Super User Asked on November 20, 2021
Why is IPv6 not so heavily using loopback as IPv4 does?
My OS: Linux Mint 20, kernel version 5.4.0-42.
For the purpose of generating the output below, I defined an alias:
alias iptables-watch="sudo watch -n30 'iptables --list INPUT --verbose --line-numbers && echo && ip6tables --list INPUT --verbose --line-numbers'"
Every 30.0s: iptables --list INPUT --verbose --line-numbers && echo && ip6tables --list INPUT --verbose --line-numbers
Chain INPUT (policy DROP 1656 packets, 116K bytes)
num pkts bytes target prot opt in out source destination
1 0 0 DROP all -- any any anywhere anywhere ctstate INVALID /* protection */
2 29177 3028K ACCEPT all -- lo any anywhere anywhere /* loopback */
3 0 0 ACCEPT icmp -- any any anywhere anywhere limit: avg 5/sec burst 15 /* icmp4 */
4 29053 93M ACCEPT all -- any any anywhere anywhere ctstate RELATED,ESTABLISHED /* traffic4 */
5 0 0 ACCEPT tcp -- any any 192.168.0.0/24 anywhere ctstate NEW,ESTABLISHED tcp dpt:ssh /* ssh_local */
Chain INPUT (policy DROP 21 packets, 3321 bytes)
num pkts bytes target prot opt in out source destination
1 1 60 ACCEPT all any any anywhere anywhere ctstate INVALID /* protection */
2 4 292 ACCEPT all lo any anywhere anywhere /* loopback */
3 678 50048 ACCEPT ipv6-icmp any any anywhere anywhere limit: avg 20/sec burst 50 /* icmp6 */
4 279K 421M ACCEPT all any any anywhere anywhere ctstate RELATED,ESTABLISHED /* traffic6 */
5 18 3172 ACCEPT udp any any anywhere fe80::/64 ctstate NEW udp dpt:dhcpv6-client /* dhcp6 */
I am curious as to why during those 2 hours of my computer uptime, there are 4 packets on IPv6 loopback only? Thank you.
EDIT 1:
To complete my question based on the current answer:
$ tail -3 /etc/resolv.conf
nameserver 127.0.0.53
options edns0
search lan
Because programs didn't ask it.
IP doesn't generate loopback packets for nothing out of nothing. All the traffic you're seeing is actual programs using TCP over 127.0.0.1 for internal communications, or perhaps your local DNS resolver answering queries at 127.0.0.53, things like that.
So if you have an IPv4 address like "nameserver 127.0.0.53" in resolv.conf, you'll naturally see a lot of IPv4 DNS queries.
(You can see the packets using tcpdump -ni lo
...)
Answered by user1686 on November 20, 2021
Get help from others!
Recent Questions
Recent Answers
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP