Re: Should I be using ipv6_activate_all_interfaces or ip6addrctl_policy=ipv6_prefer
On Wed, Aug 27, 2014 at 11:59:25AM +, Bjoern A. Zeeb wrote: On 27 Aug 2014, at 06:31 , Jonathan Price free...@jonathanprice.org wrote: On 2014-08-27 01:40, Peter Wemm wrote: On Tuesday 26 August 2014 10:40:27 free...@jonathanprice.org wrote: Hello, I am configuring a server with IPv4 and IPv6 addresses and have noticed that FreeBSD seems to be preferring IPv4, such as when establishing SSH connections. After reading through /etc/defaults/rc.conf, and later /etc/rc.d/ip6addrctl I have come to the conclusion that I have two ways to tell FreeBSD to prefer IPv6: 1) Add ipv6_activate_all_interfaces to /etc/rc.conf 2) Add ip6addrctl_policy=ipv6_prefer to /etc/rc.conf ... However, it does sound like for my purposes it would make more sense to use ip6addrctl_policy=?ipv6_prefer as that is more explicitly the feature I want, rather than getting it inadvertently through the other knob. Yes. Definitively. I am not sure if it has happened but if IPv6 config is configured through rc.conf that setting should be(come) default. It does not seem so yet (anymore, it was like that many moons ago). A new install of 11-current, with the following in rc.conf: # hostname=fbsd-11-test ifconfig_em0=DHCP ifconfig_em0_ipv6=inet6 accept_rtadv sshd_enable=YES # Output of ip6addrctl: # jhay@fbsd-11-test:~ % ip6addrctl Prefix Prec Label Use ::1/128 50 00 ::/0 40 1 13 :::0.0.0.0/96100 40 2002::/16 30 20 2001::/32 5 50 fc00::/7 3130 ::/96 1 30 fec0::/10 1110 3ffe::/16 1120 jhay@fbsd-11-test:~ % # telnet to a machine with both ipv6 and ipv4 addresses: # jhay@fbsd-11-test:~ % telnet dolphin Trying 146.64.28.14... telnet: connect to address 146.64.28.14: Connection refused Trying 2001:4200:7000:3:223:aeff:fea5:ef... telnet: connect to address 2001:4200:7000:3:223:aeff:fea5:ef: Connection refused telnet: Unable to connect to remote host jhay@fbsd-11-test:~ % # I think if an IPv6 address is configured on a machine, it should prefer ipv6 addresses. That would match what the rest are doing. All mine do. As the default, I used the same settings you used above (minus the DHCP). Only difference I can see, is that I use STATIC (IPv4 IPv6), and a default (IPv4 IPv6) gateway. If I telnet/ftp/ssh to any of my hosts, IPv6 is always attempted first (opposite of your output above). This was also the case, when I didn't enter a specific IP in the rc.conf(5). With only the gateway IP address (IPv4), and an IPv4 address for the I. If I chose ipv6_activate_all_interfaces=YES or xxx_ipv6=inet6 accept_rtadv I always got the coreect IPv6 address, and connection attempts always began with IPv6 chosen. I don't know if any of this helps. But thought at least sharing another experience might. Best wishes. --Chris Regards John -- John Hay -- j...@meraka.csir.co.za / j...@meraka.org.za ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to freebsd-net-unsubscr...@freebsd.org ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to freebsd-net-unsubscr...@freebsd.org
Re: Should I be using ipv6_activate_all_interfaces or ip6addrctl_policy=ipv6_prefer
On Wed, Aug 27, 2014 at 11:59:25AM +, Bjoern A. Zeeb wrote: On 27 Aug 2014, at 06:31 , Jonathan Price free...@jonathanprice.org wrote: On 2014-08-27 01:40, Peter Wemm wrote: On Tuesday 26 August 2014 10:40:27 free...@jonathanprice.org wrote: Hello, I am configuring a server with IPv4 and IPv6 addresses and have noticed that FreeBSD seems to be preferring IPv4, such as when establishing SSH connections. After reading through /etc/defaults/rc.conf, and later /etc/rc.d/ip6addrctl I have come to the conclusion that I have two ways to tell FreeBSD to prefer IPv6: 1) Add ipv6_activate_all_interfaces to /etc/rc.conf 2) Add ip6addrctl_policy=ipv6_prefer to /etc/rc.conf ... However, it does sound like for my purposes it would make more sense to use ip6addrctl_policy=?ipv6_prefer as that is more explicitly the feature I want, rather than getting it inadvertently through the other knob. Yes. Definitively. I am not sure if it has happened but if IPv6 config is