From owner-freebsd-hackers@FreeBSD.ORG Mon Feb 18 09:09:01 2013 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 14C4B527 for ; Mon, 18 Feb 2013 09:09:01 +0000 (UTC) (envelope-from leres@ee.lbl.gov) Received: from fun.ee.lbl.gov (fun.ee.lbl.gov [IPv6:2620:83:8000:102::ca]) by mx1.freebsd.org (Postfix) with ESMTP id E0F1B6C1 for ; Mon, 18 Feb 2013 09:09:00 +0000 (UTC) Received: from ice.ee.lbl.gov (ice.ee.lbl.gov [131.243.2.213]) (authenticated bits=0) by fun.ee.lbl.gov (8.14.6/8.14.6) with ESMTP id r1I98u5A062959 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO) for ; Mon, 18 Feb 2013 01:08:59 -0800 (PST) Message-ID: <5121EFA8.1020902@ee.lbl.gov> Date: Mon, 18 Feb 2013 01:08:56 -0800 From: Craig Leres User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:17.0) Gecko/20130123 Thunderbird/17.0.2 MIME-Version: 1.0 To: freebsd-hackers@freebsd.org Subject: "ndp -s" doesn't join the solicited node multicast group (9.1-RELEASE) X-Enigmail-Version: 1.4.6 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Feb 2013 09:09:01 -0000 I've been using openvpn to tunnel IPv4 into work for a few years now. By using addresses from the same subnet as the endpoint at at work and "arp -s" I can work from home and access services as if I am on the subnet at work. I recently tried to add IPv6 to my openvpn setup. It wasn't difficult to get the endpoints configured so I could ping across the tunnel from one to the other (well, I think there are a couple of bugs in openvpn-2.3.0 with respect to ifconfig-ipv6 but I was able to "fix" them). But I'm not having much success using "ndp -s" to have my endpoint respond to neighbor solicitation requests from hosts on the subnet. I have systems using IPv6 interface aliases and using "route monitor" I see that in addition to the RTM_ADD that happens when you add an interface alias, there's also a RTM_NEWMADDR to join the solicited node multicast group so that the host will actually receive neighbor solicitations: got message of size 140 on Sun Feb 17 22:49:35 2013 RTM_NEWADDR: address being added to iface: len 140, metric 0, flags: sockaddrs: (0) 0 0 0 ffff ffff ffff ffff 0 0 0 0 0 0 em0:0.30.48.74.90.52 2620:83:8000:5502::1187 got message of size 272 on Sun Feb 17 22:49:35 2013 RTM_ADD: Add Route: len 272, pid: 0, seq 0, errno 0, flags: locks: inits: sockaddrs: 2620:83:8000:5502::1187 0.30.48.74.90.52 (0) 0 0 0 ffff ffff ffff ffff 0 0 0 0 0 0 got message of size 160 on Sun Feb 17 22:49:35 2013 RTM_NEWMADDR: new multicast group membership on iface: len 160, sockaddrs: 33.33.ff.0.11.87 em0:0.30.48.74.90.52 ff02::1:ff00:1187%em0 But that does not happen when I add the IPv6 address to my ndp table using "ndp -s": got message of size 256 on Mon Feb 18 00:48:35 2013 RTM_GET: Report Metrics: len 256, pid: 24410, seq 1, errno 0, flags: locks: inits: sockaddrs: 2620:83:8000:5502:: (255) ffff ffff ffff ffff ffff ffff ffff got message of size 240 on Mon Feb 18 00:48:35 2013 RTM_ADD: Add Route: len 240, pid: 24410, seq 2, errno 0, flags: locks: inits: sockaddrs: 2620:83:8000:5502::d5 0.30.48.74.90.52 I can see my new address in ndp -an output: 2620:83:8000:5502::d5 00:30:48:74:90:52 em0 permanent R p but without joining the solicited node multicast group it's no surprise the host doesn't respond properly. Anybody know what I'm doing wrong? Craig