From owner-freebsd-current@FreeBSD.ORG Fri Apr 15 07:03:37 2011 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E958C1065670 for ; Fri, 15 Apr 2011 07:03:36 +0000 (UTC) (envelope-from mrossi@swin.edu.au) Received: from gpo3.cc.swin.edu.au (gpo3.cc.swin.edu.au [136.186.1.32]) by mx1.freebsd.org (Postfix) with ESMTP id 8522A8FC0C for ; Fri, 15 Apr 2011 07:03:36 +0000 (UTC) Received: from mrossi.caia.swin.edu.au (mrossi.caia.swin.edu.au [136.186.229.109]) by gpo3.cc.swin.edu.au (8.14.3/8.14.3) with ESMTP id p3F6oU6P004205 for ; Fri, 15 Apr 2011 16:50:30 +1000 Message-ID: <4DA7EAB5.9090204@swin.edu.au> Date: Fri, 15 Apr 2011 16:50:29 +1000 From: Mattia Rossi User-Agent: Mozilla/5.0 (X11; U; FreeBSD amd64; en-US; rv:1.9.2.15) Gecko/20110406 Thunderbird/3.1.9 MIME-Version: 1.0 To: freebsd-current@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: IPv6 tunnel problem X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Apr 2011 07:03:37 -0000 Hi all, I'm having some trouble with my IPv6 tunnel lately (net/gateway6 port). I'm running revision 220613. The tunnel runs fine on 8.2, I can ping6 ipv6.google.com from all interfaces using all IPv6 addresses. Route Advertisements are sent, Linux Machines, Mac OS X machiens and FreeBSD 8.2/8.1 machines are all receiveing the advertisements and are able to ping and use the IPv6 network. On the machines running CURRENT anyhow, route advertisements don't work. They arrive at the interface, but nothing happens. If i set up an IPv6 address and route by hand, I don't get anywhere, as it's permanently marked as "tentative", and trying to use that address as source address in ping6 results in: ping6: bind: Can't assign requested address This brings me to my main problem: the tunnel. If I set up a tunnel on a CURRENT machine, the tunnel gets set up (because it's IPv4) but the IPv6 part does not work. I'm not able to send pings (which means KEEPALIVES are not sent either), so it just doesn't work. I'm using IPv6 in UDP over IPv4 tunneling, as that's what I use on the 8.2 machine as well. The error when trying to ping on the CURRENT machine where the tunnel runs( for the short period the tunnel is up) is: ping6: sendmsg: Network is down Route advertisements are not sent either, as again, the IPv6 address assigned to the interface by the tunnel is marked as tentative, so rtadvd refuses to work. Something is badly broken with IPv6 and/or NDP. More info about the systems: Interfaces in use on the machines running CURRENT: bge0 and em0 Interfaces on the working 8.2 machine: fxp0 and em0 sysctls on the broken machines when in router mode: net.inet6.ip6.forwarding: 1 net.inet6.ip6.redirect: 1 net.inet6.ip6.hlim: 64 net.inet6.ip6.maxfragpackets: 6400 net.inet6.ip6.accept_rtadv: 0 net.inet6.ip6.keepfaith: 0 net.inet6.ip6.log_interval: 5 net.inet6.ip6.hdrnestlimit: 15 net.inet6.ip6.dad_count: 1 net.inet6.ip6.auto_flowlabel: 1 net.inet6.ip6.defmcasthlim: 1 net.inet6.ip6.gifhlim: 30 net.inet6.ip6.kame_version: FreeBSD net.inet6.ip6.use_deprecated: 1 net.inet6.ip6.rr_prune: 5 net.inet6.ip6.v6only: 1 net.inet6.ip6.rtexpire: 3600 net.inet6.ip6.rtminexpire: 10 net.inet6.ip6.rtmaxcache: 128 net.inet6.ip6.use_tempaddr: 0 net.inet6.ip6.temppltime: 86400 net.inet6.ip6.tempvltime: 604800 net.inet6.ip6.auto_linklocal: 1 net.inet6.ip6.prefer_tempaddr: 0 net.inet6.ip6.use_defaultzone: 0 net.inet6.ip6.maxfrags: 6400 net.inet6.ip6.mcast_pmtu: 0 net.inet6.ip6.mcast.loop: 1 net.inet6.ip6.mcast.maxsocksrc: 128 net.inet6.ip6.mcast.maxgrpsrc: 512 security.jail.param.ip6.saddrsel: 0 security.jail.param.ip6.: 0 on the working machine router mode: net.inet6.ip6.forwarding: 1 net.inet6.ip6.redirect: 1 net.inet6.ip6.hlim: 64 net.inet6.ip6.maxfragpackets: 6400 net.inet6.ip6.accept_rtadv: 0 net.inet6.ip6.keepfaith: 0 net.inet6.ip6.log_interval: 5 net.inet6.ip6.hdrnestlimit: 15 net.inet6.ip6.dad_count: 1 net.inet6.ip6.auto_flowlabel: 1 net.inet6.ip6.defmcasthlim: 1 net.inet6.ip6.gifhlim: 30 net.inet6.ip6.kame_version: FreeBSD net.inet6.ip6.use_deprecated: 1 net.inet6.ip6.rr_prune: 5 net.inet6.ip6.v6only: 1 net.inet6.ip6.rtexpire: 3600 net.inet6.ip6.rtminexpire: 10 net.inet6.ip6.rtmaxcache: 128 net.inet6.ip6.use_tempaddr: 0 net.inet6.ip6.temppltime: 86400 net.inet6.ip6.tempvltime: 604800 net.inet6.ip6.auto_linklocal: 1 net.inet6.ip6.prefer_tempaddr: 0 net.inet6.ip6.use_defaultzone: 0 net.inet6.ip6.maxfrags: 6400 net.inet6.ip6.mcast_pmtu: 0 net.inet6.ip6.mcast.loop: 1 net.inet6.ip6.mcast.maxsocksrc: 128 net.inet6.ip6.mcast.maxgrpsrc: 512 If they're not routers: net.inet6.ip6.forwarding: 0 net.inet6.ip6.redirect: 0 net.inet6.ip6.accept_rtadv: 1 And on the interfaces ifconfig em0 inet6 accept_rtadv And finally I have a question: Why is there a net.inet6.ip6.accept_rtadv sysctl? If we have to enable/disable route advertisements per interface, this sysctl shouldn't be there at all. Immagine a system (like mine) where you have multiple interfaces, and which acts as IPv6 router amongst other stuff. Shouldn't you be able to deactivate route advertisements on one interface, which is where route advertisements are sent from, but enable it on the other ones, so you don't need to statically configure them? If there's a sysctl, you'll disable and enable route advertisements for the whole machine, so the per interface stuff is useless, or am I wrong? Mat