On Sat, 5 Jul 2025 02:56:11 -0400
Geoff Steckel wrote:
> On 7/5/25 12:18 AM, Mike Fischer wrote:
> >> Am 04.07.2025 um 22:08 schrieb Geoff Steckel:
> >>
> >> Can anyone point me at a reference/discussion for ipv6 server addressing?
> >>
> >> rad(8) & slaacd(8) work well for clients.
> >>
> >> I h
> Am 05.07.2025 um 08:56 schrieb Geoff Steckel :
>
> On 7/5/25 12:18 AM, Mike Fischer wrote:
>>> Am 04.07.2025 um 22:08 schrieb Geoff Steckel :
>>>
>>> Can anyone point me at a reference/discussion for ipv6 server addressing?
>>>
>>> rad(8) & slaacd(8) work well for clients.
>>>
>>> I have Op
> Am 05.07.2025 um 07:59 schrieb Crystal Kolipe :
>
> On Sat, Jul 05, 2025 at 06:18:18AM +0200, Mike Fischer wrote:
>> BTW: The correct prefix for ULA is fc00::/7 (RFC 4193, RFC 8190).
>
> Technically yes, the prefix is specified as fc00::/7, but bit 7 is supposed
> to be set to 1 which effecti
On 7/5/25 12:18 AM, Mike Fischer wrote:
Am 04.07.2025 um 22:08 schrieb Geoff Steckel:
Can anyone point me at a reference/discussion for ipv6 server addressing?
rad(8) & slaacd(8) work well for clients.
I have OpenBSD servers with IPv4 addresses including local DNS for them.
I would like to all
On 2025-07-05 06:18 +02, Mike Fischer wrote:
>> Am 04.07.2025 um 22:08 schrieb Geoff Steckel :
>>
>> Can anyone point me at a reference/discussion for ipv6 server addressing?
>>
>> rad(8) & slaacd(8) work well for clients.
>>
>> I have OpenBSD servers with IPv4 addresses including local DNS for
On Sat, Jul 05, 2025 at 06:18:18AM +0200, Mike Fischer wrote:
> BTW: The correct prefix for ULA is fc00::/7 (RFC 4193, RFC 8190).
Technically yes, the prefix is specified as fc00::/7, but bit 7 is supposed
to be set to 1 which effectively makes the prefix in practice fd00::/8.
I.E.
F C
110
> Am 04.07.2025 um 22:08 schrieb Geoff Steckel :
>
> Can anyone point me at a reference/discussion for ipv6 server addressing?
>
> rad(8) & slaacd(8) work well for clients.
>
> I have OpenBSD servers with IPv4 addresses including local DNS for them.
> I would like to allow naive clients to conne
> On 5 Jul 2025, at 06:08, Geoff Steckel wrote:
>
> Can anyone point me at a reference/discussion for ipv6 server addressing?
>
> rad(8) & slaacd(8) work well for clients.
>
> I have OpenBSD servers with IPv4 addresses including local DNS for them.
> I would like to allow naive clients to co
On Sun, Jan 19, 2025 at 09:24:15PM +0100, Willy Manga wrote:
> > myhost.com $ cat /etc/hostname.vio0
> > inet aaa.bbb.ccc.ddd/22
> > inet6 2a03:::::1
>
> Where is the mask of your IPv6 address?
> Is it a typo while you were redacting this file?
Yes, it's default /64, like this:
inet6
Hi,
On 19/01/2025 00:36, Chris Narkiewicz wrote:
I have a VPS in Netcup (german budget provider).
[...]
myhost.com $ cat /etc/hostname.vio0
inet aaa.bbb.ccc.ddd/22
inet6 2a03:::::1
Where is the mask of your IPv6 address? Is it a typo while you were
redacting this file?
--
Willy
Am 14.10.2024 um 17:47 schrieb Chris Ross:
On 2024-09-10 19:20:13, Thomas Bohl wrote:
I used https://aloof.de/f/IPv6Aliases-en.sh for many years.
