ip6tables --set-mark drops/distorts link-local packets

ip6tables --set-mark drops/distorts link-local packets

[Georgios Amanakis]

Hi all,

I discovered that marking IPv6 packets with ip6tables results in link-
local traffic being dropped/distorted. Specifically link-local UDP
traffic on ports 546-547 (necessary for DHCPv6) fails in this
situation. I provide a script for testing purposes:

-----------8<------------
#!/usr/bin/sh

ip6tables -t mangle -F 
ip6tables -t mangle -A OUTPUT -o $oif -j MARK --set-mark 3

exit 0
-----------8<------------

Is this behavior known/expected? My search didn't reveal any relevant
results on the web.
I am running Archlinux, uname -a:
"Linux a-router 4.4.11-1-lts #1 SMP Thu May 19 21:03:24 CEST 2016
x86_64 GNU/Linux"

George

ip6tables --set-mark drops/distorts link-local packets

[Georgios Amanakis]

Hi all,

I have already posted this in the lartc mailing list but I think the
netfilter one is more suitable.

I discovered that marking IPv6 packets with ip6tables results in link-
local traffic being dropped/distorted. Specifically link-local UDP
traffic on ports 546-547 (necessary for DHCPv6) fails in this
situation. I provide a script for testing purposes:

-----------8<------------
#!/usr/bin/sh

ip6tables -t mangle -F
ip6tables -t mangle -A OUTPUT -o $oif -j MARK --set-mark 3

exit 0
-----------8<------------

Is this behavior known/expected? My search didn't reveal any relevant
results on the web.
I am running Archlinux, uname -a:
"Linux a-router 4.4.11-1-lts #1 SMP Thu May 19 21:03:24 CEST 2016
x86_64 GNU/Linux"

George