tech-net archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: v6 troubles ("cannot forward")
> Please provide output of
> - ndp -an
> - netstat -rLnf inet6
> - ifconfig -an
> - sysctl net.inet6.ip6
> - grep ip6 /etc/rc.conf
> - cat /etc/ifconfig.sk0
> before and after manually fixing the router.
There is no ifconfig.sk0; sk0 is configured with rc.conf variables, not
a separate file. (Boot-time configuration is already far too spread
out over multiple files already; I refuse to spread it out even
further.)
And "ifconfig -an" produces "ifconfig: unknown option -- n" and a usage
message. I'll provide "ifconfig -au" output instead. (I think I said,
but in case not - this is 3.1, not 4.0 or -current.)
> Oh, and please elaborate the "configured by /etc/rc.d/network" - did
> you provide a /etc/ifconfig.sk0, or did you edit /etc/rc.d/network ?
Yes and no. By "configured by /etc/rc.d/network" I mean merely that
the configuration commands were run from there, not (eg) by
netstart.local or rc.local, nor by hand.
I actually have edited rc.d/network, but not specifically for sk0; what
I have done to it was to add support for ifalias_xxN_M and
ifsetup_{pre,post}_xxN variables, making it possible to put even
relatively complex configurations into rc.conf instead of having to use
files. (I don't _think_ what I did is relevant, but I will include
diffs below.)
When "broken":
# ndp -an
Neighbor Linklayer Address Netif Expire S Flags
2610:98:0:ffff::1 00:0f:ea:f3:08:7e sk0 permanent R
fe80::20f:eaff:fef3:87e%sk0 00:0f:ea:f3:08:7e sk0 permanent R
# netstat -rLnf inet6
Routing tables
Internet6:
Destination Gateway Flags
Refs Use Mtu Interface
::/104 ::1 UGRS 0
0 - lo0 =>
::/96 ::1 UGRS 0
0 - lo0 =>
default 2610:98:0:ffff:: UGS 1
62 - sk0
::1 ::1 UH 12
0 33192 lo0
::127.0.0.0/104 ::1 UGRS 0
0 - lo0
::224.0.0.0/100 ::1 UGRS 0
0 - lo0
::255.0.0.0/104 ::1 UGRS 0
0 - lo0
::ffff:0.0.0.0/96 ::1 UGRS 0
0 - lo0
2002::/24 ::1 UGRS 0
0 - lo0
2002:7f00::/24 ::1 UGRS 0
0 - lo0
2002:e000::/20 ::1 UGRS 0
0 - lo0
2002:ff00::/24 ::1 UGRS 0
0 - lo0
2610:98:0:ffff::/127 link#1 UC 2
0 - sk0
2610:98:8001:1::1 2610:98:8001:1::2 UH 0
0 - tun0
fe80::/10 ::1 UGRS 0
0 - lo0
fe80::%sk0/64 link#1 UC 2
0 - sk0
fe80::%lo0/64 fe80::1%lo0 U 0
0 - lo0
fe80::%tun0/64 fe80::20f:eaff:fef3:87e%tun0 U 0
0 - tun0
fe80::%tun1/64 fe80::20f:eaff:fef3:87e%tun1 U 0
0 - tun1
fec0::/10 ::1 UGRS 0
0 - lo0
ff01::/32 ::1 UC 0
0 - lo0
ff02::%sk0/32 link#1 UC 0
0 - sk0
ff02::%lo0/32 ::1 UC 0
0 - lo0
ff02::%tun0/32 2610:98:8001:1::2 UC 0
0 - tun0
ff02::%tun1/32 fe80::20f:eaff:fef3:87e%tun1 UC 0
0 - tun1
# ifconfig -au
sk0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
address: 00:0f:ea:f3:08:7e
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet 216.46.1.51 netmask 0xffffffc0 broadcast 216.46.1.63
inet6 fe80::20f:eaff:fef3:87e%sk0 prefixlen 64 scopeid 0x1
inet6 2610:98:0:ffff::1 prefixlen 127
lo0: flags=8009<UP,LOOPBACK,MULTICAST> mtu 33192
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
tun0: flags=8011<UP,POINTOPOINT,MULTICAST> mtu 1500
inet6 2610:98:8001:1::2 -> 2610:98:8001:1::1 prefixlen 128
inet6 fe80::20f:eaff:fef3:87e%tun0 -> prefixlen 64 scopeid 0x3
tun1: flags=8011<UP,POINTOPOINT,MULTICAST> mtu 1500
