I forgot to mention the post I was referring to on the forums:
https://forums.freebsd.org/threads/fibs-with-ipv6.95984/ On Apr 19, 2025, at 7:36 PM,
Paige Thompson <pa...@paige.bio> wrote: Hey yall, I came across a thread today
on the forum regarding an issue with trying to get IPv6 to work on something like a
epair interface, I'm having the same issue myself when one end of the epair is
assigned to a FIB that differs from the other. I replied to this thread, but it's
pending mod. In any case I glossed over the tests of this in
/usr/src/tests/sys/netinet6/ndp.sh and proxy_ndp.sh but nothing about them would lead
me to believe that they're also testing with a FIB, nothing in the man page would
lead me to believe that FIBs have ever been considered with regards to NDP either.
IPv4 works fine, I can assign a /31 to both ends of the epair with one interface
using a different FIB from the other and both are able to reach each other end to
end, and also looking at a packet dump seemed to confirm that with IPv4 ARP is
working correctly. I thought I was going crazy for a minute because I remember this
exact configuration (or something nearly identical at least) worked for me on
OpenBSD. Linux is another story but as I recall if you don't factor in the problems
that netfilter adds (like trying to use ct_zones as an after thought for coalescing
the identity of a VRF from fwmark) I recall this at least worked as one would expect.
I don't really see anything in the git log about FIB for NDP, thing is I can probably
create a static NDP entry and make this work, will have to try later but I'm just
wondering if maybe this just got overlooked. setfib would seem to be older than NDP
but I don't know... looking at ndp.c I'm very unfamiliar with it but it does look
like it's querying routing tables at certain points. I'll try turning on debugverbose
later and see if anything comes up but I just wanted to mention this just in case
this stands out to anybody. Thanks -Paige
