Re: NPTv6: prefix doesn't change in IPFW when prefix changes on dynamic interface

Reply: FreeBSD User : "Re: NPTv6: prefix doesn't change in IPFW when prefix changes on dynamic interface"
In reply to: FreeBSD User : "NPTv6: prefix doesn't change in IPFW when prefix changes on dynamic interface"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Andrey V. Elsukov <bu7cher_at_yandex.ru>
Date: Fri, 25 Nov 2022 07:40:31 UTC

24.11.2022 18:27, FreeBSD User пишет:
> Hello,
> 
> running a small routing/firewall applicance based on 13-STABLE and IPFW, I face a problem with
> NPTv6. The external IPv6 is changing dynamically. While ipfw in-kernel NAT catch up with
> dynamical changes of the IPv4, NPTv6 doesn't seem so.
> 
> I'm neither an expert in networking nor IPFW.
> 
> After a couple of days tun0 (the exterior PPP interface, uplink connection managed via mpd5)
> has a lot of IPV6 addresses, all but one are marked "deprecated".

> In case nor mpd5 is restarted or the exterior interface is assigned with several IPv6
> addresses of which all but one are marked deprecated, pinging the outside world via IPv6 will
> take the wrong IPv6 - IPFW doesn't seem to catch up with the changes.
> 
> How to fix this?

Hi,

probably the easiest way to solve your problem is periodically running 
some script that will find and delete deprecated addresses from an 
interface.

Then NPTv6 module will use first global prefix on the interface.

-- 
WBR, Andrey V. Elsukov