Date: Mon, 4 Dec 2023 22:44:53 -0700 From: John Nielsen <lists@jnielsen.net> To: Benoit Chesneau <benoitc@enki-multimedia.eu> Cc: freebsd-net@freebsd.org Subject: Re: vxlan with IPv6 underlay ? Message-ID: <15F613FA-839C-4CE8-B679-D1A581D392F8@jnielsen.net> In-Reply-To: <bmkPdpqYkXzCqs5CYfBIZO6sXwmR1hU38pCr5cRlBeTxM4VIbzTj_A0YU6yFP2CbVxXHoOLeqHpdBY1reGJS_VvNBesk3J1HBWblpjijl2o=@enki-multimedia.eu> References: <bmkPdpqYkXzCqs5CYfBIZO6sXwmR1hU38pCr5cRlBeTxM4VIbzTj_A0YU6yFP2CbVxXHoOLeqHpdBY1reGJS_VvNBesk3J1HBWblpjijl2o=@enki-multimedia.eu>
next in thread | previous in thread | raw e-mail | index | archive | help
--Apple-Mail-5414E74F-4974-4CA1-A2AD-150D44EB0B22 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable <html><head><meta http-equiv=3D"content-type" content=3D"text/html; charset=3D= utf-8"></head><body dir=3D"auto"><div dir=3D"ltr"></div><div dir=3D"ltr"><bl= ockquote type=3D"cite">On Dec 4, 2023, at 3:26=E2=80=AFAM, Benoit Chesneau &= lt;benoitc@enki-multimedia.eu> wrote:<br></blockquote></div><blockquote t= ype=3D"cite"><div dir=3D"ltr"><div style=3D"font-family: Arial, sans-serif; f= ont-size: 14px;"><br></div><div style=3D"font-family: Arial, sans-serif; fon= t-size: 14px;">Is IPv6 underlay fully supported with FreebBSD ? I have creat= ed the a tunnel and associated an Ipv6 address to each side. I'm able to pin= g between each devicesl. But when I want to curl from the remote side = it timeout. Locally on the remote side it is OK. Is this expected ? Should I= rather create a bridge with vxlan as a member and bind nginx to it ?</div><= /div></blockquote><div><br></div><div>I think you=E2=80=99ve answered your o= wn question and demonstrated that it works as expected. Pinging the inside a= ddress would not work at all if the tunnel and outer transport weren=E2=80=99= t working.</div><div><br></div><div>As to why your curl test doesn=E2=80=99t= work, we=E2=80=99d need more information. Make sure that nginx is in fact l= istening on the vxlan IP and is not being blocked by a firewall. You may als= o want to do a packet capture of the inside interfaces to see what is and is= n=E2=80=99t going through.</div><div><br></div><div>JN</div><br><blockquote t= ype=3D"cite"><div dir=3D"ltr"><div style=3D"font-family: Arial, sans-serif; f= ont-size: 14px;">```</div><div style=3D"font-family: Arial, sans-serif; font= -size: 14px;"><span>$ ifconfig vxlan0 create vxlanid 108 vxlanlocal AAAA:BBB= B:110b:102::100 vxlanremote <span style=3D"text-decoration: none; display: i= nline !important; background-color: rgb(255, 255, 255);">AAAA:BBBB</span>:11= 0b:102::12</span><br></div><div style=3D"font-family: Arial, sans-serif; fon= t-size: 14px;"><span>$ <span>ifconfig vxlan0</span><div><span>vxlan0: f= lags=3D1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> metric= 0 mtu 1430</span></div><div><span> options=3D80020<JUMBO_MTU,LINKST= ATE></span></div><div><span> ether 58:9c:fc:10:ff:eb</span></div><div><s= pan> groups: vxlan</span></div><div><span> vxlan vni 108 local [AAAA:B= BBB:102::100]:4789 remote [<span style=3D"text-decoration: none; display: in= line !important; background-color: rgb(255, 255, 255);">AAAA:BBBB</span>:110= b:102::12]:4789</span></div><div><span> media: Ethernet autoselect (autosel= ect <full-duplex>)</span></div><div><span> status: active</spa= n></div><span> nd6 options=3D29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>= ;</span></span></div><div style=3D"font-family: Arial, sans-serif; font-size= : 14px;"><span>$ <span>ifconfig vxlan0 inet6 AAAA:BBBB:110b:300::1/64</= span></span></div><div style=3D"font-family: Arial, sans-serif; font-size: 1= 4px;">````</div><div style=3D"font-family: Arial, sans-serif; font-size: 14p= x;"><br></div><div style=3D"font-family: Arial, sans-serif; font-size: 14px;= ">Ping from remote is ok:</div><div style=3D"font-family: Arial, sans-= serif; font-size: 14px;">```</div><div style=3D"font-family: Arial, sans-ser= if; font-size: 14px;"><span> ifconfig vxlan0</span><div><span>vxlan0: