|
Options with a subnet but no router
![[nl]](/s/countries/nl.gif) Shadow Hawkins on Monday, 06 April 2009 00:59:47
Hi all,
What options do I have when I got a FreeBSD-host connected to the PoP with AICCU, but it only has one physical interface active (fxp0 - no IPv6 address yet) and the IPv6-tunnel is on tun0? Is rtadvd an option (don't think so, but if yes: on what interface?) if the BSD-machine is not a router but an endpoint (host)?
I was granted a subnet and now I want to assign IPv6-addresses to Win/Linux/MacOSX-hosts, if possible automagic. Can this be done and if yes can somebody show me the way? TIA!
Options with a subnet but no router
![[us]](/s/countries/us.gif) Shadow Hawkins on Monday, 06 April 2009 13:20:52
rtadvd would be your answer, I don't have access to my config files just now, but I can post them when I get home from work (in about eight hours), but you would use the same interface you're using for v4. So if fxp0 is your physical interface then that's what you would use in your rtadavd config.
Options with a subnet but no router
Shadow Hawkins on Monday, 06 April 2009 20:21:56
Looking forward to your configuration, Jody!
Esp. IPv6 related stuff in /etc/rc.conf (censored if needed ;-).
In the meantime I'll try to find out what IPv6-address has to be set on my fxp0: must be one from the subnet-range, right?
Options with a subnet but no router
![[cz]](/s/countries/cz.gif) Shadow Hawkins on Monday, 06 April 2009 21:56:26
Right, on your fxp0 must be an IP address from your subnet.
Options with a subnet but no router
Shadow Hawkins on Tuesday, 07 April 2009 05:06:01
My rtadvd.conf file, be sure to replace the address with the prefix for your subnet. Also replace dc1 with the interface you're using.
dc1:\
:addr"2001:1938:107::"prefixlen#64:
These are the relevant lines from my rc.conf file.
router_enable="YES"
gateway_enable="YES"
# Added for IPv6 Host/Router
ipv6_enable="YES"
ipv6_network_interfaces="dc1"
ipv6_gateway_enable="YES"
# Address generated by MAC to EUI-64 converstion (hope I did it right)
ipv6_ifconfig_dc1="2001:1938:107:0000:0220:78ff:fe10:2837"
ipv6_prefix_dc1="2001:1938:107"
rtadvd_enable="YES"
rtadvd_interfaces="dc1"
sixxs_aiccu_enable="YES"
Again, replace the address information, and interface names with yours. The IPv6 address that I assigned my interface is the one that would have been auto assigned to it if it were getting an address with auto assignment. You can assign it as anything you want, just make sure it's in your subnet, and won't conflict with anything else that will be on your network.
If you have any trouble with it, be sure to post any error messages and the exact issue that you're having.
Options with a subnet but no router
Shadow Hawkins on Tuesday, 07 April 2009 20:56:20
Thanks, Jody!
This is what I get / have so far:
Subnet prefix: 2001:1af8:fe2d::/48
Tunnel endpoint: 2001:1af8:fe00:e7::2
My /etc/rc.conf is almost identical as yours. Not the "normal" router- and gateway-settings, only ipv6_gateway.
ifconfig tun0:
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1280
inet6 fe80::18f8:fe00:e7:2%tun0 prefixlen 64 scopeid 0x6
inet6 2001:1af8:fe00:e7::2 --> 2001:1af8:fe00:e7::1 prefixlen 128
Opened by PID 72614
ifconfig fxp0:
fxp0: flags=9843<UP,BROADCAST,RUNNING,SIMPLEX,LINK0,MULTICAST> mtu 1500
options=8<VLAN_MTU>
inet 192.168.1.99 netmask 0xffffff00 broadcast 192.168.1.255
inet6 2001:1af8:fe2d:: prefixlen 64 anycast
inet6 2001:1af8:fe2d:ff:fe:c8:2:36 prefixlen 64
inet6 2001:1af8:fe2d:0:220:87ff:fec8:236 prefixlen 64
ether 00:00:0e:c8:02:36
media: Ethernet 100baseTX <full-duplex>
status: active
/etc/rtadvd.conf:
fxp0:\
:addr="2001:1af8:fe2d::":prefixlen#64:
rtadvd is running on the FreeBSD-node, but is it possible to let it hand out IPv6-addresses to e.g. Mac OS X this way? I can't get is to enable / fetch IPv6:
sudo ip6 -u en1 ip6: Error -1 encountered attaching interface en1.
