From owner-freebsd-net@FreeBSD.ORG  Sun Jan 21 08:05:34 2007
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
X-Original-To: freebsd-net@freebsd.org
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id B26B016A400;
	Sun, 21 Jan 2007 08:05:34 +0000 (UTC)
	(envelope-from jhay@meraka.csir.co.za)
Received: from zibbi.meraka.csir.co.za (zibbi.meraka.csir.co.za [146.64.24.58])
	by mx1.freebsd.org (Postfix) with ESMTP id 9CD2413C442;
	Sun, 21 Jan 2007 08:05:33 +0000 (UTC)
	(envelope-from jhay@meraka.csir.co.za)
Received: by zibbi.meraka.csir.co.za (Postfix, from userid 3973)
	id 8EAE033C94; Sun, 21 Jan 2007 09:32:44 +0200 (SAST)
Date: Sun, 21 Jan 2007 09:32:44 +0200
From: John Hay <jhay@meraka.org.za>
To: "Bruce A. Mah" <bmah@freebsd.org>
Message-ID: <20070121073244.GA80811@zibbi.meraka.csir.co.za>
References: <20070120162936.GA18104@tomcat.kitchenlab.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20070120162936.GA18104@tomcat.kitchenlab.org>
User-Agent: Mutt/1.4.2.1i
Cc: freebsd-net@freebsd.org
Subject: Re: IPv6 over gif(4) broken in 6.2-RELEASE?
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 21 Jan 2007 08:05:34 -0000

On Sat, Jan 20, 2007 at 08:29:36AM -0800, Bruce A. Mah wrote:
> I'm observing a problem with IPv6 over gif(4) tunnels on 6.2-RELEASE
> and recent 6-STABLE, namely that I can't seem to be able to pass
> traffic over them.
> 
> Essentially, when I configure a gif interface like this:
> 
> # ifconfig gif0 inet6 aaaa:bbbb:cccc:dddd::1 aaaa:bbbb:cccc:dddd::2 prefixlen 128
> 
> the interface should add a host route to aaaa:bbbb:cccc:dddd::2
> through gif0.  This is necessary to be able to pass traffic over the
> tunnel, particularly since the source and destination addresses of the
> link don't need to have any relationship to each other.

I only have one IPv6 over IPv4/gif tunnel and ther I use only my side
of the address, something like this:

ifconfig gif0 inet6 2001:4200:ffff:5::2 prefixlen 64

And then bgp on top of this. It seems to work fine on -current built
after my change. 
 
> However, this route doesn't get installed on recent 6-STABLE.
> Therefore there is no way to get an IPv6 packet to the other end of
> the tunnel because there's no route for the destination.  The most
> obvious symptom is that I try to ping the other tunnel endpoint and
> get:
> 
> ping6: UDP connect: No route to host
> 
> I know this worked on RELENG_6 as of June 2006; my home firewall has
> been running this code for months without a hitch.  It doesn't work in
> 6.2-RC2 or 6.2-RELEASE (fresh CD installs on i386, GENERIC kernels),
> or this week's RELENG_6 (nanobsd on i386).
> 
> I somewhat suspect revs. 1.48.2.15 and 1.48.2.14 to
> src/sys/netinet/nd6.c.  If I locally revert these two changes (see
> diff below), IPv6 over gif(4) works again.
> 
> There's another workaround for people stuck in this situation and who
> aren't in a position to try this diff.  That is to manually install
> the host route like this:
> 
> # route add -host -inet6 aaaa:bbbb:cccc:dddd::2 -interface gif0 -nostatic -llinfo
> 
> Comments?

Well it seems that even my stuff does not always work perfectly with that
change (1.48.2.15), so maybe we should revert it and I will search for
yet other ways to make FreeBSD's IPv6 code to actually work for our stuff.

My "stuff" is a wireless IPv6 only network running in adhoc mode with
olsrd as the routing protocol. The problem is that all nodes on a subnet
cannot "see" each other, so olsrd needs to add routes to a node through
another node. Sometimes, just to complicate matters a little more, you
would want to have more than one network card in a host, all with the same
subnet address. (For instance on a high site, with sector antennas.)

The case that I found that still does not work reliably, is if olsrd add
the route and route is not immediately used, then the nd code will time
it out and remove it.

So, I guess if you guys think I should revert my stuff, just say so.

And if you have a solution for my problem, just say so too. :-)

> 
> Bruce.
> 
> Index: nd6.c
> ===================================================================
> RCS file: /home/ncvs/src/sys/netinet6/nd6.c,v
> retrieving revision 1.48.2.16
> diff -u -r1.48.2.16 nd6.c
> --- nd6.c	29 Nov 2006 14:00:29 -0000	1.48.2.16
> +++ nd6.c	20 Jan 2007 16:15:28 -0000
> @@ -1316,7 +1316,7 @@
>  		callout_init(&ln->ln_timer_ch, 0);
>  
>  		/* this is required for "ndp" command. - shin */
> -		if (req == RTM_ADD && (rt->rt_flags & RTF_STATIC)) {
> +		if (req == RTM_ADD) {
>  		        /*
>  			 * gate should have some valid AF_LINK entry,
>  			 * and ln->ln_expire should have some lifetime


John
-- 
John Hay -- John.Hay@meraka.csir.co.za / jhay@FreeBSD.org