inet 10.0.5.6 -> 10.0.5.1 netmask 0xffffffff
inet6 fe80::20f:eaff:fef3:87e%tun1 -> prefixlen 64 scopeid 0x4
# sysctl net.inet6.ip6
net.inet6.ip6.forwarding = 1
net.inet6.ip6.redirect = 1
net.inet6.ip6.hlim = 64
net.inet6.ip6.maxfragpackets = 200
net.inet6.ip6.accept_rtadv = 0
net.inet6.ip6.keepfaith = 0
net.inet6.ip6.log_interval = 5
net.inet6.ip6.hdrnestlimit = 50
net.inet6.ip6.dad_count = 1
net.inet6.ip6.auto_flowlabel = 1
net.inet6.ip6.defmcasthlim = 1
net.inet6.ip6.gifhlim = 30
net.inet6.ip6.kame_version = NetBSD-current
net.inet6.ip6.use_deprecated = 1
net.inet6.ip6.rr_prune = 5
net.inet6.ip6.v6only = 1
net.inet6.ip6.anonportmin = 49152
net.inet6.ip6.anonportmax = 65535
net.inet6.ip6.lowportmin = 600
net.inet6.ip6.lowportmax = 1023
net.inet6.ip6.maxfrags = 200
net.inet6.ip6.ifq.len = 0
net.inet6.ip6.ifq.maxlen = 256
net.inet6.ip6.ifq.drops = 0
# grep ip6 /etc/rc.conf
ip6mode=router
There is no explicit mention of sk0 in rc.conf, because the code there
adjusts to whatever interface the machine has. Here's the whole file:
if [ -r /etc/defaults/rc.conf ]; then
. /etc/defaults/rc.conf
fi
rc_configured=YES
hostname=Palantir.Rodents-Montreal.ORG
defaultroute=216.46.1.1
defaultroute6=2610:98:0:ffff::
critical_filesystems_local=""
critical_filesystems_remote=""
clear_tmp=NO
update_motd=NO
fixsb=NO
fsck_flags="-f -p"
auto_ifconfig=NO
iface=`ifconfig -l | sed -e 's/ .*//'`
net_interfaces="$iface tun0 tun1"
eval ifconfig_$iface=216.46.1.51/26
eval ifalias_$iface\_1='"inet6 2610:98:0:ffff::1 prefixlen 127"'
ifsetup_pre_tun0="/local/bin/iptunnel -unit 0 -secret @/etc/tunnel-secret-v6
-peer 216.46.5.9 -udp 50751 50751 &"
ifconfig_tun0="inet6 2610:98:8001:1::2 2610:98:8001:1::1 prefixlen 128"
ifsetup_post_tun0="route add -inet6 2610:98:8001:: 2610:98:8001:1::1 -prefixlen
56"
ifsetup_pre_tun1="/local/bin/iptunnel -unit 1 -secret @/etc/tunnel-secret-stone
-peer 216.46.5.9 -tcp-connect 50754 &"
ifconfig_tun1="10.0.5.6 10.0.5.1 netmask 255.255.255.255"
ifsetup_post_tun0="route -n add -net 10.0.0.0 -netmask 255.0.0.0 10.0.5.1
2>/dev/null"
ip6mode=router
ntpdate=YES ntpdate_flags="216.46.5.9"
ntpd=YES
sshd=YES
wscons=YES
sendmail=NO
After "fixing" it with the four-command sequence I gave upthread (and a
few pings being returned):
# ndp -an
Neighbor Linklayer Address Netif Expire S Flags
2610:98:0:ffff:: 00:c0:f0:0c:45:c8 sk0 3s R R
2610:98:0:ffff::1 00:0f:ea:f3:08:7e sk0 permanent R
fe80::20f:eaff:fef3:87e%sk0 00:0f:ea:f3:08:7e sk0 permanent R
# netstat -rLnf inet6
Routing tables
Internet6:
Destination Gateway Flags
Refs Use Mtu Interface
::/104 ::1 UGRS 0
0 - lo0 =>
::/96 ::1 UGRS 0
0 - lo0 =>
default 2610:98:0:ffff:: UGS 1
7 - sk0
::1 ::1 UH 12
0 33192 lo0
::127.0.0.0/104 ::1 UGRS 0
0 - lo0
::224.0.0.0/100 ::1 UGRS 0
0 - lo0
::255.0.0.0/104 ::1 UGRS 0
0 - lo0
::ffff:0.0.0.0/96 ::1 UGRS 0
0 - lo0
2002::/24 ::1 UGRS 0
0 - lo0
2002:7f00::/24 ::1 UGRS 0
0 - lo0
2002:e000::/20 ::1 UGRS 0
0 - lo0
2002:ff00::/24 ::1 UGRS 0
0 - lo0
2610:98:0:ffff::/127 link#1 UC 1
0 - sk0
2610:98:8001:1::1 2610:98:8001:1::2 UH 0
0 - tun0
fe80::/10 ::1 UGRS 0
0 - lo0
fe80::%sk0/64 link#1 UC 1
0 - sk0
fe80::%lo0/64 fe80::1%lo0 U 0
0 - lo0
fe80::%tun0/64 fe80::20f:eaff:fef3:87e%tun0 U 0
0 - tun0