sudo rtsol -D en1 checking if en1 is ready...
en1 is ready
set timer for en1 to 0:43117
shutdown: Socket is not connected
rtsol: failed to setup for probing routers
Options with a subnet but no router
Shadow Hawkins on Tuesday, 07 April 2009 05:18:00
Come to think of it the first two lines from rc.conf
router_enable="YES"
gateway_enable="YES"
probably aren't needed. I think I put those in for mpd5 (PPTP daemon for my VPN) so you likely won't need those, but I don't recall for certain, so might want to try it without those first.
p.s. we really need a post editing system.
Options with a subnet but no router
Shadow Hawkins on Wednesday, 08 April 2009 21:16:33
FYI On Mac OS X I see these errors in /var/log/system.log:
pr 8 21:10:16 MacBookPro configd[15]: RTADV_VERIFY_PACKET: invalid RA with non link-local source from 2001:1af8:fe2d::220:87ff:fec8:236 on en1
Apr 8 21:10:19 MacBookPro configd[15]: RTADV_VERIFY_PACKET: invalid RA with non link-local source from 2001:1af8:fe2d::220:87ff:fec8:236 on en1
Apr 8 21:10:29 MacBookPro configd[15]: RTADV_VERIFY_PACKET: invalid RA with non link-local source from 2001:1af8:fe2d::220:87ff:fec8:236 on en1
Apr 8 21:11:03 MacBookPro configd[15]: RTADV_VERIFY_PACKET: invalid RA with non link-local source from 2001:1af8:fe2d::220:87ff:fec8:236 on en1
Googling for "invalid RA with non link-local source" gives some results but no hints on what is going on...
I've opened up the ip6fw-rules on FreeBSD, on the Mac there are none.
Options with a subnet but no router
Shadow Hawkins on Thursday, 09 April 2009 17:37:36
The problem is, as the error message says, the assignment is coming from a non link-local address. ie: not from an address that starts with fe80: . Many things require that address, and per your ifconfig output your interface doesn't have one.
fxp0: flags=9843<UP,BROADCAST,RUNNING,SIMPLEX,LINK0,MULTICAST> mtu 1500
options=8<VLAN_MTU>
inet 192.168.1.99 netmask 0xffffff00 broadcast 192.168.1.255inet6 2001:1af8:fe2d:: prefixlen 64 anycast inet6 2001:1af8:fe2d:ff:fe:c8:2:36 prefixlen 64 inet6 2001:1af8:fe2d:0:220:87ff:fec8:236 prefixlen 64 ether 00:00:0e:c8:02:36
media: Ethernet 100baseTX <full-duplex>
status: active
I'm not sure why you don't have one, or honestly how to get it there as it should happen automaticly if IPv6 is enabled, which it obviously is as everything else seems to be working.
Please post the contect of your rc.conf and only leave out things you feel are a security issue, if you leave out anything. Also post the output of the following command.
sysctl -a | grep ip6
Most important are the value of forwarding and accept_rtadv
I'll do some digging and see what might cause you to not get a link-local address while I await your responce.
Options with a subnet but no router
Shadow Hawkins on Friday, 10 April 2009 11:00:35
Thanks. I must have deleted the link-local along the way...
I'll try to [gs]et it back or reboot the node.
In the meantime, here are my configuration-settings.
