Date: Sat, 08 Jan 2000 13:31:14 +0900 From: Yoshinobu Inoue <shin@nd.net.fujitsu.co.jp> To: freebsd@cybcon.com Cc: freebsd-current@FreeBSD.ORG Subject: Re: IPv6 testing...willing to help Message-ID: <20000108133114L.shin@nd.net.fujitsu.co.jp> In-Reply-To: <XFMail.000107121013.freebsd@cybcon.com> References: <XFMail.000107121013.freebsd@cybcon.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> I have a DEC Alpha at home running 4.0-current and am willing to help out with > the testing. I am not the worlds greatest coder, but am willing to do what I can Thanks! The 1st thing I want to be tested is that, a kernel with following additions to the config file options INET6 #IPv6 communications protocols options IPSEC #IP security options IPSEC_ESP #IP security (crypto; define w/ IPSEC) options IPSEC_IPV6FWD #IP security tunnel for IPv6 options IPSEC_DEBUG #debug for IP security pseudo-device gif 4 #IPv6 and IPv4 tunneling pseudo-device faith 1 #for IPv6 and IPv4 translation just works fine, and also all apps on your environments which you are usually using still works fine on that kernel. Then, I would like to know if IPv6 addresses and routes are successfully installed. These can be checked by, ifconfig -a netstat -rn -f inet6 And if ping6 or traceroute6 to those addrs are successful. Then, I think something like following tests are desirable, but to do these checks, more than 1 host is necessary. Here I'll just give rough explanation. (1)IPv6 host autoconfiguration router side needs to run usr.sbin/rtadvd with rtadvd.conf config file which includes address information to be auto configured. rtadvd -c rtadvd.conf bar0 host needs to do following, sysctl -w net.inet6.ip6.accept_rtadv=1 rtsol bar0 bar0 is any interface that either of the host and the router is connected. Details are in rtadvd(8), rtadvd.conf(5), rtsol(8) (2)IPv6 communication via IPv6 router Besides (1), router needs to run IPv6 routing daemon. Currently there is usr.sbin/route6d. Also, several global addr should be assigned to each of routers interface. If no global addr, then site local addr can be used for testing.(such as fec0:0:0:1::1) You can use ifconfig or prefix command to assign them. If assigning site local addr using prefix command, prefix bar0 fec0:0:0:1000:: prefix bar1 fec0:0:0:2000:: sysctl -w net.inet6.ip6.forwarding=1 route6d -l Details are in route6d(8) (3)IPsec between 2 hosts (IPsec transport mode) Setup IPsec association using usr.sbin/setkey on each host. Specify IPsec policy for apps which would like to use IPsec. Those apps must have an option which specify IPsec policy. Usually it is -P option. (currently, only supported by ping and some daemons) Or specify IPsec policy using usr.sbin/setkey on each host. Details are in setkey(8), ping(8), ipsec_set_policy(3) (4)IPsec between 2 routers (IPsec tunnel mode) Setup IPsec association and IPsec policy using usr.sbin/setkey on each routers. Also the default route is need to be installed on each routers, due to some current IPsec tunnel mode implementation issue. Details are in setkey(8), ipsec_set_policy(3) If there is any unclear things, please ask me. Yoshinobu Inoue To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000108133114L.shin>