Date: Sat, 31 Dec 2011 01:33:17 -0500 From: Jason Hellenthal <jhell@DataIX.net> To: Marcin Cieslak <saper@saper.info> Cc: freebsd-net@freebsd.org Subject: Re: IPv6 not responding on some aliases (recent 8-stable) Message-ID: <20111231063317.GA90338@DataIX.net> In-Reply-To: <slrnjfsm5c.1nr7.saper@saper.info> References: <slrnjf53o4.2d1.saper@saper.info> <F2005BBF-1808-4E63-B5F3-71361A95008A@lists.zabbadoz.net> <slrnjf6s3g.i0d.saper@saper.info> <C72FCBE6-AC3B-486B-B487-DA1FDA1F4474@lists.zabbadoz.net> <slrnjf75bk.i0d.saper@saper.info> <AEB320C2-0345-436E-91B3-CBA760FEF37A@lists.zabbadoz.net> <20111230145854.GA22414@DataIX.net> <slrnjfsm5c.1nr7.saper@saper.info>
next in thread | previous in thread | raw e-mail | index | archive | help
--u3/rZRmxL6MmkK24 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Dec 31, 2011 at 12:35:00AM +0000, Marcin Cieslak wrote: > > I have seen this behavior before when one of the addresses on an interf= ace =3D > > is in a DMZ while the others are not. But this was with IPv4. I would a= ssum=3D > > e IPv6 would have acted the same way but left it untested as it was not= cri=3D > > tical. Take this as informational only and double check your switches, = fire=3D > > walls, etc... >=20 > Unfortunately, this is a hosting provider. I have rebooted the box > to use their custom rescue netboot image (based on FreeBSD 8.0 running > on QEMU) and ... still one of the addresses didn't work in this setup. > However, two reboots later situation returned to normal, and all > IPv6 addresses respond. NDP table theory sounds plausible to me, > except... connection establishment to the IPv6 address port 22/tcp > takes sometimes noticeably too long (other TCP ports are usually fine). >=20 > But this is probably another story... >=20 Speaking just in the terms of too long of a connection wait on port 22. Fir= ewall off port 113 in and out. block drop in log quick proto tcp to any port =3D auth block out quick proto tcp to any port =3D auth That should help in terms of the speed at which you connect. Good luck with= the OP though. Happy Holiday... --=20 ;s =3D; --u3/rZRmxL6MmkK24 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- iQEcBAEBAgAGBQJO/qysAAoJEJBXh4mJ2FR+sjUIAIdg9LrPIMC7UcF6xeWu4nwW 4DLOk7o0/Hh7WtGC9ay/6c2CqGHygLFwnvC21FiLGbNJBAenFwZXjWTFOAau35FZ JH5hFh94PSqhhnRXQ7kEVes0AzH1uY9kE5tQp6GR0oj+MEjPygVxtbyQjtYE4ZYF psqdM/Yze91+sc+L/gJP1FDMjYv4OWHKT38rRIFg4abrH/6DcuM8iSl5x2NdtK3s XhkBAuKtU9yUTO06h7JBFxeDz3GUlXQNeBeM/uclCwJVDYWT5goO8+NzQirzPAbh f0xiBvkVfG+VVNhy0y54/8g/Wi+qPLxCLOGJMJe/KqTINZU0CrYQ7F7/Cuku12A= =TJby -----END PGP SIGNATURE----- --u3/rZRmxL6MmkK24--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20111231063317.GA90338>