kern/139145: IPv6 blackhole / reject routes broken
Sten Spans
sten at blinkenlights.nl
Fri Sep 25 22:50:03 UTC 2009
>Number: 139145
>Category: kern
>Synopsis: IPv6 blackhole / reject routes broken
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Fri Sep 25 22:50:01 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator: Sten Spans
>Release: FreeBSD 8.0-RC1 amd64
>Organization:
>Environment:
System: FreeBSD towel.blinkenlights.nl 8.0-RC1 FreeBSD 8.0-RC1 #0: Thu Sep 17 18:50:57 UTC 2009 root at mason.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64
>Description:
IPv6 blackhole/reject routes don't work as expected/documented.
>How-To-Repeat:
route an IPv6 netblock to a host, enable forwarding,
add a blackhole route with iface lo0, observe the icmp6 replies.
towel# sysctl -w net.inet6.ip6.forwarding=1
net.inet6.ip6.forwarding: 0 -> 1
towel# route add -inet6 -net 2a02:898:17::/48 -iface lo0 -blackhole
add net 2a02:898:17::/48: gateway lo0
sten at bastard:~$ traceroute6 2a02:898:17:1234::
traceroute to 2a02:898:17:1234:: (2a02:898:17:1234::) from 2001:7b8e00:4, 30 hops max, 24 byte packets
1 gw.nkenlights.nl (2001:7b8:666:ffff::1) 0.274 ms 0.203 ms 0.145 ms
2 hobby.etwork.bit.nl (2001:7b8:3:47::2) 0.451 ms 0.384 ms 0.308 ms
5 dcg-1-.clue.net (2a02:898:8283:2::1) 6.142 ms 5.516 ms 5.512 ms
6 eddie.blinkenlights.nl (2a02:898::74:2) 3.474 ms 3.458 ms 2.968 ms
7 2a02:898:17:ffff::2 (2a02:898:17:ffff::2) 2.862 ms 3.012 ms 3.293 ms
8 2a02:898:17:ffff::2 (2a02:898:17:ffff::2) 3.205 ms 4.055 ms 2.965 ms
9 2a02:898:17:ffff::2 (2a02:898:17:ffff::2) 3.256 ms 3.95 ms 3.9 ms
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list