HTH
Apologies that I missed this earlier, Thomas. I took a look at this now,
and it does do very much what I want. I have been trying to find s
> On Oct 14, 2024, at 00:39, Mike Fischer wrote:
>>
>>
>> Obviously, polling is an option, but I’d rather be notified by the kernel
>> when I need to.
>
> I think the suggestion made by Florian Obser earlier in this thread makes a
> lot of sense.
>
> And if you want to get away from scrip
> On 2024-09-10 19:20:13, Thomas Bohl wrote:
> I used https://aloof.de/f/IPv6Aliases-en.sh for many years.
> HTH
Apologies that I missed this earlier, Thomas. I took a look at this now,
and it does do very much what I want. I have been trying to find something
event-based, rather than pollin
> Am 14.10.2024 um 04:58 schrieb Chris Ross :
>
>
>
>> On Sep 3, 2024, at 16:48, Chris Ross wrote:
>>>
>>>
>>> On Sep 3, 2024, at 10:28, Mike Fischer wrote:
>>>
>>> There are two parts to this:
>>> - The IPv6 prefix.
>>> - The IID.
>>>
>>> The changes of the IPv6 prefix are generally tri
> On Sep 3, 2024, at 16:48, Chris Ross wrote:
>> On Sep 3, 2024, at 10:28, Mike Fischer wrote:
>>
>> There are two parts to this:
>> - The IPv6 prefix.
>> - The IID.
>>
>> The changes of the IPv6 prefix are generally triggered from the outside
>> (Internet provider). So here some mechanism t
Am 02.09.2024 um 22:21 schrieb Chris Ross:
I’m trying to move from a static IPv6 network to a dynamic allocation from an
ISP. The hard part is that some of my hosts have secondary addresses for
specific services to use. I need to find a way to listen to router adverts
but then manually add an a
> Am 03.09.2024 um 17:45 schrieb Florian Obser :
>
> route -n monitor -inet6 | fgrep -A2 RTM_NEWADDR
Very interesting! Thank you!
I looked at the output of `route -n monitor -inet6` as there seems to be no
documentation for what that looks like. And my Internet provider obliged me
with a sho
> On Sep 3, 2024, at 10:28, Mike Fischer wrote:
>
> There are two parts to this:
> - The IPv6 prefix.
> - The IID.
>
> The changes of the IPv6 prefix are generally triggered from the outside
> (Internet provider). So here some mechanism to notify about changes would be
> nice.
>
> Note that
On 2024-09-03 16:28 +02, Mike Fischer wrote:
> Note that I am not advocating for slaacd to directly execute arbitrary
> scripts. But maybe an (optional) service that can be notified by
> slaacd would allow slaacd to stay secure, stable and compact while
> still providing proactive notification ins
> Am 03.09.2024 um 16:28 schrieb Mike Fischer :
>
> Just complicate things even more, how do you handle routing? If your host
> gets multiple public/routable prefixes, your default route will still point
> to only one of the routers. So might need to deal with incoming packets from
> router A
> Am 03.09.2024 um 04:51 schrieb Chris Ross :
>
>
>
>> On Sep 2, 2024, at 18:30, Mike Fischer wrote:
>>
>> To my knowledge there is no mechanism or hook to trigger when the public
>> IPv6 prefix changes. (It would be nice to have such a mechanism though.)
>
> Yeah. I see rtsold has a coup
On 2024-09-02, Chris Ross wrote:
> I’m trying to move from a static IPv6 network to a dynamic allocation from an
> ISP. The hard part is that some of my hosts have secondary addresses for
> specific services to use. I need to find a way to listen to router adverts
> but then manually add an alia
On 2024-09-02 22:51 -04, Chris Ross wrote:
> Yeah. I see rtsold has a couple scripts it knows how to run, so that is a
> place. But having a hook in slaacd(8) (or somewhere else?) would be nice.
Not going to happen.
engine.c: if (pledge("stdio", NULL) == -1)
frontend.c:
> On Sep 2, 2024, at 18:30, Mike Fischer wrote:
>
> To my knowledge there is no mechanism or hook to trigger when the public IPv6
> prefix changes. (It would be nice to have such a mechanism though.)
