IPv6 over gif(4) broken in 6.2-RELEASE?
Hiroki Sato
hrs at FreeBSD.org
Sat Jan 20 17:45:09 UTC 2007
"Bruce A. Mah" <bmah at freebsd.org> wrote
in <20070120162936.GA18104 at tomcat.kitchenlab.org>:
bm> I'm observing a problem with IPv6 over gif(4) tunnels on 6.2-RELEASE
bm> and recent 6-STABLE, namely that I can't seem to be able to pass
bm> traffic over them.
bm>
bm> Essentially, when I configure a gif interface like this:
bm>
bm> # ifconfig gif0 inet6 aaaa:bbbb:cccc:dddd::1 aaaa:bbbb:cccc:dddd::2 prefixlen 128
bm>
bm> the interface should add a host route to aaaa:bbbb:cccc:dddd::2
bm> through gif0. This is necessary to be able to pass traffic over the
bm> tunnel, particularly since the source and destination addresses of the
bm> link don't need to have any relationship to each other.
bm>
bm> However, this route doesn't get installed on recent 6-STABLE.
bm> Therefore there is no way to get an IPv6 packet to the other end of
bm> the tunnel because there's no route for the destination. The most
bm> obvious symptom is that I try to ping the other tunnel endpoint and
bm> get:
bm>
bm> ping6: UDP connect: No route to host
bm>
bm> I know this worked on RELENG_6 as of June 2006; my home firewall has
bm> been running this code for months without a hitch. It doesn't work in
bm> 6.2-RC2 or 6.2-RELEASE (fresh CD installs on i386, GENERIC kernels),
bm> or this week's RELENG_6 (nanobsd on i386).
bm>
bm> I somewhat suspect revs. 1.48.2.15 and 1.48.2.14 to
bm> src/sys/netinet/nd6.c. If I locally revert these two changes (see
bm> diff below), IPv6 over gif(4) works again.
bm>
bm> There's another workaround for people stuck in this situation and who
bm> aren't in a position to try this diff. That is to manually install
bm> the host route like this:
bm>
bm> # route add -host -inet6 aaaa:bbbb:cccc:dddd::2 -interface gif0 -nostatic -llinfo
bm>
bm> Comments?
I remember Dimitry Andric reported the same problem on -stable on 30
Dec, and after he reverted rev.1.48.2.16 it worked fine again. Do
you have the symptom even on 6.2-RELEASE? Since RELENG_6_2_0_RELEASE
did not have the change, I thought there was no problem.
I will try to reproduce it on my box anyway...
--
| Hiroki SATO
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-net/attachments/20070120/57cccd3f/attachment.pgp
More information about the freebsd-net
mailing list