[SOLVED] 8.0-BETA1 - for the record - different paths followed by IPv4 and IPv6 for 'local' connections

From: Henri Hennebert <hlh_at_restart.be>
Date: Thu, 23 Jul 2009 12:01:11 +0200
Li, Qing wrote:
>> Just another case where the route must be created:
>>
> 
> That's probably because I explicitly disabled such
> route installation for PPP link type.
> 
> Please apply patch http://people.freebsd.org/~qingli/patch and
> let me know if that solves your problem.

The problem is solved.

Thanks a lot.

Henri

PS. the ipv4 ping was working fine before (and after) your patch, so
I don't see why you have to patch in.c
> 
> Thanks,
> 
> -- Qing
> 
> 
> 
>> [root_at_avoriaz ~]# ifconfig gif0
>> gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1280
>> 	tunnel inet 212.239.166.57 --> 94.23.44.41
>> 	inet6 fe80::21d:60ff:fead:2ace%gif0 prefixlen 64 scopeid 0x4
>> 	inet6 2001:41d0:2:2d29:1:ffff:: --> 2001:41d0:2:2d29:0:ffff::
>> prefixlen
>> 128
>> 	options=1<ACCEPT_REV_ETHIP_VER>
>>
>> [root_at_avoriaz ~]# ping6 2001:41d0:2:2d29:1:ffff::
>> PING6(56=40+8+8 bytes) 2001:41d0:2:2d29:1:ffff:: -->
>> 2001:41d0:2:2d29:1:ffff::
>> ^C
>> --- 2001:41d0:2:2d29:1:ffff:: ping6 statistics ---
>> 4 packets transmitted, 0 packets received, 100.0% packet loss
>>
>> [root_at_avoriaz ~]# route add -inet6 2001:41d0:2:2d29:1:ffff::
> -interface
>> lo0
>> add host 2001:41d0:2:2d29:1:ffff::: gateway lo0
>>
>> [root_at_avoriaz ~]# ping6 2001:41d0:2:2d29:1:ffff::
>> PING6(56=40+8+8 bytes) 2001:41d0:2:2d29:1:ffff:: -->
>> 2001:41d0:2:2d29:1:ffff::
>> 16 bytes from ::1, icmp_seq=0 hlim=64 time=0.531 ms
>> 16 bytes from ::1, icmp_seq=1 hlim=64 time=0.884 ms
>> 16 bytes from ::1, icmp_seq=2 hlim=64 time=0.748 ms
>> ^C
>> --- 2001:41d0:2:2d29:1:ffff:: ping6 statistics ---
>> 3 packets transmitted, 3 packets received, 0.0% packet loss
>> round-trip min/avg/max/std-dev = 0.531/0.721/0.884/0.145 ms
>>
>> Thanks
>>
>> Henri
>>> -----Original Message-----
>>> From: Henri Hennebert [mailto:hlh_at_restart.be]
>>> Sent: Sat 7/11/2009 3:09 AM
>>> To: Li, Qing
>>> Cc: freebsd-stable_at_freebsd.org; freebsd-net_at_freebsd.org
>>> Subject: Re: 8.0-BETA1 - for the record - different paths followed
> by
>> IPv4 and IPv6 for 'local' connections
>>> Li, Qing wrote:
>>>> Hi,
>>>>
>>>> Please try patch-7-10 in my home directory
>> http://people.freebsd.org/~qingli/
>>>> and let me know how it works out for you. I thought I had committed
>> the patch
>>>> but turned out I didn't.
>>> I apply the patch, reset my pf.conf to its previous content and all
>> is
>>> running smoothly. By the way, I discover after my post that my
>>> "solution" was not working for long (many bytes) connections and
> this
>> is
>>> solved too.
>>>
>>> Many thank for your time
>>>
>>> Henri
>>>
>>> PS please commit as soon as possible
>>>
>>>>> On 8.0-BETA1 there is an assymetry:
>>>>>
>>>>> netstat -rn display
>>>>>
>>>>> 192.168.24.1       link#3
>>>>> ....
>>>>> no entry for 2001:41d0:2:2d29:1:1::
>>>>>
>>>> This is by design as part of the new architecture in 8.0, which
>> maintains
>>>> the L2 ARP/ND6 and L3 routing tables separately.
>>>>
>>>> -- Qing
>>>>
>>>>
>>>>
>>>> -----Original Message-----
>>>> From: owner-freebsd-stable_at_freebsd.org on behalf of Henri Hennebert
>>>> Sent: Fri 7/10/2009 5:32 AM
>>>> To: freebsd-stable_at_freebsd.org; freebsd-st_at_freebsd.org
>>>> Subject: 8.0-BETA1 - for the record - different paths followed by