Yeah. I see rtsold has a couple scripts it knows how to run, so that is a
place. But havin
On 9/2/24 16:21, Chris Ross wrote:
I’m trying to move from a static IPv6 network to a dynamic allocation from an
ISP. The hard part is that some of my hosts have secondary addresses for
specific services to use. I need to find a way to listen to router adverts
but then manually add an alias wit
> Am 02.09.2024 um 22:21 schrieb Chris Ross :
>
> I’m trying to move from a static IPv6 network to a dynamic allocation from an
> ISP. The hard part is that some of my hosts have secondary addresses for
> specific services to use. I need to find a way to listen to router adverts
> but then man
Am 23.06.2024 um 19:50 schrieb Thomas Bohl:
The router doesn't have a valid NDP entry. It has a NDP entry for an
address ifconfig says is deprecated. If I force the use of this
deprecated address with "ping -I" the response are received.
I have to verify if it always stops if pltime reaches ze
Am 23.06.2024 um 19:05 schrieb Crystal Kolipe:
On Sun, Jun 23, 2024 at 06:42:10PM +0200, Thomas Bohl wrote:
(The log-output is indistinguishable from when it is working.) Yet I don't
see them arriving with tcpdump:
# tcpdump -n -i vio0 ip6
tcpdump: listening on vio0, link-type EN10MB
18:29:38.7
On Sun, Jun 23, 2024 at 06:42:10PM +0200, Thomas Bohl wrote:
> (The log-output is indistinguishable from when it is working.) Yet I don't
> see them arriving with tcpdump:
>
> # tcpdump -n -i vio0 ip6
> tcpdump: listening on vio0, link-type EN10MB
> 18:29:38.703181 fe80::be24:11ff:fe10:5272.46404
Maybe I should let slaacd run in the foreground till IPv6 stops working
and see if that give out clues.
The output of slaacd looks completely normal. Like this over and over again:
ICMPv6 type(134), code(0) from fe80::2a0:57ff:fe3a:ac77%vio0 of length 112
update_iface_ra_dfr, dfr state: PROPOSA
Sorry for top post.
Are you doing any filtering of ICMP6 with PF?
I don't think so, it is the standard rule set:
# pfctl -s rules
block return all
pass all flags S/SA
block return in on ! lo0 proto tcp from any to any port 6000:6010
block return out log proto tcp all user = 55
block return out
Sorry for top post.
Are you doing any filtering of ICMP6 with PF? I assume your router is also
doing rad to hand out slaac to clients?
Jason.
Sent from my iPhone
> On 23 Jun 2024, at 2:27 AM, Thomas Bohl wrote:
>
> Hello,
>
> I'm using ULAs for my local IPv6 networks. The hosts have inter
On 2024 Jun 04 (Tue) at 12:46:11 +0300 (+0300), Kapetanakis Giannis wrote:
:
:On 04/06/2024 11:59, Stuart Henderson wrote:
:> On 2024-06-04, Kapetanakis Giannis wrote:
:>> On 04/06/2024 08:50, jrmu wrote:
: When you manage a hypervisor, using only 1x/64 is less than ideal. It's
just
: not
On 04/06/2024 11:59, Stuart Henderson wrote:
> On 2024-06-04, Kapetanakis Giannis wrote:
>> On 04/06/2024 08:50, jrmu wrote:
When you manage a hypervisor, using only 1x/64 is less than ideal. It's
just
not enough because you can have more than 1 'type of usage'. I always
req
Hi,
On 04/06/2024 09:50, jrmu wrote:
When you manage a hypervisor, using only 1x/64 is less than ideal. It's just
not enough because you can have more than 1 'type of usage'. I always
request at least 1x/56.
Thanks. I spoke with the ISP and he gave me a larger subnet,
2602:fccf:4::/48, I've be
On 2024-06-04, Kapetanakis Giannis wrote:
> On 04/06/2024 08:50, jrmu wrote:
>>> When you manage a hypervisor, using only 1x/64 is less than ideal. It's just
>>> not enough because you can have more than 1 'type of usage'. I always
>>> request at least 1x/56.
