Date: Mon, 19 Dec 2016 16:00:48 +0900 (JST) From: Hiroki Sato <hrs@FreeBSD.org> To: anderson.ferreira@gmx.com, freebsd-net@freebsd.org Cc: ae@FreeBSD.org, melifaro@freebsd.org, bz@FreeBSD.org, markj@freebsd.org Subject: Re: Trouble with ipv6 routing through interface,Re: Trouble with ipv6 routing through interface Message-ID: <20161219.160048.1136181454257627813.hrs@allbsd.org> In-Reply-To: <c5400b5d-a391-c688-f569-d2f129925a89@FreeBSD.org> References: <780FE1FC-EA67-4593-BC0A-259F4B8E7FB5@gmx.com> <780FE1FC-EA67-4593-BC0A-259F4B8E7FB5@gmx.com> <c5400b5d-a391-c688-f569-d2f129925a89@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
----Security_Multipart(Mon_Dec_19_16_00_48_2016_153)-- Content-Type: Text/Plain; charset=iso-2022-jp Content-Transfer-Encoding: 7bit "Andrey V. Elsukov" <ae@FreeBSD.org> wrote in <c5400b5d-a391-c688-f569-d2f129925a89@FreeBSD.org>,<c5400b5d-a391-c688-f569-d2f129925a89@FreeBSD.org>: ae> On 16.12.2016 03:24, Anderson Soares Ferreira wrote: ae> > I have a freebsd 11 box running as my network gateway and I’m having ae> > some trouble trying to route ipv6 packets through an interface with ae> > only linklocal address. In short, what I’m doing is: ae> > ae> > My freebsd gateway has one global scope address on lo0 interface, ae> > each other interface has only a link local address fe80::1. Static ae> > routes for the global scope subnets have been created, Each route was ae> > created using the command: ae> > ae> > # route -6 add -net <net address>/64 -interface <dev> ae> > ae> > The clients on each subnet have a global scope address and fe80::1 as ae> > default gateway. ae> > ae> > What is happening with this approach is that my gateway can’t reach ae> > the clients on the subnets. Ping tests from the gateway to the client ae> > return the error "ping6: sendmsg: No buffer space available”. On the ae> ae> Hi, ae> ae> this ENOBUFS error is returned from ND6 code. Due to the lack of ae> prefixes, layer2 doesn't consider that destination address is a ae> neighbor. ae> ae> > other hand, when I try to do a ping from client to gateway, the ae> > packets from the client are received by the gateway but no response ae> > is sent. In my tests using a linux gateway with the same approach, ae> > everything worked fine . ae> ae> I'm not sure how this should be fixed. A FreeBSD router box must have an IPv6 address on each interface if you want to reach the router from a client (and vice versa). Currently FreeBSD does not properly support an IPv6 GUA on an interface and a route of the GUA's prefix on another interface without an GUA at the same time, which is often seen on a dedicated router box like Cisco. This is partly because FreeBSD's NDP and routing table assume that an on-link prefix is interface-local, not node-local across multiple interfaces. A practical workaround is using an LLA (i.e. fe80::1 or something) for communication between the router and the clients. -- Hiroki ----Security_Multipart(Mon_Dec_19_16_00_48_2016_153)-- Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEABECAAYFAlhXhaAACgkQTyzT2CeTzy2a2ACeKET3R9U9erE9sRmqN+ZYoGOq nioAn3z/Y58w7E/0en9lc4w726bNmUQL =hzfy -----END PGP SIGNATURE----- ----Security_Multipart(Mon_Dec_19_16_00_48_2016_153)----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20161219.160048.1136181454257627813.hrs>