From owner-freebsd-net@FreeBSD.ORG Sun Apr 25 20:51:45 2010 Return-Path: Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EB2B21065670 for ; Sun, 25 Apr 2010 20:51:44 +0000 (UTC) (envelope-from frederic.perrin@resel.fr) Received: from maisel-gw.enst-bretagne.fr (maisel-gw.enst-bretagne.fr [192.44.76.8]) by mx1.freebsd.org (Postfix) with ESMTP id 715518FC1A for ; Sun, 25 Apr 2010 20:51:44 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by maisel-gw.enst-bretagne.fr (Postfix) with ESMTP id 76C5E1980A; Sun, 25 Apr 2010 22:51:43 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at resel.fr Received: from maisel-gw.enst-bretagne.fr ([127.0.0.1]) by localhost (mercure.adm.maisel.enst-bretagne.fr [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Su+z+juiwdBC; Sun, 25 Apr 2010 22:51:37 +0200 (CEST) Received: from girafe.home (ARennes-258-1-90-183.w90-25.abo.wanadoo.fr [90.25.25.183]) (Authenticated sender: fperrin) by maisel-gw.enst-bretagne.fr (Postfix) with ESMTPSA id 4DCAB19809; Sun, 25 Apr 2010 22:51:37 +0200 (CEST) Date: Sun, 25 Apr 2010 22:52:56 +0200 From: =?UTF-8?B?RnLDqWTDqXJpYw==?= Perrin To: Hiroki Sato , freebsd-net@FreeBSD.org Message-ID: <20100425225256.26ce3373@girafe.home> In-Reply-To: <20100426.021848.65039126.hrs@allbsd.org> References: <20100425183825.2ee419d3@girafe.home> <20100426.021848.65039126.hrs@allbsd.org> X-Mailer: Claws Mail 3.7.5cvs43 (GTK+ 2.18.7; i386-unknown-freebsd8.0) Mime-Version: 1.0 Content-Type: multipart/signed; micalg=PGP-SHA1; boundary="Sig_/_bgvDHmkT0XuWKV8OIiEgqI"; protocol="application/pgp-signature" Cc: Subject: Re: IPv6 aliases: one doesn't work, the other do X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 Apr 2010 20:51:45 -0000 --Sig_/_bgvDHmkT0XuWKV8OIiEgqI Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Le Lundi 26 =C3=A0 2:18, Hiroki Sato a =C3=A9crit : > Fr=C3=A9d=C3=A9ric Perrin wrote > in <20100425183825.2ee419d3@girafe.home>: >fr> I have a box running 8.0-RELEASE on i386. It has several jails, >fr> each one being given an IPv6 alias. I notice that some jails can >fr> be reached from the outside, others can't. Conversely, if I set >fr> as the source address alias1, nothing comes back; it I set as the >fr> source address alias2, it works as expected. The following >fr> transcript may be clearer: >fr>=20 >fr> This is happening on papillon, the host (meaning not a jail), >fr> after a fresh reboot. > > Did you get the same results of traceroute6 lines even before setting > up the jails, or only after it? I am interested in whether this > symptom appears or not when just adding IPv6 aliases to vr0 and no > jail. Sure. I just set ezjail_enable=3D"NO" and rebooted. And the result is... It looks like the aliases that don't work were juste shuffled around. (NB, in the previous run, the non-functionning aliases were ::3 and ::5. Now, only ::5 is broken. I seem to remember having issues with others, but as I don't use IPv6 very often, I didn't keep track of which aliases were working or not.) ,---- | papillon:~% traceroute6 -s 2001:41d0:1:8248::3 www.renater.fr=20 | traceroute6 to www.renater.fr (2001:660:3001:4002::10) from 2001:41d0:1:8= 248::3, 64 hops max, 12 byte packets | 1 2001:41d0:1:82ff:ff:ff:ff:ff 3.332 ms * 141.131 ms | 2 ipv6.th1-1-6k.routers.net 9.994 ms * 13.867 ms | 3 ipv6.th2-1-6k.routers.net 4.810 ms * 18.300 ms | 4 renater-th2.sfinx.tm.fr 5.476 ms 4.456 ms 4.232 ms | 5 te0-3-4-0-paris1-rtr-001.noc.renater.fr 4.670 ms 4.647 ms 4.450 ms | 6 te2-1-paris1-rtr-021.noc.renater.fr 4.412 ms 4.393 ms 4.353 ms | 7 gip-renater-vl300-gi8-15-paris1-rtr-021.noc.renater.fr 5.279 ms !P = 5.210 ms !P 5.190 ms !P | papillon:~% traceroute6 -n -s 2001:41d0:1:8248::5 www.renater.fr=20 | traceroute6 to www.renater.fr (2001:660:3001:4002::10) from 2001:41d0:1:8= 248::5, 64 hops max, 12 byte packets | 1 * * * | 2 * * * | 3 * * * | 4 * * * | ^C `---- And if I ping my server from a remote host (tweaked the ping6 options to have more samples while trying not to stress the network): ,---- | fperrin@gadget:~$ for i in $( seq 5); do echo -n "$i - "; ping6 -c10 -i30= 2001:41d0:1:8248::$i|grep loss; done | 1 - 10 packets transmitted, 10 received, 0% packet loss, time 270036ms | 2 - 10 packets transmitted, 10 received, 0% packet loss, time 270030ms | 3 - 10 packets transmitted, 10 received, 0% packet loss, time 270034ms | 4 - 10 packets transmitted, 10 received, 0% packet loss, time 270032ms | 5 - 10 packets transmitted, 0 received, +10 errors, 100% packet loss, tim= e 270030ms `---- I get the same results after starting the jails (with /usr/local/etc/rc.d/ezjail onestart). Oh, and keeping me in the Cc: list as you did is a good idea, I'm not subscribed to the list. --=20 Fred --Sig_/_bgvDHmkT0XuWKV8OIiEgqI Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (FreeBSD) iEYEARECAAYFAkvUq7IACgkQlSqR5GqTBENa7gCgx4Nn2qJ3m1bd55/161bcCxaI vhEAni/trb4h2+Y9MrX3U8SI0E7TNKYB =8+aT -----END PGP SIGNATURE----- --Sig_/_bgvDHmkT0XuWKV8OIiEgqI--