Date: Wed, 13 Mar 2013 13:10:17 +0000 From: Schrodinger <schrodinger@konundrum.org> To: freebsd-net@freebsd.org Subject: Re: ipv6 default router Operation not permitted Message-ID: <20130313131016.GE17859@defiant.konundrum.org> In-Reply-To: <B58DABE0-BB82-412D-82AB-C7C9AFD82F12@my.gd> References: <20130312225018.GA13589@defiant.konundrum.org> <3ABB5AED-DEA9-42F6-82A1-FEA9E8BBBDCF@my.gd> <20130313091727.GA17859@defiant.konundrum.org> <201303131227.57751.Mark.Martinec%2Bfreebsd@ijs.si> <20130313125221.GD17859@defiant.konundrum.org> <B58DABE0-BB82-412D-82AB-C7C9AFD82F12@my.gd>
next in thread | previous in thread | raw e-mail | index | archive | help
--zjcmjzIkjQU2rmur Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2013/03/13 14:02, Fleuriot Damien wrote: >=20 > On Mar 13, 2013, at 1:52 PM, Schrodinger <schrodinger@konundrum.org> wrot= e: >=20 > > On 2013/03/13 12:27, Mark Martinec wrote: > >=20 > > Hi Mark, > >=20 > >> On Wednesday March 13 2013 10:17:27 Schrodinger wrote: > >>> ifconfig_re0_ipv6=3D"inet6 2001:41D0:2:E7c4::1 prefixlen 64" > >>> [...] > >>> Voodoo, indeed... I'm sure there's a /48 used somewhere but to be more > >>> specific, or rather obvious, my default gateway resides at the bounda= ry > >>> of a /56 - 2001:41D0:2:E700::/56 > >>=20 > >> Having multiple IPv6 subnets on the same wire is asking for trouble. > >>=20 > >=20 > > This isn't my network so I don't have any input into the matter. This > > is the OVH configuration for their dedicated servers, at least in my > > product range. > >=20 > >> For example, I believe an ICMP redirect still (in 9.1) does not create > >> a temporary route: > >> http://www.freebsd.org/cgi/query-pr.cgi?pr=3D152791 > >> which beat us hard time (random unreachability between hosts), > >> having to rearrange that legacy segment which happened to have > >> two subnets on the same wire. > >>=20 > >> The static routes destinations must be directly reachable (on-link). > >>=20 > >=20 > > Does adding the interface route not put the default gateway on-link > > though ? > >=20 > >> Either use a single /56 for the whole LAN, adjusting the prefix > >> length on each interface, or provide a router within each subnet. > >>=20 > >=20 > > If I am to change my prefix length to /56 this means that anyone else in > > that /56 who is configured with a prefix length of 64 will be routing to > > me and I will be swicthing to them.... This could cause problems. >=20 >=20 > I fail to see how they would be routing to you and you would be switching= to them. >=20 >=20 > OVH allocates a /64 per customer. > To avoid having to setup 1 gateway per customer, they set up a single one= within a /56 , allowing for 256 /64s > This mimics the situation where your host gives you a /32 ipv4 withing a = /24 network and uses a single gateway, again for 250ish customers. >=20 > Whenever an IPv6 packet arrives on OVH's router for your /64, it is route= d to your server. > I don't see how this qualifies as "another customer routing to you" ? >=20 I am informed that I must configure my interface to /64 by OVH. The same as everyone else. So if everyone was on a /64 then we will send packets to each other via our shared default gateway. E.g.: I am 2001:41d0:2:e7c4::1/64 My default gateway is 2001:41d0:2:e7ff:ff:ff:ff:ff If I wanted to communicate with a host in 2001:41d0:2:e7c5::/64 and his default gateway is also 2001:41d0:2:e7ff:ff:ff:ff:ff then we will route packets to each other. Correct? If I were to change my interface prefix length to /56 my host would no longer consider the need to send packets to the default gateway for any host within this /56. I would simply perform Neighbour Solicitation on my link. E.g.: I am 2001:41d0:2:e7c4::1/56 My default gateway is 2001:41d0:2:e7ff:ff:ff:ff:ff If I wanted to communicate with a host in 2001:41d0:2:e7c5::/64 and his default gateway is also 2001:41d0:2:e7ff:ff:ff:ff:ff then I would switch to him because the /56 is "on-link" to me but to the recipient he must route to me via his default gateway. Correct? C. --=20 +---------------------------------------------------------------+ Quidquid latine dictum sit, altum sonatur. MSN: schro5@hotmail.com ICQ: 112562229 GPG: http://www.konundrum.org/schro.asc --zjcmjzIkjQU2rmur Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iQIcBAEBCgAGBQJRQHq3AAoJEBBi7cjNKnTj9acP/0xpWygTCVqAi5YIrSX/kidR doQyF9GfQyjFzuhtIPKEQiP38hNlA6pHr5k5ZGCsc7smou+CNWBeAplR32nHt2mm NBu+yJbGpE3owpFnt+VDaix0LVdk4YYrohaaGZ/qpsjuPbj+hVW25PKLGmwDBsHp R54lXeKMFIbzziop/LT1amZ2NVUhADhvO2mZJovVXa9NpCNOAczDCa6qX938zmTg C9BxeBLoRrxksdy0ex66hGIz5QCyj8oLu1zX21pl2Kzs9cGSb45RmG87s4mOxmdv ad3WOTpjqDv3byYoyNsteoQzjVpV3BH/o3gtYkSzzQgWv/FQD05EadOZo8mY95Zu tLb43U6kpvd18we/+YmxErDUG2l87OiCBfBz9IXStyNKOJ5WuXXkOOw1pLUPTui6 vXKGexNhQigUg6tJuub+kiQAGk8Tfi1OOjSBgsrq2EGJ/X8C/Nbz7XhNP82OgfJ0 kmWWv4keyH6xhy3ZLTiBb+J4wubfTpttlxo4W+U3Ou0dimknqjLe0TfiLNYirmxy SB8JfSWKpKlEuEZWBJ3GC3qAWHrLrqA2dUQfCiQP1SCr5C6JY4/PJSg/cP3M6IzC 4VdHGaW3u86zvEf4Xpq83IcTGWxlkANIjb05jjJr7iMitqYAmZdj8Akgfwm1DbLW XK6QeNThglbqNcefGOxi =+JyH -----END PGP SIGNATURE----- --zjcmjzIkjQU2rmur--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130313131016.GE17859>