From owner-freebsd-net@freebsd.org Fri Apr 19 10:46:29 2019 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C7530158C4C1 for ; Fri, 19 Apr 2019 10:46:29 +0000 (UTC) (envelope-from marco@tols.org) Received: from tolstoy.tols.org (tolstoy-a1.tols.org [IPv6:2a02:898:57:3::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 607A6708D9 for ; Fri, 19 Apr 2019 10:46:28 +0000 (UTC) (envelope-from marco@tols.org) Received: from 82-217-131-200.cable.dynamic.v4.ziggo.nl ([82.217.131.200] helo=[192.168.178.122]) by tolstoy.tols.org with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.91 (FreeBSD)) (envelope-from ) id 1hHR2G-000OQn-UZ; Fri, 19 Apr 2019 12:46:25 +0200 From: Marco van Tol Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.8\)) Subject: unicast vxlan - unable to tcp connect to ipv6 ip's on endpoint host Message-Id: Date: Fri, 19 Apr 2019 12:46:18 +0200 Cc: Marco van Tol To: freebsd-net@freebsd.org X-Mailer: Apple Mail (2.3445.104.8) X-Tolsorg-Spam-Score: -1.0 (-) X-Rspamd-Queue-Id: 607A6708D9 X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; spf=pass (mx1.freebsd.org: domain of marco@tols.org designates 2a02:898:57:3::1 as permitted sender) smtp.mailfrom=marco@tols.org X-Spamd-Result: default: False [-3.36 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+a:tolstoy-a1.tols.org]; MV_CASE(0.50)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[tols.org]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; TO_MATCH_ENVRCPT_SOME(0.00)[]; MX_GOOD(-0.01)[mickey.tols.org]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_HAM_SHORT(-0.80)[-0.798,0]; IP_SCORE(-0.75)[asn: 8283(-3.76), country: NL(0.01)]; RECEIVED_SPAMHAUS_PBL(0.00)[200.131.217.82.zen.spamhaus.org : 127.0.0.11]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:8283, ipnet:2a02:898::/32, country:NL]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_TLS_ALL(0.00)[]; FROM_EQ_ENVFROM(0.00)[] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 19 Apr 2019 10:46:30 -0000 Hi there, I setup the following scenario. For the purpose of this email, I made up the following IP details: IPv4 address host A: 20.0.0.1/24 IPv4 address host B: 30.0.0.1/24 Native IPv6 block available on host A: 3fff:1:1::/48 Host B does not have native IPv6 available. IPv6 address on Host A vxlan interface: 3fff:1:1:1::1/64 IPv6 address on Host B vxlan interface: 3fff:1:1:1::2/64 IPv6 route on Host A: -net 3fff:1:1:40::/58 3fff:1:1:1::2 IPv6 default route on Host B: 3fff:1:1:1::1 vxlan interfaces mtu set to: 1450 physical interfaces are left on the default mtu of 1500 I setup a vxlan tunnel with vxlanlocal and vxlanremote set to the IPv4 = addresses of hosts A and B, on both hosts. After this, host B, and all hosts behind it within 3fff:1:1:40::/58 can = reach the entire internet over IPv6. There is one exception to this: Host B can ping Host A on any of its = IPv6 addresses, but it cannot make any tcp connection to any of the IPv6 = addresses on Host A. Is this expected? Thank you very much in advance! Marco van Tol=