Date: Wed, 13 Mar 2013 14:02:26 +0100 From: Fleuriot Damien <ml@my.gd> To: Schrodinger <schrodinger@konundrum.org> Cc: freebsd-net@freebsd.org Subject: Re: ipv6 default router Operation not permitted Message-ID: <B58DABE0-BB82-412D-82AB-C7C9AFD82F12@my.gd> In-Reply-To: <20130313125221.GD17859@defiant.konundrum.org> References: <20130312225018.GA13589@defiant.konundrum.org> <3ABB5AED-DEA9-42F6-82A1-FEA9E8BBBDCF@my.gd> <20130313091727.GA17859@defiant.konundrum.org> <201303131227.57751.Mark.Martinec%2Bfreebsd@ijs.si> <20130313125221.GD17859@defiant.konundrum.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mar 13, 2013, at 1:52 PM, Schrodinger <schrodinger@konundrum.org> = wrote: > On 2013/03/13 12:27, Mark Martinec wrote: >=20 > Hi Mark, >=20 >> On Wednesday March 13 2013 10:17:27 Schrodinger wrote: >>> ifconfig_re0_ipv6=3D"inet6 2001:41D0:2:E7c4::1 prefixlen 64" >>> [...] >>> Voodoo, indeed... I'm sure there's a /48 used somewhere but to be = more >>> specific, or rather obvious, my default gateway resides at the = boundary >>> of a /56 - 2001:41D0:2:E700::/56 >>=20 >> Having multiple IPv6 subnets on the same wire is asking for trouble. >>=20 >=20 > This isn't my network so I don't have any input into the matter. This > is the OVH configuration for their dedicated servers, at least in my > product range. >=20 >> For example, I believe an ICMP redirect still (in 9.1) does not = create >> a temporary route: >> http://www.freebsd.org/cgi/query-pr.cgi?pr=3D152791 >> which beat us hard time (random unreachability between hosts), >> having to rearrange that legacy segment which happened to have >> two subnets on the same wire. >>=20 >> The static routes destinations must be directly reachable (on-link). >>=20 >=20 > Does adding the interface route not put the default gateway on-link > though ? >=20 >> Either use a single /56 for the whole LAN, adjusting the prefix >> length on each interface, or provide a router within each subnet. >>=20 >=20 > If I am to change my prefix length to /56 this means that anyone else = in > that /56 who is configured with a prefix length of 64 will be routing = to > me and I will be swicthing to them.... This could cause problems. I fail to see how they would be routing to you and you would be = switching to them. OVH allocates a /64 per customer. To avoid having to setup 1 gateway per customer, they set up a single = one within a /56 , allowing for 256 /64s This mimics the situation where your host gives you a /32 ipv4 withing a = /24 network and uses a single gateway, again for 250ish customers. Whenever an IPv6 packet arrives on OVH's router for your /64, it is = routed to your server. I don't see how this qualifies as "another customer routing to you" ?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B58DABE0-BB82-412D-82AB-C7C9AFD82F12>