From owner-freebsd-net@freebsd.org  Fri Feb 15 16:49:21 2019
Return-Path: <owner-freebsd-net@freebsd.org>
Delivered-To: freebsd-net@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0911114E0AC2
 for <freebsd-net@mailman.ysv.freebsd.org>;
 Fri, 15 Feb 2019 16:49:21 +0000 (UTC)
 (envelope-from freebsd@disroot.org)
Received: from knopi.disroot.org (knopi.disroot.org [178.21.23.139])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id F3CB071AEE
 for <freebsd-net@freebsd.org>; Fri, 15 Feb 2019 16:49:19 +0000 (UTC)
 (envelope-from freebsd@disroot.org)
Received: from localhost (localhost [127.0.0.1])
 by disroot.org (Postfix) with ESMTP id B1774289B4
 for <freebsd-net@freebsd.org>; Fri, 15 Feb 2019 17:49:12 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at disroot.org
Received: from knopi.disroot.org ([127.0.0.1])
 by localhost (disroot.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id rwRADUCRLQtB for <freebsd-net@freebsd.org>;
 Fri, 15 Feb 2019 17:49:11 +0100 (CET)
To: freebsd-net@freebsd.org
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=disroot.org; s=mail;
 t=1550249351; bh=HiLc5W2wSQXAmBVqFBDUkSRF83i2K9hbQt7jUeJp7R0=;
 h=To:From:Subject:Date;
 b=f4fILdKJKaSG4K6oqmpCtKqHXicia8UvAkr+NCDW/Np7CQvb0vjx6Fbf8z4On3rC/
 LoQHrbrr3+NYj79T66txM38QcGHkKpiFExUrYK3qyM55TBrnw5wMhT0vcczxZV+U2I
 3uWXqebx0R0y0kdTincyPpwRU7wZ/d68ULChA6csbuxa2fekE8JuFgVA4Y96SPmdbq
 EeHm7OrlJ4q68bCu8JeDtuT4Z99lXuoKbjQRvHuXLSrDEFYGJDh2yE5VHUekHPWw6r
 wgbXQeZ29KE0f5rvNuS0XgpKV/uM7AJ72fkE8OZr62/NkqcmQZSeeSNQk0pH3F7QjZ
 K3N+lmXxDHmSw==
From: "Peter G." <freebsd@disroot.org>
Subject: Point-to-point using GRE over IPv6 -> not possible with a single /128
 address on the server?
Message-ID: <95d8e3ea-af36-4d14-f280-908f92a96515@disroot.org>
Date: Fri, 15 Feb 2019 17:49:01 +0100
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-Rspamd-Queue-Id: F3CB071AEE
X-Spamd-Bar: --
Authentication-Results: mx1.freebsd.org;
 dkim=pass header.d=disroot.org header.s=mail header.b=f4fILdKJ;
 dmarc=pass (policy=none) header.from=disroot.org;
 spf=pass (mx1.freebsd.org: domain of freebsd@disroot.org designates
 178.21.23.139 as permitted sender) smtp.mailfrom=freebsd@disroot.org
X-Spamd-Result: default: False [-2.98 / 15.00]; ARC_NA(0.00)[];
 NEURAL_HAM_MEDIUM(-1.00)[-1.000,0];
 R_DKIM_ALLOW(-0.20)[disroot.org:s=mail]; FROM_HAS_DN(0.00)[];
 R_SPF_ALLOW(-0.20)[+a]; MV_CASE(0.50)[];
 MIME_GOOD(-0.10)[text/plain];
 PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org];
 TO_DN_NONE(0.00)[]; RCPT_COUNT_ONE(0.00)[1];
 NEURAL_HAM_LONG(-1.00)[-1.000,0]; RCVD_COUNT_THREE(0.00)[3];
 RCVD_TLS_LAST(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[];
 DKIM_TRACE(0.00)[disroot.org:+]; MX_GOOD(-0.01)[disroot.org];
 RCVD_IN_DNSWL_NONE(0.00)[139.23.21.178.list.dnswl.org : 127.0.10.0];
 NEURAL_HAM_SHORT(-0.89)[-0.889,0];
 DMARC_POLICY_ALLOW(-0.50)[disroot.org,none];
 IP_SCORE(-0.58)[asn: 50673(-2.94), country: NL(0.02)];
 FROM_EQ_ENVFROM(0.00)[]; SUBJECT_ENDS_QUESTION(1.00)[];
 MIME_TRACE(0.00)[0:+];
 ASN(0.00)[asn:50673, ipnet:178.21.23.0/24, country:NL];
 MID_RHS_MATCH_FROM(0.00)[]
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Feb 2019 16:49:21 -0000

Hi,

I've got issues establishing a point-to-point ipv6-over-ipv6 GRE link.

IPv4 which works as expected:
this end: 10.0.1.10
other end: 10.0.2.10
GW: 10.0.1.1
iface: em0

>ifconfig gre4 create
>ifconfig gre4 inet 10.0.1.10 10.0.2.10 netmask 0xffffffff tunnel
10.0.1.10 10.0.2.10 tunnelfib 2
>route add -host 10.0.1.1 -iface em0 -fib 2
>route add -host 10.0.2.10 10.0.1.1 -fib 2

Works. The tunnel is marked with FIB 2, and a point-to-point is
established. Can be used with IPSEC in transport or whatever.


Now, IPv6 is problematic. The server has allocated a single IPv6 address
with prefixlen 112. This could be the source of the issue.

Private addresses replicate the setup.

this end: fc01:e::100/112
other end fc02:e::200
GW: fc01:e::1

>ifconfig em0
#em0:
#	inet6 fc01:e::100 prefixlen 112

This works. Default GW is at fc01:e::1.

Now the GRE tunnel

>ifconfig gre6 create
>ifconfig gre6 inet6 fc01:e::100 fc:02:e::200 tunnelfib 6
#ifconfig: ioctl (SIOCAIFADDR): File exists

Why is this not possible? Isn't the logic behind it the same as with
IPv4? If not, why not?

Does this mean it is not possible to have a point-to-point using IPv6 on
a machine with only a single /128 address?

Found this as reference:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=208173 but what he did
was on a much broader range.

Many thanks!

Peter