>> Thanks. I spoke with the ISP and he
On 04/06/2024 08:50, jrmu wrote:
>> When you manage a hypervisor, using only 1x/64 is less than ideal. It's just
>> not enough because you can have more than 1 'type of usage'. I always
>> request at least 1x/56.
> Thanks. I spoke with the ISP and he gave me a larger subnet,
>
> 2602:fccf:4::/48, I
> When you manage a hypervisor, using only 1x/64 is less than ideal. It's just
> not enough because you can have more than 1 'type of usage'. I always
> request at least 1x/56.
Thanks. I spoke with the ISP and he gave me a larger subnet,
2602:fccf:4::/48, I've been experimenting it by manually ad
On 2024/05/21 20:30, jrmu wrote:
> Greetings,
>
> > > I also don't control the entire /48.
> > >
> > > Here is the information I was given:
> > >
> > > My IPv6 Address Subnet: 2602:fccf:400:41::/64
> > > Hypervisor' IPv6 Gateway: 2602:fccf:400::1
> > >
> > > I was only given a /64.
> >
> > So you
Greetings,
> > I also don't control the entire /48.
> >
> > Here is the information I was given:
> >
> > My IPv6 Address Subnet: 2602:fccf:400:41::/64
> > Hypervisor' IPv6 Gateway: 2602:fccf:400::1
> >
> > I was only given a /64.
>
> So you should use a /64 prefix length not the /48 which you hav
.
On 21/05/2024 22:04, jrmu wrote:
Greetings,
Here is my configuration:
Inside hypervisor:
hypervisor$ cat /etc/hostname.em1
inet 104.167.241.211 0xffc0
inet6 2602:fccf:400:41:: 48
Why are you using 48 as mask here and not 64?
I don't have control over the hypervisor's gateway, th
On 2024-05-21, jrmu wrote:
>
> --qhuug7BO2jqFJSbi
> Content-Type: text/plain; charset=us-ascii
> Content-Disposition: inline
> Content-Transfer-Encoding: quoted-printable
>
> Greetings,
>
>> > Here is my configuration:
>>=20
>> > Inside hypervisor:
>>=20
>> > hypervisor$ cat /etc/hostname.em1
>> >
Greetings,
> > Here is my configuration:
>
> > Inside hypervisor:
>
> > hypervisor$ cat /etc/hostname.em1
> > inet 104.167.241.211 0xffc0
> > inet6 2602:fccf:400:41:: 48
>
> Why are you using 48 as mask here and not 64?
I don't have control over the hypervisor's gateway, that is provided b
Hi
On 21/05/2024 04:01, jrmu wrote:
> Here is my configuration:
> Inside hypervisor:
> hypervisor$ cat /etc/hostname.em1
> inet 104.167.241.211 0xffc0
> inet6 2602:fccf:400:41:: 48
Why are you using 48 as mask here and not 64?
Here is a suggestion in term of routing.
From your configura
On Thu, Apr 11, 2024 at 11:22:54AM +0200, Julian Huhn wrote:
> Moin!
>
> On Wed, Apr 10, 2024 at 04:24:48PM +0200, Julian Huhn wrote:
> >I tried unsuccessfully to obtain an IPv6 address with an umb(4) interface.
> >As
> >umb(4) supports IPv6 since 6.7, I seem to be doing something wrong. Can
>
.
On 11/04/2024 16:43, Julian Huhn wrote:
Moin!
On Thu, Apr 11, 2024 at 04:01:49PM +0400, Willy Manga wrote:
On 10/04/2024 18:24, Julian Huhn wrote:
x270$ ifconfig umb0
umb0: flags=8851 mtu 1500
index 5 priority 6 llprio 3
roaming enabled registration home network
stat
Hi,
On 10/04/2024 18:24, Julian Huhn wrote:
Moin!
[...]
x270$ ifconfig umb0
umb0: flags=8851 mtu 1500
index 5 priority 6 llprio 3
roaming enabled registration home network
state up cell-class LTE rssi -89dBm speed 47.7Mbps up 286Mbps down
SIM initialized PIN
Moin!
