From owner-freebsd-ipfw@FreeBSD.ORG Wed Nov 3 16:53:43 2004 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 71E0A16A4CE for ; Wed, 3 Nov 2004 16:53:43 +0000 (GMT) Received: from iscan1.intra.oki.co.jp (okigate.oki.co.jp [202.226.91.194]) by mx1.FreeBSD.org (Postfix) with ESMTP id 60CC943D48 for ; Wed, 3 Nov 2004 16:53:42 +0000 (GMT) (envelope-from yamamoto436@oki.com) Received: from aoi.bmc.oki.co.jp (localhost.localdomain [127.0.0.1]) by iscan1.intra.oki.co.jp (8.9.3/8.9.3) with SMTP id BAA31258 for ; Thu, 4 Nov 2004 01:53:41 +0900 Received: (qmail 29282 invoked from network); 4 Nov 2004 01:53:41 +0900 Received: from tulip.bmc.oki.co.jp (172.19.234.100) by aoi.bmc.oki.co.jp with SMTP; 4 Nov 2004 01:53:41 +0900 Received: from localhost (tulip [172.19.234.100]) by tulip.bmc.oki.co.jp (8.13.1/8.12.11) with ESMTP id iA3GrfxL089349; Thu, 4 Nov 2004 01:53:41 +0900 (JST) (envelope-from yamamoto436@oki.com) Date: Thu, 04 Nov 2004 01:53:41 +0900 (JST) Message-Id: <20041104.015341.71171019.yamamoto436@oki.com> To: freebsd-stable@FreeBSD.ORG, freebsd-ipfw@FreeBSD.ORG From: Hideki Yamamoto X-Mailer: Mew version 3.3 on Emacs 21.2 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Subject: IPv6 bridge + gif tunnel X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Nov 2004 16:53:43 -0000 Hi, I am considering a network application test environments with FreeBSD boxes as following. In the following, we show three step architectures. This is an example for IPv6 VPN using IPv4 network. I would like to use the IPv6 address assigned by IPv6 router on the remote the IPv6 terminal. And the packets from/to IPv6 MC router, which supports MLDv1 or v2 specification, are also transfered to/from the IPv6 terminal. At the first step, I think it seems to be possible by using ipf bridge function. I wonder if it is possible to implement the second step or later. Are there any information about this issue? Any information are welcomed. Thanks in advance. <> Simple IPv6 bridge +------box#1-------------+ [IPv6 MC router ]-+---------+-(fxp0) IPv6 bridge | | | | | +--+-(bge0) IPv6 bridge | | +------------------------+ | | term#1 +-----[IPv6 terminal(NDP client)] <> IPv6 bridge cascaded by gif tunnel +------box#2------------------+ [IPv6 MC router ]-+---------+-(fxp0) IPv6 bridge | | | | | +--+-(bge0) IPv6 bridge and IPv4 | | | (gif0) IPv6 over IPv4 | | +-----------------------------+ | | | +-------box#3-----------------+ +--+-(bge1) IPv6 bridge and IPv4 | | (gif1) IPv6 over IPv4 | | | | | | | +--+-(fxp0) IPv6 bridge | | +-----------------------------+ | | term#2 +-----[IPv6 terminal(NDP client)] <> IPv6 bridge cascaded by gif tunnel with tun device +------box#4------------------+ [IPv6 MC router ]-+---------+-(fxp0) IPv6 bridge | | | | | +--+-(tun0) IPv6 bridge and IPv4 | | | (gif0) IPv6 over IPv4 | | +-----------------------------+ | [PPPoE server] [IPv4 router ] | | +-------box#5-----------------+ +--+-(bge1) IPv6 bridge and IPv4 | | (gif1) IPv6 over IPv4 | | | | | | | +--+-(fxp0) IPv6 bridge | | +-----------------------------+ | | term#3 +-----[IPv6 terminal(NDP client)] P.S. To save network cards and to show the network in detail, I thik that the ideal architecture is as follows: +--------box#6----------------+ [IPv6 router(RA)]-+---------+-(fxp0) IPv6 bridge | [PPPoE server]-+ | (tun0) IPv6 bridge and IPv4 | | | (gif0) IPv6 over IPv4 | | | | | +-----------------------------+ | [IPv4 router ] | | | +--------box#7----------------+ [IPv6 router(RA)]-+---------+-(bge1) IPv6 bridge | [PPPoE server]-+ | (tun1) IPv6 bridge and IPv4 | | (gif1) IPv6 over IPv4 | | | | | +--+-(fxp0) IPv6 bridge | | +-----------------------------+ | | term#4 +-----[IPv6 terminal(NDP client)] ----------------------------------------------------------------- Hideki YAMAMOTO | Broadband Media Solutions Department | E-mail: yamamoto436@oki.com Broadband Media Company | Tel: +81-48-420-7012 Oki Electric Industry Co., Ltd. | FAX: +81-48-420-7016