fe80::%tun1/64 fe80::20f:eaff:fef3:87e%tun1 U 0
0 - tun1
fec0::/10 ::1 UGRS 0
0 - lo0
ff01::/32 ::1 UC 0
0 - lo0
ff02::%sk0/32 link#1 UC 0
0 - sk0
ff02::%lo0/32 ::1 UC 0
0 - lo0
ff02::%tun0/32 2610:98:8001:1::2 UC 0
0 - tun0
ff02::%tun1/32 fe80::20f:eaff:fef3:87e%tun1 UC 0
0 - tun1
# ifconfig -au
sk0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
address: 00:0f:ea:f3:08:7e
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet 216.46.1.51 netmask 0xffffffc0 broadcast 216.46.1.63
inet6 fe80::20f:eaff:fef3:87e%sk0 prefixlen 64 scopeid 0x1
inet6 2610:98:0:ffff::1 prefixlen 127
lo0: flags=8009<UP,LOOPBACK,MULTICAST> mtu 33192
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
tun0: flags=8011<UP,POINTOPOINT,MULTICAST> mtu 1500
inet6 2610:98:8001:1::2 -> 2610:98:8001:1::1 prefixlen 128
inet6 fe80::20f:eaff:fef3:87e%tun0 -> prefixlen 64 scopeid 0x3
tun1: flags=8011<UP,POINTOPOINT,MULTICAST> mtu 1500
inet 10.0.5.6 -> 10.0.5.1 netmask 0xffffffff
inet6 fe80::20f:eaff:fef3:87e%tun1 -> prefixlen 64 scopeid 0x4
# sysctl net.inet6.ip6
net.inet6.ip6.forwarding = 1
net.inet6.ip6.redirect = 1
net.inet6.ip6.hlim = 64
net.inet6.ip6.maxfragpackets = 200
net.inet6.ip6.accept_rtadv = 0
net.inet6.ip6.keepfaith = 0
net.inet6.ip6.log_interval = 5
net.inet6.ip6.hdrnestlimit = 50
net.inet6.ip6.dad_count = 1
net.inet6.ip6.auto_flowlabel = 1
net.inet6.ip6.defmcasthlim = 1
net.inet6.ip6.gifhlim = 30
net.inet6.ip6.kame_version = NetBSD-current
net.inet6.ip6.use_deprecated = 1
net.inet6.ip6.rr_prune = 5
net.inet6.ip6.v6only = 1
net.inet6.ip6.anonportmin = 49152
net.inet6.ip6.anonportmax = 65535
net.inet6.ip6.lowportmin = 600
net.inet6.ip6.lowportmax = 1023
net.inet6.ip6.maxfrags = 200
net.inet6.ip6.ifq.len = 0
net.inet6.ip6.ifq.maxlen = 256
net.inet6.ip6.ifq.drops = 0
and the rest, being just extracting text from unchanged files, is the
same.
Extracting the above pieces into files and diffing them, I find that
the only changes are in the routing table. Specifically, a route to
2610:98:0:ffff:: has appeared, and the Refs and/or Use columns have
changed for the routes to default, 2610:98:0:ffff::/127, and
fe80::%sk0/64. But that's it.
And finally, here are the promised diffs to rc.d/network, relative to
3.1's network,v 1.47.2.1. The only thing I see here that looks even
possibly relevant is that I've moved default route installation after,
rather than before, interface alias address setting (I have some
machines whose default and/or default6 (I forget which) goes out an
address configured as an alias.)
--- /dev/fd/4 Wed Aug 18 12:35:48 2004
+++ /dev/fd/5 Wed Aug 18 12:35:48 2004
@@ -184,6 +184,10 @@
fi
echo -n 'Configuring network interfaces:'
for int in $tmp; do
+ eval args=\"\$ifsetup_pre_$int\"
+ if [ -n "$args" ]; then
+ eval "$args"
+ fi
eval args=\$ifconfig_$int
if [ -n "$args" ] || [ -f /etc/ifconfig.$int ]; then
if ifconfig $int create 2>/dev/null && \
@@ -219,39 +223,15 @@
fi
continue
fi
+ eval args=\"\$ifsetup_post_$int\"
+ if [ -n "$args" ]; then
+ eval "$args"
+ fi
configured_interfaces="$configured_interfaces $int"
done
echo "."
fi
- # Check $defaultroute, then /etc/mygate, for the name or address
- # of my IPv4 gateway host. If using a name, that name must be in
- # /etc/hosts.