On Thu, Apr 11, 2024 at 04:01:49PM +0400, Willy Manga wrote:
On 10/04/2024 18:24, Julian Huhn wrote:
x270$ ifconfig umb0
umb0: flags=8851 mtu 1500
index 5 priority 6 llprio 3
roaming enabled registration home network
state up cell-class LTE rssi -89dBm speed 47.7Mb
Moin!
On Wed, Apr 10, 2024 at 04:24:48PM +0200, Julian Huhn wrote:
I tried unsuccessfully to obtain an IPv6 address with an umb(4) interface. As
umb(4) supports IPv6 since 6.7, I seem to be doing something wrong. Can anyone
give me a hint what I need to do?
After some further investigation I
I’ll have to get back to you on this tomorrow, but I JUST got IPv6 working
again with Comcast. The short answer:
This helped me: https://lipidity.com/openbsd/router/
Recently Comcast changed how their dhcpv6 servers work in my area and I had to
change the dhcpv6-server rule to this
pass in on
On 2024-04-07 10:27 UTC, Stuart Henderson wrote:
> On 2024-04-06, Florian Obser wrote:
>> Someone with pull at UPC^W ziggo^W vodafone^W liberty global could
>> potentially get that situation improved.
>
> Often on an OpenBSD box using one of these connections, you want
> one or more /64s rather
On 2024-04-06, Florian Obser wrote:
> Someone with pull at UPC^W ziggo^W vodafone^W liberty global could
> potentially get that situation improved.
Often on an OpenBSD box using one of these connections, you want
one or more /64s rather than a host address, I don't think there's
an alternative t
Someone with pull at UPC^W ziggo^W vodafone^W liberty global could potentially
get that situation improved.
On 6 April 2024 19:04:52 CEST, Peter Hessler wrote:
>OpenBSD natively supports IPv6 addressing via static configuration and
>SLAAC. We do not have a DHCPv6 client in base, so currently yo
OpenBSD natively supports IPv6 addressing via static configuration and
SLAAC. We do not have a DHCPv6 client in base, so currently you have to
use a package for that.
On 2024 Apr 06 (Sat) at 13:01:31 -0400 (-0400), Sonic wrote:
:That works - I didn't realize I needed to install a package to have
That works - I didn't realize I needed to install a package to have ipv6
work with OpenBSD.
Thank you.
On Sat, Apr 6, 2024 at 8:10 AM Sonic wrote:
>
> Running -current on my router and finally (after years) decided to move into
> using ipv6.
> I added "inet6 autoconf" to hostname.em0 (also has "inet autoconf") and I get
> a link local address:
> =
> # ifconfig em0
On Sat, Apr 6, 2024, at 10:09 AM, Sonic wrote:
> I'm on Comcast (Xfinity) in the US.
Your setup will be specific to your ISP. I'm on AT&T Fiber, which uses SLAAC
for the WAN interface and DHCPv6-PD for internal interfaces. I do the latter
with dhcpcd.
A quick search indicates Xfinity uses DHCPv
LOL, fair enough. Feel free to yell at me for this third question and
tell me to start a new thread.
How do you recommend I should proceed in diagnosing these "ndp info
overwritten" messages? It seems bizarre they started out of nowhere.
Before May 2, I didn't have any; but since, I get them ever
On Wed, Jul 12, 2023 at 10:59:13AM -0600, Zack Newman wrote:
> On 7/12/23 10:20, Claudio Jeker wrote:
> > You are missing something. It is called the KAME hack or embedded scope.
> > The KAME IPv6 implementation hijacks the 2nd 16bit addr part to store the
> > scope_id. In some cases this embedded
On 7/12/23 10:20, Claudio Jeker wrote:
You are missing something. It is called the KAME hack or embedded scope.
The KAME IPv6 implementation hijacks the 2nd 16bit addr part to store the
scope_id. In some cases this embedded scope escapes in the addrs printed.
