From owner-freebsd-net@freebsd.org  Tue Dec 11 12:09:36 2018
Return-Path: <owner-freebsd-net@freebsd.org>
Delivered-To: freebsd-net@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id EA9BE132EF9B
 for <freebsd-net@mailman.ysv.freebsd.org>;
 Tue, 11 Dec 2018 12:09:35 +0000 (UTC)
 (envelope-from bu7cher@yandex.ru)
Received: from forward105p.mail.yandex.net (forward105p.mail.yandex.net
 [77.88.28.108])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id E17056C200
 for <freebsd-net@freebsd.org>; Tue, 11 Dec 2018 12:09:34 +0000 (UTC)
 (envelope-from bu7cher@yandex.ru)
Received: from mxback9o.mail.yandex.net (mxback9o.mail.yandex.net
 [IPv6:2a02:6b8:0:1a2d::23])
 by forward105p.mail.yandex.net (Yandex) with ESMTP id E76C14D40860;
 Tue, 11 Dec 2018 15:09:26 +0300 (MSK)
Received: from smtp4o.mail.yandex.net (smtp4o.mail.yandex.net
 [2a02:6b8:0:1a2d::28])
 by mxback9o.mail.yandex.net (nwsmtp/Yandex) with ESMTP id 5VG0VPmW0r-9QQSWh8K; 
 Tue, 11 Dec 2018 15:09:26 +0300
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail;
 t=1544530166; bh=Me+17sP0fNReGlPcoWJorps+OZIbIknok+vKMOFNMsE=;
 h=Subject:To:References:From:Message-ID:Date:In-Reply-To;
 b=e0CwOKm+xDRGT2gnXzKcGNP6bfBrDAM2Ko8vIVKogSizgM7wE5RYIdz0TzxtyjQpB
 YNRrmPnut4i4MZI6VSJ5OcgXtMsYauLNZ6AsYcE23+9i6Oo1UKcv31gG/3unmM/N1Q
 RVRjBZJYoNuVxEyrBoosguQuHs4eFXXVBF/z573M=
Received: by smtp4o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id
 NKLvbZkbvg-9QLi8xBI; Tue, 11 Dec 2018 15:09:26 +0300
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client certificate not present)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail;
 t=1544530166; bh=Me+17sP0fNReGlPcoWJorps+OZIbIknok+vKMOFNMsE=;
 h=Subject:To:References:From:Message-ID:Date:In-Reply-To;
 b=e0CwOKm+xDRGT2gnXzKcGNP6bfBrDAM2Ko8vIVKogSizgM7wE5RYIdz0TzxtyjQpB
 YNRrmPnut4i4MZI6VSJ5OcgXtMsYauLNZ6AsYcE23+9i6Oo1UKcv31gG/3unmM/N1Q
 RVRjBZJYoNuVxEyrBoosguQuHs4eFXXVBF/z573M=
Authentication-Results: smtp4o.mail.yandex.net; dkim=pass header.i=@yandex.ru
Subject: Re: RFC 5549?
To: Donald Sharp <sharpd@cumulusnetworks.com>, freebsd-net@freebsd.org
References: <CAK989yck+W7co1QvTOEiHNHAf3nv1kDBx6cjwo9dLX9r6TvGFw@mail.gmail.com>
From: "Andrey V. Elsukov" <bu7cher@yandex.ru>
Openpgp: id=E6591E1B41DA1516F0C9BC0001C5EA0410C8A17A
Autocrypt: addr=bu7cher@yandex.ru; prefer-encrypt=mutual; keydata=
 xsBNBEwBF1kBCADB9sXFhBEUy8qQ4X63Y8eBatYMHGEFWN9ypS5lI3RE6qQW2EYbxNk7qUC5
 21YIIS1mMFVBEfvR7J9uc7yaYgFCEb6Sce1RSO4ULN2mRKGHP3/Sl0ijZEjWHV91hY1YTHEF
 ZW/0GYinDf56sYpDDehaBF5wkWIo1+QK5nmj3vl0DIDCMNd7QEiWpyLVwECgLX2eOAXByT8B
 bCqVhJGcG6iFP7/B9Ll6uX5gb8thM9LM+ibwErDBVDGiOgvfxqidab7fdkh893IBCXa82H9N
 CNwnEtcgzh+BSKK5BgvPohFMgRwjti37TSxwLu63QejRGbZWSz3OK3jMOoF63tCgn7FvABEB
 AAHNIkFuZHJleSBWLiBFbHN1a292IDxhZUBmcmVlYnNkLm9yZz7CwHsEEwECACUCGwMGCwkI
