These log messages refer to the IPV6_ND (Neighbor Discovery events) category.
2.36.1. neighbor_discovery_resolution_failed (ID: 06400009)
- Default Severity
- WARNING
- Log Message
- Neighbor Discovery resolution failed
- Explanation
- Neighbor Discovery query was not resolved before the cache entry expired.
- Firewall Action
- remove_entry
- Recommended Action
- None
- Revision
- 1
- Parameters
- ipaddr
iface
2.36.2. nd_resolution_success (ID: 06400020)
- Default Severity
- NOTICE
- Log Message
- ND entry was added to the ND cache.
- Explanation
- ND entry was added to the ND cache.
- Firewall Action
- added_entry
- Recommended Action
- None
- Revision
- 1
- Parameters
- enetaddr
ipaddr
iface
2.36.3. nd_spoofed_option_address (ID: 06400028)
- Default Severity
- WARNING
- Log Message
- ND HW sender address matches our own address, but the option address does not. Dropping packet.
- Explanation
- The Neighbor Discovery packet Ethernet sender address appears to be our own, but the Link Layer option address does not. Dropping
packet.
- Firewall Action
- drop
- Recommended Action
- Verify that no faulty network equipment exists.
- Revision
- 1
- Context Parameters
- Rule Name
Packet Buffer
2.36.4. nd_spoofed_hw_sender (ID: 06400029)
- Default Severity
- WARNING
- Log Message
- ND HW sender address matches our own address. Dropping packet.
- Explanation
- The Neighbor Discovery packet Ethernet sender address appears to be our own. Dropping packet.
- Firewall Action
- drop
- Recommended Action
- Verify that no faulty network equipment exists.
- Revision
- 1
- Context Parameters
- Rule Name
Packet Buffer
2.36.5. neighbor_discovery_cache_size_limit_reached (ID: 06400030)
- Default Severity
- NOTICE
- Log Message
- Neighbor Discovery cache size limit reached
- Explanation
- The Neighbor Discovery cache size limit has been reached. Current license limit is [limit].
- Firewall Action
- None
- Recommended Action
- Update your license to allow a greater amount of concurrent Neighbor Discovery entries.
- Revision
- 1
- Parameters
- limit
2.36.6. nd_option_hw_address_multicast (ID: 06400031)
- Default Severity
- WARNING
- Log Message
- ND Link Layer option contains Enet multicast address. Dropping packet.
- Explanation
- The Neighbor Discovery packet Link Layer option contains an Ethernet multicast address. Dropping packet.
- Firewall Action
- drop
- Recommended Action
- Verify that no faulty network equipment exists.
- Revision
- 1
- Context Parameters
- Rule Name
Packet Buffer
2.36.7. nd_option_hw_address_mismatch (ID: 06400032)
- Default Severity
- WARNING
- Log Message
- ND Link Layer option Enet sender mismatch. Dropping packet.
- Explanation
- The Neighbor Discovery packet Link Layer option does not match HW sender. Dropping packet.
- Firewall Action
- drop
- Recommended Action
- None
- Revision
- 1
- Context Parameters
- Rule Name
Packet Buffer
2.36.8. nd_option_hw_address_mismatch (ID: 06400033)
- Default Severity
- NOTICE
- Log Message
- ND Link Layer option Enet sender mismatch. Dropping packet.
- Explanation
- The Neighbor Discovery packet Link Layer option does not match HW sender. Allowing packet.
- Firewall Action
- allow
- Recommended Action
- None
- Revision
- 1
- Context Parameters
- Rule Name
Packet Buffer
2.36.9. nd_duplicated_option (ID: 06400034)
- Default Severity
- WARNING
- Log Message
- The same ND option appears more than once in the same packet. Dropping
- Explanation
- The Neighbor Discovery packet Link Layer Address Source appears more than once in the same packet. Dropping packet.
- Firewall Action
- drop
- Recommended Action
- Verify that no faulty network equipment exists.
- Revision
- 1
- Context Parameters
- Rule Name
Packet Buffer
2.36.10. nd_duplicated_option (ID: 06400035)
- Default Severity
- WARNING
- Log Message
- The same ND option appears more than once in the same packet. Dropping packet.
