From owner-freebsd-net@FreeBSD.ORG  Thu Jul 23 10:01:16 2009
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id EDF41106566B;
	Thu, 23 Jul 2009 10:01:16 +0000 (UTC) (envelope-from hlh@restart.be)
Received: from tignes.restart.be (tignes.restart.be
	[IPv6:2001:41d0:2:2d29:0:1::])
	by mx1.freebsd.org (Postfix) with ESMTP id 74D2E8FC13;
	Thu, 23 Jul 2009 10:01:16 +0000 (UTC) (envelope-from hlh@restart.be)
Received: from restart.be (avoriaz.tunnel.bel [IPv6:2001:41d0:2:2d29:1:ffff::])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(Client CN "avoriaz.restart.be", Issuer "CA master" (verified OK))
	by tignes.restart.be (Postfix) with ESMTPS id A12E965A6;
	Thu, 23 Jul 2009 12:01:15 +0200 (CEST)
Received: from morzine.restart.bel (morzine.restart.be
	[IPv6:2001:41d0:2:2d29:1:2::]) (authenticated bits=0)
	by restart.be (8.14.3/8.14.3) with ESMTP id n6NA1BgY031894;
	Thu, 23 Jul 2009 12:01:12 +0200 (CEST) (envelope-from hlh@restart.be)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=restart.be;
	s=avoriaz; t=1248343275;
	bh=Gg/FZaDVotr6VdFb+7Y22mkZx8XtuyNR5dTHyHRSmU4=;
	h=Message-ID:Date:From:MIME-Version:To:CC:Subject:References:
	In-Reply-To:Content-Type:Content-Transfer-Encoding;
	b=P/1G/u97WmGC71km9borv1mZ7WDySws9m3vm6NwYKXhev3RpDId/FBg1NyaaSSPun
	4kHrjF/lpz98Ay1DObAuA==
DomainKey-Signature: a=rsa-sha1; s=avoriaz; d=restart.be; c=nofws; q=dns;
	h=message-id:date:from:organization:user-agent:mime-version:to:cc:
	subject:references:in-reply-to:content-type:
	content-transfer-encoding:x-scanned-by;
	b=oZ/oIs2aXaMOQMW2VwYYak9hanjVAie+quJSmXOMis802/cBV2rJ4rWwLy3Mejzbd
	9XvYnHHvMlJg7tjjXXCDQ==
Message-ID: <4A6834E7.60704@restart.be>
Date: Thu, 23 Jul 2009 12:01:11 +0200
From: Henri Hennebert <hlh@restart.be>
Organization: RestartSoft
User-Agent: Thunderbird 2.0.0.22 (X11/20090717)
MIME-Version: 1.0
To: "Li, Qing" <qing.li@bluecoat.com>
References: <4A5734C3.3000806@restart.be>	<B583FBF374231F4A89607B4D08578A4304673660@bcs-mail03.internal.cacheflow.com>	<4A5864DC.1070106@restart.be>
	<B583FBF374231F4A89607B4D08578A4304673665@bcs-mail03.internal.cacheflow.com>
	<4A6469CE.4060907@restart.be>
	<B583FBF374231F4A89607B4D08578A4304CDAAEC@bcs-mail03.internal.cacheflow.com>
In-Reply-To: <B583FBF374231F4A89607B4D08578A4304CDAAEC@bcs-mail03.internal.cacheflow.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Scanned-By: MIMEDefang 2.64 on IPv6:2001:41d0:2:2d29:1:1::
Cc: freebsd-net@freebsd.org, freebsd-current@freebsd.org,
	freebsd-stable@freebsd.org
Subject: [SOLVED] 8.0-BETA1 - for the record - different paths followed by
 IPv4 and IPv6 for 'local' connections
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Jul 2009 10:01:17 -0000

Li, Qing wrote:
>> Just another case where the route must be created:
>>
> 
> That's probably because I explicitly disabled such
> route installation for PPP link type.
> 
> Please apply patch http://people.freebsd.org/~qingli/patch and
> let me know if that solves your problem.

The problem is solved.

Thanks a lot.

