Sorry, this machine is running 4.4 and I'm unable to upgrade it to
current, since I only have remote access to it.
My goal is to have operational ipv6 tunnel. Whenever appropriate gif0 is
created and default route through it is added, ipv6 traffic is not
allowed out.
As far as I understand, there must be a state, which will allow ipv6
traffic out. this state is never created as seen by 'loud' level:
Apr 6 00:19:50 D2710 /bsd: pf: stack key attach failed on all: 41 out
wire: 209.51.181.2 12.158.188.186 stack: 209.51.181.2 12.158.188.186 1:0
Apr 6 00:19:51 D2710 /bsd: pf: stack key attach failed on all: 41 out
wire: 209.51.181.2 12.158.188.186 stack: 209.51.181.2 12.158.188.186 1:0
whereas, a state should be created by this rule:
pass out quick inet from any to 209.51.181.2
traffic on gif0 is skipped, but it shouldn't matter
I don't want to paste the whole pf.conf on a public mailing list; it
will be provided on request
Here are the details:
# cat /etc/hostname.gif0
tunnel 12.158.188.186 209.51.181.2
!ifconfig gif0 inet6 alias 2001:470:1f10:754::2 2001:470:1f10:754::1
prefixlen 128
!route -n add -inet6 default 2001:470:1f10:754::1
--
gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1280
groups: gif
physical address inet 12.158.188.186 --> 209.51.181.2
inet6 fe80::20b:6aff:fea9:185a%gif0 -> prefixlen 64 scopeid 0x9
inet6 2001:470:1f10:754::2 -> 2001:470:1f10:754::1 prefixlen 128
Routing tables
Internet:
Destination Gateway Flags Refs Use Mtu Prio Iface
default 12.158.188.1 UGS 13 2435489 - 48 vr0
12.158.188/24 link#1 UC 2 0 - 48 vr0
12.158.188.1 00:07:84:46:74:0a UHLc 1 1 - 48 vr0
12.158.188.186 00:0b:6a:a9:18:5a UHLc 2 3138 - 48 lo0
127/8 127.0.0.1 UGRS 0 0 33204 48 lo0
127.0.0.1 127.0.0.1 UH 3 88114 33204 48 lo0
224/4 127.0.0.1 URS 0 0 33204 48 lo0
Internet6:
Destination Gateway Flags Refs
Use Mtu Prio Iface
::/104 ::1 UGRS 0
0 - 48 lo0
::/96 ::1 UGRS 0
0 - 48 lo0
default 2001:470:1f10:754::1 UGS 1
5817 - 48 gif0
::1 ::1 UH 14
0 33204 48 lo0
::127.0.0.0/104 ::1 UGRS 0
0 - 48 lo0
::224.0.0.0/100 ::1 UGRS 0
0 - 48 lo0
::255.0.0.0/104 ::1 UGRS 0
0 - 48 lo0
::ffff:0.0.0.0/96 ::1 UGRS 0
0 - 48 lo0
2001:470:1f10:754::1 2001:470:1f10:754::2 UH 1
0 - 48 gif0
2001:470:1f10:754::2 link#9 UHL 1
0 - 48 lo0
2002::/24 ::1 UGRS 0
0 - 48 lo0
2002:7f00::/24 ::1 UGRS 0
0 - 48 lo0
2002:e000::/20 ::1 UGRS 0
0 - 48 lo0
2002:ff00::/24 ::1 UGRS 0
0 - 48 lo0
fe80::/10 ::1 UGRS 4
0 - 48 lo0
fe80::%vr0/64 link#1 UC 0
0 - 48 vr0
fe80::20b:6aff:fea9:185a%vr0 00:0b:6a:a9:18:5a UHL 0
0 - 48 lo0
fe80::%lo0/64 fe80::1%lo0 U 0
0 - 48 lo0
fe80::1%lo0 link#3 UHL 0
0 - 48 lo0
fe80::%gif0/64 link#9 UC 0
0 - 48 gif0
fe80::20b:6aff:fea9:185a%gif0 link#9 UHL 0
0 - 48 lo0
fec0::/10 ::1 UGRS 0
0 - 48 lo0
ff01::/16 ::1 UGRS 0
0 - 48 lo0
ff01::%vr0/32 link#1 UC 0
0 - 48 vr0
ff01::%lo0/32 ::1 UC 0
0 - 48 lo0
ff01::%gif0/32 link#9 UC 0
0 - 48 gif0
ff02::/16 ::1 UGRS 4
0 - 48 lo0
ff02::%vr0/32 link#1 UC 0
0 - 48 vr0
ff02::%lo0/32 ::1 UC 0
0 - 48 lo0
ff02::%gif0/32 link#9 UC 0
0 - 48 gif0
Encap:
Source Port Destination Port Proto
SA(Address/Proto/Type/Direction)
10.10.11.0/28 0 default 25 6 xxx.xxx.5.108/esp/use/in