- Explanation
- The Neighbor Discovery packet Link Layer Address Target appears more than once in the same packet. Dropping packet.
- Firewall Action
- drop
- Recommended Action
- Verify that no faulty network equipment exists.
- Revision
- 1
- Context Parameters
- Rule Name
Packet Buffer
2.36.11. nd_illegal_lladdress_option_size (ID: 06400036)
- Default Severity
- WARNING
- Log Message
- Illegal option size. Dropping
- Explanation
- The Neighbor Discovery packet option size is illegal. Dropping packet.
- Firewall Action
- drop
- Recommended Action
- Verify that no faulty network equipment exists.
- Revision
- 1
- Context Parameters
- Rule Name
Packet Buffer
2.36.12. nd_illegal_lladdress_option_size (ID: 06400037)
- Default Severity
- WARNING
- Log Message
- Illegal option size. Dropping
- Explanation
- The Neighbor Discovery packet option size is illegal. Dropping packet.
- Firewall Action
- drop
- Recommended Action
- Verify that no faulty network equipment exists.
- Revision
- 1
- Context Parameters
- Rule Name
Packet Buffer
2.36.13. nd_illegal_prefix_info_option_size (ID: 06400038)
- Default Severity
- WARNING
- Log Message
- Illegal option size. Dropping
- Explanation
- The Neighbor Discovery packet option size is illegal. Dropping packet.
- Firewall Action
- drop
- Recommended Action
- Verify that no faulty network equipment exists.
- Revision
- 1
- Context Parameters
- Rule Name
Packet Buffer
2.36.14. nd_illegal_redirect_option_size (ID: 06400039)
- Default Severity
- WARNING
- Log Message
- Illegal option size. Dropping
- Explanation
- The Neighbor Discovery packet option size is illegal. Dropping packet.
- Firewall Action
- drop
- Recommended Action
- Verify that no faulty network equipment exists.
- Revision
- 1
- Context Parameters
- Rule Name
Packet Buffer
2.36.15. nd_illegal_mtu_option_size (ID: 06400040)
- Default Severity
- WARNING
- Log Message
- Illegal option size. Dropping
- Explanation
- The Neighbor Discovery packet option size is illegal. Dropping packet.
- Firewall Action
- drop
- Recommended Action
- Verify that no faulty network equipment exists.
- Revision
- 1
- Context Parameters
- Rule Name
Packet Buffer
2.36.16. nd_zero_size_option (ID: 06400041)
- Default Severity
- WARNING
- Log Message
- Illegal option size. Dropping
- Explanation
- The Neighbor Discovery packet option size is zero. Dropping packet.
- Firewall Action
- drop
- Recommended Action
- Verify that no faulty network equipment exists.
- Revision
- 1
- Context Parameters
- Rule Name
Packet Buffer
2.36.17. nd_option_truncated (ID: 06400042)
- Default Severity
- WARNING
- Log Message
- Neighbor Discovery packet truncated at ND option. Dropping
- Explanation
- The Neighbor Discovery packet is truncated at ND option. Dropping packet.
- Firewall Action
- drop
- Recommended Action
- Verify that no faulty network equipment exists.
- Revision
- 1
- Context Parameters
- Rule Name
Packet Buffer
2.36.18. nd_packet_truncated (ID: 06400043)
- Default Severity
- WARNING
- Log Message
- Neighbor Discovery packet truncated at L4 header. Dropping
- Explanation
- The Neighbor Discovery packet is truncated at L4 header. Dropping packet.
- Firewall Action
- drop
- Recommended Action
- Verify that no faulty network equipment exists.
- Revision
- 1
- Context Parameters
- Rule Name
Packet Buffer
2.36.19. nd_unknown_icmp_code (ID: 06400044)
- Default Severity
- WARNING
- Log Message
- Unsupported ICMP code. Dropping
- Explanation
- The Neighbor Discovery packet ICMP code is unknown. Dropping packet.
- Firewall Action
- drop
- Recommended Action
- Verify that no faulty network equipment exists.
