link-local needed w/static IP and gateway?

Charles Sprickman spork at bway.net
Thu Jun 16 05:39:28 UTC 2011 

Just wanted to summarize after I was able to watch all this on another
host.  I ran tcpdump on the host that I was adding to the IPv6 network
as well as on another host that would see all the broad^H^H^H multicast
traffic for neighbor discovery.

First I'll just lay out what appears to be the correct procedure for
bringing a FreeBSD box up on an IPv6 network in an environment where
you're using static IPv6 IPs.

-Edit rc.conf to include your IPv6 IP(s) and default route, specify
which interfaces will run IPv6, and enable IPv6:

ipv6_enable="YES"
ipv6_network_interfaces="lo0 bce1"
ipv6_defaultrouter="2001:xxx:xxxx::1"
ipv6_ifconfig_bce1="2001:xxx:xxxx:1::23/48"

-Use sysctl to enable link-local addresses:

# sysctl -w net.inet6.ip6.auto_linklocal=1

-Bounce the interface, which seems to kick something that triggers the
kernel to setup link-local addresses:

# ifconfig bce1 down up
(that's literal - you don't need to down/up it in two commands)

-Run the ipv6 rc.d script:

# /etc/rc.d/network_ipv6 start

What I observed was fairly interesting.  I manually added the IPv6 IP
and default route.  At this point, address resolution (mapping L3 to L2)
works fine with other hosts on the network.  After spending many hours
reading up on link-local and how ND (neighbor discovery) works in IPv6
(which I think is actually much more clever than ARP - ND is actually at
layer 3 and uses multicast), it really didn't look to me like ND really
relied on link-local addresses.  As soon as the host has any IPv6 IP, it
joins the multicast group (ff02::/16) and can see NA (neighbor
advertisement) and ND traffic.  In receiving NAs it learns L3-L2
mappings and in sending them other nodes learn L3-L2 mappings.
Everything is peachy keen.  It can even see the router.  All these hosts
are able to ping each other.

What does not work is the default route.  I could see outside traffic
hitting the host (indicating the router had a L3-L2 mapping to the host)
and I could see the host responding to pings from outside.  But that
traffic did not ever leave the host.

I'm still fuzzy on the explanation, but the default route does not seem
to stick to the external interface until the link-local address comes
up, even though the host has learned the L2 address of the default gateway.

Anyhow, it would be great if the procedure from bringing IPv6 up on a
running host without a reboot could be documented somewhere.  Seeing
everything pingable inside the network might lead other v6 noobs like
myself chasing off in all sorts of directions before giving up and
rebooting.  The whole thing was a wonderful learning experience though,
but info on the guts of address resolution was hard to come by.

It would be really great if the network_ipv6 script would toggle the
link-local sysctl when run.  Why it does not puzzles me.

Thanks,

Charles

Charles Sprickman wrote:
> (sending to list, accidentally missed "reply to all" when I replied to Doug)
> 
> Doug Barton wrote:
>> On 6/12/2011 3:30 PM, Charles Sprickman wrote:
>>> Can anyone help me understand what the relationship is between address
>>> resolution for the router
>> I don't know what you mean by "address resolution for the router."
> 
> Layer-2 to Layer-3 mapping and discovery.
> 
>>> and link-local?  Why is this required?  Why
>>> can I ping other hosts on the subnet without enabling link-local?
>> link-local is required for IPv6. The gateway address should be the
>> link-local address, not the GUA.
> 
> What is the purpose then of the default route statement for IPv6 in
> rc.conf and why have my providers offered up a non-link-local gateway
> address?
> 
> Thanks,
> 
> Charles
>

More information about the freebsd-net mailing list