configured through rc.conf that setting should be(come) default. It does not seem so yet (anymore, it was like that many moons ago). A new install of 11-current, with the following in rc.conf: # hostname=fbsd-11-test ifconfig_em0=DHCP ifconfig_em0_ipv6=inet6 accept_rtadv sshd_enable=YES # Output of ip6addrctl: # jhay@fbsd-11-test:~ % ip6addrctl Prefix Prec Label Use ::1/128 50 00 ::/0 40 1 13 :::0.0.0.0/96100 40 2002::/16 30 20 2001::/32 5 50 fc00::/7 3130 ::/96 1 30 fec0::/10 1110 3ffe::/16 1120 jhay@fbsd-11-test:~ % # telnet to a machine with both ipv6 and ipv4 addresses: # jhay@fbsd-11-test:~ % telnet dolphin Trying 146.64.28.14... telnet: connect to address 146.64.28.14: Connection refused Trying 2001:4200:7000:3:223:aeff:fea5:ef... telnet: connect to address 2001:4200:7000:3:223:aeff:fea5:ef: Connection refused telnet: Unable to connect to remote host jhay@fbsd-11-test:~ % # I think if an IPv6 address is configured on a machine, it should prefer ipv6 addresses. That would match what the rest are doing. Regards John -- John Hay -- j...@meraka.csir.co.za / j...@meraka.org.za ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to freebsd-net-unsubscr...@freebsd.org
Re: Should I be using ipv6_activate_all_interfaces or ip6addrctl_policy=ipv6_prefer
John Hay j...@meraka.org.za wrote in 20140829101707.ga83...@zibbi.meraka.csir.co.za: jh On Wed, Aug 27, 2014 at 11:59:25AM +, Bjoern A. Zeeb wrote: jh jh On 27 Aug 2014, at 06:31 , Jonathan Price free...@jonathanprice.org jh wrote: jh jh On 2014-08-27 01:40, Peter Wemm wrote: jh On Tuesday 26 August 2014 10:40:27 free...@jonathanprice.org wrote: jh Hello, jh jh I am configuring a server with IPv4 and IPv6 addresses and have jh noticed that jh FreeBSD seems to be preferring IPv4, such as when establishing SSH jh connections. jh jh After reading through /etc/defaults/rc.conf, and later jh /etc/rc.d/ip6addrctl jh I have come to the conclusion that I have two ways to tell FreeBSD to jh prefer IPv6: jh jh 1) Add ipv6_activate_all_interfaces to /etc/rc.conf jh 2) Add ip6addrctl_policy=ipv6_prefer to /etc/rc.conf jh jh ... jh However, it does sound like for my purposes it would make more sense jh to use ip6addrctl_policy=?ipv6_prefer as that is more explicitly the jh feature I want, rather than getting it inadvertently through the other jh knob. jh jh Yes. Definitively. I am not sure if it has happened but if IPv6 jh config is configured through rc.conf that setting should be(come) jh default. jh jh jh It does not seem so yet (anymore, it was like that many moons ago). A jh new ... jh I think if an IPv6 address is configured on a machine, it should jh prefer ipv6 jh addresses. That would match what the rest are doing. True at this moment. I have a patch to make it set ipv6_prefer when at least one ifconfig_IF_ipv6 is configured. Is there any objection to commit this? I had hesitated to add this for a technical reason which was eliminated by adding list_vars(). -- Hiroki Index: rc.d/ip6addrctl === --- rc.d/ip6addrctl (revision 270577) +++ rc.d/ip6addrctl (working copy) @@ -75,6 +75,8 @@ else if checkyesno ipv6_activate_all_interfaces; then ip6addrctl_prefer_ipv6 + elif [ -n $(list_vars ifconfig_\*_ipv6) ]; then +ip6addrctl_prefer_ipv6 else ip6addrctl_prefer_ipv4 fi pgpS4NlsKU7Xl.pgp Description: PGP signature
Re: Should I be using ipv6_activate_all_interfaces or ip6addrctl_policy=ipv6_prefer
On Saturday 30 August 2014 00:41:56 Hiroki Sato wrote: John Hay j...@meraka.org.za wrote in 20140829101707.ga83...@zibbi.meraka.csir.co.za: jh On Wed, Aug 27, 2014 at 11:59:25AM +, Bjoern A. Zeeb wrote: jh jh On 27 Aug 2014, at 06:31 , Jonathan Price free...@jonathanprice.org jh wrote: jh jh On 2014-08-27 01:40, Peter Wemm wrote: jh On Tuesday 26 August 2014 10:40:27 free...