From owner-freebsd-net@FreeBSD.ORG Mon Feb 9 17:00:31 2015 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B0F1D677 for ; Mon, 9 Feb 2015 17:00:31 +0000 (UTC) Received: from smtp2.mail.clearhost.co.uk (smtp2.mail.clearhost.co.uk [IPv6:2001:1420::25:102]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "*.mail.clearhost.co.uk", Issuer "RapidSSL CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 7AB3ECF9 for ; Mon, 9 Feb 2015 17:00:31 +0000 (UTC) Received: from [2001:1420:a:105:c62c:3ff:fe2f:bf] (port=52738 helo=parsnip.heronsbrook.org.uk) by smtp2.mail.clearhost.co.uk with esmtpa (Exim 4.76 (FreeBSD)) (envelope-from ) id 1YKrhE-000Cwj-1Q for freebsd-net@freebsd.org; Mon, 09 Feb 2015 17:00:28 +0000 Message-ID: <54D8E7AC.3080006@prt.org> Date: Mon, 09 Feb 2015 17:00:28 +0000 From: Paul Thornton User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:31.0) Gecko/20100101 Thunderbird/31.3.0 MIME-Version: 1.0 To: freebsd-net@freebsd.org Subject: Re: ifconfig greX create disables IPv6 forwarding References: <87h9uvjb7p.fsf@corbe.net> In-Reply-To: <87h9uvjb7p.fsf@corbe.net> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Feb 2015 17:00:31 -0000 On 09/02/2015 16:34, Daniel Corbe wrote: > > For some reason, every time I create a GRE interface on a FreeBSD IPv6 > gateway, net.inet6.ip6.forwarding is disabled. As long as I manually > re-enable it with sysctl, both the GRE tunnel and the IPv6 network > behind this machine will continue to work; however, it's certainly far > from ideal. I stumbled acro I discovered this in January. See this thread: http://lists.freebsd.org/pipermail/freebsd-net/2015-January/040797.html Are you enabling forwarding using ipv6_gateway_enable in rc.conf, or are you just setting net.inet6.ip6.forwarding to 1 in sysctl.conf? devd gets involved running /etc/rc.d/netif start and that seems to check (and set) the forwarding sysctls based on the rc.conf entries - so if you've set them "manually" they get reset when a new interface is brought up. Adding ipv6_gateway_enable="YES" in /etc/rc.conf should fix this. Paul.