From owner-freebsd-net@FreeBSD.ORG Wed Mar 13 12:52:28 2013 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 85F8E350 for ; Wed, 13 Mar 2013 12:52:28 +0000 (UTC) (envelope-from schrodinger@konundrum.org) Received: from crux.konundrum.org (crux.konundrum.org [91.121.150.76]) by mx1.freebsd.org (Postfix) with ESMTP id 218CBFA2 for ; Wed, 13 Mar 2013 12:52:27 +0000 (UTC) Received: from crux.konundrum.org (localhost [127.0.0.1]) by crux.konundrum.org (Postfix) with ESMTP id C385E1CD7F4 for ; Wed, 13 Mar 2013 12:52:26 +0000 (GMT) X-Virus-Scanned: amavisd-new at konundrum.org Received: from crux.konundrum.org ([127.0.0.1]) by crux.konundrum.org (crux.konundrum.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hqrZ2qMsvAlq for ; Wed, 13 Mar 2013 12:52:26 +0000 (GMT) Received: from defiant.konundrum.org (defiant.konundrum.org [IPv6:2001:770:146:2::1]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by crux.konundrum.org (Postfix) with ESMTPS id 51DFE1CD7F3 for ; Wed, 13 Mar 2013 12:52:26 +0000 (GMT) Received: from defiant.konundrum.org (localhost [127.0.0.1]) by defiant.konundrum.org (8.14.5/8.14.5) with ESMTP id r2DCqNrk018892 for ; Wed, 13 Mar 2013 12:52:23 GMT (envelope-from schrodinger@konundrum.org) Received: (from schrodinger@localhost) by defiant.konundrum.org (8.14.5/8.14.5/Submit) id r2DCqMHm018891 for freebsd-net@freebsd.org; Wed, 13 Mar 2013 12:52:22 GMT (envelope-from schrodinger@konundrum.org) X-Authentication-Warning: defiant.konundrum.org: schrodinger set sender to schrodinger@konundrum.org using -f Date: Wed, 13 Mar 2013 12:52:21 +0000 From: Schrodinger To: freebsd-net@freebsd.org Subject: Re: ipv6 default router Operation not permitted Message-ID: <20130313125221.GD17859@defiant.konundrum.org> References: <20130312225018.GA13589@defiant.konundrum.org> <3ABB5AED-DEA9-42F6-82A1-FEA9E8BBBDCF@my.gd> <20130313091727.GA17859@defiant.konundrum.org> <201303131227.57751.Mark.Martinec+freebsd@ijs.si> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="EY/WZ/HvNxOox07X" Content-Disposition: inline In-Reply-To: <201303131227.57751.Mark.Martinec+freebsd@ijs.si> User-Agent: Mutt/1.5.21 (2010-09-15) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Mar 2013 12:52:28 -0000 --EY/WZ/HvNxOox07X Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2013/03/13 12:27, Mark Martinec wrote: Hi Mark, > On Wednesday March 13 2013 10:17:27 Schrodinger wrote: > > ifconfig_re0_ipv6=3D"inet6 2001:41D0:2:E7c4::1 prefixlen 64" > > [...] > > Voodoo, indeed... I'm sure there's a /48 used somewhere but to be more > > specific, or rather obvious, my default gateway resides at the boundary > > of a /56 - 2001:41D0:2:E700::/56 >=20 > Having multiple IPv6 subnets on the same wire is asking for trouble. >=20 This isn't my network so I don't have any input into the matter. This is the OVH configuration for their dedicated servers, at least in my product range. > For example, I believe an ICMP redirect still (in 9.1) does not create > a temporary route: > http://www.freebsd.org/cgi/query-pr.cgi?pr=3D152791 > which beat us hard time (random unreachability between hosts), > having to rearrange that legacy segment which happened to have > two subnets on the same wire. >=20 > The static routes destinations must be directly reachable (on-link). >=20 Does adding the interface route not put the default gateway on-link though ? > Either use a single /56 for the whole LAN, adjusting the prefix > length on each interface, or provide a router within each subnet. >=20 If I am to change my prefix length to /56 this means that anyone else in that /56 who is configured with a prefix length of 64 will be routing to me and I will be swicthing to them.... This could cause problems. > Doing otherwise (like using static ndp/arp entries) is just a hack. >=20 Agreed, I had no intention of fixing the problem this way. C. --=20 +---------------------------------------------------------------+ Quidquid latine dictum sit, altum sonatur. MSN: schro5@hotmail.com ICQ: 112562229 GPG: http://www.konundrum.org/schro.asc --EY/WZ/HvNxOox07X Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iQIcBAEBCgAGBQJRQHaEAAoJEBBi7cjNKnTjCPcP/3lK8deK5uDWtc4ruDKs8k2e Jaxk1IibNiU4WjuwxGqkoBQ0NpShLw6WdGHsnzXnicCigEmokunGZZnfYHzWt7wZ BGRhZgw2aSyRZi2mjzhiFq+7ZVGn928x+/h1F+csYJ/ynkVjpLK4BLQiPwJWQCZa LeQfUtw4pnW479fzZq0WVAuPGNVxntqPvgyVtA3FHN+PQmrlxQI9sJkKROopIvGq Kqf2+8R1KV64ZtffVRMGKFqGVPdR/otPjarBa1lstFk9lVeGxKDY+y7GKHfva8d8 JQMRCgyb86T08LpTRXSO2UfsDWd4VfKbZx+Un+QDvLmP1FHg9ZX7zAaK+lqNvAly Cw/tSLQcd5103OOCbvKsX1VUz6wmqQd+bTmMqwgTg/hM2durNvC4g/103E6SLs7q qTMxrlMfQS3Reimp3ZvlSMXsV+6EhSD8h05hohx9TE1Zm7wIMV1urFQYkra/a0JD GDyZfaR511fq7DPYLzMTmX6UkUa1YbUDt7Fr7Q71cXLeo0QSB7TNpGmJR1jdopN5 IMtBt5bDBb4NeUSQXbVE7BGPXUEJJMSwGUyEGeqOUIO73hTyCgcvaZLnTNtTg/0X ma/gzVMm6AMwwKOODyIY3Xww4ddCp3WeSE84RfgZRltdVwUVfvDOp5RuXxw4frAm sNrV3fSlQQmSZ4g6rdYg =gec9 -----END PGP SIGNATURE----- --EY/WZ/HvNxOox07X--