Henri

PS. the ipv4 ping was working fine before (and after) your patch, so
I don't see why you have to patch in.c
> 
> Thanks,
> 
> -- Qing
> 
> 
> 
>> [root@avoriaz ~]# ifconfig gif0
>> gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1280
>> 	tunnel inet 212.239.166.57 --> 94.23.44.41
>> 	inet6 fe80::21d:60ff:fead:2ace%gif0 prefixlen 64 scopeid 0x4
>> 	inet6 2001:41d0:2:2d29:1:ffff:: --> 2001:41d0:2:2d29:0:ffff::
>> prefixlen
>> 128
>> 	options=1<ACCEPT_REV_ETHIP_VER>
>>
>> [root@avoriaz ~]# ping6 2001:41d0:2:2d29:1:ffff::
>> PING6(56=40+8+8 bytes) 2001:41d0:2:2d29:1:ffff:: -->
>> 2001:41d0:2:2d29:1:ffff::
>> ^C
>> --- 2001:41d0:2:2d29:1:ffff:: ping6 statistics ---
>> 4 packets transmitted, 0 packets received, 100.0% packet loss
>>
>> [root@avoriaz ~]# route add -inet6 2001:41d0:2:2d29:1:ffff::
> -interface
>> lo0
>> add host 2001:41d0:2:2d29:1:ffff::: gateway lo0
>>
>> [root@avoriaz ~]# ping6 2001:41d0:2:2d29:1:ffff::
>> PING6(56=40+8+8 bytes) 2001:41d0:2:2d29:1:ffff:: -->
>> 2001:41d0:2:2d29:1:ffff::
>> 16 bytes from ::1, icmp_seq=0 hlim=64 time=0.531 ms
>> 16 bytes from ::1, icmp_seq=1 hlim=64 time=0.884 ms
>> 16 bytes from ::1, icmp_seq=2 hlim=64 time=0.748 ms
>> ^C
>> --- 2001:41d0:2:2d29:1:ffff:: ping6 statistics ---
>> 3 packets transmitted, 3 packets received, 0.0% packet loss
>> round-trip min/avg/max/std-dev = 0.531/0.721/0.884/0.145 ms
>>
>> Thanks
>>
>> Henri
>>> -----Original Message-----
>>> From: Henri Hennebert [mailto:hlh@restart.be]
>>> Sent: Sat 7/11/2009 3:09 AM
>>> To: Li, Qing
>>> Cc: freebsd-stable@freebsd.org; freebsd-net@freebsd.org
>>> Subject: Re: 8.0-BETA1 - for the record - different paths followed
> by
>> IPv4 and IPv6 for 'local' connections
>>> Li, Qing wrote:
>>>> Hi,
>>>>
>>>> Please try patch-7-10 in my home directory
>> http://people.freebsd.org/~qingli/
>>>> and let me know how it works out for you. I thought I had committed
>> the patch
>>>> but turned out I didn't.
>>> I apply the patch, reset my pf.conf to its previous content and all
>> is
>>> running smoothly. By the way, I discover after my post that my
>>> "solution" was not working for long (many bytes) connections and
> this
>> is
>>> solved too.
>>>
>>> Many thank for your time
>>>
>>> Henri
>>>
>>> PS please commit as soon as possible
>>>
>>>>> On 8.0-BETA1 there is an assymetry:
>>>>>
>>>>> netstat -rn display
>>>>>
>>>>> 192.168.24.1       link#3
>>>>> ....
>>>>> no entry for 2001:41d0:2:2d29:1:1::
>>>>>
>>>> This is by design as part of the new architecture in 8.0, which
>> maintains
>>>> the L2 ARP/ND6 and L3 routing tables separately.
>>>>
>>>> -- Qing
>>>>
>>>>
>>>>
>>>> -----Original Message-----
>>>> From: owner-freebsd-stable@freebsd.org on behalf of Henri Hennebert
>>>> Sent: Fri 7/10/2009 5:32 AM
>>>> To: freebsd-stable@freebsd.org; freebsd-st@freebsd.org
>>>> Subject: 8.0-BETA1 - for the record - different paths followed by
>> IPv4 and IPv6 for 'local' connections
>>>> Hello,
>>>>
>>>> After upgrading from 7.2-STABLE to 8.0-BETA1 I encounter a problem
>> when
>>>> connecting with firefox to a local apache server using the global
