From owner-freebsd-stable@FreeBSD.ORG Tue Aug 28 22:18:41 2012 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E35BE106566B for ; Tue, 28 Aug 2012 22:18:40 +0000 (UTC) (envelope-from hirez@libeljournal.com) Received: from outbound-queue-2.mail.thdo.gradwell.net (outbound-queue-2.mail.thdo.gradwell.net [212.11.70.35]) by mx1.freebsd.org (Postfix) with ESMTP id 767298FC23 for ; Tue, 28 Aug 2012 22:18:40 +0000 (UTC) Received: from outbound-edge-2.mail.thdo.gradwell.net (bonnie.gradwell.net [212.11.70.2]) by outbound-queue-2.mail.thdo.gradwell.net (Postfix) with ESMTP id 38B942265B for ; Tue, 28 Aug 2012 23:18:34 +0100 (BST) Received: from cpc2-chap5-0-0-cust256.aztw.cable.virginmedia.com (HELO propellor.libeljournal.com) (77.103.165.1) (smtp-auth username hirez, mechanism cram-md5) by outbound-edge-2.mail.thdo.gradwell.net (qpsmtpd/0.83) with (AES256-SHA encrypted) ESMTPSA; Wed, 29 Aug 2012 00:06:08 +0100 Received: from propellor.libeljournal.com (localhost [127.0.0.1]) by propellor.libeljournal.com (Postfix) with ESMTP id C346217083 for ; Tue, 28 Aug 2012 23:18:32 +0100 (BST) X-Virus-Scanned: amavisd-new at libeljournal.com Received: from propellor.libeljournal.com ([127.0.0.1]) by propellor.libeljournal.com (propellor.libeljournal.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vh-h8efGlHv2 for ; Tue, 28 Aug 2012 23:18:23 +0100 (BST) Received: from [172.16.0.10] (twister.libeljournal.com [172.16.0.10]) by propellor.libeljournal.com (Postfix) with ESMTPA id 051BA17082 for ; Tue, 28 Aug 2012 23:18:22 +0100 (BST) Message-ID: <503D43A7.4030900@libeljournal.com> Date: Tue, 28 Aug 2012 23:18:15 +0100 From: John Hawkes-Reed User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:14.0) Gecko/20120713 Thunderbird/14.0 MIME-Version: 1.0 To: freebsd-stable@freebsd.org References: <503BA51E.4030103@libeljournal.com> <503BB721.9000108@borderworlds.dk> <503BC497.3060206@libeljournal.com> <503BCA0A.1020904@borderworlds.dk> <503BCB0A.6000702@FreeBSD.org> <20120828012322.8EBFE24416C4@drugs.dv.isc.org> In-Reply-To: <20120828012322.8EBFE24416C4@drugs.dv.isc.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Gradwell-MongoId: 503d4ee0.64a7-e72-2 X-Gradwell-Auth-Method: smtpauth X-Gradwell-Auth-Credentials: hirez Subject: Re: [Solved, I think] IPv6 default route. Can't see the wood for the trees. X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Aug 2012 22:18:41 -0000 On 28/08/2012 02:23, Mark Andrews wrote: > In message <503BCB0A.6000702@FreeBSD.org>, Doug Barton writes: >> On 8/27/2012 12:27 PM, Christian Laursen wrote: >>> On 08/27/12 21:03, John Hawkes-Reed wrote: >>>> On 27/08/2012 19:06, Christian Laursen wrote: >>>>> On 08/27/12 18:49, John Hawkes-Reed wrote: >>>>>> rc.conf: >>>>>> >>>>>> (I'm not convinced that obfuscating the addresses is worth the >>>>>> confusion) >>>>>> >>>>>> ipv6_gateway_enable="YES" >>>>>> ip6addrctl_verbose="YES" >>>>>> rtadvd_enable="YES" >>>>>> rtadvd_interfaces="rl0" >>>>>> ipv6_cpe_wanif="pcn0" >>>>>> ipv6_defaultrouter="2001:470:1f0a:b5a::1" >>>>>> gif_interfaces="gif0" >>>>>> gifconfig_gif0="192.168.1.100 216.66.80.30" >>>>>> ifconfig_gif0_ipv6="inet6 2001:470:1f0a:b5a::2 2001:470:1f0a:b5a::1 >>>>>> prefixlen 128" >>>>>> ifconfig_pcn0_ipv6="inet6 2001:470:1f0b:b5a::4 prefixlen 64" >>>>>> ifconfig_rl0_ipv6="inet6 2001:470:1f0b:b5a::3 prefixlen 64 >>>>>> -accept_rtadv" >>>>> >>>>> It looks like you are trying to use the /64 used for your tunnel on the >>>>> inside network. That's probably what causes the problem. >>>>> >>>>> You should use the "Routed /64" on the inside. If you need more than one >>>>> /64, you can request a /48. >>>> >>>> I think I am. The endpoints are ...:1f0A: and the /64 is ...:1f0B: >>> >>> Sorry, my bad. >>> >>> Are pcn0 and rl0 both connected to internal networks? >>> >>> Having the same /64 configured on both is probably bad. >> >> Why would it be? > > Unless you bridge the two interface, yes. Which interface do you start ND on? > > For the OP, here is my ipv6 configuration. > tx0 is the internal net and is running with ULA as well as the /64 from HE. > sis0 is the external cable connection. > gif0 is the tunneled connection back to HE. > sft0 sends 6to4 reply traffic directly it is out bound only. > > % ifconfig -a inet6 > tx0: flags=28943 mtu 1500 > inet6 fe80::2e0:29ff:fe19:c02d%tx0 prefixlen 64 scopeid 0x1 > inet6 2001:470:1f00:820:2e0:29ff:fe19:c02d prefixlen 64 > inet6 2001:470:1f00:820:: prefixlen 64 anycast > inet6 fd92:7065:b8e:0:2e0:29ff:fe19:c02d prefixlen 64 > inet6 fd92:7065:b8e:: prefixlen 64 anycast > sis0: flags=8843 mtu 1500 > inet6 fe80::209:5bff:fe1e:e13e%sis0 prefixlen 64 scopeid 0x2 > lo0: flags=8049 mtu 16384 > inet6 ::1 prefixlen 128 > inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 > gif0: flags=8051 mtu 1280 > tunnel inet 211.30.172.21 --> 64.71.128.82 > inet6 fe80::2e0:29ff:fe19:c02d%gif0 prefixlen 64 scopeid 0x8 > inet6 2001:470:1f00:ffff::5a1 --> 2001:470:1f00:ffff::5a0 prefixlen 128 > stf0: flags=1001 mtu 1280 > inet6 2002:d31e:ac15:: prefixlen 16 anycast Not hand-configuring the external i/f seems to be the fix. In that I have spent a cheerful few hours chopping stuff from rc.conf and rebooting, and that appeared to toggle the failure. Thank you all for your patience. -- JH-R