[Bug 233283] IPv6 routing problem when using FreeBSD as a VPS at a cloud provider
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Sun Nov 18 00:20:31 UTC 2018
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=233283
Bug ID: 233283
Summary: IPv6 routing problem when using FreeBSD as a VPS at a
cloud provider
Product: Base System
Version: 11.2-STABLE
Hardware: amd64
OS: Any
Status: New
Severity: Affects Many People
Priority: ---
Component: kern
Assignee: bugs at FreeBSD.org
Reporter: peo_s at incedo.org
Hi
I have recently seen a rising problem when I replaced a Linux server with
FreeBSD. This is because it is used as a VPS at the cloud provider RamNode.
They (i.e RamNode) have provided an IPv6 gateway that is outside my allotted
/64 block. They have a /48 at each DC. And the IPv6 gw is outside my /64. So
FreeBSD requires me to increase the net mask from /64 to /48 for internet
access to work. They also state this here...
https://clientarea.ramnode.com/knowledgebase.php?action=displayarticle&id=44
This means I have a problem to communicate with a set of servers over IPv6
related to the mask we have specified. I unfortunately now have a sever that I
can use IPv4 only to because of this.
Linux and windows obviously accept having gateways outside its network scope.
Why, I do not know... I of course think this is wrong. OpenBSD and FreeBSD
don’t accept this handling of gateways outside the net mask scope… If it is RFC
compliant or not, I do not know. I have not checked…. And I think FreeBSD is
actually behaving right.
I logged a case at RamNode...
The problem is that RamNode states that most cloud providers behaves in the
same way. So now it just became a problem if we want to use FreeBSD at the
cloud providers with IPv6.
RamNode stated:
—snip—
This kind of setup does appear to be odd but if you search you will see there
are a number of large providers that take the same approach. Users on these
other providers also experience issues with the gateway being outside of the
subnet on BSD. Unfortunately I do not have specific knowledge as to why our
configuration is this way but it does appear to be common.
—snip—
So… I am working primarily with security. As I do not see any immediate
security issue doing this, is it possible to add an rc.conf flag to accept
gateways outside the net-mask scope? Otherwise, FreeBSD is not the horse to bet
on for the future as VPS:es on the internet.
/Peo
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list