>> IPv4 and IPv6 for 'local' connections
>>>> Hello,
>>>>
>>>> After upgrading from 7.2-STABLE to 8.0-BETA1 I encounter a problem
>> when
>>>> connecting with firefox to a local apache server using the global
>>>> unicast IPv6 address of the local machine. pf.conf must be updated!
>>>>
>>>> My configuration:
>>>>
>>>> [root_at_avoriaz ~]# ifconfig em0
>>>>
>>>> em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0
> mtu
>> 1500
> options=19b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO
>> 4>
>>>> 	ether 00:1d:60:ad:2a:ce
>>>> 	inet 192.168.24.1 netmask 0xffffff00 broadcast 192.168.24.255
>>>> 	inet6 fe80::21d:60ff:fead:2ace%em0 prefixlen 64 scopeid 0x1
>>>> 	inet6 2001:41d0:2:2d29:1:1:: prefixlen 80
>>>> 	media: Ethernet 100baseTX (100baseTX <half-duplex>)
>>>> 	status: active
>>>>
>>>> [root_at_avoriaz ~]# host www.restart.bel
>>>> www.restart.bel is an alias for avoriaz.restart.bel.
>>>> avoriaz.restart.bel has address 192.168.24.1
>>>> avoriaz.restart.bel has IPv6 address 2001:41d0:2:2d29:1:1::
>>>>
>>>> pf.conf:
>>>>
>>>> int_if="em0"
>>>> block in  log all
>>>> block out log all
>>>> set skip on lo0
>>>> antispoof quick for $int_if inet
>>>> # Allow trafic with physical internal network
>>>> pass in quick on $int_if from ($int_if:network) to ($int_if) keep
>> state
>>>> pass out quick on $int_if from ($int_if) to ($int_if:network) keep
>> state
>>>> The problem:
>>>>
>>>> [root_at_avoriaz ~]# telnet -4 www.restart.bel 80
>>>> Trying 192.168.24.1...
>>>> Connected to avoriaz.restart.bel.
>>>> Escape character is '^]'.
>>>> ^]
>>>> telnet> quit
>>>> Connection closed.
>>>> [root_at_avoriaz ~]# telnet -6 www.restart.bel 80
>>>> Trying 2001:41d0:2:2d29:1:1::...
>>>> --->Never connect and get a timeout!
>>>>
>>>> tcpdump and logging in pf show me that
>>>>
>>>> For a IPv4 connection:
>>>> the packet from telnet to apache pass 2 times on lo0 (out and in)
>>>> the answer packet from apache to telnet pass 2 times on lo0 (out
> and
>> in)
>>>> So no problem, there is `set skip on lo0'
>>>>
>>>> For a IPv6 connection:
>>>> The first packet from telnet to apache pass 2 times on lo0 (out and
>> in)
>>>> The answer packet from apache to telnet path on em0  and is
> rejected
>>>> due to the default flags S/SA.
>>>>
>>>> So I have to change pf.conf and replace the last line:
>>>> pass out quick on $int_if from ($int_if) to ($int_if:network) \
>>>> keep state flags any
>>>>
>>>> Then all is OK
>>>>
>>>> By the way, on 7.2
>>>>
>>>> netstat -rn display
>>>>
>>>> 192.168.24.1        00:1d:60:ad:2a:ce
>>>> ....
>>>> 2001:41d0:2:2d29:1:1::            00:1d:60:ad:2a:ce
>>>>
>>>>
>>>> On 8.0-BETA1 there is an assymetry:
>>>>
>>>> netstat -rn display
>>>>
>>>> 192.168.24.1       link#3
>>>> ....
>>>> no entry for 2001:41d0:2:2d29:1:1::
>>>>
>>>> Hope it may help someone
>>>>
>>>> Henri
>>>>
>>>> _______________________________________________
>>>> freebsd-stable_at_freebsd.org mailing list
>>>> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
>>>> To unsubscribe, send any mail to "freebsd-stable-
>> unsubscribe_at_freebsd.org"
>>>
>>> _______________________________________________
>>> freebsd-stable_at_freebsd.org mailing list
>>> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
>>> To unsubscribe, send any mail to "freebsd-stable-
>> unsubscribe_at_freebsd.org"
>
Received on Thu Jul 23 2009 - 08:01:16 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:52 UTC