 BwMCBhUIAgkKCwQWAgMBAh4BAheABQJMB/ruAhkBAAoJEAHF6gQQyKF6MLwH/3Ri/TZl9uo0
 SepYWXOnxL6EaDVXDA+dLb1eLKC4PRBBjX29ttQ0KaWapiE6y5/AfzOPmRtHLrHYHjd/aiHX
 GMLHcYRXD+5GvdkK8iMALrZ28X0JXyuuZa8rAxWIWmCbYHNSBy2unqWgTI04Erodk90IALgM
 9JeHN9sFqTM6zalrMnTzlcmel4kcjT3lyYw3vOKgoYLtsLhKZSbJoVVVlvRlGBpHFJI5AoYJ
 SyfXoN0rcX6k9X7Isp2K50YjqxV4v78xluh1puhwZyC0p8IShPrmrp9Oy9JkMX90o6UAXdGU
 KfdExJuGJfUZOFBTtNIMNIAKfMTjhpRhxONIr0emxxDOwE0ETAEXWQEIAJ2p6l9LBoqdH/0J
 PEFDY2t2gTvAuzz+8zs3R03dFuHcNbOwjvWCG0aOmVpAzkRa8egn5JB4sZaFUtKPYJEQ1Iu+
 LUBwgvtXf4vWpzC67zs2dDuiW4LamH5p6xkTD61aHR7mCB3bg2TUjrDWn2Jt44cvoYxj3dz4
 S49U1rc9ZPgD5axCNv45j72tggWlZvpefThP7xT1OlNTUqye2gAwQravXpZkl5JG4eOqJVIU
 X316iE3qso0iXRUtO7OseBf0PiVmk+wCahdreHOeOxK5jMhYkPKVn7z1sZiB7W2H2TojbmcK
 HZC22sz7Z/H36Lhg1+/RCnGzdEcjGc8oFHXHCxUAEQEAAcLAXwQYAQIACQUCTAEXWQIbDAAK
 CRABxeoEEMihegkYCAC3ivGYNe2taNm/4Nx5GPdzuaAJGKWksV+w9mo7dQvU+NmI2az5w8vw
 98OmX7G0OV9snxMW+6cyNqBrVFTu33VVNzz9pnqNCHxGvj5dL5ltP160JV2zw2bUwJBYsgYQ
 WfyJJIM7l3gv5ZS3DGqaGIm9gOK1ANxfrR5PgPzvI9VxDhlr2juEVMZYAqPLEJe+SSxbwLoz
 BcFCNdDAyXcaAzXsx/E02YWm1hIWNRxanAe7Vlg7OL+gvLpdtrYCMg28PNqKNyrQ87LQ49O9
 50IIZDOtNFeR0FGucjcLPdS9PiEqCoH7/waJxWp6ydJ+g4OYRBYNM0EmMgy1N85JJrV1mi5i
Message-ID: <e4dc5bcb-15ba-a4b6-ddfb-a3fff7720dfb@yandex.ru>
Date: Tue, 11 Dec 2018 15:07:02 +0300
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:60.0) Gecko/20100101
 Thunderbird/60.3.3
MIME-Version: 1.0
In-Reply-To: <CAK989yck+W7co1QvTOEiHNHAf3nv1kDBx6cjwo9dLX9r6TvGFw@mail.gmail.com>
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature";
 boundary="Ku6wxjGO5nhYYy8A6US7o1ptNce3as4oU"
X-Rspamd-Queue-Id: E17056C200
X-Spamd-Result: default: False [-4.78 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[];
 TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:77.88.0.0/18];
 FREEMAIL_FROM(0.00)[yandex.ru]; HAS_ATTACHMENT(0.00)[];
 RCVD_COUNT_THREE(0.00)[4];
 MX_GOOD(-0.01)[cached: mx.yandex.ru];
 DKIM_TRACE(0.00)[yandex.ru:+]; RCPT_COUNT_TWO(0.00)[2];
 SUBJ_ALL_CAPS(0.68)[9];
 DMARC_POLICY_ALLOW(-0.50)[yandex.ru,none]; SIGNED_PGP(-2.00)[];
 NEURAL_HAM_SHORT(-0.48)[-0.480,0];
 RCVD_IN_DNSWL_LOW(-0.10)[108.28.88.77.list.dnswl.org : 127.0.5.1];
 IP_SCORE(-0.77)[asn: 13238(-3.84), country: RU(0.01)];
 SUBJECT_ENDS_QUESTION(1.00)[];
 FREEMAIL_ENVFROM(0.00)[yandex.ru];
 ASN(0.00)[asn:13238, ipnet:77.88.0.0/18, country:RU];
 MID_RHS_MATCH_FROM(0.00)[]; FROM_EQ_ENVFROM(0.00)[];
 ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0];
 R_DKIM_ALLOW(-0.20)[yandex.ru]; RCVD_TLS_LAST(0.00)[];
 FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0];
 MIME_GOOD(-0.20)[multipart/signed,multipart/mixed,text/plain];
 TO_MATCH_ENVRCPT_SOME(0.00)[]
X-Rspamd-Server: mx1.freebsd.org
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Dec 2018 12:09:36 -0000

