ISP's box. However, they
have a habit of resetting and updating the software in their box, and I'm
not sure how long turning off that DHCP server would last. I am not sure what would happen when two DHCP servers are on the same LAN, but I imagine Bad Things would happen.
What I particularly like about IPv6 is that NAT/NAPT are simply not
necessary
On 30/12/2025 20:00, David Higton wrote:
What I particularly like about IPv6 is that NAT/NAPT are simply not necessary
So making the implementation of a firewall absolutely mandatory
All good thoughts, thanks. But...
- There is no dhcp client running (at least by the time I am able to ssh in
to the machine after it boots).
- All /etc/network/interfaces does is source any files in interfaces.d,
and there are no files there.
- "sudo locate systemd.network" only shows the man page.
- the "mystery" IPv4 address doesn't show up anywhere in the
/etc/NetworkManager directory or sub-directories.
I guess the mystery continues.
However, it was worth a look. Maybe. According to the router, the
"mystery" address is paired with the wifi card's actual ethernet (MAC)
address, whereas the "proper" address is (currently) paired with the same ethernet address, except the last octet is 8C instead of 8D. This makes me think that it is showing "Connected" or "Disconnected" according to the ethernet address which is working, and it is not careful about pairing that with the correct IPv4 address.
On 30/12/2025 01:00, Jim Diamond wrote:
However, it was worth a look. Maybe. According to the router, the
"mystery" address is paired with the wifi card's actual ethernet (MAC)
MAC's aren't just Ethernet, WiFi and Bluetooth interfaces also have them.
address, whereas the "proper" address is (currently) paired with the
same ethernet address, except the last octet is 8C instead of 8D.
This makes me think that it is showing "Connected" or "Disconnected"
according to the ethernet address which is working, and it is not
careful about pairing that with the correct IPv4 address.
You often see a difference of 1 when something creates a virtual
network interface for use by a virtual machine or container. The
virtual network card is assigned the second IP address and can operate independently from anything using the hosts primary interface and IP
address.
In message <10iv40e$1e1ba$[email protected]>
Pancho <[email protected]> wrote:
IPv6 seems like a world of pain.
In my experience it just works.
On 30/12/2025 20:00, David Higton wrote:
What I particularly like about IPv6 is that NAT/NAPT are simply not
necessary
So making the implementation of a firewall absolutely mandatory
On Tue, 30 Dec 2025 17:07:46 -0400, Jim Diamond wrote:
- "sudo locate systemd.network" only shows the man page.
The individual network interface configs should be in
/etc/systemd/network/.
I guess the mystery continues.
Another possibility: could the network address assignment be
in a startup script for some seemingly unrelated service?
On 30/12/2025 21:07, Jim Diamond wrote:
All good thoughts, thanks. But...
- There is no dhcp client running (at least by the time I am able to ssh in >> to the machine after it boots).
- All /etc/network/interfaces does is source any files in interfaces.d,
and there are no files there.
- "sudo locate systemd.network" only shows the man page.
- the "mystery" IPv4 address doesn't show up anywhere in the
/etc/NetworkManager directory or sub-directories.
I guess the mystery continues.
That was where I got to with my one.
At some stage that mobo died and I took the opportunity to switch mobos
and install an updated linux version, using a GUI and network manager to
set up the fixed IP, and the problem vanished.
If you can do a fresh install its probably the shortest route.
Now even if its headless there is a CLI to network manager and you might investigate that.
It's called in a fit of stunning originality, 'nmcli'
Try
#nmcli device show
Also ifconfig -a should show up any active interfaces on odd addresses.
BUT IIRC I never could identify that interface that way - it seemed to
be some sort of low level zombie.
It existed in the router DHCP table, showing it had been issues by the router in response to a request from the machine, but it only ever
responded to pings, IIRC.
No listening process beyond that was ever bound to it.
I assumed it was some bug either induced by me hand editing files that network manager was supposed to edit, or as a changeover from earlier methods of setting up IP, not fully ignored by the new NM control system
All I know is that rigorous adherence to the GUI CLI on a fresh install eliminated it. Whether it was one or the other factor that was crucial,
I cannot say.
As with most transient bugs, life is to frikkin short...
