TransWikia.com

Why is IPv6 not so heavily using loopback as IPv4 does?

Super User Asked on November 20, 2021

Why is IPv6 not so heavily using loopback as IPv4 does?

My OS: Linux Mint 20, kernel version 5.4.0-42.

For the purpose of generating the output below, I defined an alias:

alias iptables-watch="sudo watch -n30 'iptables --list INPUT --verbose --line-numbers && echo && ip6tables --list INPUT --verbose --line-numbers'"

Every 30.0s: iptables --list INPUT --verbose --line-numbers && echo && ip6tables --list INPUT --verbose --line-numbers

Chain INPUT (policy DROP 1656 packets, 116K bytes)
num   pkts bytes target     prot opt in     out     source               destination
1        0     0 DROP       all  --  any    any     anywhere             anywhere             ctstate INVALID /* protection */
2    29177 3028K ACCEPT     all  --  lo     any     anywhere             anywhere             /* loopback */
3        0     0 ACCEPT     icmp --  any    any     anywhere             anywhere             limit: avg 5/sec burst 15 /* icmp4 */
4    29053   93M ACCEPT     all  --  any    any     anywhere             anywhere             ctstate RELATED,ESTABLISHED /* traffic4 */
5        0     0 ACCEPT     tcp  --  any    any     192.168.0.0/24       anywhere             ctstate NEW,ESTABLISHED tcp dpt:ssh /* ssh_local */

Chain INPUT (policy DROP 21 packets, 3321 bytes)
num   pkts bytes target     prot opt in     out     source               destination
1        1    60 ACCEPT     all      any    any     anywhere             anywhere             ctstate INVALID /* protection */
2        4   292 ACCEPT     all      lo     any     anywhere             anywhere             /* loopback */
3      678 50048 ACCEPT     ipv6-icmp    any    any     anywhere             anywhere             limit: avg 20/sec burst 50 /* icmp6 */
4     279K  421M ACCEPT     all      any    any     anywhere             anywhere             ctstate RELATED,ESTABLISHED /* traffic6 */
5       18  3172 ACCEPT     udp      any    any     anywhere             fe80::/64            ctstate NEW udp dpt:dhcpv6-client /* dhcp6 */

I am curious as to why during those 2 hours of my computer uptime, there are 4 packets on IPv6 loopback only? Thank you.

EDIT 1:

To complete my question based on the current answer:

$ tail -3 /etc/resolv.conf

nameserver 127.0.0.53
options edns0
search lan
ipv6linuxloopbacknetworking

One Answer

Because programs didn't ask it.

IP doesn't generate loopback packets for nothing out of nothing. All the traffic you're seeing is actual programs using TCP over 127.0.0.1 for internal communications, or perhaps your local DNS resolver answering queries at 127.0.0.53, things like that.

So if you have an IPv4 address like "nameserver 127.0.0.53" in resolv.conf, you'll naturally see a lot of IPv4 DNS queries.

(You can see the packets using tcpdump -ni lo...)

Answered by user1686 on November 20, 2021

Add your own answers!

Ask a Question

Get help from others!

Recent Questions

Recent Answers

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP