Date: Sat, 19 Apr 2025 23:36:41 +0000 (UTC) From: Paige Thompson <paige@paige.bio> To: freebsd-net@freebsd.org Cc: zlei@FreeBSD.org, freebsd@oldach.net Subject: FIBs with IPv6 Message-ID: <83cc7ce5-70b6-4578-8e1a-f5ee04f2c7b9@me.com>
next in thread | raw e-mail | index | archive | help
--Apple-Webmail-42--690faeae-763d-4d50-954d-ddd8fd12e2ed
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset=utf-8;
format=flowed
Hey yall, I came across a thread today on the forum regarding an issue wit=
h trying to get IPv6 to work on something like a epair interface, I'm havi=
ng the same issue myself when one end of the epair is assigned to a FIB th=
at differs from the other. I replied to this thread, but it's pending mod.=
In any case I glossed over the tests of this in /usr/src/tests/sys/netine=
t6/ndp.sh and proxy_ndp.sh but nothing about them would lead me to believe=
that they're also testing with a FIB, nothing in the man page would lead =
me to believe that FIBs have ever been considered with regards to NDP eith=
er. IPv4 works fine, I can assign a /31 to both ends of the epair with one=
interface using a different FIB from the other and both are able to reach=
each other end to end, and also looking at a packet dump seemed to confir=
m that with IPv4 ARP is working correctly. I thought I was going crazy for=
a minute because I remember this exact configuration (or something nearly=
identical at least) worked for me on OpenBSD. Linux is another story but =
as I recall if you don't factor in the problems that netfilter adds (like =
trying to use ct_zones as an after thought for coalescing the identity of =
a VRF from fwmark) I recall this at least worked as one would expect. I do=
n't really see anything in the git log about FIB for NDP, thing is I can p=
robably create a static NDP entry and make this work, will have to try lat=
er but I'm just wondering if maybe this just got overlooked. setfib would =
seem to be older than NDP but I don't know... looking at ndp.c I'm very un=
familiar with it but it does look like it's querying routing tables at cer=
tain points. I'll try turning on debugverbose later and see if anything co=
mes up but I just wanted to mention this just in case this stands out to a=
nybody. Thanks -Paige
--Apple-Webmail-42--690faeae-763d-4d50-954d-ddd8fd12e2ed
Content-Type: multipart/related;
type="text/html";
boundary=Apple-Webmail-86--690faeae-763d-4d50-954d-ddd8fd12e2ed
--Apple-Webmail-86--690faeae-763d-4d50-954d-ddd8fd12e2ed
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
charset=utf-8;
<html><body><div><div>Hey yall, <br></div><div><br></div><div>I came across a thread t=
oday on the forum =0Aregarding an issue with trying to get IPv6 to work on=
something like a =0Aepair interface, I'm having the same issue myself whe=
n one end of the =0Aepair is assigned to a FIB that differs from the other=
. I replied to =0Athis thread, but it's pending mod. <br></div><div><br></=
div><div>In any case I glossed over =0Athe tests of this in /usr/src/tests=
/sys/netinet6/ndp.sh and proxy_ndp.sh=0A but nothing about them would lead=
me to believe that they're also =0Atesting with a FIB, nothing in the man=
page would lead me to believe =0Athat FIBs have ever been considered with=
regards to NDP either. <br></div><div><br></div><div>IPv4=0A works fine, =
I can assign a /31 to both ends of the epair with one =0Ainterface using a=
different FIB from the other and both are able to =0Areach each other end=
to end, and also looking at a packet dump seemed to=0A confirm that with =
IPv4 ARP is working correctly. <br></div><div><br></div><div>I thought I =0A=
was going crazy for a minute because I remember this exact configuration=0A=
(or something nearly identical at least) worked for me on OpenBSD. =0ALin=
ux is another story but as I recall if you don't factor in the =0Aproblems=
that netfilter adds (like trying to use ct_zones as an after =0Athought f=
or coalescing the identity of a VRF from fwmark) I recall this =0Aat least=
worked as one would expect. <br></div><div><br></div><div>I don't really =
see anything=0A in the git log about FIB for NDP, thing is I can probably =
create a =0Astatic NDP entry and make this work, will have to try later bu=
t I'm just=0A wondering if maybe this just got overlooked. setfib would se=
em to be =0Aolder than NDP but I don't know... looking at ndp.c I'm very u=
nfamiliar =0Awith it but it does look like it's querying routing tables at=
certain =0Apoints. I'll try turning on debugverbose later and see if anyt=
hing comes=0A up but I just wanted to mention this just in case this stand=
s out to =0Aanybody.<br></div></div><div><div><br></div><div><br></div><di=
v>Thanks<br></div></div><div>-Paige<br></div></body></html>
--Apple-Webmail-86--690faeae-763d-4d50-954d-ddd8fd12e2ed--
--Apple-Webmail-42--690faeae-763d-4d50-954d-ddd8fd12e2ed--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?83cc7ce5-70b6-4578-8e1a-f5ee04f2c7b9>