From owner-freebsd-hackers@FreeBSD.ORG Mon Jan 21 13:19:14 2013 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id C7D63666 for ; Mon, 21 Jan 2013 13:19:14 +0000 (UTC) (envelope-from feld@feld.me) Received: from feld.me (unknown [IPv6:2607:f4e0:100:300::2]) by mx1.freebsd.org (Postfix) with ESMTP id 9560EFF0 for ; Mon, 21 Jan 2013 13:19:14 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=feld.me; s=blargle; h=Message-Id:From:Mime-Version:Subject:To:Date:Content-Type; bh=N+X1xoaybnyGoduT2ETARgqbCxsNt3+xFdrMmgkYcts=; b=KS0pWEUab0Udy7k1EkVJ7O0gpSzzcI54IMK08hHblGRFzATQBWcaAkdf6xcaNDkXtgrfd74Ql1IenKdSMfDYvA+IQb9kYl1yPzrKB7cL2XJlzdLZh/I+PfvNZphBC3Z4; Received: from localhost ([127.0.0.1] helo=mwi1.coffeenet.org) by feld.me with esmtp (Exim 4.80.1 (FreeBSD)) (envelope-from ) id 1TxHHN-0007MS-EB for freebsd-hackers@freebsd.org; Mon, 21 Jan 2013 07:19:13 -0600 Received: from feld@feld.me by mwi1.coffeenet.org (Archiveopteryx 3.1.4) with esmtpsa id 1358774347-17998-17996/5/1; Mon, 21 Jan 2013 13:19:07 +0000 Content-Type: text/plain; format=flowed; delsp=yes Date: Mon, 21 Jan 2013 07:19:07 -0600 To: freebsd-hackers@freebsd.org Subject: ipv6 equivalent to ipv4_addr_IF in network.subr? Mime-Version: 1.0 From: Mark Felder Message-Id: User-Agent: Opera Mail/12.12 (FreeBSD) X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Jan 2013 13:19:14 -0000 Hi all, At work we have several standalone webservers with lots of IPs... let's say x.x.x.100 - 200. That's a LOT of "ifconfig_IF_alias0, alias1, alias2..." to maintain, and it's also painful when we need to move an IP to a different server which happens occasionally. The right solution for this is to use ranges with ipvr_addr_IF="x.x.x.100-200/24" and if you need to move an IP you just create a gap.For example, if we needed to move the IP .126 we'd just change it to: > ipv4_addr_IF="x.x.x.100-125/24 x.x.x.127-200/32" This works great! But what about IPv6? We use corresponding IPv6 IPs so if a customer actually wants IPv6 enabled it's as easy as adding the AAAA record. So this leaves us with having to maintain 100 aliases again, and when you create a gap you have to renumber all of those alias numbers or leave things like "ifconfig_IF_alias67="inet6 up" strewn throughout the config to fill the gaps. It's just not something worth maintaining long term and I'd like a way to do ranges for IPv6 as well. I've been playing with adding ipv6_addr_IF support to network.subr and it certainly works but the main problem is that I'm only dealing with decimal ranges. This would *not* work with any IPv6 hex ranges unless someone more clever than I can think of a good way to code that up. Mostly a blatant ripoff of ipv4_addrs_common() we come up with this: > # ipv6_addrs_common if action > # Evaluate the ifconfig_if_ipv6 arguments for interface $if and > # use $action to add or remove ipv6 addresses from $if. > ipv6_addrs_common() > { > local _ret _if _action _cidr _cidr_addr > local _ipaddr _prefixlen _range _ipnet _iplow _iphigh _ipcount > _ret=1 > _if=$1 > _action=$2 > # get ipv6-addresses > cidr_addr=`get_if_var $_if ipv6_addrs_IF` > for _cidr in ${cidr_addr}; do > _ipaddr=${_cidr%%/*} > _prefixlen="/"${_cidr##*/} > _range=${_ipaddr##*:} > _ipnet=${_ipaddr%:*} > _iplow=${_range%-*} > _iphigh=${_range#*-} > # clear prefixlen when removing aliases > if [ "${_action}" = "-alias" ]; then > _prefixlen="" > fi > _ipcount=${_iplow} > while [ "${_ipcount}" -le "${_iphigh}" ]; do > eval "ifconfig ${_if} inet6 ${_action} > ${_ipnet}:${_ipcount}${_prefixlen}" > _ipcount=$((${_ipcount}+1)) > _ret=0 > # only the first ipaddr in a subnet need the > real prefixlen > if [ "${_action}" != "-alias" ]; then > _prefixlen="/128" > fi > done > done > return $_ret > } > But again, has no concept of any non-decimal ranges. However, this would still be invaluable to us and perhaps anyone else out there managing large numbers of IPs on a server. So two questions: 1) With its current limitations (decimal ranges only) would this ever be accepted into network.subr? 2) Can anyone assist me with correctly modifying ipv6if() so this works standalone? Without ipv6if() modification it will always return 1 and skip setting up any ipv6 addresses on the interface because it doesn't find any ifconfig_IF_ipv6 or ipv6_ifconfig_IF in rc.conf. Thanks!