From owner-freebsd-net@FreeBSD.ORG Wed Mar 13 13:02:30 2013 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 7641B945 for ; Wed, 13 Mar 2013 13:02:30 +0000 (UTC) (envelope-from ml@my.gd) Received: from mail-wi0-x234.google.com (mail-wi0-x234.google.com [IPv6:2a00:1450:400c:c05::234]) by mx1.freebsd.org (Postfix) with ESMTP id 0E54F10B for ; Wed, 13 Mar 2013 13:02:29 +0000 (UTC) Received: by mail-wi0-f180.google.com with SMTP id hi8so734862wib.13 for ; Wed, 13 Mar 2013 06:02:29 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:content-type:mime-version:subject:from:in-reply-to:date :cc:content-transfer-encoding:message-id:references:to:x-mailer :x-gm-message-state; bh=KPpG3FGeluLrhOrvvjxJEfnQyQUJgjD5xDUXVdNGG54=; b=TgBKdqSEyNg0dvjmI8MpiBvwXTzEyXO/IC8PLLvyvEYH49/HLo971a1UVBrYNKo1ho pt8WDtdZJBlXM1e0nr+RtZSCQnG6BFGrrJxsi3jtQXJNfjh8hwhM2Alw0xBfwlUa6j6s qCWweL74KcRnsu0reFi9mLm6/JBHgO5TS9vCgTPaP2VKD5F6zHAw2922SevYH2IuvsVW 9d3BLC8Sb1YOv61+pUuu5aopKI6d8ms2MEX71z0CaLQwY+MLJM3bgmlz6pT2fqWxi42Z aKvdJW2IiyfhXHRORM9jNqS3VwlZdYDo6A+ucDLfjmloPKe9P1DJnt1pscGdRsO44yC6 TDuQ== X-Received: by 10.195.12.133 with SMTP id eq5mr33723078wjd.52.1363179749158; Wed, 13 Mar 2013 06:02:29 -0700 (PDT) Received: from [10.75.0.66] ([83.167.62.196]) by mx.google.com with ESMTPS id ej8sm2607751wib.9.2013.03.13.06.02.27 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 13 Mar 2013 06:02:27 -0700 (PDT) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\)) Subject: Re: ipv6 default router Operation not permitted From: Fleuriot Damien In-Reply-To: <20130313125221.GD17859@defiant.konundrum.org> Date: Wed, 13 Mar 2013 14:02:26 +0100 Content-Transfer-Encoding: quoted-printable Message-Id: References: <20130312225018.GA13589@defiant.konundrum.org> <3ABB5AED-DEA9-42F6-82A1-FEA9E8BBBDCF@my.gd> <20130313091727.GA17859@defiant.konundrum.org> <201303131227.57751.Mark.Martinec+freebsd@ijs.si> <20130313125221.GD17859@defiant.konundrum.org> To: Schrodinger X-Mailer: Apple Mail (2.1499) X-Gm-Message-State: ALoCoQlhA9YORG4Fyl39PwHwQ+Ylw3lhILINK1N7E000duWEuqA/DGAGPuuPNvVJ6JCUe1MUeNRL Cc: freebsd-net@freebsd.org X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Mar 2013 13:02:30 -0000 On Mar 13, 2013, at 1:52 PM, Schrodinger = wrote: > On 2013/03/13 12:27, Mark Martinec wrote: >=20 > Hi Mark, >=20 >> On Wednesday March 13 2013 10:17:27 Schrodinger wrote: >>> ifconfig_re0_ipv6=3D"inet6 2001:41D0:2:E7c4::1 prefixlen 64" >>> [...] >>> Voodoo, indeed... I'm sure there's a /48 used somewhere but to be = more >>> specific, or rather obvious, my default gateway resides at the = boundary >>> of a /56 - 2001:41D0:2:E700::/56 >>=20 >> Having multiple IPv6 subnets on the same wire is asking for trouble. >>=20 >=20 > This isn't my network so I don't have any input into the matter. This > is the OVH configuration for their dedicated servers, at least in my > product range. >=20 >> For example, I believe an ICMP redirect still (in 9.1) does not = create >> a temporary route: >> http://www.freebsd.org/cgi/query-pr.cgi?pr=3D152791 >> which beat us hard time (random unreachability between hosts), >> having to rearrange that legacy segment which happened to have >> two subnets on the same wire. >>=20 >> The static routes destinations must be directly reachable (on-link). >>=20 >=20 > Does adding the interface route not put the default gateway on-link > though ? >=20 >> Either use a single /56 for the whole LAN, adjusting the prefix >> length on each interface, or provide a router within each subnet. >>=20 >=20 > If I am to change my prefix length to /56 this means that anyone else = in > that /56 who is configured with a prefix length of 64 will be routing = to > me and I will be swicthing to them.... This could cause problems. I fail to see how they would be routing to you and you would be = switching to them. OVH allocates a /64 per customer. To avoid having to setup 1 gateway per customer, they set up a single = one within a /56 , allowing for 256 /64s This mimics the situation where your host gives you a /32 ipv4 withing a = /24 network and uses a single gateway, again for 250ish customers. Whenever an IPv6 packet arrives on OVH's router for your /64, it is = routed to your server. I don't see how this qualifies as "another customer routing to you" ?