From nobody Tue Dec  5 12:11:45 2023
X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Skzsw4CDXz52vgQ
	for <freebsd-net@mlmmj.nyi.freebsd.org>; Tue,  5 Dec 2023 12:11:48 +0000 (UTC)
	(envelope-from kp@FreeBSD.org)
Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "smtp.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Skzsw3QCzz4X7j;
	Tue,  5 Dec 2023 12:11:48 +0000 (UTC)
	(envelope-from kp@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1701778308;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=7xmmB1x/aVyHlW3fgaqDAsGdBR1Z2+Ci5n6EeYM9By0=;
	b=guvADgGS5VRSw+SmWMphK4bMW7FUiWXmygdqKfzpg2QkW8nztCxD0YqM1/lUIcZCz1HK5X
	wn7/F61gbPaOmUjHCJnLAL1PceuUGt1WV9WmLnFPn6eO+3wJVaCVm8H1ReunRE5J9btFX0
	667NuDQ9zw6f4DlahAh4IZ3NwYdFO720GpmiVHX3O+q1Qb0IRebLJfJhybecDBg7lQXWG9
	cjXT2dtwKGBDEPyWs75PHG5TLiYJBL3Oihrb24V17HsOG41NLKYhScQv1ms/j6d31PSDHu
	OLhuHQqBzpnk96csQQOBg2fmWiyD245tYPxRzluwrjoOp4gOEQwru5Q3cBmkKw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1701778308; a=rsa-sha256; cv=none;
	b=IlZV36KnToixBlM4Yp+xroRqmfGskT4p0dAeq8fKilm4djYlTIc8vwmGUO1Pz39Q+FnQKd
	CQ3XFLs7jn/r3RZoSbXAJvXzJAflfuBgJARUd0pxw7hSahV+3foBC8bPi/UwIGQzUzosOh
	rPvdogjdDWysITM30rZ2SfvFUiuTYJFwDoxmqbTxyakzhZSc8ZD3UcXakT5WtfhS+jQN/p
	iH7Y2bgMX69ab8DMOkclhKiY4EUN4srVtU5Ms17jBIbLvg6dzYOCwi65xwG2Vf44cwvAW5
	iACc0/hmKxy3EgaJwIBs9MklGXGruiJUTQQ+Fm5S3R+nkjfE7FAwoE9kAduWSQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1701778308;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=7xmmB1x/aVyHlW3fgaqDAsGdBR1Z2+Ci5n6EeYM9By0=;
	b=k1KPBCccEjvn94FzekX9tbvmtT7LdTWefIuatfwcd8Z+O/ec4wQ9ZqFJcxYbXZFopsJxuj
	Pn5qBjk2mfftFDVKogClNA/ZN/C0H8zDHqQypFRAL230wchtmIF8+x4M6OvPbnKIBUDo7f
	79dR9z7TixclBVySpWTEDfiM4EQefbZX1mdqKG+tjl3ZZkjYvkubLCYNqmcrE2c+EctkuZ
	sQss19d8v3X+B48jY2YM/JEcRWswfm4GQOGHRLTB53JZAq5bTjnVaCl0+4xWt+bkbHC0q6
	YIJ52UWFPuBY5vzT+qctulhB1bCjulHp4WZfKsk9fjYbfN2nJ8+eYay/odVk9Q==
Received: from venus.codepro.be (venus.codepro.be [5.9.86.228])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (2048 bits) client-digest SHA256)
	(Client CN "mx1.codepro.be", Issuer "R3" (verified OK))
	(Authenticated sender: kp)
	by smtp.freebsd.org (Postfix) with ESMTPSA id 4Skzsw1rnJz8Yj;
	Tue,  5 Dec 2023 12:11:48 +0000 (UTC)
	(envelope-from kp@FreeBSD.org)
Received: by venus.codepro.be (Postfix, authenticated sender kp)
 id 6695211883;
	Tue,  5 Dec 2023 13:11:46 +0100 (CET)
From: Kristof Provost <kp@FreeBSD.org>
To: Benoit Chesneau <benoitc@enki-multimedia.eu>
Cc: freebsd-net@freebsd.org
Subject: Re: vxlan with IPv6 underlay ?
Date: Tue, 05 Dec 2023 13:11:45 +0100
X-Mailer: MailMate (1.14r5937)
Message-ID: <793EA8DF-BD26-414A-A12D-866356D339DB@FreeBSD.org>
In-Reply-To: <bmkPdpqYkXzCqs5CYfBIZO6sXwmR1hU38pCr5cRlBeTxM4VIbzTj_A0YU6yFP2CbVxXHoOLeqHpdBY1reGJS_VvNBesk3J1HBWblpjijl2o=@enki-multimedia.eu>
References: <bmkPdpqYkXzCqs5CYfBIZO6sXwmR1hU38pCr5cRlBeTxM4VIbzTj_A0YU6yFP2CbVxXHoOLeqHpdBY1reGJS_VvNBesk3J1HBWblpjijl2o=@enki-multimedia.eu>
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

On 4 Dec 2023, at 11:25, Benoit Chesneau wrote:
> Hi,
>
> Is IPv6 underlay fully supported with FreebBSD ? I have created the a t=
unnel and associated an Ipv6 address to each side. I'm able to ping betwe=
en each devicesl. But when I want to curl from the remote side it timeout=
=2E Locally on the remote side it is OK. Is this expected ? Should I rath=
er create a bridge with vxlan as a member and bind nginx to it ?
>
> ```
> $ ifconfig vxlan0 create vxlanid 108 vxlanlocal AAAA:BBBB:110b:102::100=
 vxlanremote AAAA:BBBB:110b:102::12
> $ ifconfig vxlan0
> vxlan0: flags=3D1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP=
> metric 0 mtu 1430
> options=3D80020<JUMBO_MTU,LINKSTATE>
> ether 58:9c:fc:10:ff:eb
> groups: vxlan
> vxlan vni 108 local [AAAA:BBBB:102::100]:4789 remote [AAAA:BBBB:110b:10=
2::12]:4789
> media: Ethernet autoselect (autoselect <full-duplex>)
> status: active nd6 options=3D29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
> $ ifconfig vxlan0 inet6 AAAA:BBBB:110b:300::1/64
> ````
>
> Ping from remote is ok:
> ```
> ifconfig vxlan0
> vxlan0: flags=3D1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP=
> metric 0 mtu 1430
> options=3D680323<RXCSUM,TXCSUM,JUMBO_MTU,TSO4,TSO6,LINKSTATE,RXCSUM_IPV=
6,TXCSUM_IPV6>
> ether 58:9c:fc:10:df:1f
> inet6 fe80::5a9c:fcff:fe10:df1f%vxlan0 prefixlen 64 scopeid 0xf
> inet6 AAAA:BBBB:110b:300::2 prefixlen 64
> groups: vxlan
> vxlan vni 108 local [AAAA:BBBB110b:102::12]:4789 remote [AAAA:BBBB:110b=
:102::100]:4789
> media: Ethernet autoselect (autoselect <full-duplex>)
> status: active nd6 options=3D21<PERFORMNUD,AUTO_LINKLOCAL>
> $ ping6 AAAA:BBBB:110b:300::1
> PING6(56=3D40+8+8 bytes) AAAA:BBBB:110b:300::2 --> AAAA:BBBB::110b:300:=
:1
> 16 bytes from 2a0e:e701:110b:300::1, icmp_seq=3D0 hlim=3D64 time=3D0.07=
1 ms
> 16 bytes from 2a0e:e701:110b:300::1, icmp_seq=3D1 hlim=3D64 time=3D0.07=
8 ms
> 16 bytes from 2a0e:e701:110b:300::1, icmp_seq=3D2 hlim=3D64 time=3D0.07=
6 ms
> 16 bytes from 2a0e:e701:110b:300::1, icmp_seq=3D3 hlim=3D64 time=3D0.10=
4 ms
> 16 bytes from 2a0e:e701:110b:300::1, icmp_seq=3D4 hlim=3D64 time=3D0.07=
7 ms^C
> ```
>
> But when I run `curl -6 -v 'http://[AAAA:BBBB:110b:300::1]'` it timeout=
=2E
>
That smells like an MTU issue. Make sure you=E2=80=99re not blocking ICMP=
v6, and check with larger ping messages.

Best regards,
Kristof