- Revision
- 1
- Context Parameters
- Rule Name
Packet Buffer
2.36.20. nd_spoofed_target (ID: 06400045)
- Default Severity
- WARNING
- Log Message
- Neighbor Advertisement Target IP <targetip> is my address, but Ethernet address <targetenet> is not. Dropping
- Explanation
- The Neighbor Advertisement packet target IP address matches that of the receiving interface, but the target link layer address
does not. Dropping packet.
- Firewall Action
- drop
- Recommended Action
- Verify that no faulty network equipment exists.
- Revision
- 1
- Parameters
- targetip
targetenet
- Context Parameters
- Rule Name
Packet Buffer
2.36.21. nd_spoofed_sender (ID: 06400046)
- Default Severity
- WARNING
- Log Message
- Sender IP <senderip> is my address. Dropping
- Explanation
- The Neighbor Discovery packet sender IP address matches that of the receiving interface. Dropping packet.
- Firewall Action
- drop
- Recommended Action
- Verify that no faulty network equipment exists.
- Revision
- 1
- Parameters
- senderip
- Context Parameters
- Rule Name
Packet Buffer
2.36.22. nd_hoplimit_reached (ID: 06400047)
- Default Severity
- WARNING
- Log Message
- Neighbor Discovery packet from <senderip> appears to have been routed. Dropping
- Explanation
- The Neighbor Discovery packet IP header contains a Hop Limit smaller than 255. Dropping packet.
- Firewall Action
- drop
- Recommended Action
- Verify that no faulty network equipment exists.
- Revision
- 1
- Parameters
- senderip
- Context Parameters
- Rule Name
Packet Buffer
2.36.23. nd_multicast_target_address (ID: 06400048)
- Default Severity
- WARNING
- Log Message
- Neighbor Discovery target address <targetip> is multicast. Dropping
- Explanation
- The Neighbor Discovery target IP address is a multicast address, this is illegal according to RFC4861. Dropping packet.
- Firewall Action
- drop
- Recommended Action
- Verify that no faulty network equipment exists.
- Revision
- 1
- Parameters
- targetip
- Context Parameters
- Rule Name
Packet Buffer
2.36.24. invalid_nd_sender_ip_address (ID: 06400049)
- Default Severity
- WARNING
- Log Message
- Failed to verify Neighbor Discovery sender IP address. Dropping
- Explanation
- The Neighbor Discovery sender IP address could not be verified according to the "access" section and the packet is dropped.
- Firewall Action
- drop
- Recommended Action
- If all Neighbor Discovery sender IP addresses should be accepted without validation, modify the configuration.
- Revision
- 1
- Context Parameters
- Rule Name
Packet Buffer
2.36.25. nd_access_allowed_expect (ID: 06400050)
- Default Severity
- NOTICE
- Log Message
- Allowed by expect rule in access section
- Explanation
- The Neighbor Discovery sender IP address is verified by an expect rule in the access section.
- Firewall Action
- access_allow
- Recommended Action
- None
- Revision
- 1
- Context Parameters
- Rule Name
Packet Buffer
2.36.26. nd_na_send_failure (ID: 06400051)
- Default Severity
- WARNING
- Log Message
- Failed to send Neighbor Advertisement packet.
- Explanation
- The system received a Neighbor Solicitation for one of its addresses but failed to reply with a Neighbor Advertisement packet.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
2.36.27. nd_unknown_sender (ID: 06400052)
- Default Severity
- WARNING
- Log Message
- Sender IP <senderip> is the Unknown Address. Dropping packet.
- Explanation
- The Neighbor Advertisement packet sender IP address matches that of the Unknown Address (::). Dropping packet.
- Firewall Action
- drop
- Recommended Action
- Verify that no faulty network equipment exists.
- Revision
- 1
- Parameters
- senderip
- Context Parameters
- Rule Name
Packet Buffer
2.36.28. nd_missing_tll_opt (ID: 06400053)
- Default Severity
- WARNING
- Log Message
- Neighbor Advertisement from <senderip> without target link-layer option. Dropping packet.
- Explanation
- The Neighbor Advertisement packet is missing the Target Link-Layer option. Dropping packet.
- Firewall Action
- drop
- Recommended Action
- Verify that no faulty network equipment exists.
- Revision
- 1
- Parameters
- senderip
- Context Parameters
- Rule Name
Packet Buffer
2.36.29. nd_spoofed_dpd_reply (ID: 06400054)
- Default Severity
- WARNING
- Log Message
- Dead peer probe reply HW address <targetenet> does not match the cached address <cachedenet>. Dropping packet.
- Explanation
- The dead peer probe reply packet target HW address does not match the cached address. Dropping packet.
- Firewall Action
- drop
- Recommended Action
- Verify that no faulty network equipment exists.
- Revision
- 1
- Parameters
- cachedenet
targetenet
- Context Parameters
- Rule Name
Packet Buffer
2.36.30. nd_mcast_dpd_reply (ID: 06400055)
- Default Severity
- WARNING
- Log Message
- Dead peer probe answered with multicast message. Dropping packet.
- Explanation
- The dead peer probe reply packet destination IP is a multicast address. Dropping packet.
- Firewall Action
- drop
- Recommended Action
- Verify that no faulty network equipment exists.
- Revision
- 1
- Context Parameters
- Rule Name
Packet Buffer
2.36.31. nd_advert_for_static_entry (ID: 06400056)
- Default Severity
- WARNING
- Log Message
- Neighbor Advertisement for static entry hw address <cachedenet>, advertised as <targetenet>. Dropping packet.
- Explanation
- A Neighbor Advertisement for a configured static entry was received. Dropping packet.
- Firewall Action
- drop
- Recommended Action
- Verify that no faulty network equipment exists.
- Revision
- 1
- Parameters
- cachedenet
targetenet
- Context Parameters
- Rule Name
Packet Buffer
2.36.32. nd_blatant_advertisement (ID: 06400057)
- Default Severity
- WARNING
- Log Message
- Forged Neighbor Advertisement claiming cached enet address <cachedenet> should be <targetenet>. Dropping packet.
- Explanation
- An unsolicited Neighbor Advertisement claiming to be solicited was received. Dropping packet.
- Firewall Action
- drop
- Recommended Action
- Verify that no faulty network equipment exists.
- Revision
- 1
- Parameters
- cachedenet
targetenet
- Context Parameters
- Rule Name
Packet Buffer
2.36.33. nd_updated_entry (ID: 06400058)
- Default Severity
- NOTICE
- Log Message
- ND cache entry <ipaddress> updated from <oldenet> to <newenet>.
- Explanation
- A Neighbor Advertisement updated an entry in the Neighbor Discovery cache.
- Firewall Action
- allow
- Recommended Action
- None
- Revision
- 1
- Parameters
- ipaddress
oldenet
newenet
- Context Parameters
- Rule Name
Packet Buffer
2.36.34. nd_update_entry_request (ID: 06400059)
- Default Severity
- NOTICE
- Log Message
- ND cache entry <ipaddress> update from <oldenet> to <newenet> request. DPD old address.
- Explanation
- A Neighbor Advertisement requests updating an entry in the Neighbor Discovery cache. Performing Dead Peer Detection before
allowing changes.
- Firewall Action
- dpd_old_entry
- Recommended Action
- None
- Revision
- 1
- Parameters
- ipaddress
oldenet
newenet
- Context Parameters
- Rule Name
Packet Buffer
2.36.35. nd_update_entry_request (ID: 06400060)
- Default Severity
- NOTICE
- Log Message
- ND cache entry <ipaddress> update from <oldenet> to <newenet> request. Dropping packet.
- Explanation
- A Neighbor Advertisement requests updating an entry in the Neighbor Discovery cache. Dropping packet.
- Firewall Action
- drop
- Recommended Action
- None
- Revision
- 1
- Parameters
- ipaddress
oldenet
newenet
- Context Parameters
- Rule Name
Packet Buffer
2.36.36. nd_broadcast_enet (ID: 06400061)
- Default Severity
- WARNING
- Log Message
- Neighbor Discovery packet ethernet destination is broadcast. Dropping
- Explanation
- The Neighbor Discovery packet ethernet destination is broadcast. Dropping packet.
- Firewall Action
- drop
- Recommended Action
- Verify that no faulty network equipment exists.
- Revision
- 1
- Context Parameters
- Rule Name
Packet Buffer
2.36.37. nd_dad_probe_unicast_dest (ID: 06400062)
- Default Severity
- WARNING
- Log Message
- Duplicate address probe with unicast destination address from <sendermac>. Dropping packet.
