From owner-freebsd-net@FreeBSD.ORG Mon Oct 3 20:43:01 2011 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1DC08106566B for ; Mon, 3 Oct 2011 20:43:01 +0000 (UTC) (envelope-from qing.li@bluecoat.com) Received: from whisker.bluecoat.com (whisker.bluecoat.com [216.52.23.28]) by mx1.freebsd.org (Postfix) with ESMTP id 026AF8FC0A for ; Mon, 3 Oct 2011 20:43:00 +0000 (UTC) Received: from PWSVL-EXCHTS-01.internal.cacheflow.com ([10.2.2.122]) by whisker.bluecoat.com (8.14.2/8.14.2) with ESMTP id p93KgvDG012831 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Mon, 3 Oct 2011 13:42:57 -0700 (PDT) Received: from PWSVL-EXCMBX-01.internal.cacheflow.com ([fe80::15bc:12e2:4676:340f]) by PWSVL-EXCHTS-01.internal.cacheflow.com ([fe80::5c50:e2ba:8115:4223%20]) with mapi id 14.01.0289.001; Mon, 3 Oct 2011 13:42:52 -0700 From: "Li, Qing" To: Matt Smith , "freebsd-net@freebsd.org" Thread-Topic: gif interface not passing IPv6 packets Thread-Index: AQHMfDK/mwfhA1dz/UeEmS2mO8Ay5pVrIOAw Date: Mon, 3 Oct 2011 20:42:51 +0000 Message-ID: References: In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.2.2.106] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Cc: Subject: RE: gif interface not passing IPv6 packets X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Oct 2011 20:43:01 -0000 Hi, I saw the thread but I was traveling the whole of last week, did not=20 have a system to work on. The problem you encountered on gif was due to a bug in the IPv6 code. I believe have a patch but I need to do more testing. I will post it shortl= y. --Qing > -----Original Message----- > From: owner-freebsd-net@freebsd.org [mailto:owner-freebsd- > net@freebsd.org] On Behalf Of Matt Smith > Sent: Monday, September 26, 2011 2:28 AM > To: freebsd-net@freebsd.org > Subject: gif interface not passing IPv6 packets >=20 > I have a very strange problem with a gif interface that has been > confusing me all weekend. For the last six months I have had a gif > tunnel setup to an ipv6 tunnel broker which has worked without any > issues. On Friday I had a power cut. The power returned, the server > restarted, and the tunnel has been down since. I have checked and > rechecked the configuration and it all looks identical to what I would > expect. I've even gone as far as running a buildworld/kernel in case > the power outage corrupted something. >=20 > The problem is that the gif interface doesn't appear to be processing > any IPv6 packets at all, though it works fine with IPv4. I can't ping > my side of the tunnel. For example: >=20 > root@tao[~]# ifconfig gif0 > gif0: flags=3D8051 metric 0 mtu 1280 > tunnel inet 192.168.1.2 --> 77.75.104.126 > inet6 fe80::240:63ff:fee8:793e%gif0 prefixlen 64 scopeid 0x5 > inet6 2a01:348:6:45c::2 --> 2a01:348:6:45c::1 prefixlen 128 > deprecated > nd6 options=3D3 > options=3D1 >=20 > root@tao[~]# ping6 2a01:348:6:45c::2 > PING6(56=3D40+8+8 bytes) 2a01:348:6:45c::2 --> 2a01:348:6:45c::2 >=20 > root@tao[~]# tcpdump -i gif0 > listening on gif0, link-type NULL (BSD loopback), capture size 96 bytes > 10:15:12.545930 IP6 cl-1117.lon-02.gb.sixxs.net > > cl-1117.lon-02.gb.sixxs.net: ICMP6, echo request, seq 0, length 16 > 10:15:13.546316 IP6 cl-1117.lon-02.gb.sixxs.net > > cl-1117.lon-02.gb.sixxs.net: ICMP6, echo request, seq 1, length 16 > 10:15:14.546220 IP6 cl-1117.lon-02.gb.sixxs.net > > cl-1117.lon-02.gb.sixxs.net: ICMP6, echo request, seq 2, length 16 >=20 > I've deleted other lines from the tcpdump like neighbour solicitation > and only shown the pings. But there is no ping response, only the > request. >=20 > Traceroute shows similar: >=20 > root@tao[~]# traceroute6 2a01:348:6:45c::2 > traceroute6 to 2a01:348:6:45c::2 (2a01:348:6:45c::2) from > 2a01:348:6:45c::2, 64 hops max, 12 byte packets > 1 * * * >=20 > If I create an entire new interface, same problem, but as you can see > works fine with IPv4: >=20 > root@tao[~]# ifconfig gif1 create > root@tao[~]# ifconfig gif1 tunnel 192.168.1.2 1.2.3.4 > root@tao[~]# ifconfig gif1 inet6 2abc::2 2abc::1 prefixlen 128 > root@tao[~]# ping6 2abc::2 > PING6(56=3D40+8+8 bytes) 2abc::2 --> 2abc::2 > ^C > --- 2abc::2 ping6 statistics --- > 3 packets transmitted, 0 packets received, 100.0% packet loss >=20 > root@tao[~]# ifconfig gif1 10.1.1.1 10.1.1.2 > root@tao[~]# ping 10.1.1.1 > PING 10.1.1.1 (10.1.1.1): 56 data bytes > 64 bytes from 10.1.1.1: icmp_seq=3D0 ttl=3D64 time=3D0.105 ms > 64 bytes from 10.1.1.1: icmp_seq=3D1 ttl=3D64 time=3D0.084 ms > 64 bytes from 10.1.1.1: icmp_seq=3D2 ttl=3D64 time=3D0.098 ms > ^C > --- 10.1.1.1 ping statistics --- > 3 packets transmitted, 3 packets received, 0.0% packet loss > round-trip min/avg/max/stddev =3D 0.084/0.096/0.105/0.009 ms > root@tao[~]# ifconfig gif1 destroy >=20 > I'm running FreeBSD 8.2-RELEASE-p2. ipfw is compiled in the kernel > however even if I flush all the rules so that it's just left with a > default allow rule the same thing happens. And as I said before unless > I'm being really blind and missed something obvious this config worked > fine before my power outage! >=20 > Here is my routing table for gif0: >=20 > root@tao[~]# netstat -rn | grep gif0 > default 2a01:348:6:45c::1 UGS > gif0 > 2a01:348:6:45c::1 2a01:348:6:45c::2 UH > gif0 > fe80::%gif0/64 link#5 U > gif0 > fe80::240:63ff:fee8:793e%gif0 link#5 UHS > lo0 > ff01:5::/32 fe80::240:63ff:fee8:793e%gif0 U > gif0 > ff02::%gif0/32 fe80::240:63ff:fee8:793e%gif0 U > gif0 >=20 > And here are my firewall rules to prove it's flushed: >=20 > root@tao[~]# ipfw list > 65535 allow ip from any to any >=20 > Thanks for any help or suggestions, Regards Matt. > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"