- #
- if [ -z "$defaultroute" ] && [ -f /etc/mygate ]; then
- defaultroute=$(cat /etc/mygate)
- fi
- if [ -n "$defaultroute" ]; then
- route add default $defaultroute
- fi
-
- # Check $defaultroute6, then /etc/mygate6, for the name or address
- # of my IPv6 gateway host. If using a name, that name must be in
- # /etc/hosts. Note that the gateway host address must be a link-local
- # address if it is not using an stf* interface.
- #
- if [ -z "$defaultroute6" ] && [ -f /etc/mygate6 ]; then
- defaultroute6=$(cat /etc/mygate6)
- fi
- if [ -n "$defaultroute6" ]; then
- if [ "$ip6mode" = "autohost" ]; then
- echo
- warn \
- "ip6mode is set to 'autohost' and a v6 default route is also set."
- fi
- route add -inet6 default $defaultroute6
- fi
-
# Check if each configured interface xxN has an $ifaliases_xxN variable
# associated, then configure additional IP addresses for that interface.
# The variable contains a list of "address netmask" pairs, with
@@ -262,7 +242,7 @@
#
#
if [ -n "$configured_interfaces" ]; then
- echo "Adding interface aliases:"
+ echo -n "Adding interface aliases:"
done_aliases_message=yes
fi
for int in $configured_interfaces; do
@@ -280,6 +260,17 @@
fi
done
fi
+ n=1
+ while :; do
+ eval args=\$ifalias_$int\_$n
+ if [ -n "$args" ]; then
+ ifconfig $int $args alias
+ echo -n \ $int\#$n
+ n=$(($n+1))
+ else
+ break
+ fi
+ done
done
# /etc/ifaliases, if it exists, contains the names of additional IP
@@ -293,9 +284,11 @@
#
if [ -f /etc/ifaliases ]; then
if [ "$done_aliases_message" != yes ]; then
- echo "Adding interface aliases:"
+ echo -n "Adding interface aliases:"
+ done_aliases_message=yes
fi
while read addr int net; do
+ echo -n " $int"
if [ -z "$net" ]; then
# for compatibility only, obsolete
ifconfig $int inet alias $addr
@@ -303,6 +296,38 @@
ifconfig $int inet alias $addr netmask $net
fi
done < /etc/ifaliases
+ fi
+
+ if [ "$done_aliases_message" = "yes" ]; then
+ echo ""
+ fi
+
+ # Check $defaultroute, then /etc/mygate, for the name or address
+ # of my IPv4 gateway host. If using a name, that name must be in
+ # /etc/hosts.
+ #
+ if [ -z "$defaultroute" ] && [ -f /etc/mygate ]; then
+ defaultroute=$(cat /etc/mygate)
+ fi
+ if [ -n "$defaultroute" ]; then
+ route add default $defaultroute
+ fi
+
+ # Check $defaultroute6, then /etc/mygate6, for the name or address
+ # of my IPv6 gateway host. If using a name, that name must be in
+ # /etc/hosts. Note that the gateway host address must be a link-local
+ # address if it is not using an stf* interface.
+ #
+ if [ -z "$defaultroute6" ] && [ -f /etc/mygate6 ]; then
+ defaultroute6=$(cat /etc/mygate6)
+ fi
+ if [ -n "$defaultroute6" ]; then
+ if [ "$ip6mode" = "autohost" ]; then
+ echo
+ warn \
+ "ip6mode is set to 'autohost' and a v6 default route is also set."
+ fi
+ route add -inet6 default $defaultroute6
fi
# IPv6 interface autoconfiguration.
I have hacked on the tun driver, in an attempt to add v6 support; it
works enough to get packets through in the "works" case, but, since my
test pings were from 2610:98:0:ffff:: to 2610:98:0:ffff::1 and thus had
nothing to do with the tun interfaces, I doubt that's relevant. I can
provide those diffs too if you think they might be important, but I
think the chance of that is low enough that I won't clutter this mail
with them. (The setting of MULTICAST was in an attempt to see if that
was relevant to the problem; I first ran into this with a tun version
that didn't set MULTICAST, and my 1.4T tun hacks set MULTICAST and work
fine, so I tried that. Didn't help.)
/~\ The ASCII Mouse
\ / Ribbon Campaign
X Against HTML mouse%rodents-montreal.org@localhost
/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
Home |
Main Index |
Thread Index |
Old Index