From owner-freebsd-net@FreeBSD.ORG Wed Mar 13 15:52:59 2013 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 5B611546 for ; Wed, 13 Mar 2013 15:52:59 +0000 (UTC) (envelope-from lists@rewt.org.uk) Received: from abby.lhr1.as41113.net (unknown [IPv6:2001:b70:201:2::22]) by mx1.freebsd.org (Postfix) with ESMTP id EB530113 for ; Wed, 13 Mar 2013 15:52:58 +0000 (UTC) Received: from [172.16.9.23] (bella.stf.rewt.org.uk [91.208.177.62]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: joe@rewt.org.uk) by abby.lhr1.as41113.net (Postfix) with ESMTPSA id 3ZQyHk6ZJtzNG; Wed, 13 Mar 2013 15:52:50 +0000 (UTC) Message-ID: <5140A0CE.4030605@rewt.org.uk> Date: Wed, 13 Mar 2013 15:52:46 +0000 From: Joe Holden User-Agent: Thunderbird 2.0.0.24 (Windows/20100228) MIME-Version: 1.0 To: Schrodinger Subject: Re: ipv6 default router Operation not permitted References: <20130312225018.GA13589@defiant.konundrum.org> <3ABB5AED-DEA9-42F6-82A1-FEA9E8BBBDCF@my.gd> <20130313091727.GA17859@defiant.konundrum.org> <201303131227.57751.Mark.Martinec+freebsd@ijs.si> <20130313125221.GD17859@defiant.konundrum.org> <20130313131016.GE17859@defiant.konundrum.org> <20130313135253.GA18992@defiant.konundrum.org> In-Reply-To: <20130313135253.GA18992@defiant.konundrum.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Mar 2013 15:52:59 -0000 Just use router solicitation to ask for the link-local gateway, that is the "correct" way to do it. Schrodinger wrote: > Damien, > > I appreciate your replies very much, but I'm a subscriber so just reply > to the mailing list. Thanks. > > On 2013/03/13 14:19, Fleuriot Damien wrote: > > [SNARF] > >> >> These are indeed correct, thanks for clarifying. >> > > I thought that's what I said in my first email ;) Sorry for any > confusion. > >> Find below the config I'm using on an old OVH box. >> Said config might be outdated now (as per OVH's guide on setting up IPv6 [1]) , however that was at the time the only way to get things working properly. >> >> rc.conf >> === >> #Range IPv6: 2001:41D0:2:613b::/64 >> ipv6_enable="YES" >> ipv6_ifconfig_re0="fe80::21c:c0ff:fef3:31fa/64 scopeid 0x1" >> ipv6_ifconfig_re0_alias0="2001:41d0:2:613b::dead:beef/56" >> ipv6_defaultrouter="2001:41d0:2:61ff:ff:ff:ff:ff" >> === >> > > You have /56 and this is what I believe to be the incorrect way to get > this to Just Work. I think this assume that anyone else in this /56 is > in the same layer two segment as you.... > >> routing table >> === > [SNARF] >> === >> >> >> >> Notice that said config actually works: >> === >> $ ping6 www.google.com >> PING6(56=40+8+8 bytes) 2001:41d0:2:613b::dead:beef --> 2a00:1450:4007:804::1014 >> 16 bytes from 2a00:1450:4007:804::1014, icmp_seq=0 hlim=57 time=4.461 ms >> 16 bytes from 2a00:1450:4007:804::1014, icmp_seq=1 hlim=57 time=4.462 ms >> 16 bytes from 2a00:1450:4007:804::1014, icmp_seq=2 hlim=57 time=4.405 ms >> ^C >> --- www.google.com ping6 statistics --- >> 3 packets transmitted, 3 packets received, 0.0% packet loss >> round-trip min/avg/max/std-dev = 4.405/4.443/4.462/0.027 ms >> === >> >> Either way, you might want to have a look at OVH's guide [1] but in my own case, using a /56 was, at the time, the only way to get things working in a clean way. >> >> [1] http://help.ovh.com/Ipv4Ipv6#link10 >> > > I read this, I made sure to read this and then I read it a second time. > No where does it indicate the use of a /56. I am in the process of a > migration from an old OVH server to a new OVH server. My old box uses > the /56 prefix length "fix" but based on the documentation this is > incorrect and IMO this assumes that anyone else in the /56 is in the > same segment as me and if they are using /64 - well, There Be Dragons. > > Also from the information I have received, router advertisements may be > turned off in the future, my host should simply Neighbour Solicit for > the global scope unicast address of my default gateway. And as pointed > out in previous emails without ACCEPT_RTADV for re0 - FreeBSD does not > perform this action. > > So again, what is the correct way ? I think this is a debate of IPv6 > Protocol vs. IPv6 Policy vs. Network architecture. > > I'll go and get Tina Turner. You get Masterblaster and we'll meet in > Thunderdome. > > C.