@jonathanprice.org wrote: jh Hello, jh jh I am configuring a server with IPv4 and IPv6 addresses and have jh noticed that jh FreeBSD seems to be preferring IPv4, such as when establishing SSH jh connections. jh jh After reading through /etc/defaults/rc.conf, and later jh /etc/rc.d/ip6addrctl jh I have come to the conclusion that I have two ways to tell FreeBSD to jh prefer IPv6: jh jh 1) Add ipv6_activate_all_interfaces to /etc/rc.conf jh 2) Add ip6addrctl_policy=ipv6_prefer to /etc/rc.conf jh jh ... jh However, it does sound like for my purposes it would make more sense jh to use ip6addrctl_policy=?ipv6_prefer as that is more explicitly the jh feature I want, rather than getting it inadvertently through the other jh knob. jh jh Yes. Definitively. I am not sure if it has happened but if IPv6 jh config is configured through rc.conf that setting should be(come) jh default. jh jh jh It does not seem so yet (anymore, it was like that many moons ago). A jh new ... jh I think if an IPv6 address is configured on a machine, it should jh prefer ipv6 jh addresses. That would match what the rest are doing. True at this moment. I have a patch to make it set ipv6_prefer when at least one ifconfig_IF_ipv6 is configured. Is there any objection to commit this? I had hesitated to add this for a technical reason which was eliminated by adding list_vars(). -- Hiroki I understand the hesitation. There has long been a problem of people only half configuring ipv6, or enabling it without having connectivity. Or people listing records without being reachable. However, we have run the freebsd.org cluster with prefer_ipv6 for two years now (likewise, I've done the same at home) and no insurmountable issues have occurred. There are enough people pushing ipv6 and using it on a daily basis now that the old half-configured problems are fairly quickly noticed. I think we could turn it on by default now, as your patch does. And it will still be able to be disabled. -- Peter Wemm - pe...@wemm.org; pe...@freebsd.org; pe...@yahoo-inc.com; KI6FJV UTF-8: for when a ' or ... just won\342\200\231t do\342\200\246 signature.asc Description: This is a digitally signed message part.
Re: Should I be using ipv6_activate_all_interfaces or ip6addrctl_policy=ipv6_prefer
On Sat, Aug 30, 2014 at 12:41:56AM +0900, Hiroki Sato wrote: John Hay j...@meraka.org.za wrote in 20140829101707.ga83...@zibbi.meraka.csir.co.za: jh On Wed, Aug 27, 2014 at 11:59:25AM +, Bjoern A. Zeeb wrote: jh jh On 27 Aug 2014, at 06:31 , Jonathan Price free...@jonathanprice.org jh wrote: jh jh On 2014-08-27 01:40, Peter Wemm wrote: jh On Tuesday 26 August 2014 10:40:27 free...@jonathanprice.org wrote: jh Hello, jh jh I am configuring a server with IPv4 and IPv6 addresses and have jh noticed that jh FreeBSD seems to be preferring IPv4, such as when establishing SSH jh connections. jh jh After reading through /etc/defaults/rc.conf, and later jh /etc/rc.d/ip6addrctl jh I have come to the conclusion that I have two ways to tell FreeBSD to jh prefer IPv6: jh jh 1) Add ipv6_activate_all_interfaces to /etc/rc.conf jh 2) Add ip6addrctl_policy=ipv6_prefer to /etc/rc.conf jh jh ... jh However, it does sound like for my purposes it would make more sense jh to use ip6addrctl_policy=?ipv6_prefer as that is more explicitly the jh feature I want, rather than getting it inadvertently through the other jh knob. jh jh Yes. Definitively. I am not sure if it has happened but if IPv6 jh config is configured through rc.conf that setting should be(come) jh default. jh jh jh It does not seem so yet (anymore, it was like that many moons ago). A jh new ... jh I think if an IPv6 address is configured on a machine, it should jh prefer ipv6 jh addresses. That would match what the rest are doing. True at this moment. I have a patch to make it set ipv6_prefer when at least one ifconfig_IF_ipv6 is configured. Is there any objection to commit this? I had hesitated to add this for a technical reason which was eliminated by adding list_vars(). No objection from my side. :-) It would have been great to also have it in 10 at some stage, but maybe that is rocking the boat too much. :-) I can maybe just tell about my experience. In our organisation there are about 300 people. About 2/3 are MS Windows and maybe 1/4 are linux and a few are FreeBSD. Oh there are a few Macs too. Our network is dual stacked. On the MS Windows, linux and Mac boxes nothing gets done, they just pick up IPv6 and work. On every FreeBSD box I have to switch on IPv6. A third of our internet traffic is IPv6 already. Regards John -- John Hay -- j...@meraka.csir.co.za / j...@meraka.org.za ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to freebsd-net-unsubscr...@freebsd.org
