From owner-freebsd-net@FreeBSD.ORG Sat Aug 30 06:05:14 2014 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5EE70467; Sat, 30 Aug 2014 06:05:14 +0000 (UTC) Received: from udns.ultimatedns.net (unknown [IPv6:2602:d1:b4d6:e600:4261:86ff:fef6:aa2a]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 09F0B1FCF; Sat, 30 Aug 2014 06:05:13 +0000 (UTC) Received: from udns.ultimatedns.net (localhost [127.0.0.1]) by udns.ultimatedns.net (8.14.5/8.14.5) with ESMTP id s7U66WEO017150; Fri, 29 Aug 2014 23:06:38 -0700 (PDT) (envelope-from bsd-lists@bsdforge.com) Received: (from www@localhost) by udns.ultimatedns.net (8.14.5/8.14.5/Submit) id s7U66Oi1017134; Fri, 29 Aug 2014 23:06:24 -0700 (PDT) (envelope-from bsd-lists@bsdforge.com) Received: from unavailable01.ultimatedns.net ([209.180.214.227]) (UDNSMS authenticated user chrish) by ultimatedns.net with HTTP; Fri, 29 Aug 2014 23:06:24 -0700 (PDT) Message-ID: <84e5d9cbb5ee80281c6e6d1577f12b2c.authenticated@ultimatedns.net> In-Reply-To: <20140829101707.GA83695@zibbi.meraka.csir.co.za> References: <88a42e1006e3fac7508a9419e342f1b2@mail.jonathanprice.org> <2173103.SJdXL7NPLT@overcee.wemm.org> <53FD7B34.1050408@jonathanprice.org> <2D16BCE4-5E5A-4C06-8927-76953DDEC348@lists.zabbadoz.net> <20140829101707.GA83695@zibbi.meraka.csir.co.za> Date: Fri, 29 Aug 2014 23:06:24 -0700 (PDT) Subject: Re: Should I be using ipv6_activate_all_interfaces or ip6addrctl_policy="ipv6_prefer" From: "Chris H" To: "John Hay" User-Agent: UDNSMS/2.0.3 MIME-Version: 1.0 Content-Type: text/plain;charset=utf-8 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal Cc: "Bjoern A. Zeeb" , Hiroki Sato , Jonathan Price , FreeBSD Net X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 30 Aug 2014 06:05:14 -0000 > On Wed, Aug 27, 2014 at 11:59:25AM +0000, Bjoern A. Zeeb wrote: >> >> On 27 Aug 2014, at 06:31 , Jonathan Price wrote: >> >> > On 2014-08-27 01:40, Peter Wemm wrote: >> >> On Tuesday 26 August 2014 10:40:27 freebsd@jonathanprice.org wrote: >> >>> Hello, >> >>> >> >>> I am configuring a server with IPv4 and IPv6 addresses and have noticed that >> >>> FreeBSD seems to be preferring IPv4, such as when establishing SSH >> >>> connections. >> >>> >> >>> After reading through /etc/defaults/rc.conf, and later /etc/rc.d/ip6addrctl >> >>> I have come to the conclusion that I have two ways to tell FreeBSD to >> >>> prefer IPv6: >> >>> >> >>> 1) Add ipv6_activate_all_interfaces to /etc/rc.conf >> >>> 2) Add ip6addrctl_policy="ipv6_prefer" to /etc/rc.conf >> >>> > ... >> > However, it does sound like for my purposes it would make more sense to use >> ip6addrctl_policy=?ipv6_prefer" as that is more explicitly the feature I want, rather >> than getting it inadvertently through the other knob. >> >> Yes. Definitively. I am not sure if it has happened but if IPv6 config is configured >> through rc.conf that setting should be(come) default. >> > > It does not seem so yet (anymore, it was like that many moons ago). A new > install of 11-current, with the following in rc.conf: > > ################# > hostname="fbsd-11-test" > ifconfig_em0="DHCP" > ifconfig_em0_ipv6="inet6 accept_rtadv" > sshd_enable="YES" > ################# > > Output of ip6addrctl: > > ################# > jhay@fbsd-11-test:~ % ip6addrctl > Prefix Prec Label Use > ::1/128 50 0 0 > ::/0 40 1 13 > ::ffff:0.0.0.0/96 100 4 0 > 2002::/16 30 2 0 > 2001::/32 5 5 0 > fc00::/7 3 13 0 > ::/96 1 3 0 > fec0::/10 1 11 0 > 3ffe::/16 1 12 0 > jhay@fbsd-11-test:~ % > ################# > > telnet to a machine with both ipv6 and ipv4 addresses: > > ################# > jhay@fbsd-11-test:~ % telnet dolphin > Trying 146.64.28.14... > telnet: connect to address 146.64.28.14: Connection refused > Trying 2001:4200:7000:3:223:aeff:fea5:ef... > telnet: connect to address 2001:4200:7000:3:223:aeff:fea5:ef: Connection refused > telnet: Unable to connect to remote host > jhay@fbsd-11-test:~ % > ################# > > I think if an IPv6 address is configured on a machine, it should prefer ipv6 > addresses. That would match what the rest are doing. All mine do. As the default, I used the same settings you used above (minus the DHCP). Only difference I can see, is that I use STATIC (IPv4 && IPv6), and a default (IPv4 && IPv6) gateway. If I telnet/ftp/ssh to any of my hosts, IPv6 is always attempted first (opposite of your output above). This was also the case, when I didn't enter a specific IP in the rc.conf(5). With only the gateway IP address (IPv4), and an IPv4 address for the I. If I chose ipv6_activate_all_interfaces="YES" or xxx_ipv6="inet6 accept_rtadv" I always got the coreect IPv6 address, and connection attempts always began with IPv6 chosen. I don't know if any of this helps. But thought at least sharing another experience might. Best wishes. --Chris > > Regards > > John > -- > John Hay -- jhay@meraka.csir.co.za / jhay@meraka.org.za > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >