accept_ra=2 not consistently applied

[lennardk]

Bug Report

I'm not getting my ipv6 default routes through router advertisements, even though Talos is setting sys.net.ipv6.conf.default.accept_ra=2

Description and logs

My 'physical' (VM) interface is eth0. When enabling dhpv6 in the MachineConfig but not doing any specific configuration otherwise the potentially relevant values for it are:

root@worker2:/# sysctl net.ipv6.conf.all.accept_ra net.ipv6.conf.default.accept_ra net.ipv6.conf.eth0.accept_ra
net.ipv6.conf.all.accept_ra = 1
net.ipv6.conf.default.accept_ra = 2
net.ipv6.conf.eth0.accept_ra = 1

Empirically and some attempts at googling and reading Kernel sources lead me to believe that the all value is either irrelevant for accept_ra settings, or it gets ANDed and as such the effective value for eth0 is 1.
Notably, I've set all.accept_ra to 2, waited for a router advertisement to show up in tcpdump and observed no route being added.
While setting eth0.accept_ra to 2, waiting for a router advertisement in tcpdump does result in a default route being added.
I do not believe having dhcpv6 enabled or disabled in the MachineConfig is of any influence, but I haven't done extensive testing on this.
Manually configuring net.ipv6.conf.eth0.accept_ra: '2' in MC sysctls is a valid workaround in my environment.

Lastly, my current assumption is that the net.ipv6.conf.default.accept_ra that Talos does set does not apply to my eth0 because eth0 is probably present before this happens.

Environment

• Talos version:

Client:
	Tag:         v1.0.4
	SHA:         f6696063
	Built:
	Go version:  go1.17.7
	OS/Arch:     linux/amd64
Server:
	NODE:        192.168.169.24
	Tag:         v1.0.4
	SHA:         f6696063
	Built:
	Go version:  go1.17.7
	OS/Arch:     linux/amd64
	Enabled:

• Kubernetes version:

Client Version: v1.20.5
Server Version: v1.23.6

• Platform:
  metal (libvirt QEMU VM)

[Ulexus]

It shouldn't matter that eth0 is already present; router advertisements are not handled in a one-shot manner.
More data is better, regardless

[lennardk]

It shouldn't matter that eth0 is already present; router advertisements are not handled in a one-shot manner. More data is better, regardless

To clarify, I believe the default settings only get copied to new interfaces as they get created/discovered and as such don't apply to my eth0 as it predates the new default settings.

[Ulexus]

Oh, yes. I see what you're talking about now. Yes, that is quite correct.

[zargony]

FYI: Same here in my LAN which doesn't use dhcpv6 but SLAAC only. I need to set net.ipv6.conf.eth0.accept_ra: '2' in machineconfig, otherwise the IPv6 default route isn't set and hosts and pods don't have IPv6 internet access.

[maxpain]

Any updates?

[github-actions]

This issue is stale because it has been open 180 days with no activity. Remove stale label or comment or this will be closed in 7 days.

[zargony]

Still relevant here. I'm still setting net.ipv6.conf.eth0.accept_ra: '2' in machineconfigs, otherwise pods won't have IPv6 internet access.