default 25 10.10.11.0/28 0 6
xxx.xxx.5.108/esp/require/out
10.10.10.0/29 0 default 0 0 xxx.xxx.5.108/esp/use/in
default 0 10.10.10.0/29 0 0
xxx.xxx.5.108/esp/require/out
10.10.11.8/32 0 default 19122 6 xxx.xxx.5.108/esp/use/in
default 19122 10.10.11.8/32 0 6
xxx.xxx.5.108/esp/require/out
OpenBSD 4.4 (GENERIC) #1021: Tue Aug 12 17:16:55 MDT 2008
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: AMD Sempron(tm) 2400+ ("AuthenticAMD" 686-class, 256KB L2 cache) 1.67 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE
real mem = 469266432 (447MB)
avail mem = 445194240 (424MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 07/19/04, BIOS32 rev. 0 @ 0xfdac0, SMBIOS
rev. 2.3 @ 0xf0630 (27 entries)
bios0: vendor American Megatrends Inc. version "P1.30" date 07/19/2004
acpi0 at bios0: rev 0
acpi0: tables DSDT FACP APIC
acpi0: wakeup devices UAR1(S4) USB1(S4) USB2(S4) USB3(S4) EHCI(S4) PS2M(S4)
PS2K(S4) AC9_(S4) MC9_(S4) ILAN(S4) PCI0(S4) SLPB(S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpiprt0 at acpi0: bus 0 (PCI0)
acpicpu0 at acpi0
acpibtn0 at acpi0: PWRB
acpibtn1 at acpi0: SLPB
bios0: ROM list: 0xc0000/0xe600 0xcee00/0x1800
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "VIA VT8378 PCI" rev 0x00
ppb0 at pci0 dev 1 function 0 "VIA VT8377 AGP" rev 0x00
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 "VIA VT8378 VGA" rev 0x01
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
agp0 at vga1: v3, aperture at 0xe0000000, size 0xe800000
drm at vga1 unsupported
uhci0 at pci0 dev 16 function 0 "VIA VT83C572 USB" rev 0x80: irq 11
uhci1 at pci0 dev 16 function 1 "VIA VT83C572 USB" rev 0x80: irq 3
uhci2 at pci0 dev 16 function 2 "VIA VT83C572 USB" rev 0x80: irq 5
ehci0 at pci0 dev 16 function 3 "VIA VT6202 USB" rev 0x82: irq 10
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 "VIA EHCI root hub" rev 2.00/1.00 addr 1
viapm0 at pci0 dev 17 function 0 "VIA VT8235 ISA" rev 0x00
iic0 at viapm0
spdmem0 at iic0 addr 0x50: 512MB DDR SDRAM non-parity PC3200CL2.5
pciide0 at pci0 dev 17 function 1 "VIA VT82C571 IDE" rev 0x06: ATA133, channel
0 configured to compatibility, channel 1 configured to compatibility
wd0 at pciide0 channel 0 drive 0: <SAMSUNG SP0411N>
wd0: 16-sector PIO, LBA48, 38204MB, 78242976 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5
pciide0: channel 1 disabled (no drives)
vr0 at pci0 dev 18 function 0 "VIA RhineII-2" rev 0x74: irq 11, address
00:0b:6a:a9:18:5a
ukphy0 at vr0 phy 1: Generic IEEE 802.3u media interface, rev. 10: OUI
0x004063, model 0x0032
usb1 at uhci0: USB revision 1.0
uhub1 at usb1 "VIA UHCI root hub" rev 1.00/1.00 addr 1
usb2 at uhci1: USB revision 1.0
uhub2 at usb2 "VIA UHCI root hub" rev 1.00/1.00 addr 1
usb3 at uhci2: USB revision 1.0
uhub3 at usb3 "VIA UHCI root hub" rev 1.00/1.00 addr 1
isa0 at mainbus0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: <PC speaker>
spkr0 at pcppi0
wbsio0 at isa0 port 0x2e/2: W83697HF rev 0x12
lm1 at wbsio0 port 0x290/8: W83697HF
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
biomask fdfd netmask fdfd ttymask ffff
mtrr: Pentium Pro MTRR support
softraid0 at root
root on wd0a swap on wd0b dump on wd0b
