|
»
FreeBSD 7.1 IPv6 multihoming problem
|
View:
New views
8 Messages
—
Rating Filter:
Alert me
|
 |
FreeBSD 7.1 IPv6 multihoming problem
by zgabe
::
Rate this Message:
Hi All,
I am using laptop, FreeBSD 7.1 connecting to two ISPs (wlan and ppp) and I have IPv6 addresses. 'netstat -rn' says there is only one default gateway (for example wlan's default gateway). My problem is the following: If I ping the ppp tunnel from an other computer, my laptop recieves the ICMP6 echo request over the ppp tunnel, but it answers over the wlan interface. I read some similar posts (only ipv4) about forwarding with IPFW, but I was unable to solve my problem until now. I built a kernel with the following options: options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_DEFAULT_TO_ACCEPT options IPFIREWALL_FORWARD and put these lines to my rc.conf firewall_enable="YES" firewall_type="open" as the handbook says. I use the following command as root: ipfw add 101 fwd pppgateway ipv6 from pppaddress to any (pppgateway and pppaddress ipv6 addresses) It throws "getsockopt(IP_FW_ADD): Invalid argument" error! I have tried to set the following variables but the problem is still the same. sysctl -w net.inet.ip.forwarding=1 and sysctl -w net.inet6.ip6.forwarding=1 Can anybody help me? |
|
|
Re: FreeBSD 7.1 IPv6 multihoming problem
by Fabian Wenk
::
Rate this Message:
Hello
On 31.03.09 09:51, zgabe wrote: > I use the following command as root: > ipfw add 101 fwd pppgateway ipv6 from pppaddress to any > > (pppgateway and pppaddress ipv6 addresses) > > It throws "getsockopt(IP_FW_ADD): Invalid argument" error! > Thoughts? I do have a similar setup, which works fine with IPv4, but with similar problems on FreeBSD 6.x with IPv6, see "bin/117214: ipfw(8) fwd with IPv6 treats input as IPv4" [1] for the bug report I had submitted. [1] http://www.freebsd.org/cgi/query-pr.cgi?pr=117214 Probably I should try my setup with 7.1 once, currently it is still running with 6.x. bye Fabian _______________________________________________ freebsd-ipfw@... mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@..." |
|
|
Re: FreeBSD 7.1 IPv6 multihoming problem
by Julian Elischer
::
Rate this Message:
zgabe wrote:
> Hi All, > > I am using laptop, FreeBSD 7.1 connecting to two ISPs (wlan and ppp) and I > have IPv6 addresses. 'netstat -rn' says there is only one default gateway > (for example wlan's default gateway). My problem is the following: > If I ping the ppp tunnel from an other computer, my laptop recieves the > ICMP6 echo request over the ppp tunnel, but it answers over the wlan > interface. I read some similar posts (only ipv4) about forwarding with IPFW, > but I was unable to solve my problem until now. > > I built a kernel with the following options: > options IPFIREWALL > options IPFIREWALL_VERBOSE > options IPFIREWALL_DEFAULT_TO_ACCEPT > options IPFIREWALL_FORWARD > > and put these lines to my rc.conf > firewall_enable="YES" > firewall_type="open" > > as the handbook says. > > I use the following command as root: > ipfw add 101 fwd pppgateway ipv6 from pppaddress to any > > (pppgateway and pppaddress ipv6 addresses) > > It throws "getsockopt(IP_FW_ADD): Invalid argument" error! > > I have tried to set the following variables but the problem is still the > same. > sysctl -w net.inet.ip.forwarding=1 and > sysctl -w net.inet6.ip6.forwarding=1 > > Can anybody help me? > the theory with multihoming is that unless you are the holder of a class-C (/24) you basically have to do it using NAT. You have to make some subset of your traffic use one NAT while the remainder uses another (or is untranslated). Unfortunately we don't have NAT for IPV6. I don't know how that gets solved.. _______________________________________________ freebsd-ipfw@... mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@..." |
|
|
Re: FreeBSD 7.1 IPv6 multihoming problem
by giuliano
::
Rate this Message:
Sorry Julian, I wrongly sent my reply to you!
