Closed DRiKE closed 8 years ago
Filtering on IPv6 prefixes is a known issue since the FastBit library does not support range queries for 64b numbers.
As for the equality query, I've been trying to reproduce the issue on my own traffic samples, but with no luck:
> fbitdump -R . -o"fmt:%sa6" | grep "fe80::230:48ff:fed6:ad4b"
fe80::230:48ff:fed6:ad4b
fe80::230:48ff:fed6:ad4b
fe80::230:48ff:fed6:ad4b
> fbitdump -R . -o"fmt:%sa6" "%sa6 == fe80::230:48ff:fed6:ad4b" -q
fe80::230:48ff:fed6:ad4b
fe80::230:48ff:fed6:ad4b
fe80::230:48ff:fed6:ad4b
Could you send me a sample of the traffic so that I can trace this issue?
Of course I'm not able to reproduce it myself at this time. I'll keep trying for some time, and if it really doesn't occur anymore, I'll close the ticket I guess. In that case, apologies for the (possibly false) alarm.
With regards to the prefixes: I was in the understanding that filtering on prefixes could give small inaccuracies, thus that it 'worked' in a somewhat rough fashion. However in the case of fe80::/64
, nothing is returned at all, where it looks like other prefixes return more records (outside of the prefix) instead of less. Is the fe80-case the same issue, but with radically different results in the end?
I believe that it might be the same issue. I've filed several queries to FastBit mailing list, however they do no longer seem to care about this.
I'll close the ticket for now and ask you to raise the question again if you can reproduce it.
Filtering on link-local IPv6 addresses does not work, e.g.:
fbitdump -R ic20151108023000 '%sa6 == fe80::22f4:21ff:fea3:1a00'
yields more than just records having that source address, although all of the results have link-local addresses for their source address. Using prefixes results in no records, e.g.:
fbitdump -R ic20151108023000 '%sa6 fe80::/64'
This is happening with the latest version of fbitdump, so it includes the fixes for IPv6 issues reported earlier. Filtering on global v6 addresses (and prefixes) behaves like expected.