Date: Thu, 16 Jun 2011 14:57:12 +0900 (JST) From: Hiroki Sato <hrs@FreeBSD.org> To: spork@bway.net Cc: freebsd-net@FreeBSD.org Subject: Re: link-local needed w/static IP and gateway? Message-ID: <20110616.145712.10896502890982069.hrs@allbsd.org> In-Reply-To: <4DF9970D.5000505@bway.net> References: <4DF56879.30204@bway.net> <4DF5761C.9040509@bway.net> <4DF9970D.5000505@bway.net>
next in thread | previous in thread | raw e-mail | index | archive | help
----Security_Multipart(Thu_Jun_16_14_57_12_2011_457)-- Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Charles Sprickman <spork@bway.net> wrote in <4DF9970D.5000505@bway.net>: sp> -Edit rc.conf to include your IPv6 IP(s) and default route, specify sp> which interfaces will run IPv6, and enable IPv6: sp> sp> ipv6_enable="YES" sp> ipv6_network_interfaces="lo0 bce1" sp> ipv6_defaultrouter="2001:xxx:xxxx::1" sp> ipv6_ifconfig_bce1="2001:xxx:xxxx:1::23/48" sp> sp> -Use sysctl to enable link-local addresses: sp> sp> # sysctl -w net.inet6.ip6.auto_linklocal=1 This is not needed when ipv6_enable="YES". sp> -Bounce the interface, which seems to kick something that triggers the sp> kernel to setup link-local addresses: sp> sp> # ifconfig bce1 down up sp> (that's literal - you don't need to down/up it in two commands) Ditto. sp> -Run the ipv6 rc.d script: sp> sp> # /etc/rc.d/network_ipv6 start I do not recommend to use the rc.d/network_ipv6 script for manual configuration because it often ends up an incomplete configuration as you experienced. Rebooting the system would be better. The rc.d/netif script on 9.X works well for that purpose without a reboot, though. sp> I'm still fuzzy on the explanation, but the default route does not seem sp> to stick to the external interface until the link-local address comes sp> up, even though the host has learned the L2 address of the default gateway. On IPv6 router, MLD works only when at least one LLA is configured on all of the interfaces. In short, ND will completely be broken on a router with a GUA and no LLA. LLA is a MUST for every IPv6-speaking interface, not for automatic router discovery only. This is because ICMPv6 heavily depends on it. Without LLA some unexpected and/or inconsistent behaviors can happen, especially on a router as you experienced. I would not recommend you to try to understand what will happen without LLA because it is quite complex and just ends up various kind of inconsistent behaviors. For why LLA is needed, the primary documents are RFC 3810, 4007, 4291, 4861, and 4884. -- Hiroki ----Security_Multipart(Thu_Jun_16_14_57_12_2011_457)-- Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (FreeBSD) iEYEABECAAYFAk35mzgACgkQTyzT2CeTzy0sKQCgzALF9a/CeifjO+wG01KcN0kQ t9kAniypnyiqVIqQuKGDnNOankhzH8qY =B/3f -----END PGP SIGNATURE----- ----Security_Multipart(Thu_Jun_16_14_57_12_2011_457)----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20110616.145712.10896502890982069.hrs>