Especially the "ndp info overwritten
On Wed, Jul 12, 2023 at 08:23:36AM -0600, Zack Newman wrote:
> Before I raise a bug report, I wanted to pass it by @misc in case I'm
> confused. It appears there is an issue with link-local addresses at
> least as far as route(8) is concerned. Since May 2, /var/log/messages
> has been getting spamm
Huh? Please read what I said. I literally mentioned RFC 4291 Section
2.5.6. Additionally, fe80::/10 _is_ defined by RFC 4291 Section 2.4 as
"Link-Local unicast" addresses. Section 2.5.6 does not redefine that but
instead states that, at least as of now, only fe80::/64 is allowed to be
used. The po
On 2023-07-12 16:23, Zack Newman wrote:
> Before I raise a bug report, I wanted to pass it by @misc in case I'm
> confused. It appears there is an issue with link-local addresses at
> least as far as route(8) is concerned. Since May 2, /var/log/messages
> has been getting spammed with the following
Many thanks for the full review, appreciated!
Feb 17, 2023 20:58:38 Courtney :
> Vultr has worked for me (they provide
> an OpenBSD install). Tilaa in the Netherlands too. Tilaa support is very
> unimpressive
> though
I have been using RamNode and they have been very good. You have to go
"bring your own iso" but 2 years later and haven't had any issues. Keep
forgetting
if you need the .img or .iso heh. I sysupgraded one box from 6.8-7.1 no
problem
before replacing the VM with a stronger one. You can request m
> If you like the CLI don't forget OpenBSD Amsterdam plug>
Thanks also for this one, OpenBSD Amsterdam, not the first referral..
Indeed cudoz to you but I would say cudoz to Amsterdam..
PS: my daughter is sleeping, can't me sorry for any unconviniance..
On 2023-02-16 11:09, Philipp Buehler wrote:
Am 16.02.2023 08:27 schrieb Daniele B.:
3) Can you advise about hosting providers in terms of managed VPS with
OpenBSD, in North America and Europe?
For some years now with https://transip.eu - spotless IPv6 and OpenBSD
included. The web/vnc console
> For some years now with https://transip.eu - spotless IPv6 and OpenBSD
> included.
Thanks for this one, appreciated.
-- Daniele Bonini
Am 16.02.2023 08:27 schrieb Daniele B.:
3) Can you advise about hosting providers in terms of managed VPS with
OpenBSD, in North America and Europe?
For some years now with https://transip.eu - spotless IPv6 and OpenBSD
included. The web/vnc console just works, too.
I think I had only one (may
On 2022-11-28, Geoff Steckel wrote:
> Short form:
> I'm using rad to update local machines with the IPv6 address prefix
> currently assigned by Verizon. It runs on my firewall/external router.
> The router advertisement destructively changes the route and interface
> of an address on that machi
Ok, ignore my previous mail. The solution is to use -soii:
# ifconfig em0 autoconf eui64 -soii lladdr f2:b6:71:e6:11:7e
This makes the non temporary public and ULA addresses use the EUI-64 IID based
on the lladdr.
Thanks!
Mike
> Am 29.12.2021 um 19:37 schrieb Mike Fischer :
>
> On Tue, Dec 2
On Tue, Dec 28, 2021, at 21:05, Mike Fischer wrote:
>> Am 28.12.2021 um 13:09 schrieb Paul de Weerd :
>> Seems like the simplest way, especially using the lladdr option.
> Yes, I’ll give that a try.
Ok, I have tried the following:
Remove my current IPv6 configuration from em0:
# ifconfig em0 -ine
Hi Thomas!
Am 28.12.2021 um 16:24 schrieb Thomas Bohl :
>
> Hello,
>
>> My Internet connection is using dynamic IPv6 prefixes. I want to configure a
>> local (OpenBSD) machine so its public IPv6 address adjusts to changes in the
>> network prefix but keeps a static Interface Identifier (IID).
Hi Diana!
> Am 28.12.2021 um 15:58 schrieb deich...@placebonol.com:
>
> I'm still interested in why you are concerned about "leaking" the MAC address?
Well, knowing the vendor of an interface might lead an attacker to exploit
known security issues relevant to that vendor. While I deem the risk
On Tue, Dec 28, 2021, at 21:05, Mike Fischer wrote:
>> Am 28.12.2021 um 13:09 schrieb Paul de Weerd :
>> Seems like the simplest way, especially using the lladdr option.
