On Mar 13, 2013, at 2:10 PM, Schrodinger <schrodin...@konundrum.org> wrote:
> On 2013/03/13 14:02, Fleuriot Damien wrote: >> >> On Mar 13, 2013, at 1:52 PM, Schrodinger <schrodin...@konundrum.org> wrote: >> >>> On 2013/03/13 12:27, Mark Martinec wrote: >>> >>> Hi Mark, >>> >>>> On Wednesday March 13 2013 10:17:27 Schrodinger wrote: >>>>> ifconfig_re0_ipv6="inet6 2001:41D0:2:E7c4::1 prefixlen 64" >>>>> [...] >>>>> Voodoo, indeed... I'm sure there's a /48 used somewhere but to be more >>>>> specific, or rather obvious, my default gateway resides at the boundary >>>>> of a /56 - 2001:41D0:2:E700::/56 >>>> >>>> Having multiple IPv6 subnets on the same wire is asking for trouble. >>>> >>> >>> This isn't my network so I don't have any input into the matter. This >>> is the OVH configuration for their dedicated servers, at least in my >>> product range. >>> >>>> For example, I believe an ICMP redirect still (in 9.1) does not create >>>> a temporary route: >>>> http://www.freebsd.org/cgi/query-pr.cgi?pr=152791 >>>> which beat us hard time (random unreachability between hosts), >>>> having to rearrange that legacy segment which happened to have >>>> two subnets on the same wire. >>>> >>>> The static routes destinations must be directly reachable (on-link). >>>> >>> >>> Does adding the interface route not put the default gateway on-link >>> though ? >>> >>>> Either use a single /56 for the whole LAN, adjusting the prefix >>>> length on each interface, or provide a router within each subnet. >>>> >>> >>> If I am to change my prefix length to /56 this means that anyone else in >>> that /56 who is configured with a prefix length of 64 will be routing to >>> me and I will be swicthing to them.... This could cause problems. >> >> >> I fail to see how they would be routing to you and you would be switching to >> them. >> >> >> OVH allocates a /64 per customer. >> To avoid having to setup 1 gateway per customer, they set up a single one >> within a /56 , allowing for 256 /64s >> This mimics the situation where your host gives you a /32 ipv4 withing a /24 >> network and uses a single gateway, again for 250ish customers. >> >> Whenever an IPv6 packet arrives on OVH's router for your /64, it is routed >> to your server. >> I don't see how this qualifies as "another customer routing to you" ? >> > > I am informed that I must configure my interface to /64 by OVH. The same > as everyone else. So if everyone was on a /64 then we will send packets > to each other via our shared default gateway. > > E.g.: > > I am 2001:41d0:2:e7c4::1/64 My default gateway is > 2001:41d0:2:e7ff:ff:ff:ff:ff > > If I wanted to communicate with a host in 2001:41d0:2:e7c5::/64 and his > default gateway is also 2001:41d0:2:e7ff:ff:ff:ff:ff then we will route > packets to each other. > > Correct? > > If I were to change my interface prefix length to /56 my host would no > longer consider the need to send packets to the default gateway for any > host within this /56. I would simply perform Neighbour Solicitation on > my link. > > E.g.: > > I am 2001:41d0:2:e7c4::1/56 My default gateway is > 2001:41d0:2:e7ff:ff:ff:ff:ff > > If I wanted to communicate with a host in 2001:41d0:2:e7c5::/64 and his > default gateway is also 2001:41d0:2:e7ff:ff:ff:ff:ff then I would switch > to him because the /56 is "on-link" to me but to the recipient he must > route to me via his default gateway. > > Correct? > > C. > -- These are indeed correct, thanks for clarifying. Find below the config I'm using on an old OVH box. Said config might be outdated now (as per OVH's guide on setting up IPv6 [1]) , however that was at the time the only way to get things working properly. rc.conf === #Range IPv6: 2001:41D0:2:613b::/64 ipv6_enable="YES" ipv6_ifconfig_re0="fe80::21c:c0ff:fef3:31fa/64 scopeid 0x1" ipv6_ifconfig_re0_alias0="2001:41d0:2:613b::dead:beef/56" ipv6_defaultrouter="2001:41d0:2:61ff:ff:ff:ff:ff" === routing table === $ netstat -f inet6 -rn Routing tables Internet6: Destination Gateway Flags Netif Expire ::/96 ::1 UGRS lo0 => default 2001:41d0:2:61ff:ff:ff:ff:ff UGS re0 ::1 ::1 UH lo0 ::ffff:0.0.0.0/96 ::1 UGRS lo0 2001:41d0:2:6100::/56 link#1 U re0 2001:41d0:2:613b::dead:beef link#1 UHS lo0 fe80::/10 ::1 UGRS lo0 fe80::%re0/64 link#1 U re0 fe80::21c:c0ff:fef3:31fa%re0 link#1 UHS lo0 fe80::%lo0/64 link#2 U lo0 fe80::1%lo0 link#2 UHS lo0 ff01:1::/32 fe80::21c:c0ff:fef3:31fa%re0 U re0 ff01:2::/32 ::1 U lo0 ff02::/16 ::1 UGRS lo0 ff02::%re0/32 fe80::21c:c0ff:fef3:31fa%re0 U re0 ff02::%lo0/32 ::1 U lo0 === Notice that said config actually works: === $ ping6 www.google.com PING6(56=40+8+8 bytes) 2001:41d0:2:613b::dead:beef --> 2a00:1450:4007:804::1014 16 bytes from 2a00:1450:4007:804::1014, icmp_seq=0 hlim=57 time=4.461 ms 16 bytes from 2a00:1450:4007:804::1014, icmp_seq=1 hlim=57 time=4.462 ms 16 bytes from 2a00:1450:4007:804::1014, icmp_seq=2 hlim=57 time=4.405 ms ^C --- www.google.com ping6 statistics --- 3 packets transmitted, 3 packets received, 0.0% packet loss round-trip min/avg/max/std-dev = 4.405/4.443/4.462/0.027 ms === Either way, you might want to have a look at OVH's guide [1] but in my own case, using a /56 was, at the time, the only way to get things working in a clean way. [1] http://help.ovh.com/Ipv4Ipv6#link10 _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