I am sorry I cannot help beyond noting that yes, I have seen it happen,
and no, I cant reproduce it any more, and at a given point it vanished, never to reappear...
druck <[email protected]> writes:
On 30/12/2025 01:00, Jim Diamond wrote:
However, it was worth a look. Maybe. According to the router, the
"mystery" address is paired with the wifi card's actual ethernet (MAC)
MAC's aren't just Ethernet, WiFi and Bluetooth interfaces also have them.
address, whereas the "proper" address is (currently) paired with the
same ethernet address, except the last octet is 8C instead of 8D.
This makes me think that it is showing "Connected" or "Disconnected"
according to the ethernet address which is working, and it is not
careful about pairing that with the correct IPv4 address.
You often see a difference of 1 when something creates a virtual
network interface for use by a virtual machine or container. The
virtual network card is assigned the second IP address and can operate
independently from anything using the hosts primary interface and IP
address.
At least on my 3B and 4B, the wired and wireless interfaces have
adjacent MACs.
PS C:\Users\rjk> ssh shairo ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
link/ether dc:a6:32:cb:73:6b brd ff:ff:ff:ff:ff:ff
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DORMANT group default qlen 1000
link/ether dc:a6:32:cb:73:6c brd ff:ff:ff:ff:ff:ff
If both interfaces were connected to the same network then I might see something similar to Jim’s situation.
I did ask Jim for ‘ip addr show’ output but it has not appeared.
The Natural Philosopher wrote:
David Higton wrote:
What I particularly like about IPv6 is that NAT/NAPT are simply notSo making the implementation of a firewall absolutely mandatory
necessary
Linux IPv6 does appear to use random IPv6 address for outbound
connections, which have a limited lifespan. This appears to be
something like 1-7 days, but if very short lifespans were used it
could offer a protection similar to NAT. I need to investigate a bit
further, but I don't think IPv6 needs to be inherently less safe.
On 12/31/25 11:36, The Natural Philosopher wrote:
On 30/12/2025 20:00, David Higton wrote:
What I particularly like about IPv6 is that NAT/NAPT are simply not necessary
So making the implementation of a firewall absolutely mandatory
Linux IPv6 does appear to use random IPv6 address for outbound
connections, which have a limited lifespan. This appears to be something like 1-7 days, but if very short lifespans were used it could offer a protection similar to NAT. I need to investigate a bit further, but I
don't think IPv6 needs to be inherently less safe.
On 12/30/25 20:00, David Higton wrote:
In message <10iv40e$1e1ba$[email protected]>
Pancho <[email protected]> wrote:
IPv6 seems like a world of pain.
In my experience it just works.
I'm surprised. Accepting that you do not do some of the things I do,
like policy routing rules based upon a host computer IP, I'm still
seeing servers on the internet that advertise they should work with IPv6
but don't. This means they don't fall back to IPv4.
I'm not far enough along in my understanding to be entirely confident,
but I would be surprised if I were wrong.
rpi4-4b ls -l /etc/systemd/network
total 0
lrwxrwxrwx 1 root root 9 Dec 5 2023 73-usb-net-by-mac.link -> /dev/null lrwxrwxrwx 1 root root 9 Dec 5 2023 99-default.link -> /dev/null
As with most transient bugs, life is to frikkin short...
I agree 100% with that.
On 12/31/25 11:36, The Natural Philosopher wrote:
On 30/12/2025 20:00, David Higton wrote:
What I particularly like about IPv6 is that NAT/NAPT are simply not
necessary
So making the implementation of a firewall absolutely mandatory
Linux IPv6 does appear to use random IPv6 address for outbound
connections, which have a limited lifespan. This appears to be something like 1-7 days, but if very short lifespans were used it could offer a protection similar to NAT. I need to investigate a bit further, but I
don't think IPv6 needs to be inherently less safe.
Given that this mystery IP didn't show up the next time I rebooted (or
again just now (to test)), I consider that unlikely. And grepping through /etc I don't see any unexpected instances of either (a) the mystery IP, or (b) the string "wlan". Not that this is an exhaustive hunt.
Maybe a neutrino hit
the wrong spot during boot.
Pancho <[email protected]> writes:
The Natural Philosopher wrote:
David Higton wrote:
What I particularly like about IPv6 is that NAT/NAPT are simply notSo making the implementation of a firewall absolutely mandatory
necessary
Linux IPv6 does appear to use random IPv6 address for outbound
connections, which have a limited lifespan. This appears to be
something like 1-7 days, but if very short lifespans were used it
could offer a protection similar to NAT. I need to investigate a bit
further, but I don't think IPv6 needs to be inherently less safe.
