Re: Does nmap ipv6 work only with directly connected interfaces?

["Amitesh Bhagwan (amitbhag)" <amitbhag () cisco com>]

Gentle reminder. I would appreciate a reply on this.


Regards,
Amitesh Bhagwan

From: Amitesh Bhagwan <amitbhag () cisco com<mailto:amitbhag () cisco com>>
Date: Monday, 28 April 2014 3:35 pm
To: "dev () nmap org<mailto:dev () nmap org>" <dev () nmap org<mailto:dev () nmap org>>
Subject: Does nmap ipv6 work only with directly connected interfaces?

Hi,

I’m facing buggy behaviour with nmap 6.45 when I use it for ipv6 scanning.

My setup involves a windows PC connected to a Cisco router. I am running nmap from windows. It worked well for link 
local destination addresses. However the scenario in which it fails involves a destination address that is on a 
different subnet. This shouldn’t make a difference since the PC can ping this ipv6 destination via a default route.

Here’s the topology:


(PC)[a1] ————[a2](router)[b1]

Round brackets indicate device type and square brackets indicate ipv6 address. a1  and a2 mean 2 global ipv6 addresses 
in the same subnet. b1 is global ipv6 address in a different subnet and is configured as a loopback address on the 
router.

This setup works fine when I test ipv4 addresses and even link local addresses. However, it doesn’t seem to work when 
the destination ipv6 address is the loopback address. The error I receive is:
C:\Program Files (x86)\Nmap>nmap -6 -sS -p1-65 -oA syn65 4000:1::1/128

Starting Nmap 6.45 ( http://nmap.org ) at 2014-04-28 15:23 India Standard Time
setup_target: failed to determine route to 4000:1::1
WARNING: No targets were specified, so 0 hosts scanned.
Nmap done: 0 IP addresses (0 hosts up) scanned in 0.31 seconds

As said earlier it doesn’t seem a connectivity issue since the above v6 address responds when I ping it form the win PC.



Regards,
Amitesh Bhagwan
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/