From owner-freebsd-net@freebsd.org  Wed Feb 20 10:04:12 2019
Return-Path: <owner-freebsd-net@freebsd.org>
Delivered-To: freebsd-net@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 05E1D14ED934
 for <freebsd-net@mailman.ysv.freebsd.org>;
 Wed, 20 Feb 2019 10:04:12 +0000 (UTC)
 (envelope-from andrnils@gmail.com)
Received: from mail-lf1-x12e.google.com (mail-lf1-x12e.google.com
 [IPv6:2a00:1450:4864:20::12e])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 01E657052C
 for <freebsd-net@freebsd.org>; Wed, 20 Feb 2019 10:04:11 +0000 (UTC)
 (envelope-from andrnils@gmail.com)
Received: by mail-lf1-x12e.google.com with SMTP id q12so17150624lfm.0
 for <freebsd-net@freebsd.org>; Wed, 20 Feb 2019 02:04:10 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=mime-version:references:in-reply-to:from:date:message-id:subject:to
 :cc; bh=M7HijMh7Jbr4OoqDJW06DFnOq6gl9VFOBjy3GHHGcno=;
 b=LCkUmE1QpZb/FvfhSJ9klLXJXvK4AYVE57TpwFOru2ASyliAM9PouoyAT6q+A23AKe
 CwH7b66mYvepSnooS0Rzbejrd3c1r/ZnQ/OmWOHhxFjuS2CmcTzK2gfs71aKamLyQ9fr
 ui/N1zs6hSbRb59Ed3MyIL8FYJJ/M7YemC5ur/L2Hz5ZbK1lAjgyBoC5/zZzqUqQWjUa
 xc1MHNwoVo58vB5MPLjQ1YujZ6Gm0l2MSKzvykKQnbOWbypohGHpyUaHeYpKteG1yRw2
 x9EmzBXOnEWrmzcsttbMp22WAZEu+VpjdwXkInq60NOLqqSvV3Q/HEHAp+7bA3hsdiOY
 /4sw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:references:in-reply-to:from:date
 :message-id:subject:to:cc;
 bh=M7HijMh7Jbr4OoqDJW06DFnOq6gl9VFOBjy3GHHGcno=;
 b=EWW0Y51fRrMnIBUeDp+Yx2XFStIKZoQGyr15z5QROW6wMbgpQ+CMsL4TmES9qQtc6+
 zwtA9CJACCbR1RuH2YvYqMXNn3IME7HlPhO8kwCnEdYFdf15UsiQ6gd8b7rTlqxeoG/d
 H9virpAkEpRgjuUq79bhK4Nhm8Tl1lT2yJOOuXUTas7ldGB3u2buZJMXCbNg3y6CjULX
 cPi1dSL2gjUXrZ/IjAFMBODhUoH9zeB2pTBJVg3v0ZBW7zP+qGleERcueE3fAB2V5kC7
 +OoIjtQOEIHZ8+OaAAs6+310kKmFCL6vCPNTtZ1bRRVMatfLZ6XOb12zCKg8UnCRda+U
 Mrcg==
X-Gm-Message-State: AHQUAuaFvA1g+xXxj9/u1QguQhJ7WsQiewaVIPenDQlevhbXcCZj5rRA
 pSJ1WR26UuM/1KRTuzr0dXdxHIlWYHxLxtF5A14=
X-Google-Smtp-Source: AHgI3IYLvBJuRB8Cmr9JYNcvdzDLANQ4Mbu1vavQXiiJsGZVgDvMZVqXf+jtWD4h0kpRMADx56TVafTd8jtUlzgp2tA=
X-Received: by 2002:a19:ae0a:: with SMTP id f10mr19257781lfc.1.1550657049313; 
 Wed, 20 Feb 2019 02:04:09 -0800 (PST)
MIME-Version: 1.0
References: <95d8e3ea-af36-4d14-f280-908f92a96515@disroot.org>
 <9ab1a9b1-e1e3-9f48-2c3e-35454bcd6e77@disroot.org>
 <CAPS9+Sso1CDQZD9n7Q+-Z-rqozUkhJqo_GvEmvowY8WjMnpcng@mail.gmail.com>
 <fd3d1f9a-1915-4dee-6681-f9701a178414@disroot.org>
In-Reply-To: <fd3d1f9a-1915-4dee-6681-f9701a178414@disroot.org>
From: Andreas Nilsson <andrnils@gmail.com>
Date: Wed, 20 Feb 2019 11:03:57 +0100
Message-ID: <CAPS9+SuGf=1mdJrG_okFM_9NKS4fDrexBfqjMYjUaiGMnXRX_w@mail.gmail.com>
Subject: Re: Point-to-point using GRE over IPv6 -> not possible with a single
 /128 address on the server?
To: "Peter G." <freebsd@disroot.org>
Cc: FreeBSD Net <freebsd-net@freebsd.org>
X-Rspamd-Queue-Id: 01E657052C
X-Spamd-Bar: ----
Authentication-Results: mx1.freebsd.org;
 dkim=pass header.d=gmail.com header.s=20161025 header.b=LCkUmE1Q;
 dmarc=pass (policy=none) header.from=gmail.com;
 spf=pass (mx1.freebsd.org: domain of andrnils@gmail.com designates
 2a00:1450:4864:20::12e as permitted sender) smtp.mailfrom=andrnils@gmail.com
X-Spamd-Result: default: False [-4.94 / 15.00];
 R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36];
 FREEMAIL_FROM(0.00)[gmail.com]; TO_DN_ALL(0.00)[];
 DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2];
 DMARC_POLICY_ALLOW(-0.50)[gmail.com,none];
 MX_GOOD(-0.01)[cached: alt3.gmail-smtp-in.l.google.com];
 NEURAL_HAM_SHORT(-0.20)[-0.198,0]; FROM_EQ_ENVFROM(0.00)[];
 IP_SCORE(-2.73)[ip: (-9.32), ipnet: 2a00:1450::/32(-2.27), asn: 15169(-1.99),
 country: US(-0.07)]; MIME_TRACE(0.00)[0:+,1:+];
 FREEMAIL_ENVFROM(0.00)[gmail.com];
 ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US];
 DWL_DNSWL_NONE(0.00)[gmail.com.dwl.dnswl.org : 127.0.5.0];
 ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0];
 R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[];
 NEURAL_HAM_LONG(-1.00)[-1.000,0];
 MIME_GOOD(-0.10)[multipart/alternative,text/plain];
 PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org];
 TO_MATCH_ENVRCPT_SOME(0.00)[];
 RCVD_IN_DNSWL_NONE(0.00)[e.2.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.5.4.1.0.0.a.2.list.dnswl.org
 : 127.0.5.0]; RCVD_TLS_LAST(0.00)[]; RCVD_COUNT_TWO(0.00)[2];
 SUBJECT_ENDS_QUESTION(1.00)[]
Content-Type: text/plain; charset="UTF-8"
X-Content-Filtered-By: Mailman/MimeDel 2.1.29
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Feb 2019 10:04:12 -0000

