Date: Tue, 21 Sep 2010 12:37:27 +0200 From: Lasse Brandt <lasse@bitmand.com> To: freebsd-net@freebsd.org Subject: Default gateway on different net Message-ID: <6BE964C4-0838-4DA6-9278-12C620CA1EE1@bitmand.com>
next in thread | raw e-mail | index | archive | help
Hi,
I have a server in location that provides ipv6 (not sure the ipv6 part =
is important, but thats how I stumbled upon this). First a bit of =
information about the server:
FreeBSD 8.1-RELEASE #0: Mon Jul 19 02:36:49 UTC 2010
1 NIC with ipv4 and v6 addresses.
I got an ipv6 subnet (/64) from the hosting provider but the default =
gateway is not in the same subnet. The recommendation from the provider =
is simple: Create a static route, that routes all traffic to the subnet =
with the gateway to the interface. Then create default gateway.
What I have done is this:
ipv6_enable=3D"YES"
ipv6_static_routes=3D"defgw"
ipv6_route_defgw=3D"2a01:xxxx:xxxx:3180::1 -prefixlen 59 -iface re0"
ipv6_defaultrouter=3D"2a01:xxxx:xxxx:3180::1"
ipv6_ifconfig_re0=3D"2a01:xxxx:xxxx:3183::2 prefixlen 64"
( Notice the slight difference in the ip on the nick :3183: and the =
gateway :3180: )
If I reboot the machine, the following happens:
*) The nic re0 got the ip: 2a01:xxxx:xxxx:3183::2 - ifconfig:
inet6 2a01:xxxx:xxxx:3183::2 prefixlen 64
*) The static route is in the routing table:
2a01:xxxx:xxxx:3180::/59 6c:62:6d:0d:9b:e8 US re0
*) But there is no default route :(
I then stumbled upon line 1057 in /etc/network.subr:
ipv6_static_routes=3D"default ${ipv6_static_routes}"
If I understand this correctly, the ipv6_defaultrouter is simply added =
in the static_route configuration (which is added later).
But I also recall that I cannot create a default route to an ip not in =
my subnet, if the static route is missing. And the above code place the =
default route as the very first.
If I move default to the "last" position:
ipv6_static_routes=3D"${ipv6_static_routes} default"
And reboots, the routing table shows my static route and the default =
route just fine:
Internet6:
Destination Gateway Flags Netif Expire=20
default 2a01:xxxx:xxxx:3180::1 UGS re0
2a01:xxxx:xxxx:3180::/59 6c:62:6d:0d:9b:e8 US re0
But! I still can't get any ipv6 packets out of the server. Trying to =
ping6 the gateway (or anything else outside) simply returns a: ping6: =
sendmsg: Operation not permitted
I have tried tcpdumping ipv6 packets on re0, but absolutely nothing is =
showing up when either ping6 or telnet to something outside on an ipv6 =
address (firewall is disabled btw). If I tcpdump while ping6 from =
outside to 2a01:xxxx:xxxx:3183::2, ipv6 packets is showing just fine.
If you are still reading this email, thanks :)
Now to the actual questions:
1) Is the hosting provider actually forcing me to do something "bad" og =
plain wrong?
2) Should the default route really be the last route to be added in =
/etc/network.subr:1057? (not sure if there is a reason to why its first =
- but I feel guilty messing with that file directly :) )
3) Am I setting this up in a completely wrong way?
( At this point it feels like "everything is right, but I miss _that_ =
fundamental option/config somewhere )
Any hint, tips or trick is highly appreciated.
Best regards,
Lasse Brandt=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6BE964C4-0838-4DA6-9278-12C620CA1EE1>