On T 31 Mar, 2009, at 22:38 , Julian Elischer wrote: > zgabe wrote: >> Hi All, I am using laptop, FreeBSD 7.1 connecting to two ISPs (wlan >> and ppp) and I >> have IPv6 addresses. 'netstat -rn' says there is only one default >> gateway >> (for example wlan's default gateway). My problem is the following: >> If I ping the ppp tunnel from an other computer, my laptop recieves >> the >> ICMP6 echo request over the ppp tunnel, but it answers over the wlan >> interface. I read some similar posts (only ipv4) about forwarding >> with IPFW, >> but I was unable to solve my problem until now. > > > the theory with multihoming is that unless you are the holder of a > class-C (/24) you basically have to do it using NAT. > You have to make some subset of your traffic use one NAT while the > remainder uses another (or is untranslated). > Unfortunately we don't have NAT for IPV6. I don't know how that > gets solved.. I am not sure I understand how NAT would solve the routing problem. Doesn't a packet have the next hop set according to the destination, that is anything not for a locally attached network will go to the default router? Zgabe is correct in trying to use fwd, I use that to route packets according to the source. I use this method, in ipv4, although perhaps too intrusively as I also fwd packets that should go to the default route (which could be instead just accept'ed), but this is another topic. For zgabe problem, aren't packets coming from the pppaddress going through the ppp interface. So why don't you try to select them by the interface (and the direction they go through it, as in out xmit ppp) rather than by protocol? Not sure how will you enter an ipv6 address as a forwarding one, it does not work on my setup (macos). g _______________________________________________ freebsd-ipfw@... mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@..." |
|
|
Re: FreeBSD 7.1 IPv6 multihoming problem
by zgabe
::
Rate this Message:
Hi guys! I attached my testbed! It's a small testbed, I don't need to look
onto the internet. The wlan gets an address from 2001:738:2001:2082::/64 The phone gets an address from 2001:738:2001:20a9::/64 The server in the 2001:738:2001:2081:/64 network. I would like to make some SCTP failover measurement between the laptop and SCTP server. I need a solution where the packets go via the proper interfaces. (ipfw fwd doesn't work) Static routes don't operate, because the packets always out on the default gateway. I work on my thesis and I haven't got too much time. Can you explain an exact solution? Regards Gábor Zöld 2009/4/1 Giuliano Gavazzi <dev+lists@... <dev%2Blists@...>> > Sorry Julian, I wrongly sent my reply to you! > > On T 31 Mar, 2009, at 22:38 , Julian Elischer wrote: > > zgabe wrote: >> >>> Hi All, I am using laptop, FreeBSD 7.1 connecting to two ISPs (wlan and >>> ppp) and I >>> have IPv6 addresses. 'netstat -rn' says there is only one default gateway >>> (for example wlan's default gateway). My problem is the following: If I >>> ping the ppp tunnel from an other computer, my laptop recieves the >>> ICMP6 echo request over the ppp tunnel, but it answers over the wlan >>> interface. I read some similar posts (only ipv4) about forwarding with >>> IPFW, >>> but I was unable to solve my problem until now. >>> >> >> [...] > >> >> the theory with multihoming is that unless you are the holder of a class-C >> (/24) you basically have to do it using NAT. >> You have to make some subset of your traffic use one NAT while the >> remainder uses another (or is untranslated). >> Unfortunately we don't have NAT for IPV6. I don't know how that >> gets solved.. >> > > I am not sure I understand how NAT would solve the routing problem. Doesn't > a packet have the next hop set according to the destination, that is > anything not for a locally attached network will go to the default router? > Zgabe is correct in trying to use fwd, I use that to route packets > according to the source. I use this method, in ipv4, although perhaps too > intrusively as I also fwd packets that should go to the default route (which > could be instead just accept'ed), but this is another topic. > > For zgabe problem, aren't packets coming from the pppaddress going through > the ppp interface. So why don't you try to select them by the interface (and > the direction they go through it, as in out xmit ppp) rather than by > protocol? Not sure how will you enter an ipv6 address as a forwarding one, > it does not work on my setup (macos). > > g > _______________________________________________ freebsd-ipfw@... mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@..." |
