Probe: ipv6_bogon#
Monitors for IPv6 packets directied to multicast or link-local addresses from sources outsite the connected-networks and ICMPv6 neighbor advertisements and neighbor solicitation packets with target address to unconnected-networks.
Inspected Packets#
This probe looks for packets with the following characteristics:
- EtherType: IPv6
- IPv6 next header: ICMPv6
- ICMPv6 types:
- neighbor advertisement
- neighbor solicitation
Configuration#
probes:
ipv6_bogon:
# enable this probe
enable: true
# list of prefixes that are connected
prefixes:
- 2001:db8::/32
# do not ignore fe80::/64
#ignore_link_local: false
See also: schema description
Events#
| Name | Description |
|---|---|
IPV6_BOGON_SOURCE | the target IPv6 address is not covered by prefixes |
IPV6_BOGON_TARGET | the target IPv6 address is not covered by prefixes |