NAT does not offer any protection. The reason that a typical domestic NAT-equipped router protects you from inbound connections is that it has
a firewall as well.
(Getting a packet addressed to your internal addresses to your external interface is inconvenient for many attackers, for sure, but
striaghtforward for your ISP or anyone who can hack or coerce them.)
In message <10j3tdq$29dt0$[email protected]>
Pancho <[email protected]> wrote:
On 12/30/25 20:00, David Higton wrote:
In message <10iv40e$1e1ba$[email protected]>
Pancho <[email protected]> wrote:
IPv6 seems like a world of pain.
In my experience it just works.
I'm surprised. Accepting that you do not do some of the things I do,
like policy routing rules based upon a host computer IP, I'm still
seeing servers on the internet that advertise they should work with IPv6
but don't. This means they don't fall back to IPv4.
I'm not far enough along in my understanding to be entirely confident,
but I would be surprised if I were wrong.
I've not encountered anything that's more difficult in IPv6 than in IPv4.
I'm certain that IPv6 works just as well and as reliably as IPv4; after
all, it's been in global-scale use for many years now, so all the issues
have been solved. But there's always scope for something to go wrong,
like in the example I quoted earlier where there was an IPv6 interface
that didn't previously exist, and configuring it (which was no more
difficult than the original IPv4 config, which was done so long ago that everyone had forgotten it) simply hadn't been done. Since everything mainstream now defaults to IPv6, there were two fault symptoms, depending which browser and OS were in use:
1) The site appeared unavailable;
2) The site was reached, but only after a delay.
Nothing about it was a problem of IPv6 per se.
I'd be interested to know what "policy routing rules based upon a host computer IP" you're using. My router runs OpenWRT. Everything gets
its IPv6 address via DHCPv6. The traffic rules pick up the device by
name, so, if the IPv6 address changes, the rules change automatically
to match.
In message <10j3tmk$29ec2$[email protected]>
Pancho <[email protected]> wrote:
On 12/31/25 11:36, The Natural Philosopher wrote:
On 30/12/2025 20:00, David Higton wrote:
What I particularly like about IPv6 is that NAT/NAPT are simply not
necessary
So making the implementation of a firewall absolutely mandatory
Linux IPv6 does appear to use random IPv6 address for outbound
connections, which have a limited lifespan. This appears to be something
like 1-7 days, but if very short lifespans were used it could offer a
protection similar to NAT. I need to investigate a bit further, but I
don't think IPv6 needs to be inherently less safe.
I use Ubuntu, which gives itself two routable IPv6 addresses. One is
always the same (good if you have an internet-accessible server) and
the other is new each reboot (good for privacy). Maybe it's the same
for you?
On 31/12/2025 20:18, Richard Kettlewell wrote:
Pancho <[email protected]> writes:
The Natural Philosopher wrote:
David Higton wrote:
What I particularly like about IPv6 is that NAT/NAPT are simply notSo making the implementation of a firewall absolutely mandatory
necessary
Linux IPv6 does appear to use random IPv6 address for outbound
connections, which have a limited lifespan. This appears to be
something like 1-7 days, but if very short lifespans were used it
could offer a protection similar to NAT. I need to investigate a bit
further, but I don't think IPv6 needs to be inherently less safe.
NAT does not offer any protection. The reason that a typical domestic
NAT-equipped router protects you from inbound connections is that it
has a firewall as well. (Getting a packet addressed to your internal
addresses to your external interface is inconvenient for many
attackers, for sure, but straightforward for your ISP or anyone who
can hack or coerce them.)
How?
Genuine question.
The Natural Philosopher <[email protected]d> writes:
On 31/12/2025 20:18, Richard Kettlewell wrote:
Pancho <[email protected]> writes:
The Natural Philosopher wrote:
David Higton wrote:
What I particularly like about IPv6 is that NAT/NAPT are simply not >>>>>> necessarySo making the implementation of a firewall absolutely mandatory
Linux IPv6 does appear to use random IPv6 address for outbound
connections, which have a limited lifespan. This appears to be
something like 1-7 days, but if very short lifespans were used it
could offer a protection similar to NAT. I need to investigate a bit
further, but I don't think IPv6 needs to be inherently less safe.