> Yes, I’ll give that a try.
That’s how I “solved” that problem too, though I’m not too worried
about leaking anything, so I jus
I'm still interested in why you are concerned about "leaking" the MAC address?
Changing the MAC with laddr will still leak the MAC but now it will be the one
you created.
If you do decide to change the MAC to a long defunct NIC manufacturer. That is
what I do for fun. Some of my 10G interfac
> Am 28.12.2021 um 13:09 schrieb Paul de Weerd :
>
> On Tue, Dec 28, 2021 at 12:35:07PM +0100, Mike Fischer wrote:
> | So I guess the only way to get a stable IID with dynamic prefixes is
> | to use the eui64 method? (Which is based on the MAC-address and
> | leaks information.)
>
> What inform
On 2021-12-28, Mike Fischer wrote:
> Thanks Stuart!
>
>> Am 28.12.2021 um 10:01 schrieb Stuart Henderson :
>>
>> On 2021-12-27, Mike Fischer wrote:
>>> After reading man pages for slaacd(8), hostname.if(5) and ifconfig(8) the
>>> only way to combine a static IID with a dynamic prefix seems to b
On Tue, Dec 28, 2021 at 12:35:07PM +0100, Mike Fischer wrote:
| So I guess the only way to get a stable IID with dynamic prefixes is
| to use the eui64 method? (Which is based on the MAC-address and
| leaks information.)
What information leak are you afraid of? Someone else knowing the
MAC-addres
Thanks Stuart!
> Am 28.12.2021 um 10:01 schrieb Stuart Henderson :
>
> On 2021-12-27, Mike Fischer wrote:
>> After reading man pages for slaacd(8), hostname.if(5) and ifconfig(8) the
>> only way to combine a static IID with a dynamic prefix seems to be the eui64
>> option:
>> inet6 autoconf eu
On 2021-12-27, Mike Fischer wrote:
> After reading man pages for slaacd(8), hostname.if(5) and ifconfig(8) the
> only way to combine a static IID with a dynamic prefix seems to be the eui64
> option:
> inet6 autoconf eui64
>
> However this limits the IID to a fixed value based on the MAC-address
Hi Daniel!
I didn’t know about ifstated(8) but reading the man page I get the impression
that it only triggers on up/down events. And for other things it relies on
polling, e.g. sending a ping packet somewhere every 10 seconds to test
reachability.
The route monitor command seems somewhat mor
On Thu, 7 Oct 2021 02:52:13 +0200, Mike Fischer
wrote:
> Would a IPv6 address prefix change be something the hotplug(4) /
> hotplugd(8) mechanism would see?
It would rather be ifstated(8), but I don't think so. I've never looked
into this, but if I were, I would check the route(8) monitor comman
On 3/8/21 11:05 PM, Antonino Sidoti wrote:
> There is no blocking showing up when I examine the pflog0,
I would run tcpdump -n -i em0 icmp6 during /etc/netstart with and
without pf enabled. If you see a difference, that should help you find
out what to allow in your ruleset.
/m
Hi,
There is no blocking showing up when I examine the pflog0, hence the confusion
is what is blocking traffic when the firewall is enabled. I find it strange
that the “ndp” output has two LLA for the same Mac address. The MAC address of
the remote device 82:63:9c:36:23:a2 is listed twice. Is t
On 2021-03-08, Antonino Sidoti wrote:
> I am confused about how Neighbor Discovery is not working when the firewall
> is on.
Check your blocked packets. You already have "log" on mpst block rules,
so look at either /var/log/pflog or live with tcpdump -e on the pflog0
interface.
Thank you Stuart. I did actually have ICMP6 allowed in the firewall, though
turning it off made the IPv6 connection come alive. I will troubleshoot
firewall further.
Thanks
Antonino Sidoti
> On 9 Feb 2021, at 9:15 am, Stuart Henderson wrote:
>
> On 2021-02-08, Antonino Sidoti wrote:
>> H
On 2021-02-08, Antonino Sidoti wrote:
> Hello,
>
> Can anyone confirm if they have a working IPv6 connection with a 4G service?
