Date: Fri, 28 Oct 2011 19:09:57 +0400 From: Emil Muratov <gpm@hotplug.ru> To: <freebsd-ipfw@freebsd.org>, <freebsd-net@freebsd.org> Subject: ipfw reass brakes ipv6 operation Message-ID: <4EAAC5C5.6090803@hotplug.ru>
next in thread | raw e-mail | index | archive | help
Hi all I've got into some strange behavior with ipv6. Somehow ipfw reassembly totally brakes it's operation. As soon as I add a rule "ipfw add 100 reass all from any to any in" all ipv6 operation is not available any more, I can only ping6 localhost. Outgoing ipv6 packets are OK, I can see them via tcpdump on an interface stf0 and after that leaving encapsulated in ip4 through another interface. But all incoming ipv6 packets are blackholed. I can see them arriving as an encapsulated payload in ip4 and after that they disappear. I don't know if this a bug or a feature, using "ipfw add reass ip4 from any to any in" works as a workaround. Shouldn't reass just pass ipv6 packets intact? Or if it is a feature than maybe there should be a note in IPFW(8) man page to not to use reass for anything except ip4? Thanks.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4EAAC5C5.6090803>