NAT does not offer any protection. The reason that a typical domestic
NAT-equipped router protects you from inbound connections is that it
has a firewall as well. (Getting a packet addressed to your internal
addresses to your external interface is inconvenient for many
attackers, for sure, but straightforward for your ISP or anyone who
can hack or coerce them.)
How?
Genuine question.
Same as routing any other packet. Make sure there’s an appropriate
routing table entry for the customer addresses on the ISP’s
customer-facing router (and whatever intermediate routers there are
between that and the attack source), then call socket/connect/write.
The question is then what the customer router does with it.
* If it follows the strong end system then the packet is discarded
before NAT even comes into the question.
Linux follows the weak end system model by default, so this
possibility doesn’t apply to Linux-based router unless someone has
taken the trouble to change its behavior somehow.
* If there’s a basically competent firewall on the customer router then
the packet is discard by that.
* If there’s a NAT then it gets to look at the packet, but it won’t
match any of the rules that enable translation, so it will not be
modified at this stage.
* All that’s now left is normal routing, so the packet passes on to its
destination on the customer network.
https://www.greenend.org.uk/rjk/tech/nat.html has a worked example.
On 01/01/2026 11:34, Richard Kettlewell wrote:
The Natural Philosopher <[email protected]d> writes:
On 31/12/2025 20:18, Richard Kettlewell wrote:Same as routing any other packet. Make sure there’s an appropriate
NAT does not offer any protection. The reason that a typical domestic
NAT-equipped router protects you from inbound connections is that it
has a firewall as well. (Getting a packet addressed to your internal
addresses to your external interface is inconvenient for many
attackers, for sure, but straightforward for your ISP or anyone who
can hack or coerce them.)
How?
Genuine question.
routing table entry for the customer addresses on the ISP’s
customer-facing router (and whatever intermediate routers there are
between that and the attack source), then call socket/connect/write.
The question is then what the customer router does with it.
* If it follows the strong end system then the packet is discarded
before NAT even comes into the question.
Linux follows the weak end system model by default, so this
possibility doesn’t apply to Linux-based router unless someone has
taken the trouble to change its behavior somehow.
* If there’s a basically competent firewall on the customer router
then
the packet is discard by that.
* If there’s a NAT then it gets to look at the packet, but it won’t
match any of the rules that enable translation, so it will not be
modified at this stage.
Ah. I misunderstood your original post. Sure the ISP can send an
internally addressed packet to your router. If it wants to lose its
customer base.
But will that get forwarded along?
* All that’s now left is normal routing, so the packet passes on to itsI can't believe that my router would accept arbitrary packets with
destination on the customer network.
https://www.greenend.org.uk/rjk/tech/nat.html has a worked example.
an internal destination address on its external facing port...
if the destination is not in its tables, it will be automatically discarded...
The internal network destination address_is_ in its routing table.
On 01/01/2026 12:26, Richard Kettlewell wrote:
The internal network destination address_is_ in its routing table.
But not its port. And not in its NAT table,
On Wed, 31 Dec 2025 16:00:45 -0400, Jim Diamond wrote:
rpi4-4b ls -l /etc/systemd/network
total 0
lrwxrwxrwx 1 root root 9 Dec 5 2023 73-usb-net-by-mac.link -> /dev/null
lrwxrwxrwx 1 root root 9 Dec 5 2023 99-default.link -> /dev/null
Interesting that you have anything in that directory at all; the one
on my Debian Unstable system is empty.
This symlinking to /dev/null is called “masking”. It explicitly--- Synchronet 3.21a-Linux NewsLink 1.2
disables those service entries (originals present in
/lib/systemd/network in this case) so they cannot be
(easily/accidentally) enabled.
On 31/12/2025 20:00, Jim Diamond wrote:
Given that this mystery IP didn't show up the next time I rebooted (or
again just now (to test)), I consider that unlikely. And grepping through >> /etc I don't see any unexpected instances of either (a) the mystery IP, or >> (b) the string "wlan". Not that this is an exhaustive hunt.
Linux has had a fit about the naming of interfaces. wlan seems deprecated.
On Tue, 30 Dec 2025 17:50:15 -0400, Jim Diamond wrote:
On 2025-12-30 at 01:42 AST, Lawrence D’Oliveiro <[email protected]d> wrote: >>>
I wonder why you would use an ISP-supplied router -- don’t you get
to connect your own?