/etc/rc.conf with IPv6-related settings:
ipv6_enable="YES"
ipv6_network_interfaces="fxp0"
#
ipv6_gateway_enable="YES"
rtadvd_enable="YES"
rtadvd_interfaces="fxp0"
ipv6_ifconfig_fxp0="2001:1af8:fe2d:000:0220:87ff:fec8:0236"
ipv6_prefix_fxp0="2001:1af8:fe2d"
#
# IPv6 tunnel SixXS
ipv6_firewall_enable="YES"
ipv6_ifconfig_tun0="2001:1af8:fe00:e7::2"
ipv6_defaultrouter="2001:1af8:fe00:e7::1"
sixxs_aiccu_enable="YES"
/etc/rtadvd.conf:
fxp0:\
:addr="2001:1af8:fe2d::":prefixlen#64:tc=ether:
systcl -a | grep ip6:
net.inet6.ip6.forwarding: 1
net.inet6.ip6.redirect: 1
net.inet6.ip6.hlim: 64
net.inet6.ip6.maxfragpackets: 8192
net.inet6.ip6.accept_rtadv: 0
net.inet6.ip6.keepfaith: 0
net.inet6.ip6.log_interval: 5
net.inet6.ip6.hdrnestlimit: 15
net.inet6.ip6.dad_count: 1
net.inet6.ip6.auto_flowlabel: 1
net.inet6.ip6.defmcasthlim: 1
net.inet6.ip6.gifhlim: 30
net.inet6.ip6.kame_version: FreeBSD
net.inet6.ip6.use_deprecated: 1
net.inet6.ip6.rr_prune: 5
net.inet6.ip6.v6only: 1
net.inet6.ip6.rtexpire: 3600
net.inet6.ip6.rtminexpire: 10
net.inet6.ip6.rtmaxcache: 128
net.inet6.ip6.use_tempaddr: 0
net.inet6.ip6.temppltime: 86400
net.inet6.ip6.tempvltime: 604800
net.inet6.ip6.auto_linklocal: 0
net.inet6.ip6.prefer_tempaddr: 0
net.inet6.ip6.use_defaultzone: 0
net.inet6.ip6.maxfrags: 8192
net.inet6.ip6.mcast_pmtu: 0
net.inet6.ip6.rthdr0_allowed: 0
net.inet6.ip6.fw.deny_unknown_exthdrs: 1
net.inet6.ip6.fw.enable: 1
net.inet6.ip6.fw.debug: 1
net.inet6.ip6.fw.verbose: 2
net.inet6.ip6.fw.verbose_limit: 0
Options with a subnet but no router
Shadow Hawkins on Friday, 10 April 2009 12:07:42
Allright, case closed (more or less).
Rebooting the FreeBSD-host returned the fe80 / link-local and my Mac is receiving an IPv6-address automatically! :-)
New problems arise however (slow connects to www.sixxs.net; only able to ping, not connect through http over IPv6, etc.). I'll dive into the firewall (ip6fw) now and maybe post a new thread / check the forum.
Options with a subnet but no router
Shadow Hawkins on Saturday, 11 April 2009 01:37:35
Glad it was that easy to get the link-local back, will have to note that should I ever have that issue come up.
Definitely would want to start a new thread for that issue, if it doesn't turn out to be the firewall.
I am curious, though, you're assigning your tun0 address and default router in your rc.conf, but you're also using aiccu. Those are things that aiccu will do when you connect, so is there some special reason you're doing it in the rc.conf too? Or are those just left over from 'trial and error' to get things working?
Options with a subnet but no router
Shadow Hawkins on Saturday, 11 April 2009 22:09:25Or are those just left over from 'trial and error' to get things working?
Exactly. Thanks for mentioning! I'll get rid of them / comment 'em out.
IPv6 fully functional now though I'll have to tweak my ipfw- / ip6fw-rules.
One "funny" thing I noticed: when connecting to IPv6 NNTP-servers opening up > 12 connections, the tunnel goes down after some minutes. No big issue though.
|
Posting is only allowed when you are