From owner-freebsd-net@freebsd.org Thu Aug 1 18:01:50 2019 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D4166C41A7 for ; Thu, 1 Aug 2019 18:01:50 +0000 (UTC) (envelope-from hrs@allbsd.org) Received: from mail.allbsd.org (mx.allbsd.org [IPv6:2001:2f0:104:e001::41]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail.allbsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 45zymC5d4Hz41hs for ; Thu, 1 Aug 2019 18:01:47 +0000 (UTC) (envelope-from hrs@allbsd.org) Received: from mail-d.allbsd.org ([IPv6:2409:11:a740:4700:58:65ff:fe00:b0b]) (authenticated bits=56) by mail.allbsd.org (8.15.2/8.15.2) with ESMTPSA id x71I16H9012377 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=OK) (Client CN "/CN=mail-d.allbsd.org", Issuer "/C=US/O=Let's+20Encrypt/CN=Let's+20Encrypt+20Authority+20X3"); Fri, 2 Aug 2019 03:01:19 +0900 (JST) (envelope-from hrs@allbsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=allbsd.org; s=20190220; t=1564682494; bh=BA2x2wsxLHEEodGWYa/rroqu6hrBGyqI3IDxeCqVrNU=; h=Date:To:Cc:Subject:From:In-Reply-To:References; b=Zyvj9px8NNGeaJKAMj39i8Ts/F1/tSGwR3q4oLj8vsXDvTDwc7vuGx/CgtJDgiJ9K XQc8M92nfMxW4undq19dubX/G7mbe9kCm+1S59/xRTjCM8ZP0x3DTFimlWNDr7sNPc g2W9Na7M8PUZFPTEeS+zxul/JN4CRg0HH6japwXc= Received: from alph.d.allbsd.org ([IPv6:2409:11:a740:4700:16:ceff:fe34:2700]) by mail-d.allbsd.org (8.15.2/8.15.2) with ESMTPS id x71I11V4062536 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO); Fri, 2 Aug 2019 03:01:01 +0900 (JST) (envelope-from hrs@allbsd.org) Received: from localhost (localhost [[UNIX: localhost]]) (authenticated bits=0) by alph.d.allbsd.org (8.15.2/8.15.2) with ESMTPA id x71I0xQI062405; Fri, 2 Aug 2019 03:01:01 +0900 (JST) (envelope-from hrs@allbsd.org) Date: Fri, 02 Aug 2019 03:00:53 +0900 (JST) Message-Id: <20190802.030053.435733628684510322.hrs@allbsd.org> To: viktor@dukhovni.org Cc: freebsd-net@freebsd.org Subject: Re: Preferring internal IPv6 source address over gif tunnel IP? From: Hiroki Sato In-Reply-To: <20190731120705.GC24255@straasha.imrryr.org> References: <20190731120705.GC24255@straasha.imrryr.org> X-PGPkey-fingerprint: BDB3 443F A5DD B3D0 A530 FFD7 4F2C D3D8 2793 CF2D X-Mailer: Mew version 6.8 on Emacs 26.1 Mime-Version: 1.0 Content-Type: Multipart/Signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="--Security_Multipart(Fri_Aug__2_03_00_53_2019_115)--" Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.2 (mail.allbsd.org [IPv6:2001:2f0:104:e001:0:0:0:41]); Fri, 02 Aug 2019 03:01:27 +0900 (JST) X-Spam-Status: No, score=4.7 required=13.0 tests=CONTENT_TYPE_PRESENT, QENCPTR1, RCVD_IN_AHBL,RCVD_IN_AHBL_PROXY,RCVD_IN_AHBL_SPAM,RDNS_NONE, UNPARSEABLE_RELAY,URIBL_SC2_SURBL,URIBL_XS_SURBL autolearn=no autolearn_force=no version=3.4.2 X-Spam-Level: **** X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on mx.allbsd.org X-Rspamd-Queue-Id: 45zymC5d4Hz41hs X-Spamd-Bar: + Authentication-Results: mx1.freebsd.org; dkim=pass header.d=allbsd.org header.s=20190220 header.b=Zyvj9px8; dmarc=none; spf=pass (mx1.freebsd.org: domain of hrs@allbsd.org designates 2001:2f0:104:e001::41 as permitted sender) smtp.mailfrom=hrs@allbsd.org X-Spamd-Result: default: False [1.66 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_DKIM_ALLOW(-0.20)[allbsd.org:s=20190220]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; MV_CASE(0.50)[]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; TO_DN_NONE(0.00)[]; DMARC_NA(0.00)[allbsd.org]; NEURAL_SPAM_SHORT(0.99)[0.993,0]; RCVD_COUNT_THREE(0.00)[4]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[allbsd.org:+]; RCPT_COUNT_TWO(0.00)[2]; MID_CONTAINS_FROM(1.00)[]; SIGNED_PGP(-2.00)[]; FROM_EQ_ENVFROM(0.00)[]; SUBJECT_ENDS_QUESTION(1.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; ASN(0.00)[asn:7514, ipnet:2001:2f0::/32, country:JP]; RCVD_TLS_LAST(0.00)[]; IP_SCORE(0.77)[asn: 7514(3.89), country: JP(-0.03)] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2019 18:01:50 -0000 ----Security_Multipart(Fri_Aug__2_03_00_53_2019_115)-- Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Viktor Dukhovni wrote in <20190731120705.GC24255@straasha.imrryr.org>: vi> 1. Point to point tunnel /128: vi> vi> cloned_interfaces="gif0" vi> create_args_gif0="tunnel " vi> ifconfig_gif0_ipv6="inet6 ::2 ::1 prefixlen 128" vi> ipv6_defaultrouter="::1" You do not need to use ifconfig_gif0_ipv6 for a point-to-point configuration with . The following configuration should do the trick while this is different from suggested one from he.net: cloned_interfaces="gif0" create_args_gif0="tunnel " ifconfig_gif0_ipv6="inet6 auto_linklocal" ipv6_defaultrouter="-interface gif0" Using this configuration, your source IPv6 address will be that on igb1. And if you have two or more physical interfaces you can define ip6addrctl.conf to control which address is used for the source address depending on the destination address. -- Hiroki ----Security_Multipart(Fri_Aug__2_03_00_53_2019_115)-- Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- iEYEABECAAYFAl1DKNUACgkQTyzT2CeTzy0HfgCdF+niasXw35fCE2svw+SmPjvs DGcAn0VefsDd7hiedp7Z0TNddXBXk+hc =GbEW -----END PGP SIGNATURE----- ----Security_Multipart(Fri_Aug__2_03_00_53_2019_115)----