From owner-freebsd-net@FreeBSD.ORG Tue Sep 21 10:59:30 2010 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D1375106564A for ; Tue, 21 Sep 2010 10:59:30 +0000 (UTC) (envelope-from lasse@bitmand.com) Received: from mail-ey0-f182.google.com (mail-ey0-f182.google.com [209.85.215.182]) by mx1.freebsd.org (Postfix) with ESMTP id 719768FC3A for ; Tue, 21 Sep 2010 10:59:30 +0000 (UTC) Received: by eyx24 with SMTP id 24so2317630eyx.13 for ; Tue, 21 Sep 2010 03:59:29 -0700 (PDT) Received: by 10.213.27.203 with SMTP id j11mr3869915ebc.43.1285065451570; Tue, 21 Sep 2010 03:37:31 -0700 (PDT) Received: from [10.13.37.105] (1905ds1-taa.0.fullrate.dk [90.184.133.165]) by mx.google.com with ESMTPS id u9sm12604866eeh.5.2010.09.21.03.37.28 (version=TLSv1/SSLv3 cipher=RC4-MD5); Tue, 21 Sep 2010 03:37:30 -0700 (PDT) From: Lasse Brandt Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Date: Tue, 21 Sep 2010 12:37:27 +0200 Message-Id: <6BE964C4-0838-4DA6-9278-12C620CA1EE1@bitmand.com> To: freebsd-net@freebsd.org Mime-Version: 1.0 (Apple Message framework v1081) X-Mailer: Apple Mail (2.1081) Subject: Default gateway on different net X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Sep 2010 10:59:31 -0000 Hi, I have a server in location that provides ipv6 (not sure the ipv6 part = is important, but thats how I stumbled upon this). First a bit of = information about the server: FreeBSD 8.1-RELEASE #0: Mon Jul 19 02:36:49 UTC 2010 1 NIC with ipv4 and v6 addresses. I got an ipv6 subnet (/64) from the hosting provider but the default = gateway is not in the same subnet. The recommendation from the provider = is simple: Create a static route, that routes all traffic to the subnet = with the gateway to the interface. Then create default gateway. What I have done is this: ipv6_enable=3D"YES" ipv6_static_routes=3D"defgw" ipv6_route_defgw=3D"2a01:xxxx:xxxx:3180::1 -prefixlen 59 -iface re0" ipv6_defaultrouter=3D"2a01:xxxx:xxxx:3180::1" ipv6_ifconfig_re0=3D"2a01:xxxx:xxxx:3183::2 prefixlen 64" ( Notice the slight difference in the ip on the nick :3183: and the = gateway :3180: ) If I reboot the machine, the following happens: *) The nic re0 got the ip: 2a01:xxxx:xxxx:3183::2 - ifconfig: inet6 2a01:xxxx:xxxx:3183::2 prefixlen 64 *) The static route is in the routing table: 2a01:xxxx:xxxx:3180::/59 6c:62:6d:0d:9b:e8 US re0 *) But there is no default route :( I then stumbled upon line 1057 in /etc/network.subr: ipv6_static_routes=3D"default ${ipv6_static_routes}" If I understand this correctly, the ipv6_defaultrouter is simply added = in the static_route configuration (which is added later). But I also recall that I cannot create a default route to an ip not in = my subnet, if the static route is missing. And the above code place the = default route as the very first. If I move default to the "last" position: ipv6_static_routes=3D"${ipv6_static_routes} default" And reboots, the routing table shows my static route and the default = route just fine: Internet6: Destination Gateway Flags Netif Expire=20 default 2a01:xxxx:xxxx:3180::1 UGS re0 2a01:xxxx:xxxx:3180::/59 6c:62:6d:0d:9b:e8 US re0 But! I still can't get any ipv6 packets out of the server. Trying to = ping6 the gateway (or anything else outside) simply returns a: ping6: = sendmsg: Operation not permitted I have tried tcpdumping ipv6 packets on re0, but absolutely nothing is = showing up when either ping6 or telnet to something outside on an ipv6 = address (firewall is disabled btw). If I tcpdump while ping6 from = outside to 2a01:xxxx:xxxx:3183::2, ipv6 packets is showing just fine. If you are still reading this email, thanks :) Now to the actual questions: 1) Is the hosting provider actually forcing me to do something "bad" og = plain wrong? 2) Should the default route really be the last route to be added in = /etc/network.subr:1057? (not sure if there is a reason to why its first = - but I feel guilty messing with that file directly :) ) 3) Am I setting this up in a completely wrong way? ( At this point it feels like "everything is right, but I miss _that_ = fundamental option/config somewhere ) Any hint, tips or trick is highly appreciated. Best regards, Lasse Brandt=