No. The fiber comes into a box and the box also has the wifi router.
Here in NZ, the fibre terminates in a separate box called the “ONT”.
Everything up to and including that box is the responsibility of a
company called “Tuatahi Fibre”, which is *not* an ISP (and is not
allowed to become one). Basically they provide a layer-2 connection
between my house and the routers/switches/whatever for the service
providers, and their job is to treat all service providers equally.
Also, that box is to be considered part of the fittings of the house, so
it stays with the house, and doesn’t move if/when the residents move
house. The installation of the box (and the physical fibre connection to
it) was done free of charge, under a Government-funded plan.
The particular ONT box in my house has 4 Ethernet ports and 2
telephone landline ports. These can be independently assigned to
different services, coming from different providers. E.g. the one
that’s live for my ISP connection has an Ethernet cable running
between it and my actual router, which I bought from a local store.
I could try turning off the DHCP server in the ISP's box. However, they
have a habit of resetting and updating the software in their box, and I'm
not sure how long turning off that DHCP server would last. I am not sure
what would happen when two DHCP servers are on the same LAN, but I imagine >> Bad Things would happen.
Hmmm ... I’m thinking it might be possible to isolate that box on a dedicated Ethernet port on a Linux box, so you could use a packet
filter to block anything DHCP-related, and only let through the stuff
you want
In general, I'm not claiming IPv6 is more difficult. However, I have 30+ years of dealing with and solving the problems of IPv4. Switching to
dual stack IPv6 is introducing new problems, which I need to understand
and solve.
The Natural Philosopher <[email protected]d> wrote:
On 31/12/2025 20:00, Jim Diamond wrote:
Given that this mystery IP didn't show up the next time I rebooted (or
again just now (to test)), I consider that unlikely. And grepping through >>> /etc I don't see any unexpected instances of either (a) the mystery IP, or >>> (b) the string "wlan". Not that this is an exhaustive hunt.
Linux has had a fit about the naming of interfaces. wlan seems
deprecated.
I don't think "Linux" has had a fit about naming of interfaces. All
of my machines (RPi and otherwise) have "wlan0". But I have seen more
exotic names on some distros.
IMHO they should have taken a lesson from filesystem naming, and
allowed interfaces to be identified by their attributes, rather than depending on a unique name.
On 2025-12-31 at 09:15 AST, Richard Kettlewell <[email protected]d> wrote:
druck <[email protected]> writes:
On 30/12/2025 01:00, Jim Diamond wrote:
However, it was worth a look. Maybe. According to the router, the
"mystery" address is paired with the wifi card's actual ethernet (MAC)
MAC's aren't just Ethernet, WiFi and Bluetooth interfaces also have them. >>>
address, whereas the "proper" address is (currently) paired with the
same ethernet address, except the last octet is 8C instead of 8D.
This makes me think that it is showing "Connected" or "Disconnected"
according to the ethernet address which is working, and it is not
careful about pairing that with the correct IPv4 address.
You often see a difference of 1 when something creates a virtual
network interface for use by a virtual machine or container. The
virtual network card is assigned the second IP address and can operate
independently from anything using the hosts primary interface and IP
address.
At least on my 3B and 4B, the wired and wireless interfaces have
adjacent MACs.
PS C:\Users\rjk> ssh shairo ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
link/ether dc:a6:32:cb:73:6b brd ff:ff:ff:ff:ff:ff
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DORMANT group default qlen 1000
link/ether dc:a6:32:cb:73:6c brd ff:ff:ff:ff:ff:ff
If both interfaces were connected to the same network then I might see
something similar to Jim’s situation.
I did ask Jim for ‘ip addr show’ output but it has not appeared.
Mea culpa, I thought I did.
Here is today's output... but I have long since gotten rid of that extra
IP, so I'm not sure if this is at all interesting:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host noprefixroute
valid_lft forever preferred_lft forever
2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN group default qlen 1000
link/ether dc:a6:32:37:93:8c brd ff:ff:ff:ff:ff:ff
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether dc:a6:32:37:93:8d brd ff:ff:ff:ff:ff:ff
inet 192.168.2.74/24 brd 192.168.2.255 scope global noprefixroute wlan0
valid_lft forever preferred_lft forever
inet6 fe80::d10a:4386:b7f7:43f9/64 scope link noprefixroute
valid_lft forever preferred_lft forever
Should it happen again I'll capture this output in case it helps find the source.
