IPv6 over gif(4) broken in 6.2-RELEASE?

Bruce A. Mah bmah at freebsd.org
Sat Jan 20 16:29:37 UTC 2007 

I'm observing a problem with IPv6 over gif(4) tunnels on 6.2-RELEASE
and recent 6-STABLE, namely that I can't seem to be able to pass
traffic over them.

Essentially, when I configure a gif interface like this:

# ifconfig gif0 inet6 aaaa:bbbb:cccc:dddd::1 aaaa:bbbb:cccc:dddd::2 prefixlen 128

the interface should add a host route to aaaa:bbbb:cccc:dddd::2
through gif0.  This is necessary to be able to pass traffic over the
tunnel, particularly since the source and destination addresses of the
link don't need to have any relationship to each other.

However, this route doesn't get installed on recent 6-STABLE.
Therefore there is no way to get an IPv6 packet to the other end of
the tunnel because there's no route for the destination.  The most
obvious symptom is that I try to ping the other tunnel endpoint and
get:

ping6: UDP connect: No route to host

I know this worked on RELENG_6 as of June 2006; my home firewall has
been running this code for months without a hitch.  It doesn't work in
6.2-RC2 or 6.2-RELEASE (fresh CD installs on i386, GENERIC kernels),
or this week's RELENG_6 (nanobsd on i386).

I somewhat suspect revs. 1.48.2.15 and 1.48.2.14 to
src/sys/netinet/nd6.c.  If I locally revert these two changes (see
diff below), IPv6 over gif(4) works again.

There's another workaround for people stuck in this situation and who
aren't in a position to try this diff.  That is to manually install
the host route like this:

# route add -host -inet6 aaaa:bbbb:cccc:dddd::2 -interface gif0 -nostatic -llinfo

Comments?

Bruce.

Index: nd6.c
===================================================================
RCS file: /home/ncvs/src/sys/netinet6/nd6.c,v
retrieving revision 1.48.2.16
diff -u -r1.48.2.16 nd6.c
--- nd6.c	29 Nov 2006 14:00:29 -0000	1.48.2.16
+++ nd6.c	20 Jan 2007 16:15:28 -0000
@@ -1316,7 +1316,7 @@
 		callout_init(&ln->ln_timer_ch, 0);
 
 		/* this is required for "ndp" command. - shin */
-		if (req == RTM_ADD && (rt->rt_flags & RTF_STATIC)) {
+		if (req == RTM_ADD) {
 		        /*
 			 * gate should have some valid AF_LINK entry,
 			 * and ln->ln_expire should have some lifetime
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20070120/82ad3967/attachment.pgp

More information about the freebsd-stable mailing list