Date: Sun, 18 Nov 2018 00:20:28 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 233283] IPv6 routing problem when using FreeBSD as a VPS at a cloud provider Message-ID: <bug-233283-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=233283 Bug ID: 233283 Summary: IPv6 routing problem when using FreeBSD as a VPS at a cloud provider Product: Base System Version: 11.2-STABLE Hardware: amd64 OS: Any Status: New Severity: Affects Many People Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: peo_s@incedo.org Hi I have recently seen a rising problem when I replaced a Linux server with FreeBSD. This is because it is used as a VPS at the cloud provider RamNode. They (i.e RamNode) have provided an IPv6 gateway that is outside my allotted /64 block. They have a /48 at each DC. And the IPv6 gw is outside my /64. So FreeBSD requires me to increase the net mask from /64 to /48 for internet access to work. They also state this here... https://clientarea.ramnode.com/knowledgebase.php?action=displayarticle&id=44 This means I have a problem to communicate with a set of servers over IPv6 related to the mask we have specified. I unfortunately now have a sever that I can use IPv4 only to because of this. Linux and windows obviously accept having gateways outside its network scope. Why, I do not know... I of course think this is wrong. OpenBSD and FreeBSD don’t accept this handling of gateways outside the net mask scope… If it is RFC compliant or not, I do not know. I have not checked…. And I think FreeBSD is actually behaving right. I logged a case at RamNode... The problem is that RamNode states that most cloud providers behaves in the same way. So now it just became a problem if we want to use FreeBSD at the cloud providers with IPv6. RamNode stated: —snip— This kind of setup does appear to be odd but if you search you will see there are a number of large providers that take the same approach. Users on these other providers also experience issues with the gateway being outside of the subnet on BSD. Unfortunately I do not have specific knowledge as to why our configuration is this way but it does appear to be common. —snip— So… I am working primarily with security. As I do not see any immediate security issue doing this, is it possible to add an rc.conf flag to accept gateways outside the net-mask scope? Otherwise, FreeBSD is not the horse to bet on for the future as VPS:es on the internet. /Peo -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-233283-227>