|
|
Re: FreeBSD 7.1 IPv6 multihoming problem
by giuliano
::
Rate this Message:
On T 2 Apr, 2009, at 11:02 , Zöld wrote: > Hi guys! I attached my testbed! It's a small testbed, I don't need > to look > onto the internet. The wlan gets an address from > 2001:738:2001:2082::/64 The > phone gets an address from 2001:738:2001:20a9::/64 The server in the > 2001:738:2001:2081:/64 network. > I would like to make some SCTP failover measurement between the > laptop and > SCTP server. I need a solution where the packets go via the proper > interfaces. (ipfw fwd doesn't work) > Static routes don't operate, because the packets always out on the > default > gateway. > I work on my thesis and I haven't got too much time. Can you explain > an > exact solution? what I called routing a packet according to source, seems to be a well know (so to speak) thing: policy based routing: http://en.wikipedia.org/wiki/Policy-based_routing that, apart from ipfw fwd (for ipv4) is supported (more finely) by linux (with some bugs) and Cisco IOS (with more than some bugs I suppose...) So, since you have a cisco somewhere, go and read: http://www.cisco.com/en/US/docs/ios/12_0/qos/configuration/guide/qcpolicy.html towards the end there is even a specific example for "ow to route traffic from different sources to different places (next hops)" Thank you for making me look for this info, as I had already to patch macosx ipfw (the kernel really), to make fwd functional, but with this I will be able to do it in the cisco router, and leave the kernel alone... Giuliano_______________________________________________ freebsd-ipfw@... mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@..." |
|
|
Re: FreeBSD 7.1 IPv6 multihoming problem
by zgabe
::
Rate this Message:
Hi all!
I think my problem is solved. As I mentioned earlier the ipfw fwd hasn't got any effect (under FreeBSD 7.1), but pf (packet filter) can forward among the interfaces too. Here are the commands: kldload pf /etc/pf.conf: pass out quick route-to (interface1_name gateway1_address) from interface1_address to any pass out quick route-to (interface2_name gateway2_address) from interface2_address to any pf -e -f /etc/pf.conf Now the packets leave the computer over the proper interface independent of the default gateway. Thanks to everyone for the help! _______________________________________________ freebsd-ipfw@... mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@..." |
|
|
Re: FreeBSD 7.1 IPv6 multihoming problem
by giuliano
::
Rate this Message:
On T 7 Apr, 2009, at 10:37 , Zöld wrote: > Hi all! > > I think my problem is solved. As I mentioned earlier the ipfw fwd > hasn't got > any effect (under FreeBSD 7.1), but pf (packet filter) can forward > among the > interfaces too. > > Here are the commands: > kldload pf > > /etc/pf.conf: > pass out quick route-to (interface1_name gateway1_address) from > interface1_address to any > pass out quick route-to (interface2_name gateway2_address) from > interface2_address to any > > pf -e -f /etc/pf.conf > > Now the packets leave the computer over the proper interface > independent of > the default gateway. very good! unfortunately pf hasn't been ported to the macosx kernel yet... Just a warning, on MacOS X I had kernel panics, when reloading rules, in some place inherited from BSD (netinet/ip_fw2.c) and I think they were triggered by a fwd to the default gateway. In other words, if a packet does not need to be re-routed (that is it should go to the default gateway), do not use a fwd, make it an allow rule instead (don't know what this is called in pf... pass) as this will have the same net effect. I might be completely wrong about this panic and might not apply to FreeBSD or pf, of course, but still I see no point in routing explicitly what will be routed correctly anyway. Giuliano_______________________________________________ freebsd-ipfw@... mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@..." |
| Free embeddable forum powered by Nabble | Forum Help |
