Date: Tue, 21 Dec 2021 17:30:15 +0100 From: Goran =?utf-8?B?TWVracSH?= <meka@tilda.center> To: freebsd-net@freebsd.org Subject: IPv6 with VNET jails Message-ID: <20211221163015.l5axsxvpksbv7om5@tilda.center>
next in thread | raw e-mail | index | archive | help
--iaynhav7uvg24uys
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Hello,
I started my research on IPv6 (read: I really don't know anything) and
I'm a bit stuck with VNET jails. I did setup HE tunnel as my ISP is not
providing IPv6 and all devices in my house are happy consumers of rtadvd
config. Router is advertized (rtadvd on my router) and solicitation is
working on laptop/desktop it's all perfect. Now I'm trying to setup IPv6 st=
ack=20
for jails. I already have VNET jails through CBSD so that part is done, but
I can't get past the host with ping. On desktop I have the following
configuration.
/etc/rc.conf:
ipv6_gateway_enable=3D"YES"
cloned_interfaces=3D"bridge0"
ifconfig_bridge0_name=3D"cbsd0"
ifconfig_cbsd0=3D"inet 172.16.0.254 netmask 255.255.255.0 description re0"
ifconfig_cbsd0_alias0=3D"inet 172.16.1.254 netmask 255.255.255.0"
ifconfig_cbsd0_ipv6=3D"inet6 -ifdisabled fd7f:ec06:9415:54a0::1 auto_linklo=
cal"
rtadvd_enable=3D"YES"
rtadvd_interfaces=3D"cbsd0"
/etc/rtadvd.conf:
cbsd0:\
:addrs#1\
:addr=3D"fd7f:ec06:9415:54a0::"
Inside jail dhcpcd is getting IPv4 and IPv6 addresses
dhcpcd-9.4.1 starting
DUID 00:01:00:01:29:3e:0f:56:00:a0:98:c7:f7:f4
eth0: waiting for carrier
eth0: carrier acquired
eth0: IAID 98:c7:f7:f4
eth0: adding address fe80::ad6b:eea1:3ccb:d886
eth0: rebinding lease of 172.16.0.110
eth0: probing address 172.16.0.110/24
eth0: soliciting an IPv6 router
eth0: Router Advertisement from fe80::5a9c:fcff:fe10:ff90
eth0: adding address fd7f:ec06:9415:54a0:87d8:f1d6:6e4e:f70e/64
eth0: adding route to fd7f:ec06:9415:54a0::/64
eth0: adding default route via fe80::5a9c:fcff:fe10:ff90
eth0: leased 172.16.0.110 for 459 seconds
eth0: adding route to 172.16.0.0/24
eth0: adding default route via 172.16.0.254
forked to background, child pid 14445
Inside jail ifconfig (eth0 is epair device)
lo0: flags=3D8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=3D680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
inet 127.0.0.1 netmask 0xff000000
groups: lo
nd6 options=3D21<PERFORMNUD,AUTO_LINKLOCAL>
pflog0: flags=3D0<> metric 0 mtu 33160
groups: pflog
eth0: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=3D8<VLAN_MTU>
ether 00:a0:98:c7:f7:f4
hwaddr 02:45:96:40:d1:0b
inet6 fe80::ad6b:eea1:3ccb:d886%eth0 prefixlen 64 scopeid 0x3
inet6 fd7f:ec06:9415:54a0:87d8:f1d6:6e4e:f70e prefixlen 64 autoconf
inet 172.16.0.110 netmask 0xffffff00 broadcast 172.16.0.255
groups: epair
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
nd6 options=3D1<PERFORMNUD>