f= lags=3D1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> metric= 0 mtu 1430</span></div><div><span> options=3D680323<RXCSUM,TXCSUM,J= UMBO_MTU,TSO4,TSO6,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6></span></div><div><s= pan> ether 58:9c:fc:10:df:1f</span></div><div><span> inet6 fe80:= :5a9c:fcff:fe10:df1f%vxlan0 prefixlen 64 scopeid 0xf</span></div><div><span>= inet6 <span style=3D"text-decoration: none; display: inline !import= ant; background-color: rgb(255, 255, 255);">AAAA:BBBB</span>:110b:300::2 pre= fixlen 64</span></div><div><span> groups: vxlan</span></div><div><spa= n> vxlan vni 108 local [<span style=3D"text-decoration: none; display:= inline !important; background-color: rgb(255, 255, 255);">AAAA:BBBB</span>1= 10b:102::12]:4789 remote [<span style=3D"text-decoration: none; display: inl= ine !important; background-color: rgb(255, 255, 255);">AAAA:BBBB</span>:110b= :102::100]:4789</span></div><div><span> media: Ethernet autoselect (autosel= ect <full-duplex>)</span></div><div><span> status: active</spa= n></div><span> nd6 options=3D21<PERFORMNUD,AUTO_LINKLOCAL></span></d= iv><div style=3D"font-family: Arial, sans-serif; font-size: 14px;"><span>$ p= ing6 AAAA:BBBB:110b:300::1</span><div><span>PING6(56=3D40+8+8 bytes) <span s= tyle=3D"text-decoration: none; display: inline !important; background-color:= rgb(255, 255, 255);">AAAA:BBBB</span>:110b:300::2 --> <span style=3D"tex= t-decoration: none; display: inline !important; background-color: rgb(255, 2= 55, 255);">AAAA:BBBB:</span>:110b:300::1</span></div><div><span>16 bytes fro= m 2a0e:e701:110b:300::1, icmp_seq=3D0 hlim=3D64 time=3D0.071 ms</span></div>= <div><span>16 bytes from 2a0e:e701:110b:300::1, icmp_seq=3D1 hlim=3D64 time=3D= 0.078 ms</span></div><div><span>16 bytes from 2a0e:e701:110b:300::1, icmp_se= q=3D2 hlim=3D64 time=3D0.076 ms</span></div><div><span>16 bytes from 2a0e:e7= 01:110b:300::1, icmp_seq=3D3 hlim=3D64 time=3D0.104 ms</span></div><div><spa= n>16 bytes from 2a0e:e701:110b:300::1, icmp_seq=3D4 hlim=3D64 time=3D0.077 m= s</span></div><span>^C</span><br></div><div style=3D"font-family: Arial, san= s-serif; font-size: 14px;">```</div><div style=3D"font-family: Arial, sans-s= erif; font-size: 14px;"><br></div><div style=3D"font-family: Arial, sans-ser= if; font-size: 14px;">But when I run `<span>curl -6 -v 'http://[AAAA:BBBB:11= 0b:300::1]'` it timeout.</span></div><div style=3D"font-family: Arial, sans-= serif; font-size: 14px;"><span><br></span></div><div style=3D"font-family: A= rial, sans-serif; font-size: 14px;"><span><br></span></div><div style=3D"fon= t-family: Arial, sans-serif; font-size: 14px;"><br></div> <div class=3D"protonmail_signature_block" style=3D"font-family: Arial, sans-= serif; font-size: 14px;"> <div class=3D"protonmail_signature_block-user"> <div style=3D"font-style: normal; font-weight: normal; letter-spacin= g: normal; text-indent: 0px; text-transform: none; white-space: normal; word= -spacing: 0px; text-decoration: none; font-family: Helvetica; font-size: 12p= x; color: rgb(0, 0, 0);">Beno=C3=AEt Chesneau, Enki Multimedia<br></div><div= style=3D"font-style: normal; font-weight: normal; letter-spacing: normal; t= ext-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0p= x; text-decoration: none; font-family: Helvetica; font-size: 12px; color: rg= b(0, 0, 0);">=E2=80=94<br></div><div style=3D"font-style: normal; font-weigh= t: normal; letter-spacing: normal; text-indent: 0px; text-transform: none; w= hite-space: normal; word-spacing: 0px; text-decoration: none; font-family: H= elvetica; font-size: 12px; color: rgb(0, 0, 0);">t. +33608655490 <br></= div> </div> <div style=3D"font-family: Arial, sans-serif; font-size: 14px;"><br></di= v> <div class=3D"protonmail_signature_block-proton"> Sent with <a target=3D"_blank" href=3D"https://proton.me/" rel=3D"no= opener noreferrer">Proton Mail</a> secure email. </div> </div> </div></blockquote></body></html>= --Apple-Mail-5414E74F-4974-4CA1-A2AD-150D44EB0B22--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?15F613FA-839C-4CE8-B679-D1A581D392F8>