- Explanation
- The Neighbor Solicitation Duplicatge Address Probe packet destination IP address is not a multicast address. Dropping packet.
- Firewall Action
- drop
- Recommended Action
- Verify that no faulty network equipment exists.
- Revision
- 1
- Parameters
- sendermac
- Context Parameters
- Rule Name
Packet Buffer
2.36.38. nd_rs_unicast_target (ID: 06400063)
- Default Severity
- WARNING
- Log Message
- Router Solicitation destination address <destip> isn't multicast. Dropping
- Explanation
- The Router Solicitation destination IP address isn't a multicast address, this is illegal according to RFC4861. Dropping packet.
- Firewall Action
- drop
- Recommended Action
- Verify that no faulty network equipment exists.
- Revision
- 1
- Parameters
- destip
- Context Parameters
- Rule Name
Packet Buffer
2.36.39. nd_rs_illegal_option (ID: 06400064)
- Default Severity
- WARNING
- Log Message
- Router Solicitation packet contains an illegal option. Dropping
- Explanation
- The Router Solicitation packet contains a source link layer adderss option, this is illegal according to RFC4861. Dropping
packet.
- Firewall Action
- drop
- Recommended Action
- Verify that no faulty network equipment exists.
- Revision
- 1
- Context Parameters
- Rule Name
Packet Buffer
2.36.40. nd_ns_illegal_option (ID: 06400065)
- Default Severity
- WARNING
- Log Message
- Neighbor Solicitation packet contains an illegal option. Dropping
- Explanation
- The Neighbor Solicitation packet contains a source link layer adderss option, this is illegal according to RFC4861. Dropping
packet.
- Firewall Action
- drop
- Recommended Action
- Verify that no faulty network equipment exists.
- Revision
- 1
- Context Parameters
- Rule Name
Packet Buffer
2.36.41. nd_updated_entry (ID: 06400066)
- Default Severity
- NOTICE
- Log Message
- ND cache entry <ipaddress> updated from <oldenet> to <newenet>.
- Explanation
- A Neighbor Solicitation updated an entry in the Neighbor Discovery cache.
- Firewall Action
- allow
- Recommended Action
- None
- Revision
- 1
- Parameters
- ipaddress
oldenet
newenet
- Context Parameters
- Rule Name
Packet Buffer
2.36.42. nd_update_entry_request (ID: 06400067)
- Default Severity
- NOTICE
- Log Message
- ND cache entry <ipaddress> update from <oldenet> to <newenet> request. DPD old address.
- Explanation
- A Neighbor Solicitation requests updating an entry in the Neighbor Discovery cache. Performing Dead Peer Detection before
allowing changes.
- Firewall Action
- dpd_old_entry
- Recommended Action
- None
- Revision
- 1
- Parameters
- ipaddress
oldenet
newenet
- Context Parameters
- Rule Name
Packet Buffer
2.36.43. nd_update_entry_request (ID: 06400068)
- Default Severity
- NOTICE
- Log Message
- ND cache entry <ipaddress> update from <oldenet> to <newenet> request. Dropping packet.
- Explanation
- A Neighbor Solicitation requests updating an entry in the Neighbor Discovery cache. Dropping packet.
- Firewall Action
- drop
- Recommended Action
- None
- Revision
- 1
- Parameters
- ipaddress
oldenet
newenet
- Context Parameters
- Rule Name
Packet Buffer
2.36.44. nd_sol_multicast_dest_address (ID: 06400069)
- Default Severity
- WARNING
- Log Message
- Neighbor Discovery destination address <destip> is multicast but the solicited flag is set. Dropping
- Explanation
- The Neighbor Discovery destination IP address is a multicast address but the solicited flag is set, this is illegal according
to RFC4861. Dropping packet.
- Firewall Action
- drop
- Recommended Action
- Verify that no faulty network equipment exists.
- Revision
- 1
- Parameters
- destip
- Context Parameters
- Rule Name
Packet Buffer
2.36.45. nd_dad_probe_faulty_dest (ID: 06400070)
- Default Severity
- WARNING
- Log Message
- Duplicate address probe with faulty destination address from <sendermac>. Dropping packet.