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--Ku6wxjGO5nhYYy8A6US7o1ptNce3as4oU
Content-Type: multipart/mixed; boundary="wVekJHS5FYZCJljBNxF0zEFw9eYAS2zTZ";
 protected-headers="v1"
From: "Andrey V. Elsukov" <bu7cher@yandex.ru>
To: Donald Sharp <sharpd@cumulusnetworks.com>, freebsd-net@freebsd.org
Message-ID: <e4dc5bcb-15ba-a4b6-ddfb-a3fff7720dfb@yandex.ru>
Subject: Re: RFC 5549?
References: <CAK989yck+W7co1QvTOEiHNHAf3nv1kDBx6cjwo9dLX9r6TvGFw@mail.gmail.com>
In-Reply-To: <CAK989yck+W7co1QvTOEiHNHAf3nv1kDBx6cjwo9dLX9r6TvGFw@mail.gmail.com>

--wVekJHS5FYZCJljBNxF0zEFw9eYAS2zTZ
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable

On 24.10.2018 23:10, Donald Sharp wrote:
> All -
>=20
> The FRRouting project has some basic support for rfc 5549 and I've
> been asked to see if it is possible to get this bit of code working
> with the FRRouting freebsd kernel interface.  What is RFC 5549 you
> ask?  The tl;dr of it is that you have v4 prefixes w/ a v6 gateway.
> For some more background the linux implementation cheats ( and I would
> like to emphatically point out that I'm not suggesting this solution,
> I'm giving the linux solution to the problem as a data point to how it
> was solved in one instance ) by installing a neighbor entry for
> `169.254.0.1 <outgoing interface> <mac address on the other side>` and
> when installing the v4 prefix we see the v6 nexthop and replace it
> with `169.254.0.1 <outgoing interface>` in the netlink message to the
> kernel.  Is support of RFC 5549 possible in Freebsd?

Hi,

I have thought a bit about this, and have some ideas how implement this.
In general we can install into the kernel routes that has IPv6 address
as gateway for IPv4 (currently this is not allowed by default, but it is
easy to allow). So, as a routing daemon developer you can use generic
API to install routes where RTAX_GATEWAY is IPv6 address.

Then we need to modify ip_forward, ip_output, ip_tryforward to correctly
handle such routes. layer2 output routines should already correctly
handle IPv4 packets that are going trough the IPv6 gateway and it will
use ND6 lookup code to obtain Layer2 addresses.

The most complex it seems will the modification of ip_tryforward code,
since it is optimized for IPv4 and doesn't have enough room for
extending. With such changes IPv6 only router should be able to do IPv4
forwarding.

The problems that come to mind are inability to correctly send ICMP
messages, since there are no IPv4 addresses that can be used as IPv4
source, and how existing programs will handle such routes when they will
appear in a routing socket.

--=20
WBR, Andrey V. Elsukov


--wVekJHS5FYZCJljBNxF0zEFw9eYAS2zTZ--

--Ku6wxjGO5nhYYy8A6US7o1ptNce3as4oU
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/

iQEzBAEBCAAdFiEE5lkeG0HaFRbwybwAAcXqBBDIoXoFAlwPqGoACgkQAcXqBBDI
oXqbtQf+JKygrqeBvbVLoR6wQTGTRR/P1aVADHAwrRjUrl9Pj2C/dHEUkuW9jxrE
FKkfKk7u9qTquoTArXEeaYnINCixNIXUv0Ye2Q3mTjQlCsF2eUsJWejBMoCVYHA5
xbQv1m1y82GOCSyxQ78Kl/FgIjEpnNv01Dn/2HmB/HYN8hrCZ2Bk6Zz4d+W5NAOt
PHeLBBTH9I6P/fotaL+OF3gPZtoaboT7DB3YPO4cpNgBi9HD92iLth24Zgoe2qHo
FKoWuwWmWLgxpZI7rsTF+leBVMt/gp7jTcSblI1+KCmDc9Wmi8sHFUfbIrrRgieT
B+TtIru4+xdU82KxSpSeUaXASRXSew==
=dxYd
-----END PGP SIGNATURE-----

--Ku6wxjGO5nhYYy8A6US7o1ptNce3as4oU--