From owner-freebsd-pf@FreeBSD.ORG Thu Aug 31 19:05:52 2006 Return-Path: X-Original-To: pf@freebsd.org Delivered-To: freebsd-pf@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BFFF816A4DA for ; Thu, 31 Aug 2006 19:05:52 +0000 (UTC) (envelope-from johan@stromnet.org) Received: from pne-smtpout2-sn2.hy.skanova.net (pne-smtpout2-sn2.hy.skanova.net [81.228.8.164]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1FF2D43D46 for ; Thu, 31 Aug 2006 19:05:51 +0000 (GMT) (envelope-from johan@stromnet.org) Received: from elfi.stromnet.org (213.67.205.103) by pne-smtpout2-sn2.hy.skanova.net (7.2.075) id 44F2F2F70011D889 for pf@freebsd.org; Thu, 31 Aug 2006 21:05:51 +0200 Received: from localhost (localhost [127.0.0.1]) by elfi.stromnet.org (Postfix) with ESMTP id C50FF61D85 for ; Thu, 31 Aug 2006 21:05:49 +0200 (CEST) X-Virus-Scanned: amavisd-new at stromnet.org Received: from elfi.stromnet.org ([127.0.0.1]) by localhost (elfi.stromnet.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3z76T2J9EcFO for ; Thu, 31 Aug 2006 21:05:48 +0200 (CEST) Received: from [IPv6:2001:16d8:ff20:2:217:f2ff:fe41:3f1b] (jstrom-mb.wlan.v6.stromnet.org [IPv6:2001:16d8:ff20:2:217:f2ff:fe41:3f1b]) by elfi.stromnet.org (Postfix) with ESMTP id 2C3DB61D84 for ; Thu, 31 Aug 2006 21:05:48 +0200 (CEST) Mime-Version: 1.0 (Apple Message framework v752.2) Content-Transfer-Encoding: quoted-printable Message-Id: Content-Type: text/plain; charset=ISO-8859-1; delsp=yes; format=flowed To: pf@freebsd.org From: =?ISO-8859-1?Q?Johan_Str=F6m?= Date: Thu, 31 Aug 2006 21:05:10 +0200 X-Mailer: Apple Mail (2.752.2) Cc: Subject: carp + IPv6 not working at all X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 31 Aug 2006 19:05:52 -0000 Hi I'm trying to get carp working with IPv6. For regular IPv4 it works =20 like a charm, but I cannot get it working with inet6. For the moment =20 I've only tested inet6 with a single box: fxp0: flags=3D8943 mtu =20= 1500 options=3D8 inet6 fe80::202:55ff:feb1:ff5a%fxp0 prefixlen 64 scopeid 0x1 inet 172.28.1.250 netmask 0xffffff00 broadcast 172.28.1.255 inet6 2001:16d8:ff20:1:202:55ff:feb1:ff5a prefixlen 64 autoconf inet6 2001:16d8:ff20:1::98 prefixlen 64 ether 00:02:55:b1:ff:5a media: Ethernet autoselect (100baseTX ) status: active carp1: flags=3D49 mtu 1500 inet6 2001:16d8:ff20:1::99 prefixlen 64 carp: MASTER vhid 2 advbase 1 advskew 100 Pinging 2001:16d8:ff20:1::98 (fxp0 addr) from other box works fine. =20 However, when i try to ping 2001:16d8:ff20:1::99 (carp1), it does not =20= realy work: carpbox# tcpdump -i fxp0 -nveev ip6 tcpdump: listening on fxp0, link-type EN10MB (Ethernet), capture size =20= 96 bytes 19:36:58.150282 00:a0:cc:77:35:ff > 33:33:ff:00:00:99, ethertype IPv6 =20= (0x86dd), length 86: (hlim 255, next-header: ICMPv6 (58), length: 32) =20= 2001:16d8:ff20:1::1 > ff02::1:ff00:99: [icmp6 sum ok] ICMP6, neighbor =20= solicitation, length 32, who has 2001:16d8:ff20:1::99 source link-address option (1), length 8 (1): 00:a0:cc:=20 77:35:ff 0x0000: 00a0 cc77 35ff 19:36:58.150393 00:00:5e:00:01:02 > 00:a0:cc:77:35:ff, ethertype IPv6 =20= (0x86dd), length 86: (hlim 255, next-header: ICMPv6 (58), length: 32) =20= 2001:16d8:ff20:1::98 > 2001:16d8:ff20:1::1: [icmp6 sum ok] ICMP6, =20 neighbor advertisment, length 32, tgt is 2001:16d8:ff20:1::99, Flags =20 [solicited, override] destination link-address option (2), length 8 (1): =20 00:00:5e:00:01:02 0x0000: 0000 5e00 0102 19:36:58.150642 00:a0:cc:77:35:ff > 00:00:5e:00:01:02, ethertype IPv6 =20= (0x86dd), length 70: (hlim 64, next-header: ICMPv6 (58), length: 16) =20 2001:16d8:ff20:1::1 > 2001:16d8:ff20:1::99: [icmp6 sum ok] ICMP6, =20 echo request, length 16, seq 0 19:36:59.150566 00:a0:cc:77:35:ff > 00:00:5e:00:01:02, ethertype IPv6 =20= (0x86dd), length 70: (hlim 64, next-header: ICMPv6 (58), length: 16) =20 2001:16d8:ff20:1::1 > 2001:16d8:ff20:1::99: [icmp6 sum ok] ICMP6, =20 echo request, length 16, seq 1 19:37:00.150360 00:a0:cc:77:35:ff > 00:00:5e:00:01:02, ethertype IPv6 =20= (0x86dd), length 70: (hlim 64, next-header: ICMPv6 (58), length: 16) =20 2001:16d8:ff20:1::1 > 2001:16d8:ff20:1::99: [icmp6 sum ok] ICMP6, =20 echo request, length 16, seq 2 ^C The other box sends neighbor solicitation "who has", and the carp box =20= successfully responds with a "tgt is" with correct MAC/IP etc (btw, =20 what is the carp MAC based on?). After the other box has recieved the adv, it starts to send icmp6 =20 packets.. But for some reason the carpbox does not seem to react to =20 these at all? PF is disabled and I dont use ipfw. FreeBSD carpbox.stromnet.org 6.1-RELEASE-p5 FreeBSD 6.1-RELEASE-p5 =20 #2: Wed Aug 30 10:22:54 CEST 2006 johan@ carpbox.stromnet.org:/=20 usr/obj/usr/src/sys/DEVBOX i386 (GENERIC + carp+pfsync kernel) Have I missed something? The same setup works fine with IPv4. Maybe =20 this is related to kern/98622, but I dont see these symptoms =20 described there... Also, I see no ip6 multicast trafik from the box =20 (advertisements), but ip4 is fully visible. Thanks for any help, carp (at leat for ipv4 :P) rocks! :) Johan Str=F6m johan@stromnet.org