Inside jail netstat -rn
Routing tables
Internet:
Destination Gateway Flags Netif Expire
default 172.16.0.254 UG eth0
127.0.0.1 link#1 UH lo0
172.16.0.0/24 link#3 U eth0
172.16.0.110 link#3 UHS lo0
Internet6:
Destination Gateway Flags N=
etif Expire
::/96 ::1 UGRS =
lo0
default fe80::5a9c:fcff:fe10:ff90%eth0 UG =
eth0
::1 link#1 UHS =
lo0
::ffff:0.0.0.0/96 ::1 UGRS =
lo0
fd7f:ec06:9415:54a0::/64 link#3 U =
eth0
fd7f:ec06:9415:54a0:87d8:f1d6:6e4e:f70e link#3 UHS =
lo0
fe80::/10 ::1 UGRS =
lo0
fe80::%lo0/64 link#1 U =
lo0
fe80::1%lo0 link#1 UHS =
lo0
fe80::%eth0/64 link#3 U =
eth0
fe80::ad6b:eea1:3ccb:d886%eth0 link#3 UHS =
lo0
ff02::/16 ::1 UGRS =
lo0
Inside jail ping -c 1 fd7f:ec06:9415:54a0::1
PING6(56=3D40+8+8 bytes) fd7f:ec06:9415:54a0:87d8:f1d6:6e4e:f70e --> fd7f:e=
c06:9415:54a0::1
16 bytes from fd7f:ec06:9415:54a0::1, icmp_seq=3D0 hlim=3D64 time=3D0.076 ms
--- fd7f:ec06:9415:54a0::1 ping6 statistics ---
1 packets transmitted, 1 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev =3D 0.076/0.076/0.076/0.000 ms
Inside jail ping <host's routable IPv6 address>
PING6(56=3D40+8+8 bytes) fd7f:ec06:9415:54a0:87d8:f1d6:6e4e:f70e --> <host'=
s routable IPv6 address>
16 bytes from <host's routable IPv6 address>, icmp_seq=3D0 hlim=3D64 time=
=3D0.127 ms
--- <host's routable IPv6 address> ping6 statistics ---
1 packets transmitted, 1 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev =3D 0.127/0.127/0.127/0.000 ms
Inside jail ping -6 -c 1 google.com
PING6(56=3D40+8+8 bytes) fd7f:ec06:9415:54a0:87d8:f1d6:6e4e:f70e --> 2a00:1=
450:400d:806::200e
--- google.com ping6 statistics ---
1 packets transmitted, 0 packets received, 100.0% packet loss
My assumption is that addresses starting with fd are something like
192.168.0.0/24, for example. How wrong am I and what am I doing wrong?
Regards,
meka
--iaynhav7uvg24uys
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEE1WIFkXy2ZeMKjjKEWj1TknovrLYFAmHCARMACgkQWj1Tknov
rLY60g//es/xNwAwOTW/gUxcZbdk3h5Nr1ioqlWnaKvAb2rAomywgH0DxV5QhJhG
9QZHrTFpaFWuk6KHypl2KPGvNptjsGkoIcyZFzYGiXPKu8iaUx6XR3oVB0ttqrgd
px4YLWrah9Kiv7t3gKuzKUIKVBuhP2imc72DZ/t8uUIprwUvXaPFfrsvURq9ryWY
6pC2+PeiZPFd1bgJijusmHstSEp98ZzEsBYvprRwWPU/JoxjUJEfoq7F13zmaIBL
hgN4vGkHlN2zbWWn+e7PRQbOQMRoji6jifO6KrJlqQBfgIebeEBbM0khuV6ghSH5
Ffp323BpgAgNeizmmQ4GbTXS3pr7PaFWEuSgSk2agHczEmFzVYTYnJcoktKx+/sA
LLYgiynokfICFumR/iS4RD+MLXhW1DAw+hCcUsocvoatkQ/Cg0/wB5X3lV+/unFD
rzqe3ISNCsQlxXAmtfueUWHpnDdjUBmKCLitffBvjZ1jzpfgrAqpIkeWqv+NNwgD
dF1Q/22Wrpnf3yGimWRGFK/zKQUY5CkdqKRIS9Qio29adB60fIAwskICexzJPe/W
5fIsgboZxxlj6ly0OvxOEsrrKuuvkMuqGTbe9npGD9Gq+lRlW3CJb/Yyln3w5W2+
gjycbF+Wphlfo2DLSnvihrXd7edyEsjgnwYk+afZER5H1Q9wCIA=
=209u
-----END PGP SIGNATURE-----
--iaynhav7uvg24uys--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20211221163015.l5axsxvpksbv7om5>