- Explanation
- The Neighbor Solicitation Duplicatge Address Probe packet destination IP address is not a solicited node multicast address.
Dropping packet.
- Firewall Action
- drop
- Recommended Action
- Verify that no faulty network equipment exists.
- Revision
- 1
- Parameters
- sendermac
- Context Parameters
- Rule Name
Packet Buffer
2.36.46. nd_dupe_addr_detected (ID: 06400071)
- Default Severity
- WARNING
- Log Message
- Conflicting duplicate address probe received on <iface>. IPv6 disabled.
- Explanation
- The link-local EUI64-generated [iface] address is already occupied by another host in the network. Resolve the address conflict
by changing the ethernet address on the interface or on the conflicting host. IPv6 disabled.
- Firewall Action
- IPv6_Disabled
- Recommended Action
- Resolve the address conflict.
- Revision
- 1
- Parameters
- iface
- Context Parameters
- Rule Name
Packet Buffer
2.36.47. nd_dupe_addr_detected (ID: 06400072)
- Default Severity
- WARNING
- Log Message
- Duplicate address reply received on <iface>. IPv6 disabled.
- Explanation
- The link-local EUI64-generated [iface] address is already occupied by another host in the network. Resolve the address conflict
by changing the ethernet address on the interface or on the conflicting host. IPv6 disabled.
- Firewall Action
- IPv6_Disabled
- Recommended Action
- Resolve the address conflict.
- Revision
- 1
- Parameters
- iface
- Context Parameters
- Rule Name
Packet Buffer
2.36.48. more_ndoptcount (ID: 06400073)
- Default Severity
- WARNING
- Log Message
- Number of options more than ICMP6MaxOptND - <optcount>
- Explanation
- Received a packet with number of options more than ICMP6MaxOptND.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- optcount
- Context Parameters
- Rule Name
2.36.49. more_ndoptcount (ID: 06400074)
- Default Severity
- WARNING
- Log Message
- Number of options more than ICMP6MaxOptND - <optcount>
- Explanation
- Received a packet with number of options more than ICMP6MaxOptND.
- Firewall Action
- drop
- Recommended Action
- None
- Revision
- 1
- Parameters
- optcount
- Context Parameters
- Rule Name
2.36.50. nd_rd_missing_pi_option (ID: 06400075)
- Default Severity
- WARNING
- Log Message
- Router Advertisement is missing Prefix Information option. Ignoring
- Explanation
- The Router Advertisement packet is missing a Prefix Information option, it is needed for the system to auto-configure interface
network.
- Firewall Action
- drop
- Recommended Action
- Re-configure the advertising router.
- Revision
- 1
- Context Parameters
- Rule Name
Packet Buffer
2.36.51. router_discovered (ID: 06400076)
- Default Severity
- NOTICE
- Log Message
- Interface <iface> have successfully processed a Router Advertisement
- Explanation
- An interface have successfully processed a Router Advertisement.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- iface
router_ip
- Context Parameters
- Packet Buffer
2.36.52. ra_prefix (ID: 06400077)
- Default Severity
- NOTICE
- Log Message
- Interface <iface> have successfully processed a Router Advertisement Prefix Information option
- Explanation
- An interface have successfully processed a Router Advertisement Prefix Information option.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- iface
prefix
- Context Parameters
- Packet Buffer
2.36.53. router_cease (ID: 06400078)
- Default Severity
- NOTICE
- Log Message
- Router <ip> on interface <iface> is ceasing to be a router
- Explanation
- A router on the local network is ceasing to be a router.
- Firewall Action
- None
- Recommended Action
- None
- Revision
- 1
- Parameters
- iface
ip
- Context Parameters
- Packet Buffer
2.36.54. router_not_found (ID: 06400079)
- Default Severity
- NOTICE
- Log Message
- Unable to find router on interface <iface>
- Explanation
- The gateway has solicited the local network for a router but have not received a reply.
- Firewall Action
- None
- Recommended Action
- Check connection and router reachability.
- Revision
- 1
- Parameters
- iface
cOS Core 14.00.17 Log Reference Guide
