RE: 8.0-BETA1 - for the record - different paths followed by IPv4 and IPv6 for 'local' connections

From: Li, Qing <qing.li_at_bluecoat.com>
Date: Wed, 22 Jul 2009 18:02:20 -0700
> >
> Just another case where the route must be created:
> 

That's probably because I explicitly disabled such
route installation for PPP link type.

Please apply patch http://people.freebsd.org/~qingli/patch and
let me know if that solves your problem.

Thanks,

-- Qing



> [root_at_avoriaz ~]# ifconfig gif0
> gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1280
> 	tunnel inet 212.239.166.57 --> 94.23.44.41
> 	inet6 fe80::21d:60ff:fead:2ace%gif0 prefixlen 64 scopeid 0x4
> 	inet6 2001:41d0:2:2d29:1:ffff:: --> 2001:41d0:2:2d29:0:ffff::
> prefixlen
> 128
> 	options=1<ACCEPT_REV_ETHIP_VER>
> 
> [root_at_avoriaz ~]# ping6 2001:41d0:2:2d29:1:ffff::
> PING6(56=40+8+8 bytes) 2001:41d0:2:2d29:1:ffff:: -->
> 2001:41d0:2:2d29:1:ffff::
> ^C
> --- 2001:41d0:2:2d29:1:ffff:: ping6 statistics ---
> 4 packets transmitted, 0 packets received, 100.0% packet loss
> 
> [root_at_avoriaz ~]# route add -inet6 2001:41d0:2:2d29:1:ffff::
-interface
> lo0
> add host 2001:41d0:2:2d29:1:ffff::: gateway lo0
> 
> [root_at_avoriaz ~]# ping6 2001:41d0:2:2d29:1:ffff::
> PING6(56=40+8+8 bytes) 2001:41d0:2:2d29:1:ffff:: -->
> 2001:41d0:2:2d29:1:ffff::
> 16 bytes from ::1, icmp_seq=0 hlim=64 time=0.531 ms
> 16 bytes from ::1, icmp_seq=1 hlim=64 time=0.884 ms
> 16 bytes from ::1, icmp_seq=2 hlim=64 time=0.748 ms
> ^C
> --- 2001:41d0:2:2d29:1:ffff:: ping6 statistics ---
> 3 packets transmitted, 3 packets received, 0.0% packet loss
> round-trip min/avg/max/std-dev = 0.531/0.721/0.884/0.145 ms
> 
> Thanks
> 
> Henri
> >
> > -----Original Message-----
> > From: Henri Hennebert [mailto:hlh_at_restart.be]
> > Sent: Sat 7/11/2009 3:09 AM
> > To: Li, Qing
> > Cc: freebsd-stable_at_freebsd.org; freebsd-net_at_freebsd.org
> > Subject: Re: 8.0-BETA1 - for the record - different paths followed
by
> IPv4 and IPv6 for 'local' connections
> >
> > Li, Qing wrote:
> >> Hi,
> >>
> >> Please try patch-7-10 in my home directory
> http://people.freebsd.org/~qingli/
> >> and let me know how it works out for you. I thought I had committed
> the patch
> >> but turned out I didn't.
> >
> > I apply the patch, reset my pf.conf to its previous content and all
> is
> > running smoothly. By the way, I discover after my post that my
> > "solution" was not working for long (many bytes) connections and
this
> is
> > solved too.
> >
> > Many thank for your time
> >
> > Henri
> >
> > PS please commit as soon as possible
> >
> >>> On 8.0-BETA1 there is an assymetry:
> >>>
> >>> netstat -rn display
> >>>
> >>> 192.168.24.1       link#3
> >>> ....
> >>> no entry for 2001:41d0:2:2d29:1:1::
> >>>
> >> This is by design as part of the new architecture in 8.0, which
> maintains
> >> the L2 ARP/ND6 and L3 routing tables separately.
> >>
> >> -- Qing
> >>
> >>
> >>
> >> -----Original Message-----
> >> From: owner-freebsd-stable_at_freebsd.org on behalf of Henri Hennebert
> >> Sent: Fri 7/10/2009 5:32 AM
> >> To: freebsd-stable_at_freebsd.org; freebsd-st_at_freebsd.org
> >> Subject: 8.0-BETA1 - for the record - different paths followed by
> IPv4 and IPv6 for 'local' connections
> >>
> >> Hello,
> >>
> >> After upgrading from 7.2-STABLE to 8.0-BETA1 I encounter a problem
