ipv6 changes in src/UPDATING

Matthew Seaman m.seaman at infracaninophile.co.uk
Thu Mar 25 10:11:13 UTC 2010 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 25/03/2010 09:17:30, Robert Huff wrote:
> 
> 	I am updating a system:
> 
> FreeBSD 9.0-CURRENT #3: Tue Sep 15 18:49:58 EDT 2009  amd64
> 
> 	and failing to understand the (practical) consequences of
> UPDATING entries 20090926 and 20091202.  The system runs ipv6, but
> external connectivity is though a v6-over-v4 tunnel (net/gateway6).
> 	rc.conf currently has:
> 
> huff@>>grep v6 /etc/rc.conf
> ipv6_gateway_enable="YES"       # Set to YES if this host will be a gateway.
> ipv6_firewall_enable="YES"      # Set to YES to enable IPv6 firewall
> ipv6_firewall_type="UNKNOWN"    # see /etc/rc.firewall6
> ipv6_firewall_script="/etc/ipfw.v6.set" # Which script to run to set up the IPv6 firewall
> ipv6_firewall_flags=""  # see /etc/rc.firewall6
> gateway6_enable="YES"
> 
> 	<eyes glaze over> Um ... er ... ah ... what needs to change?

None of the above, probably.  As you're using a custom firewall
initialisation script, you don't need to worry about the variables for
controlling the various pre-canned scripts.

The text in UPDATING seems fairly clear to me: for the 20090926 update,
various rc.conf variables prefixed by ipv6 are deprecated in favour of
similar variables *suffixed* by ipv6 -- this is a simple matter of
editing to sort out.

There is also a new overall control knob for turning on or off IPv6
capability entirely.  The new thing here is that it allows you to make
that change per-interface rather than for the whole machine.  Given you
want IPv6 capability on all interfaces, just use ipv6_prefer="YES"

You need to look at the ifconfig_ifX* or ipv6_addrs_ifX variables.
Given that you've said your machine is a router for ipv6, you can't use
rtsol(8), so you should be manually configuring addresses on your
interfaces.  You may not need to make any changes there: even so,
shouldn't be too hard to debug.

For the 20091202 update, again it is pretty much a replacement of
variables with an ipv6 prefix, to ones with an ipv6 suffix.  All the
variables mentioned just detail the local IP addresses and networks, and
let you select which firewall script you want to use.  As it says, the
ipv6 configuration exactly parallels the ipv4 configuration now.

	Cheers,

	Matthew

- -- 
Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                  Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey     Ramsgate
                                                  Kent, CT11 9PW
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.14 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkurNroACgkQ8Mjk52CukIwfGwCfWJ6ZGlerqj3yMNrNaqY/SOyp
LIoAn0+dT9Bp3YKnrP6dz9kGV2FZKXUg
=kAQt
-----END PGP SIGNATURE-----

More information about the freebsd-questions mailing list