Jim
Jim Diamond <[email protected]> writes:
The Natural Philosopher <[email protected]d> wrote:
On 31/12/2025 20:00, Jim Diamond wrote:
Given that this mystery IP didn't show up the next time I rebooted (or >>>> again just now (to test)), I consider that unlikely. And grepping through >>>> /etc I don't see any unexpected instances of either (a) the mystery IP, or >>>> (b) the string "wlan". Not that this is an exhaustive hunt.
Linux has had a fit about the naming of interfaces. wlan seems
deprecated.
I don't think "Linux" has had a fit about naming of interfaces. All
of my machines (RPi and otherwise) have "wlan0". But I have seen more
exotic names on some distros.
TNP is thinking of the ‘predictable interface names’ scheme, which is a misnomer since predicting the name depends on information you don’t necessarily have readily to hand. Really it is about keeping the mapping between names and specific hardware interfaces stable, which is valuable
in some situations and inconvenient in others.
IMHO they should have taken a lesson from filesystem naming, and allowed interfaces to be identified by their attributes, rather than depending
on a unique name.
On 2025-12-31 at 17:50 AST, The Natural Philosopher <[email protected]d> wrote:
On 31/12/2025 20:00, Jim Diamond wrote:
Given that this mystery IP didn't show up the next time I rebooted (or
again just now (to test)), I consider that unlikely. And grepping through >>> /etc I don't see any unexpected instances of either (a) the mystery IP, or >>> (b) the string "wlan". Not that this is an exhaustive hunt.
Linux has had a fit about the naming of interfaces. wlan seems deprecated.
I don't think "Linux" has had a fit about naming of interfaces. All of my machines (RPi and otherwise) have "wlan0". But I have seen more exotic
names on some distros.
On 31.12.2025 22.09, Jim Diamond wrote:
On 2025-12-31 at 09:15 AST, Richard Kettlewell <[email protected]d> wrote:
druck <[email protected]> writes:
On 30/12/2025 01:00, Jim Diamond wrote:
However, it was worth a look. Maybe. According to the router, theMAC's aren't just Ethernet, WiFi and Bluetooth interfaces also have them. >>>>
"mystery" address is paired with the wifi card's actual ethernet (MAC) >>>>
address, whereas the "proper" address is (currently) paired with the >>>>> same ethernet address, except the last octet is 8C instead of 8D.
This makes me think that it is showing "Connected" or "Disconnected" >>>>> according to the ethernet address which is working, and it is not
careful about pairing that with the correct IPv4 address.
You often see a difference of 1 when something creates a virtual
network interface for use by a virtual machine or container. The
virtual network card is assigned the second IP address and can operate >>>> independently from anything using the hosts primary interface and IP
address.
At least on my 3B and 4B, the wired and wireless interfaces have
adjacent MACs.
PS C:\Users\rjk> ssh shairo ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
link/ether dc:a6:32:cb:73:6b brd ff:ff:ff:ff:ff:ff
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DORMANT group default qlen 1000
link/ether dc:a6:32:cb:73:6c brd ff:ff:ff:ff:ff:ff
If both interfaces were connected to the same network then I might see
something similar to Jim’s situation.
I did ask Jim for ‘ip addr show’ output but it has not appeared.
Mea culpa, I thought I did.
Here is today's output... but I have long since gotten rid of that extra
IP, so I'm not sure if this is at all interesting:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host noprefixroute
valid_lft forever preferred_lft forever
2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN group default qlen 1000
link/ether dc:a6:32:37:93:8c brd ff:ff:ff:ff:ff:ff
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether dc:a6:32:37:93:8d brd ff:ff:ff:ff:ff:ff
inet 192.168.2.74/24 brd 192.168.2.255 scope global noprefixroute wlan0 >> valid_lft forever preferred_lft forever
inet6 fe80::d10a:4386:b7f7:43f9/64 scope link noprefixroute
valid_lft forever preferred_lft forever
Should it happen again I'll capture this output in case it helps find the
source.
Jim
If your system is running NetworkManager, it is the culprit.
In my RasPi3B+ router, I disabled and stopped NetworkManager. systemd-networkd is perfectly capable to handle the DHCP
client duties.