Re: Should I be using ipv6_activate_all_interfaces or ip6addrctl_policy=ipv6_prefer
On 2014-08-27 01:40, Peter Wemm wrote: On Tuesday 26 August 2014 10:40:27 free...@jonathanprice.org wrote: Hello, I am configuring a server with IPv4 and IPv6 addresses and have noticed that FreeBSD seems to be preferring IPv4, such as when establishing SSH connections. After reading through /etc/defaults/rc.conf, and later /etc/rc.d/ip6addrctl I have come to the conclusion that I have two ways to tell FreeBSD to prefer IPv6: 1) Add ipv6_activate_all_interfaces to /etc/rc.conf 2) Add ip6addrctl_policy=ipv6_prefer to /etc/rc.conf Could anybody with a little more knowledge on the matter explain to me which of the two options is more preferential? They both do different things. The activate knob is to enable ipv6 on an interface. To oversimplify it, if you configure an address on an interface, it is enabled. However, this switch enables this on all the rest of the interfaces, even the ones you didn't configure. ip6addrctl* affects things like hostname lookups to sort the addresses returned to the caller. They are different things entirely. I think you are expecting the behavior that ip6_prefer policy gives you. That's what we use in the freebsd.org cluster to have it use ipv6 where possible. Hi, and thanks for the response. Would it be possible to go into a little detail as to what ipv6_activate_all_interfaces=YES does to interfaces which don't explicitly have an address configured? I can't appear to find much information on this option. However, it does sound like for my purposes it would make more sense to use ip6addrctl_policy=ipv6_prefer as that is more explicitly the feature I want, rather than getting it inadvertently through the other knob. As to Kevin's question, I have working IPv6 connectivity both with and without the knobs in mention, it's just that certain applications which can use both IPv4 and IPv6 (such as SSH), won't use IPv6 unless explicitly told to (with -6 in this example), or one of the above tunables is used. ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to freebsd-net-unsubscr...@freebsd.org
Re: Should I be using ipv6_activate_all_interfaces or ip6addrctl_policy=ipv6_prefer
On Tue, Aug 26, 2014 at 11:31 PM, Jonathan Price free...@jonathanprice.org wrote: On 2014-08-27 01:40, Peter Wemm wrote: On Tuesday 26 August 2014 10:40:27 free...@jonathanprice.org wrote: Hello, I am configuring a server with IPv4 and IPv6 addresses and have noticed that FreeBSD seems to be preferring IPv4, such as when establishing SSH connections. After reading through /etc/defaults/rc.conf, and later /etc/rc.d/ip6addrctl I have come to the conclusion that I have two ways to tell FreeBSD to prefer IPv6: 1) Add ipv6_activate_all_interfaces to /etc/rc.conf 2) Add ip6addrctl_policy=ipv6_prefer to /etc/rc.conf Could anybody with a little more knowledge on the matter explain to me which of the two options is more preferential? They both do different things. The activate knob is to enable ipv6 on an interface. To oversimplify it, if you configure an address on an interface, it is enabled. However, this switch enables this on all the rest of the interfaces, even the ones you didn't configure. ip6addrctl* affects things like hostname lookups to sort the addresses returned to the caller. They are different things entirely. I think you are expecting the behavior that ip6_prefer policy gives you. That's what we use in the freebsd.org cluster to have it use ipv6 where possible. Hi, and thanks for the response. Would it be possible to go into a little detail as to what ipv6_activate_all_interfaces=YES does to interfaces which don't explicitly have an address configured? I can't appear to find much information on this option. However, it