IPv6 tunnel problem

Fri, 15 Apr 2011 00:04:18 -0700 

Hi all,

I'm having some trouble with my IPv6 tunnel lately (net/gateway6 port).

I'm running revision 220613.
The tunnel runs fine on 8.2, I can ping6 ipv6.google.com from all interfaces using all IPv6 addresses. Route Advertisements are sent, Linux Machines, Mac OS X machiens and FreeBSD 8.2/8.1 machines are all receiveing the advertisements and are able to ping and use the IPv6 network.
On the machines running CURRENT anyhow, route advertisements don't work. They arrive at the interface, but nothing happens. If i set up an IPv6 address and route by hand, I don't get anywhere, as it's permanently marked as "tentative", and trying to use that address as source address in ping6 results in: 

ping6: bind: Can't assign requested address
This brings me to my main problem: the tunnel. If I set up a tunnel on a CURRENT machine, the tunnel gets set up (because it's IPv4) but the IPv6 part does not work. I'm not able to send pings (which means KEEPALIVES are not sent either), so it just doesn't work.
I'm using IPv6 in UDP over IPv4 tunneling, as that's what I use on the 8.2 machine as well.
The error when trying to ping on the CURRENT machine where the tunnel runs( for the short period the tunnel is up) is: 

ping6: sendmsg: Network is down
Route advertisements are not sent either, as again, the IPv6 address assigned to the interface by the tunnel is marked as tentative, so rtadvd refuses to work. 

Something is badly broken with IPv6 and/or NDP.

More info about the systems:

Interfaces in use on the machines running CURRENT:

bge0 and em0

Interfaces on the working 8.2 machine:

fxp0 and em0

sysctls on the broken machines when in router mode:

net.inet6.ip6.forwarding: 1
net.inet6.ip6.redirect: 1
net.inet6.ip6.hlim: 64
net.inet6.ip6.maxfragpackets: 6400
net.inet6.ip6.accept_rtadv: 0
net.inet6.ip6.keepfaith: 0
net.inet6.ip6.log_interval: 5
net.inet6.ip6.hdrnestlimit: 15
net.inet6.ip6.dad_count: 1
net.inet6.ip6.auto_flowlabel: 1
net.inet6.ip6.defmcasthlim: 1
net.inet6.ip6.gifhlim: 30
net.inet6.ip6.kame_version: FreeBSD
net.inet6.ip6.use_deprecated: 1
net.inet6.ip6.rr_prune: 5
net.inet6.ip6.v6only: 1
net.inet6.ip6.rtexpire: 3600
net.inet6.ip6.rtminexpire: 10
net.inet6.ip6.rtmaxcache: 128
net.inet6.ip6.use_tempaddr: 0
net.inet6.ip6.temppltime: 86400
net.inet6.ip6.tempvltime: 604800
net.inet6.ip6.auto_linklocal: 1
net.inet6.ip6.prefer_tempaddr: 0
net.inet6.ip6.use_defaultzone: 0
net.inet6.ip6.maxfrags: 6400
net.inet6.ip6.mcast_pmtu: 0
net.inet6.ip6.mcast.loop: 1
net.inet6.ip6.mcast.maxsocksrc: 128
net.inet6.ip6.mcast.maxgrpsrc: 512
security.jail.param.ip6.saddrsel: 0
security.jail.param.ip6.: 0

on the working machine router mode:

net.inet6.ip6.forwarding: 1
net.inet6.ip6.redirect: 1
net.inet6.ip6.hlim: 64
net.inet6.ip6.maxfragpackets: 6400
net.inet6.ip6.accept_rtadv: 0
net.inet6.ip6.keepfaith: 0
net.inet6.ip6.log_interval: 5
net.inet6.ip6.hdrnestlimit: 15
net.inet6.ip6.dad_count: 1
net.inet6.ip6.auto_flowlabel: 1
net.inet6.ip6.defmcasthlim: 1
net.inet6.ip6.gifhlim: 30
net.inet6.ip6.kame_version: FreeBSD
net.inet6.ip6.use_deprecated: 1
net.inet6.ip6.rr_prune: 5
net.inet6.ip6.v6only: 1
net.inet6.ip6.rtexpire: 3600
net.inet6.ip6.rtminexpire: 10
net.inet6.ip6.rtmaxcache: 128
net.inet6.ip6.use_tempaddr: 0
net.inet6.ip6.temppltime: 86400
net.inet6.ip6.tempvltime: 604800
net.inet6.ip6.auto_linklocal: 1
net.inet6.ip6.prefer_tempaddr: 0
net.inet6.ip6.use_defaultzone: 0
net.inet6.ip6.maxfrags: 6400
net.inet6.ip6.mcast_pmtu: 0
net.inet6.ip6.mcast.loop: 1
net.inet6.ip6.mcast.maxsocksrc: 128
net.inet6.ip6.mcast.maxgrpsrc: 512

If they're not routers:

net.inet6.ip6.forwarding: 0
net.inet6.ip6.redirect: 0
net.inet6.ip6.accept_rtadv: 1

And on the interfaces

ifconfig em0 inet6 accept_rtadv

And finally I have a question:

Why is there a net.inet6.ip6.accept_rtadv sysctl?
If we have to enable/disable route advertisements per interface, this sysctl shouldn't be there at all. Immagine a system (like mine) where you have multiple interfaces, and which acts as IPv6 router amongst other stuff.
Shouldn't you be able to deactivate route advertisements on one interface, which is where route advertisements are sent from, but enable it on the other ones, so you don't need to statically configure them? If there's a sysctl, you'll disable and enable route advertisements for the whole machine, so the per interface stuff is useless, or am I wrong? 

Mat
_______________________________________________
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Reply via email to