>>>> unicast IPv6 address of the local machine. pf.conf must be updated!
>>>>
>>>> My configuration:
>>>>
>>>> [root@avoriaz ~]# ifconfig em0
>>>>
>>>> em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0
> mtu
>> 1500
> options=19b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO
>> 4>
>>>> 	ether 00:1d:60:ad:2a:ce
>>>> 	inet 192.168.24.1 netmask 0xffffff00 broadcast 192.168.24.255
>>>> 	inet6 fe80::21d:60ff:fead:2ace%em0 prefixlen 64 scopeid 0x1
>>>> 	inet6 2001:41d0:2:2d29:1:1:: prefixlen 80
>>>> 	media: Ethernet 100baseTX (100baseTX <half-duplex>)
>>>> 	status: active
>>>>
>>>> [root@avoriaz ~]# host www.restart.bel
>>>> www.restart.bel is an alias for avoriaz.restart.bel.
>>>> avoriaz.restart.bel has address 192.168.24.1
>>>> avoriaz.restart.bel has IPv6 address 2001:41d0:2:2d29:1:1::
>>>>
>>>> pf.conf:
>>>>
>>>> int_if="em0"
>>>> block in  log all
>>>> block out log all
>>>> set skip on lo0
>>>> antispoof quick for $int_if inet
>>>> # Allow trafic with physical internal network
>>>> pass in quick on $int_if from ($int_if:network) to ($int_if) keep
>> state
>>>> pass out quick on $int_if from ($int_if) to ($int_if:network) keep
>> state
>>>> The problem:
>>>>
>>>> [root@avoriaz ~]# telnet -4 www.restart.bel 80
>>>> Trying 192.168.24.1...
>>>> Connected to avoriaz.restart.bel.
>>>> Escape character is '^]'.
>>>> ^]
>>>> telnet> quit
>>>> Connection closed.
>>>> [root@avoriaz ~]# telnet -6 www.restart.bel 80
>>>> Trying 2001:41d0:2:2d29:1:1::...
>>>> --->Never connect and get a timeout!
>>>>
>>>> tcpdump and logging in pf show me that
>>>>
>>>> For a IPv4 connection:
>>>> the packet from telnet to apache pass 2 times on lo0 (out and in)
>>>> the answer packet from apache to telnet pass 2 times on lo0 (out
> and
>> in)
>>>> So no problem, there is `set skip on lo0'
>>>>
>>>> For a IPv6 connection:
>>>> The first packet from telnet to apache pass 2 times on lo0 (out and
>> in)
>>>> The answer packet from apache to telnet path on em0  and is
> rejected
>>>> due to the default flags S/SA.
>>>>
>>>> So I have to change pf.conf and replace the last line:
>>>> pass out quick on $int_if from ($int_if) to ($int_if:network) \
>>>> keep state flags any
>>>>
>>>> Then all is OK
>>>>
>>>> By the way, on 7.2
>>>>
>>>> netstat -rn display
>>>>
>>>> 192.168.24.1        00:1d:60:ad:2a:ce
>>>> ....
>>>> 2001:41d0:2:2d29:1:1::            00:1d:60:ad:2a:ce
>>>>
>>>>
>>>> On 8.0-BETA1 there is an assymetry:
>>>>
>>>> netstat -rn display
>>>>
>>>> 192.168.24.1       link#3
>>>> ....
>>>> no entry for 2001:41d0:2:2d29:1:1::
>>>>
>>>> Hope it may help someone
>>>>
>>>> Henri
>>>>
>>>> _______________________________________________
>>>> freebsd-stable@freebsd.org mailing list
>>>> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
>>>> To unsubscribe, send any mail to "freebsd-stable-
>> unsubscribe@freebsd.org"
>>>
>>> _______________________________________________
>>> freebsd-stable@freebsd.org mailing list
>>> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
>>> To unsubscribe, send any mail to "freebsd-stable-
>> unsubscribe@freebsd.org"
>