does sound like for my purposes it would make more sense to use ip6addrctl_policy=ipv6_prefer as that is more explicitly the feature I want, rather than getting it inadvertently through the other knob. As to Kevin's question, I have working IPv6 connectivity both with and without the knobs in mention, it's just that certain applications which can use both IPv4 and IPv6 (such as SSH), won't use IPv6 unless explicitly told to (with -6 in this example), or one of the above tunables is used While doubting Peter's networking answers is usually foolish, I think this one is at least a bit misleading. As he says, ipv6_activate_all_interfaces=YES will set all interfaces on the system to -ifdisable which, since it is an IPv6 option, will enable IPv6 on all interfaces. NO will disable IPv6 on all interfaces. But it is related to ipaddrctl_policy as it will set ipaddrctl_policy to ipv6_prefer if no explicit setting overrides it. So IPv6 is working, and ssh -6 does use IPv6. I'd still like to see the output of ip6addrctl. It should look like: ::1/128 50 0 ::/0 40 1 :::0:0/9635 4 2002::/1630 2 2001::/32 5 5 fc00::/7 3 13 ::/96 1 3 fec0::/10 1 11 3ffe::/16 1 12 For more explanation, look at /etc/rc.d/ip6addrctl and /etc/network.subr. The list of prefixes set by it should match what I list above. If 'ipv6_activate_all_interfaces=NO', or ipaddrctl_policy=ipv4_prefer, you should get: ::1/128 50 0 ::/0 40 1 :::0:0/96 100 4 2002::/1630 2 2001::/32 5 5 fc00::/7 3 13 ::/96 1 3 fec0::/10 1 11 3ffe::/16 1 12 Any other output indicates manual setting of the policy. the magic is the precedence of :::0:0/96 which is an odd way of saying IPv4. I generally recommend ipv6_activate_all. Now I fear Peter will explain how I have misread the code. -- R. Kevin Oberman, Network Engineer, Retired E-mail: rkober...@gmail.com ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to freebsd-net-unsubscr...@freebsd.org
Re: Should I be using ipv6_activate_all_interfaces or ip6addrctl_policy=ipv6_prefer
While doubting Peter's networking answers is usually foolish, I think this one is at least a bit misleading. As he says, ipv6_activate_all_interfaces=YES will set all interfaces on the system to -ifdisable which, since it is an IPv6 option, will enable IPv6 on all interfaces. NO will disable IPv6 on all interfaces. But it is related to ipaddrctl_policy as it will set ipaddrctl_policy to ipv6_prefer if no explicit setting overrides it. So IPv6 is working, and ssh -6 does use IPv6. I'd still like to see the output of ip6addrctl. It should look like: ::1/128 50 0 ::/0 40 1 :::0:0/96 35 4 2002::/16 30 2 2001::/32 5 5 fc00::/7 3 13 ::/96 1 3 fec0::/10 1 11 3ffe::/16 1 12 For more explanation, look at /etc/rc.d/ip6addrctl and /etc/network.subr. The list of prefixes set by it should match what I list above. If 'ipv6_activate_all_interfaces=NO', or ipaddrctl_policy=ipv4_prefer, you should get: ::1/128 50 0 ::/0 40 1 :::0:0/96 100 4 2002::/16 30 2 2001::/32 5 5 fc00::/7 3 13 ::/96 1 3 fec0::/10 1 11 3ffe::/16 1 12 Any other output indicates manual setting of the policy. the magic is the precedence of :::0:0/96 which is an odd way of saying IPv4. I generally recommend ipv6_activate_all. Now I fear Peter will explain how I have misread the code. Please excuse me if I'm wrong, but I think ipv6_activate_all_interfaces=NO only ifdisable's interfaces which don't explicitly have an ifconfig_IF_ipv6 line. Partly because it's set to NO by default, and partly because of the following extract from /etc/defaults/rc.conf: If NO, interfaces which have no corresponding $ifconfig_IF_ipv6 is marked as IFDISABLED for security reason. This being the case, what exactly does the ifdisable stop the interface doing if it doesn't have an address anyway? Yes, I'd also noticed /etc/rc.d/ip6addrctl, that's actually what got me curious about this in the first place, as I could essentially achieve my desired effect with both ipv6_activate_all_interfaces=YES and ip6addrctl_policy=ipv6_prefer. Sure, below is the output of ip6addrctl from a server without either tunable (meaning, both were removed