... and unique names (such as wl0sp3 on my laptop)
https://www.greenend.org.uk/rjk/tech/nat.html has a worked example.
On 1/1/26 11:34, Richard Kettlewell wrote:
https://www.greenend.org.uk/rjk/tech/nat.html has a worked example.
Curiously <https://www.greenend.org.uk/rjk/tech/nat.html> is an example of
a website that fails to load when I use IPv6 but works fine under IPv4
curl -4 https://www.greenend.org.uk/rjk/tech/nat.html works fine
.
curl -6 https://www.greenend.org.uk/rjk/tech/nat.html times out.
Last thing I receive in IPv6 pcap from Greenend says
[TCP Previous segment not captured]
Richard Kettlewell wrote:
https://www.greenend.org.uk/rjk/tech/nat.html has a worked example.
Curiously <https://www.greenend.org.uk/rjk/tech/nat.html> is an
example of a website that fails to load when I use IPv6 but works fine
under IPv4
curl -4 https://www.greenend.org.uk/rjk/tech/nat.html
works fine
.
curl -6 https://www.greenend.org.uk/rjk/tech/nat.html
times out.
Last thing I receive in IPv6 pcap from Greenend says
[TCP Previous segment not captured]
On 02/01/2026 15:39, druck wrote:
... and unique names (such as wl0sp3 on my laptop)
On my Thinkpad its wlp3s0. Those two couldn't possibly cause any
confusion for anyone, I'm sure!
On 02/01/2026 17:32, Daniel James wrote:
On 02/01/2026 15:39, druck wrote:
... and unique names (such as wl0sp3 on my laptop)
On my Thinkpad its wlp3s0. Those two couldn't possibly cause any
confusion for anyone, I'm sure!
Actually mine is wlp3s0 too, I remembered it wrong!
Also as someone else mentioned, it's actually predicable names rather
than unique names.
On 04/01/2026 19:02, druck wrote:
Also as someone else mentioned, it's actually predicable names
rather than unique names.
Yes, for some strange value of "predictable" that requires you to
know the naming scheme and also to know the hardware rather more
intimately than most people usually have any need or desire to do.
I was looking at my network and discovered an IP which I didn't know about; after a few seconds of investigation I discovered that one of my Pis (which is on wifi only, and only has one wifi card) has two IPs.
Two of my other Pis are running the same version of Raspberry Pi OS (i.e., "Debian GNU/Linux 12 (bookworm)"). They don't do this.
Looking around the net, there are claims that this is because Pis might try to netboot, and that later on in the boot process they also get their usual IP the "usual" way. (In my case I am using networkmanager.)
I can't imagine what I did to make one of my Pis want to (try to) netboot.
Has anyone here seen this, and, if so, know what grievous sins I have committed to make this happen? And how to make it stop?
Thanks.
Jim
Pancho <[email protected]> writes:
Richard Kettlewell wrote:
https://www.greenend.org.uk/rjk/tech/nat.html has a worked example.
Curiously <https://www.greenend.org.uk/rjk/tech/nat.html> is an
example of a website that fails to load when I use IPv6 but works fine
under IPv4
curl -4 https://www.greenend.org.uk/rjk/tech/nat.html
works fine
.
curl -6 https://www.greenend.org.uk/rjk/tech/nat.html
times out.
It works for me from a couple of locations (one with native IPv6 and
the other via a Hurricance Electric tunnel). traceroute -6 might reveal
where your problem is.
Last thing I receive in IPv6 pcap from Greenend says
[TCP Previous segment not captured]
AFAICT that just means you started tracing part way through a session.
On 27/12/2025 17:34, Jim Diamond wrote:
I was looking at my network and discovered an IP which I didn't know about; >> after a few seconds of investigation I discovered that one of my Pis (which >> is on wifi only, and only has one wifi card) has two IPs.
Two of my other Pis are running the same version of Raspberry Pi OS (i.e., >> "Debian GNU/Linux 12 (bookworm)"). They don't do this.
Looking around the net, there are claims that this is because Pis might try >> to netboot, and that later on in the boot process they also get their usual >> IP the "usual" way. (In my case I am using networkmanager.)
I can't imagine what I did to make one of my Pis want to (try to) netboot.
Has anyone here seen this, and, if so, know what grievous sins I have
committed to make this happen? And how to make it stop?
Thanks.
Jim
I had smililar problem when I upgraded to Bullseye. My solution was
deleted connman package.
