From owner-freebsd-stable@FreeBSD.ORG  Tue Jan 15 20:05:12 2013
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115])
 by hub.freebsd.org (Postfix) with ESMTP id E75B7B49
 for <freebsd-stable@freebsd.org>; Tue, 15 Jan 2013 20:05:12 +0000 (UTC)
 (envelope-from lattera@gmail.com)
Received: from mail-vc0-f170.google.com (mail-vc0-f170.google.com
 [209.85.220.170]) by mx1.freebsd.org (Postfix) with ESMTP id 995602E9
 for <freebsd-stable@freebsd.org>; Tue, 15 Jan 2013 20:05:12 +0000 (UTC)
Received: by mail-vc0-f170.google.com with SMTP id fl11so562613vcb.1
 for <freebsd-stable@freebsd.org>; Tue, 15 Jan 2013 12:05:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:in-reply-to:references:date:message-id:subject:from:to
 :cc:content-type;
 bh=H1ZKvwICyTEKE9VZW+2r8SSvuP+RM3q9qOQ8PCuPBag=;
 b=KWW+ZEmL0u14v/qctIYqZsviWo8kusrW+f+9duxw0XuFjeX0qLA0bp3Ev5CAu1a4nj
 OxaFvrIix3vrCFAMVvSlyx/prsjNc6NtNLLS3akOg2mJu1H6XGtRR0pL4ku7g8zVyKs/
 OOESw8s1yCu87EdomtsE4d6HsMEM2sHeZf7ZDjaOxJ4aQV+tPTy4ouJwYFGS5h+9v031
 eTD/fkVpbYzHD8VeEUd6vnYfnZNxbUJ864DOBKZjW7XlqCMLCLdrmW96Y/ioMnrXA/gG
 EYc9/CQtTz0+vjL1ZP4LuGo6XIXrYr6cOhYf2JWjRiqGNU+aCSd+F1FJ7G6CgSEafTJL
 23gw==
MIME-Version: 1.0
Received: by 10.52.36.19 with SMTP id m19mr91179554vdj.33.1358280311855; Tue,
 15 Jan 2013 12:05:11 -0800 (PST)
Received: by 10.58.152.42 with HTTP; Tue, 15 Jan 2013 12:05:11 -0800 (PST)
In-Reply-To: <20130115195444.GA92522@anubis.morrow.me.uk>
References: <CADt0fhxG-EqZq_cYq3YvkYGd=yY4o7FTxW6fmra0Zt06oyAO=A@mail.gmail.com>
 <20130115052937.GA44328@anubis.morrow.me.uk>
 <CADt0fhxCuy8xrahJAcGTSqXWFd4DHT7TwcXYtYYLV77BSFUsqw@mail.gmail.com>
 <20130115195444.GA92522@anubis.morrow.me.uk>
Date: Tue, 15 Jan 2013 15:05:11 -0500
Message-ID: <CADt0fhwEia10jT3nrz=nbCO+w5JZdUsTcrX83AMKRYWm4XxGrg@mail.gmail.com>
Subject: Re: IPv6 Tunnel Shared With Jails via epair Devices
From: Shawn Webb <lattera@gmail.com>
To: Ben Morrow <ben@morrow.me.uk>
Content-Type: text/plain; charset=ISO-8859-1
X-Content-Filtered-By: Mailman/MimeDel 2.1.14
Cc: "freebsd-stable@freebsd.org" <freebsd-stable@freebsd.org>
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Jan 2013 20:05:13 -0000

On Tue, Jan 15, 2013 at 2:54 PM, Ben Morrow <ben@morrow.me.uk> wrote:

> Quoth Shawn Webb <lattera@gmail.com>:
> > On Tue, Jan 15, 2013 at 12:29 AM, Ben Morrow <ben@morrow.me.uk> wrote:
> > > Quoth Shawn Webb <lattera@gmail.com>:
> > > >
> > > > # ifconfig bridge0
> > > > bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0
> mtu
> > > > 1500
> > > > ether 02:fe:21:34:d3:00
> > > > inet6 2001:470:8142:1::1 prefixlen 64
> > > > nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
> > > > id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
> > > > maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
> > > > root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
> > > > member: epair0a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
> > > >        ifmaxaddr 0 port 19 priority 128 path cost 2000
> > > > member: epair1a flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
> > > >        ifmaxaddr 0 port 21 priority 128 path cost 2000
> > > > member: bge0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
> > > >        ifmaxaddr 0 port 5 priority 128 path cost 200000
> > >
> > > Why have you added the physical interface to the bridge? AFAICT you
> > > don't need to: a bridge will bridge epairs just fine, and as you
> > > explained in that blog post you have to route rather than bridge into
> > > the tunnel, since the tunnel isn't an Ethernet device.
> >
> > I did it so that I have an IPv4 address directly on the LAN for each of
> my
> > jails.
>
> Hmm, OK.
>
> > > > # jexec "Dev Template" ifconfig epair0b
> > > > epair0b: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0
> mtu
> > > > 1500
> > > > options=8<VLAN_MTU>
> > > > ether 02:80:03:00:14:0b
> > > > inet6 2001:470:8142:1::5 prefixlen 64 tentative
> > > > inet6 fe80::80:3ff:fe00:140b%epair0b prefixlen 64 tentative scopeid
> 0x2
> > > > inet 10.7.1.92 netmask 0xfffffe00 broadcast 10.7.1.255
> > > > nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
> > >
> > > I suspect the addresses are only marked tentative because the interface
> > > has been marked IFDISABLED. This causes all current addresses to be
> > > marked tentative, because the kernel isn't allowed to send or receive
> > > IPv6 packets and so can't defend the addresses any more.
> > >
> > > Is it possible something in the jail's startup scripts is causing the
> > > interface to be marked IFDISABLED after the inet6 address has been
> > > assigned? Some of the functions in network.subr mark interfaces
> > > IFDISABLED automatically if they don't think they have IPv6 addresses.
> >
> > I was thinking the same thing. One problem is that I can't remove the
> > IFDISABLED flag. This is what happens when I try:
> >
> > # jexec "Dev Template" ifconfig epair0b -ifdisabled
> > ifconfig: ioctl(SIOCGIFINFO_IN6): Invalid argument
>
>     ifconfig epair0b inet6 -ifdisabled
>
> I don't know why you get that error when you miss out the 'inet6'; it's
> not exactly very clear.
>

Ah. That works. I'll just have to add that to my scripts. Since the device
won't come out of tentative mode without manually removing the ifdisabled
flag, should I go ahead and file a PR? It'd be nice if I could at the very
least set a timeout for DAD.


>
> Ben
>
>