On Sep 10, 2014, at 11:21 PM, Hiroki Sato <h...@freebsd.org> wrote: > Dan Langille <d...@langille.org> wrote > in <14e3a97c-4fcb-4a2c-b22f-3d0849cec...@langille.org>: > > da> IPv6 Tunnel Endpoints > da> Server IPv4 Address: 209.51.x.y > da> Server IPv6 Address: 2001:470:xx06:9ea::1/64 > da> Client IPv4 Address: 96.245.100.201 > da> Client IPv6 Address: 2001:470:xx06:9ea::2/64 > da> > da> Routed /64: 2001:470:xx07:9ea::/64 > da> > da> My /etc/rc.conf includes > da> > da> cloned_interfaces="gif0” > da> ifconfig_gif0="tunnel 96.245.100.201 209.51.x.y mtu 1480” > da> ifconfig_gif0_ipv6="inet6 2001:470:xx06:9ea::2 2001:470:xx06:9ea::1 > prefixlen 128" > da> ifconfig_em0_ipv6="inet6 2001:470:xx07:9ea:1::1” > da> ipv6_defaultrouter="2001:470:xx06:9ea::1" > da> ipv6_gateway_enable=“YES" > da> rtadvd_enable=“YES” > > The following line is enough for ifconfig_gif0_ipv6. A /128 > configuration works but ugly: > > -ifconfig_gif0_ipv6="inet6 2001:470:xx06:9ea::2 2001:470:xx06:9ea::1 > prefixlen 128" > +ifconfig_gif0_ipv6="inet6 2001:470:xx06:9ea::2/64" > > Or, you do not need to configure a client side global address in > subnet of the inter-router link if you use his endpoint as the > default router. Reducing the number of global addresses on a box is > healthy for packet filtering rule management: > > -ifconfig_gif0_ipv6="inet6 2001:470:xx06:9ea::2 2001:470:xx06:9ea::1 > prefixlen 128" > +ifconfig_gif0_ipv6="inet6 auto_linklocal" > -ipv6_defaultrouter="2001:470:xx06:9ea::1" > +ipv6_defaultrouter="-interface gif0" > > And if your box works as a router for subnet > 2001:470:xx07:9ea::/64, please add subnet-router anycast address. > This is mandatory in RFC: > > +ifconfig_em0_ipv6_alias0="inet6 2001:470:xx07:9ea::/64 anycast" > > I think HE's endpoint is properly configured. You can ping6 to > 2001:470:xx06:9ea:: from 2001:470:xx07:9ea:1::1.
I added in the anycast just now.
Before:
$ ifconfig re0
re0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE>
ether e0:cb:4e:24:f0:ff
inet 10.0.0.1 netmask 0xffffff00 broadcast 10.0.0.255
inet6 fe80::e2cb:4eff:fe42:f0ff%re0 prefixlen 64 scopeid 0x2
inet6 2001:470:xx07:9ea:1::1 prefixlen 64
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
media: Ethernet autoselect (1000baseT <full-duplex,master>)
status: active
# ifconfig re0 inet6 2001:470:xx07:9ea::/64 anycast alias
After:
$ ifconfig re0
re0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE>
ether e0:cb:4e:42:f0:ff
inet 10.0.0.1 netmask 0xffffff00 broadcast 10.0.0.255
inet6 fe80::e2cb:4eff:fe42:f0ff%re0 prefixlen 64 scopeid 0x2
inet6 2001:470:xx07:9ea:1::1 prefixlen 64
inet6 2001:470:xx07:9ea:: prefixlen 64 anycast
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
media: Ethernet autoselect (1000baseT <full-duplex,master>)
status: active
Then I manually configured my Macbook to have:
Router: 2001:470:xx07:9ea:1::1
IPv6 Address: 2001:470:xx07:9ea:1::1111
Prefix length: 64
$ ifconfig gif0
gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1480
tunnel inet 96.245.xx.yy --> 209.51.161.14
inet6 fe80::21b:21ff:fe51:ab2d%gif0 prefixlen 64 scopeid 0xd
inet6 2001:470:xx06:9ea::2 --> 2001:470:xx06:9ea::1 prefixlen 128
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
options=1<ACCEPT_REV_ETHIP_VER>
Let’s see how this goes.
signature.asc
Description: Message signed with OpenPGP using GPGMail