Refer to https://raspberrypi.stackexchange.com/questions/133318/how-to-disable-the-dynamic-ip-address-after-assigning-a-static-ip-in-bullseye
On 12/30/25 20:00, David Higton wrote:
In message <10iv40e$1e1ba$[email protected]>
Pancho <[email protected]> wrote:
IPv6 seems like a world of pain.In my experience it just works.
I'm surprised. Accepting that you do not do some of the things I do,
like policy routing rules based upon a host computer IP...
Pancho <[email protected]> writes:
On 12/30/25 20:00, David Higton wrote:
In message <10iv40e$1e1ba$[email protected]>
Pancho <[email protected]> wrote:
IPv6 seems like a world of pain.In my experience it just works.
I'm surprised. Accepting that you do not do some of the things I do,
like policy routing rules based upon a host computer IP...
I actually do that. I route my IPTV boxes out via an alternate interface
due to some stupid contractual issues. So all I did was add routing
rules with ip -6 rule add from $addr table Magic and all the Magic table
has is a defaultroute out via the other interface. Same as IPv4. But
maybe your policy routing is something different?
For sure this would be a problem if the IPv6 addresses were changing all
the time but they haven't.
Some routers will let you use the source mac address in routing rules
which nicely overcomes the problem with varying IPv6 addresses.
Pancho <[email protected]> writes:
On 12/30/25 20:00, David Higton wrote:
In message <10iv40e$1e1ba$[email protected]>
Pancho <[email protected]> wrote:
IPv6 seems like a world of pain.In my experience it just works.
I'm surprised. Accepting that you do not do some of the things I do,
like policy routing rules based upon a host computer IP...
I actually do that. I route my IPTV boxes out via an alternate interface
due to some stupid contractual issues. So all I did was add routing
rules with ip -6 rule add from $addr table Magic and all the Magic table
has is a defaultroute out via the other interface. Same as IPv4. But
maybe your policy routing is something different?
For sure this would be a problem if the IPv6 addresses were changing all
the time but they haven't.
That is the second IPv6 bug in pfSense, after the MTU/packet
fragmentation bug I mentioned earlier, which I'm still trying to get
to the bottom of.
IPv6 seems surprisingly hard.
On Wed, 14 Jan 2026 17:57:35 +0000, John R Walliker wrote:
Some routers will let you use the source mac address in routing rules
which nicely overcomes the problem with varying IPv6 addresses.
That could also be handled with a VLAN.
On Thu, 15 Jan 2026 01:17:23 +0000, Pancho wrote:
That is the second IPv6 bug in pfSense, after the MTU/packet
fragmentation bug I mentioned earlier, which I'm still trying to get
to the bottom of.
IPv6 seems surprisingly hard.
pfSense is built on FreeBSD and uses that network stack instead of
Linux, isn’t it?
On 1/14/26 21:13, Lawrence D’Oliveiro wrote:
On Wed, 14 Jan 2026 17:57:35 +0000, John R Walliker wrote:
Some routers will let you use the source mac address in routing rules
which nicely overcomes the problem with varying IPv6 addresses.
That could also be handled with a VLAN.
If your network hardware handles VLAN tags.
I have numerous switches (unmanaged) and WiFi access points, none of the ones I tested were compatible with VLAN tags (i.e. The network device stripped the VLAN tag off packets rather than dumbly passed the packet through with VLAN tag intact).
VLANs also aren't ideal as you may wish to implement policy routing on a protocol (e.g. VoIP) or WAN destination, not just upon a LAN host.
On 1/14/26 21:13, Lawrence D’Oliveiro wrote:
On Wed, 14 Jan 2026 17:57:35 +0000, John R Walliker wrote:
Some routers will let you use the source mac address in routing
rules which nicely overcomes the problem with varying IPv6
addresses.
That could also be handled with a VLAN.
If your network hardware handles VLAN tags.
Some routers will let you use the source mac address in routing rules
which nicely overcomes the problem with varying IPv6 addresses.
| Sysop: | DaiTengu |
|---|---|
| Location: | Appleton, WI |
| Users: | 1,123 |
| Nodes: | 10 (0 / 10) |
| Uptime: | 33:44:37 |
| Calls: | 14,371 |
| Files: | 186,380 |
| D/L today: |
875 files (246M bytes) |
| Messages: | 2,540,600 |