Issues with VTI and v6 Link-Local addresses

General questions
1

I’m having a weird issue with VTI tunnels and their v6 Link Local addresses.

I am running the VyOS 1.5 rolling image. I’ve tested with 1.5-rolling-202310080024 and 1.5-rolling-202311210100.

I have IKEv2 routed VPNs between 3 VyOS hosts with bgp for dynamic routing. I’ve also got IPv6 implemented throughout. The VTI interfaces, if freshly created and configured, will get a v6 link-local address. However if the link for the VTI is set to down for any reason, when it’s set back to up, the v6 link local IP disappears and won’t come back unless you delete the interface or otherwise force it to be reconfigured. The fastest way I’ve seen that will remedy this is to set

set interfaces vti vti0 ipv6 address no-default-link-local

and commit, then delete that line and commit again.

Anyone aware if this is a known issue? @apachez suggested it may be an issue with Linux kernel and FRR forgetting information between each other.

Please let me know if you need more information. Thanks!

2

This has been confirmed to be a design defect and a bug has been reported here: https://vyos.dev/T5769

My workaround for the moment is to manually add the VTI interfaces to the sysctl config. The file I added to for persistence is:

/etc/sysctl.d/31-vyos-addr_gen_mode.conf

For example:

net.ipv6.conf.vti0.addr_gen_mode = 0

I also disable the default link local address that VyOS is coded to generate with the following:

set interfaces vti vti0 ipv6 address no-default-link-local

I’m open to suggestions if there’s a better alternative to the above but I was having to manually reconfigure the interfaces every few hours to restore service and this was a more immediate and automagic workaround.

Thanks again!