Date: Thu, 16 Jun 2011 03:12:12 -0400 From: Charles Sprickman <spork@bway.net> To: Hiroki Sato <hrs@FreeBSD.org> Cc: freebsd-net@FreeBSD.org Subject: Re: link-local needed w/static IP and gateway? Message-ID: <4DF9ACCC.5070506@bway.net> In-Reply-To: <20110616.145712.10896502890982069.hrs@allbsd.org> References: <4DF56879.30204@bway.net> <4DF5761C.9040509@bway.net> <4DF9970D.5000505@bway.net> <20110616.145712.10896502890982069.hrs@allbsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hiroki Sato wrote: > Charles Sprickman <spork@bway.net> wrote > in <4DF9970D.5000505@bway.net>: > > sp> -Edit rc.conf to include your IPv6 IP(s) and default route, specify > sp> which interfaces will run IPv6, and enable IPv6: > sp> > sp> ipv6_enable="YES" > sp> ipv6_network_interfaces="lo0 bce1" > sp> ipv6_defaultrouter="2001:xxx:xxxx::1" > sp> ipv6_ifconfig_bce1="2001:xxx:xxxx:1::23/48" > sp> > sp> -Use sysctl to enable link-local addresses: > sp> > sp> # sysctl -w net.inet6.ip6.auto_linklocal=1 > > This is not needed when ipv6_enable="YES". Correct, unless you have not rebooted. It would be nice to have a hook to enabling that in the ipv6 rc.d script though. > sp> -Bounce the interface, which seems to kick something that triggers the > sp> kernel to setup link-local addresses: > sp> > sp> # ifconfig bce1 down up > sp> (that's literal - you don't need to down/up it in two commands) > > Ditto. Correct. Unless you haven't rebooted... > sp> -Run the ipv6 rc.d script: > sp> > sp> # /etc/rc.d/network_ipv6 start > > I do not recommend to use the rc.d/network_ipv6 script for manual > configuration because it often ends up an incomplete configuration as > you experienced. Rebooting the system would be better. The > rc.d/netif script on 9.X works well for that purpose without a > reboot, though. OK. I think there are a fair number of environments (ie: server) where rebooting for an IP change wouldn't be acceptable. So I would like to make sure that my manual method is close enough that I can share info without leading others down the wrong path. Good to hear this will be easier in 9.x. > sp> I'm still fuzzy on the explanation, but the default route does not seem > sp> to stick to the external interface until the link-local address comes > sp> up, even though the host has learned the L2 address of the default gateway. > > On IPv6 router, MLD works only when at least one LLA is configured on > all of the interfaces. In short, ND will completely be broken on a > router with a GUA and no LLA. > > LLA is a MUST for every IPv6-speaking interface, not for automatic > router discovery only. This is because ICMPv6 heavily depends on it. > Without LLA some unexpected and/or inconsistent behaviors can happen, > especially on a router as you experienced. I'm puzzled by why hosts with static IPv6 IPs could communicate with each other. I noticed in some of my netstat output that even though the ff02 multicast network was in the table, it was only bound to the loopback. However I still logged multicast to/from the box. One of the RFCs also noted that multicast is limited in scope to the link-local address, so in theory, not even the host to host ND should have worked. I guess that's what threw me. > I would not recommend you to try to understand what will happen > without LLA because it is quite complex and just ends up various kind > of inconsistent behaviors. For why LLA is needed, the primary > documents are RFC 3810, 4007, 4291, 4861, and 4884. I knew I'd eventually have to read RFCs. :) I totally agree with you, and what I've been reading elsewhere suggests that ND really shouldn't work without a link-local interface enabled. I have to assume that the multicast traffic somehow still making its way onto the wire. Not sure if that's a bug or a feature or a quirk of how what's a L3 protocol (icmp6 multicast) gets mapped to L2. Thanks, Charles > -- Hiroki
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4DF9ACCC.5070506>