In our production environment running GW 11 we run into ipv6 connectivity issues circa once a month. ipv6 arp request do not seem to work anymore making connections over ipv6 impossible.

Analyzing the root cause we noticed a sysctl setting which is different then the default. The Gateways seem to have this set to 0.

net.ipv6.conf.ssg_eth0.accept_ra = 0

We have the following questions:

• We would like to know why this is

• If we can set it to 1 the default without impact

• If you have encountered similar issues with ipv6

accept_ra - INTEGER

Accept Router Advertisements; autoconfigure using them. It also determines whether or not to transmit Router Solicitations. If and only if the functional setting is to accept Router Advertisements, Router Solicitations will be transmitted. Possible values are: 0 Do not accept Router Advertisements. 1 Accept Router Advertisements if forwarding is disabled. 2 Overrule forwarding behaviour. Accept Router Advertisements even if forwarding is enabled. Functional default: enabled if local forwarding is disabled. disabled if local forwarding is enabled.

When forwarding is disabled, accept_ra=1 means that it is the host and it should accept Router Advertisements and autoconfigure IPv6

When forwarding is enabled, accept_ra=1 is automatically treated as 0, since routers are not supposed to configure themselves from someone else’s RA.

Forwarding is disabled (i.e. /proc/sys/net/ipv6/conf/all/forwarding = 0), which is the expected behavior for the CA API Gateway appliance — it’s not a router, just a service host.

• Therefore:

  • With accept_ra = 0 → the appliance ignores all Router Advertisements.
    It won’t learn IPv6 default gateways or prefixes automatically.

  • With accept_ra = 1 → the appliance will accept Router Advertisements and learn:

    • The default route (from the RA),

    • Any on-link prefixes,

    • Possibly autoconfigured IPv6 addresses (SLAAC) if enabled.

So, if your network relies on RAs for IPv6 default routes (and not static routes), setting it to 0 would indeed break IPv6 connectivity, as the gateway would never learn where to send IPv6 traffic.

Since forwarding is off, changing this to 1 means:

• The system will start listening for RAs.

• It will automatically learn IPv6 default gateways and prefixes (if your network’s router sends them).

• No routing loops or conflicts should occur, because the system is not forwarding.

This is completely normal Linux host behavior.

For your API Gateway appliance (which acts as a host):
→ accept_ra = 1 is the correct, safe, and default setting.
→ Setting it to 0 can definitely break IPv6 network reachability if the gateway relies on RAs for its route.