> when
> >> connecting with firefox to a local apache server using the global
> >> unicast IPv6 address of the local machine. pf.conf must be updated!
> >>
> >> My configuration:
> >>
> >> [root_at_avoriaz ~]# ifconfig em0
> >>
> >> em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0
mtu
> 1500
> >>
>
options=19b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO
> 4>
> >> 	ether 00:1d:60:ad:2a:ce
> >> 	inet 192.168.24.1 netmask 0xffffff00 broadcast 192.168.24.255
> >> 	inet6 fe80::21d:60ff:fead:2ace%em0 prefixlen 64 scopeid 0x1
> >> 	inet6 2001:41d0:2:2d29:1:1:: prefixlen 80
> >> 	media: Ethernet 100baseTX (100baseTX <half-duplex>)
> >> 	status: active
> >>
> >> [root_at_avoriaz ~]# host www.restart.bel
> >> www.restart.bel is an alias for avoriaz.restart.bel.
> >> avoriaz.restart.bel has address 192.168.24.1
> >> avoriaz.restart.bel has IPv6 address 2001:41d0:2:2d29:1:1::
> >>
> >> pf.conf:
> >>
> >> int_if="em0"
> >> block in  log all
> >> block out log all
> >> set skip on lo0
> >> antispoof quick for $int_if inet
> >> # Allow trafic with physical internal network
> >> pass in quick on $int_if from ($int_if:network) to ($int_if) keep
> state
> >> pass out quick on $int_if from ($int_if) to ($int_if:network) keep
> state
> >>
> >> The problem:
> >>
> >> [root_at_avoriaz ~]# telnet -4 www.restart.bel 80
> >> Trying 192.168.24.1...
> >> Connected to avoriaz.restart.bel.
> >> Escape character is '^]'.
> >> ^]
> >> telnet> quit
> >> Connection closed.
> >> [root_at_avoriaz ~]# telnet -6 www.restart.bel 80
> >> Trying 2001:41d0:2:2d29:1:1::...
> >> --->Never connect and get a timeout!
> >>
> >> tcpdump and logging in pf show me that
> >>
> >> For a IPv4 connection:
> >> the packet from telnet to apache pass 2 times on lo0 (out and in)
> >> the answer packet from apache to telnet pass 2 times on lo0 (out
and
> in)
> >>
> >> So no problem, there is `set skip on lo0'
> >>
> >> For a IPv6 connection:
> >> The first packet from telnet to apache pass 2 times on lo0 (out and
> in)
> >> The answer packet from apache to telnet path on em0  and is
rejected
> >> due to the default flags S/SA.
> >>
> >> So I have to change pf.conf and replace the last line:
> >> pass out quick on $int_if from ($int_if) to ($int_if:network) \
> >> keep state flags any
> >>
> >> Then all is OK
> >>
> >> By the way, on 7.2
> >>
> >> netstat -rn display
> >>
> >> 192.168.24.1        00:1d:60:ad:2a:ce
> >> ....
> >> 2001:41d0:2:2d29:1:1::            00:1d:60:ad:2a:ce
> >>
> >>
> >> On 8.0-BETA1 there is an assymetry:
> >>
> >> netstat -rn display
> >>
> >> 192.168.24.1       link#3
> >> ....
> >> no entry for 2001:41d0:2:2d29:1:1::
> >>
> >> Hope it may help someone
> >>
> >> Henri
> >>
> >> _______________________________________________
> >> freebsd-stable_at_freebsd.org mailing list
> >> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> >> To unsubscribe, send any mail to "freebsd-stable-
> unsubscribe_at_freebsd.org"
> >>
> >
> >
> > _______________________________________________
> > freebsd-stable_at_freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> > To unsubscribe, send any mail to "freebsd-stable-
> unsubscribe_at_freebsd.org"
Received on Wed Jul 22 2009 - 23:03:18 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:52 UTC