Date: Sat, 04 Dec 2004 20:13:06 +0100 From: Bernhard Schmidt <berni@birkenwald.de> To: Max Laier <max@love2party.net> Cc: freebsd-pf@freebsd.org Subject: Re: IPv6 MLD packets blocked Message-ID: <1102187586.12613.28.camel@cholera> In-Reply-To: <200412041958.11601.max@love2party.net> References: <slrncr28gr.ig8.berni@bschmidt.msgid.cybernet-ag.net> <200412041958.11601.max@love2party.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, > > I'm currently trying to enable IPv6 multicast forwarding on my FreeBSD > > home gateway. With both pim6sd and xorp I had the problem that MLD (IGMP > > for IPv6) from clients did not come through to the appropriate daemon > > and therefor groups are never subscribed. > > > > This seems to be a problem with pf. When I disable pf with "pfctl -d" it > > works like a charm; when I enable pf again, even with the simple ruleset > > > > pass all > Does your setup include a 6to4 (stf(4)) device? If so then you should move to > a RELENG_5 with pf_if.c, rev. 1.5.2.2. (you can simply move that one file). No, but several gif-Interfaces. The interface I have troubles with receiving MLD messages is a plain ethernet, vr(4). > To debug a problem like this you should use a ruleset like: > > block log all > pass all > > and watch pflog on tcpdump. It'll give you information why a packet is > dropped. No packets are dropped according to tcpdump, but it still doesn't work. > Increasing the verbosity of pf's debug facilities might also be > helpful: # pfctl -xm Should that help when no packets are dropped? I can see no obvious error messages in syslog. Even setting the debug level to 'loud' doesn't give me anything. I would assume that pf is dropping because of the router alert option set in MLD messages (see the dump). > pf_if.c went in "Nov 24 16:57:32 2004 UTC" so you might have missed it. No changes for != stf, right? Bernhard
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1102187586.12613.28.camel>