ipv6 default router Operation not permitted

Fleuriot Damien ml at my.gd
Wed Mar 13 13:02:30 UTC 2013 

On Mar 13, 2013, at 1:52 PM, Schrodinger <schrodinger at konundrum.org> wrote:

> On 2013/03/13 12:27, Mark Martinec wrote:
> 
> Hi Mark,
> 
>> On Wednesday March 13 2013 10:17:27 Schrodinger wrote:
>>> ifconfig_re0_ipv6="inet6 2001:41D0:2:E7c4::1 prefixlen 64"
>>> [...]
>>> Voodoo, indeed... I'm sure there's a /48 used somewhere but to be more
>>> specific, or rather obvious, my default gateway resides at the boundary
>>> of a /56 - 2001:41D0:2:E700::/56
>> 
>> Having multiple IPv6 subnets on the same wire is asking for trouble.
>> 
> 
> This isn't my network so I don't have any input into the matter. This
> is the OVH configuration for their dedicated servers, at least in my
> product range.
> 
>> For example, I believe an ICMP redirect still (in 9.1) does not create
>> a temporary route:
>>  http://www.freebsd.org/cgi/query-pr.cgi?pr=152791
>> which beat us hard time (random unreachability between hosts),
>> having to rearrange that legacy segment which happened to have
>> two subnets on the same wire.
>> 
>> The static routes destinations must be directly reachable (on-link).
>> 
> 
> Does adding the interface route not put the default gateway on-link
> though ?
> 
>> Either use a single /56 for the whole LAN, adjusting the prefix
>> length on each interface, or provide a router within each subnet.
>> 
> 
> If I am to change my prefix length to /56 this means that anyone else in
> that /56 who is configured with a prefix length of 64 will be routing to
> me and I will be swicthing to them.... This could cause problems.


I fail to see how they would be routing to you and you would be switching to them.


OVH allocates a /64 per customer.
To avoid having to setup 1 gateway per customer, they set up a single one within a /56 , allowing for 256 /64s
This mimics the situation where your host gives you a /32 ipv4 withing a /24 network and uses a single gateway, again for 250ish customers.

Whenever an IPv6 packet arrives on OVH's router for your /64, it is routed to your server.
I don't see how this qualifies as "another customer routing to you" ?

More information about the freebsd-net mailing list