On Tue, Feb 19, 2019 at 5:37 PM Peter G. <freebsd@disroot.org> wrote:

> On 19/02/2019 14:06, Andreas Nilsson wrote:
> > On Tue, Feb 19, 2019 at 1:38 PM Peter G. <freebsd@disroot.org> wrote:
> >
> >> On 15/02/2019 17:49, Peter G. wrote:
> >>> Now the GRE tunnel
> >>>
> >>>> ifconfig gre6 create
> >>>> ifconfig gre6 inet6 fc01:e::100 fc:02:e::200 tunnelfib 6
> >>> #ifconfig: ioctl (SIOCAIFADDR): File exists
>
> > I have not used gre with ipv6, so I cannot really be of any help. However
> > for ipv4 you specify a netmask while setting up the interface, whereas
> you
> > do not while setting up the ipv6. I also notice that you list fc02:e::200
> > for "other end" but in the commands you have fc:02:e::200 which I guess
> is
> > just typo. Does
> >
> > ifconfig gre6 inet6 fc01:e::100 fc:02:e::200 prefixlen 128 tunnelfib 6
> >
> > work? Or the whole thing
> >
> > ifconfig gre6 inet6 fc01:e::100 fc02:e::200 tunnel fc01:e::100
> fc02:e::200
> > prefixlen 128 tunnelfib 6
>
> Thanks for answering. The "full" syntax including tunnel definition also
> generates the same error, and
>
> ifconfig gre6 inet6 fc01:e::100 fc:02:e::200 prefixlen 128 tunnelfib 6
>
> seems to be equivalent to
>
> ifconfig gre6 inet6 fc01:e::100 fc:02:e::200 tunnelfib 6
>
> that is, specifying no prefixlen implies "prefixlen 128". Also tried that.
>
> There's seems to be a quirk how IPv6 is handled. If a particular IPv6
> address is already set on the physical interface, using that particular
> address for a GRE definition (i.e. "fc01:e::100" in this case, so single
> /128), always generates:
>
> ioctl (SIOCAIFADDR): File exists
>
> This is what confuses me. Using IPv4 this way is not an issue. A /32
> address can be set on an interface and the same address can be used for
> a GRE link. That's what tunnelfib/FIB is for, to separate routing for GRE.
>
> And this is what *does not work with IPv6* and I don't understand why.
>
> Seems to me the server needs to have a whole IPv6 range, and then an
> address from that range can be allocated to create/maintain GRE links,
> so this can't work with a /128 address available only.
>
> The problem is that this particular server I need this on, only has a
> single /128 address allocated to it.
>
> _The bottom line:_ I don't understand why an already allocated /128
> address can't be used for a GRE link with its own separate FIB. This is
> not logical.
>
> PG
>

I did some experimenting yesterday, and it seems to be missbehaving yes.
Seems routes shows up in wrong fib and don't go away when the gre interface
is destroyed.

I also had a few kernel panics, so the whole fibs with ipv6 seems a bit
wonky. I think you might want to submit a bug report.

Best regards
Andreas