Date: Tue, 19 Feb 2019 17:37:31 +0100 From: "Peter G." <freebsd@disroot.org> To: andrnils@gmail.com, freebsd-net@freebsd.org Subject: Re: Point-to-point using GRE over IPv6 -> not possible with a single /128 address on the server? Message-ID: <fd3d1f9a-1915-4dee-6681-f9701a178414@disroot.org> In-Reply-To: <CAPS9%2BSso1CDQZD9n7Q%2B-Z-rqozUkhJqo_GvEmvowY8WjMnpcng@mail.gmail.com> References: <95d8e3ea-af36-4d14-f280-908f92a96515@disroot.org> <9ab1a9b1-e1e3-9f48-2c3e-35454bcd6e77@disroot.org> <CAPS9%2BSso1CDQZD9n7Q%2B-Z-rqozUkhJqo_GvEmvowY8WjMnpcng@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 19/02/2019 14:06, Andreas Nilsson wrote: > On Tue, Feb 19, 2019 at 1:38 PM Peter G. <freebsd@disroot.org> wrote: > >> On 15/02/2019 17:49, Peter G. wrote: >>> Now the GRE tunnel >>> >>>> ifconfig gre6 create >>>> ifconfig gre6 inet6 fc01:e::100 fc:02:e::200 tunnelfib 6 >>> #ifconfig: ioctl (SIOCAIFADDR): File exists > I have not used gre with ipv6, so I cannot really be of any help. However > for ipv4 you specify a netmask while setting up the interface, whereas you > do not while setting up the ipv6. I also notice that you list fc02:e::200 > for "other end" but in the commands you have fc:02:e::200 which I guess is > just typo. Does > > ifconfig gre6 inet6 fc01:e::100 fc:02:e::200 prefixlen 128 tunnelfib 6 > > work? Or the whole thing > > ifconfig gre6 inet6 fc01:e::100 fc02:e::200 tunnel fc01:e::100 fc02:e::200 > prefixlen 128 tunnelfib 6 Thanks for answering. The "full" syntax including tunnel definition also generates the same error, and ifconfig gre6 inet6 fc01:e::100 fc:02:e::200 prefixlen 128 tunnelfib 6 seems to be equivalent to ifconfig gre6 inet6 fc01:e::100 fc:02:e::200 tunnelfib 6 that is, specifying no prefixlen implies "prefixlen 128". Also tried that. There's seems to be a quirk how IPv6 is handled. If a particular IPv6 address is already set on the physical interface, using that particular address for a GRE definition (i.e. "fc01:e::100" in this case, so single /128), always generates: ioctl (SIOCAIFADDR): File exists This is what confuses me. Using IPv4 this way is not an issue. A /32 address can be set on an interface and the same address can be used for a GRE link. That's what tunnelfib/FIB is for, to separate routing for GRE. And this is what *does not work with IPv6* and I don't understand why. Seems to me the server needs to have a whole IPv6 range, and then an address from that range can be allocated to create/maintain GRE links, so this can't work with a /128 address available only. The problem is that this particular server I need this on, only has a single /128 address allocated to it. _The bottom line:_ I don't understand why an already allocated /128 address can't be used for a GRE link with its own separate FIB. This is not logical. PG
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?fd3d1f9a-1915-4dee-6681-f9701a178414>