> I cannot get my connection to work with IPv6. Happy to provide more
> information if what I have provided below is not enough. I would like to get
> a working IPv6 c
Hello,
Can anyone confirm if they have a working IPv6 connection with a 4G service? I
cannot get my connection to work with IPv6. Happy to provide more information
if what I have provided below is not enough. I would like to get a working IPv6
connection with network interface em0 only.
Thanks
Dear Fernando,
I tried it the way you recommended, but it still doesn't work.
I have created a network diagram and the ouzput of "route -n show -inet6"
(Two separate files).
They can be found here (my private Nextcloud):
https://cloud.mischke.it/nextcloud/index.php/s/ZnHrHMMgrofZdiF
Best re
Alexander,
It would be easier for us if you could provide a network diagram with
more syntetic information and/or the corresponding ifconfig -a and route
show.
That said, you configuration is clearly incorrect. From starters, your
em1 interface configuration covers the same prefix that you'v
Hi,
This is no longer an issue with latest snapshot.
Best regards,
Pedro Caetano
A sexta, 13/12/2019, 14:05, Pedro Caetano
escreveu:
> Hi David, thank you for your reply
>
> I will test that and report back.
>
>
> Best regards,
> Pedro Caetano
>
> On Fri, Dec 13, 2019 at 1:27 PM David Gwynne
Hi David, thank you for your reply
I will test that and report back.
Best regards,
Pedro Caetano
On Fri, Dec 13, 2019 at 1:27 PM David Gwynne wrote:
> aggr(4) didn't exist in OpenBSD 6.6, so maybe that's the difference. Does
> the problem go away if you use trunk(4) instead of aggr(4)? Altern
aggr(4) didn't exist in OpenBSD 6.6, so maybe that's the difference. Does the
problem go away if you use trunk(4) instead of aggr(4)? Alternatively, could
you build a -current kernel and make sure you have src/sys/net/if_aggr.c r1.25
and see what effect that has?
Cheers,
dlg
> On 13 Dec 2019,
Hi,
when doing slaacctl send solicitation vio0, tcpdump says:
mx-00# tcpdump -ni vio0 icmp6 tcpdump: listening on vio0, link-type EN10MB
16:06:54.725229 fe80::2de:361a:24aa:d7a6 > ff02::2: icmp6: router
solicitation
16:06:55.803125 fe80::22d8:b00:86fa:424c > ff02::1:ff96:189a: icmp6:
neighbor s
Hello,
@Fernando Gont:
I have tried that as well. No difference.
@ Bastien Durel
When pinging ff02::2%vio0 I don't receive any replies.
The tcpdump for those requests is the following:
# tcpdump -ni vio0 icmp6
tcpdump: listening on vio0, link-type EN10MB
15:47:40.580787 fe80::22d8:b00:
On 22/8/19 21:11, list wrote:
> Hi,
>
> I might be missing something right here
>
> I have the output of "route show" attached, because I cannot paste it in
> here in a formatted form.
>
>
> This is super annoying.
>
> Just wanna get the damn thing running.
Your default route is wrong. N
Le jeudi 22 août 2019 à 20:11 +0200, list a écrit :
> Hi,
>
> I might be missing something right here
>
> I have the output of "route show" attached, because I cannot paste it
> in
> here in a formatted form.
>
>
> This is super annoying.
>
> Just wanna get the damn thing running.
>
ff02:
Hi,
I might be missing something right here
I have the output of "route show" attached, because I cannot paste it in
here in a formatted form.
This is super annoying.
Just wanna get the damn thing running.
Regards,
Stephan
On 8/19/19 10:33 AM, Bastien Durel wrote:
> Le dimanche 18 août
On Sun, Aug 18, 2019 at 07:36:55PM +0200, list wrote:
> Hi,
>
> The output of slaacctl show interface vio0 ist the following:
>
> # slaacctl show interface vio0
>
> slaacctl: connect: /dev/slaacd.sock: Connection refused
>
> This is not how it is supposed to be i guess.
it would be interesting
1 - 100 of 441 matches
Mail list logo