from rc.conf completely): Prefix Prec Label Use ::1/128 50 00 ::/0 40 1 90 :::0.0.0.0/96100 40 2002::/16 30 20 2001::/32 5 50 fc00::/7 3130 ::/96 1 30 fec0::/10 1110 3ffe::/16 1120 Below is the output of ip6addrctl after rebooting with just ipv6_activate_all_interfaces=YES Prefix Prec Label Use ::1/128 50 00 ::/0 40 1 68 :::0.0.0.0/96 35 40 2002::/16 30 20 2001::/32 5 50 fc00::/7 3130 ::/96 1 30 fec0::/10 1110 3ffe::/16 1120 And finally, below is the output of ip6addrctl after rebooting with just ip6addrctl_policy=ipv6_prefer Prefix Prec Label Use ::1/128 50 00 ::/0 40 1 72 :::0.0.0.0/96 35 40 2002::/16 30 20 2001::/32 5 50 fc00::/7 3130 ::/96 1 30 fec0::/10 1110 3ffe::/16 1120 So that does prove that, at least for the purposes of ip6addrctl, the two tunables are performing the same function. ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to freebsd-net-unsubscr...@freebsd.org
Re: Should I be using ipv6_activate_all_interfaces or ip6addrctl_policy=ipv6_prefer
On 27 Aug 2014, at 06:31 , Jonathan Price free...@jonathanprice.org wrote: On 2014-08-27 01:40, Peter Wemm wrote: On Tuesday 26 August 2014 10:40:27 free...@jonathanprice.org wrote: Hello, I am configuring a server with IPv4 and IPv6 addresses and have noticed that FreeBSD seems to be preferring IPv4, such as when establishing SSH connections. After reading through /etc/defaults/rc.conf, and later /etc/rc.d/ip6addrctl I have come to the conclusion that I have two ways to tell FreeBSD to prefer IPv6: 1) Add ipv6_activate_all_interfaces to /etc/rc.conf 2) Add ip6addrctl_policy=ipv6_prefer to /etc/rc.conf Could anybody with a little more knowledge on the matter explain to me which of the two options is more preferential? They both do different things. The activate knob is to enable ipv6 on an interface. To oversimplify it, if you configure an address on an interface, it is enabled. However, this switch enables this on all the rest of the interfaces, even the ones you didn't configure. ip6addrctl* affects things like hostname lookups to sort the addresses returned to the caller. They are different things entirely. I think you are expecting the behavior that ip6_prefer policy gives you. That's what we use in the freebsd.org cluster to have it use ipv6 where possible. Hi, and thanks for the response. Would it be possible to go into a little detail as to what ipv6_activate_all_interfaces=YES does to interfaces which don't explicitly have an address configured? I can’t appear to find much information on this option. man rc.conf has a description (which I should probably read myself;-) in case that gets you a bit further. I think it’s a “backward compat helper” to the old ipv6_enable=“YES” switch which existed before we could enable IPv6 on a per-interface base. However, it does sound like for my purposes it would make more sense to use ip6addrctl_policy=“ipv6_prefer as that is more explicitly the feature I want, rather than getting it inadvertently through the other knob. Yes. Definitively. I am not sure if it has happened but if IPv6 config is configured through rc.conf that setting should be(come) default. Bjoern — Bjoern A. Zeeb Come on. Learn, goddamn it., WarGames, 1983 ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to freebsd-net-unsubscr...@freebsd.org
Re: Should I be using ipv6_activate_all_interfaces or ip6addrctl_policy=ipv6_prefer
On Wed, Aug 27, 2014 at 1:20 AM, free...@jonathanprice.org wrote: While doubting Peter's networking answers is usually foolish, I think this one is at least a bit misleading. As he says, ipv6_activate_all_interfaces=YES will set all interfaces on the system to -ifdisable which, since it is an IPv6 option, will enable IPv6 on all interfaces. NO will disable IPv6 on all interfaces. But it is related to ipaddrctl_policy as it will set ipaddrctl_policy to ipv6_prefer if no explicit setting overrides it. So IPv6 is working, and ssh -6 does use IPv6. I'd still like to see the output of ip6addrctl. It should look like: ::1/128 50 0 ::/0 40 1 :::0:0/96 35 4 2002::/16 30 2 2001::/32 5 5 fc00::/7 3 13 ::/96 1 3 fec0::/10 1 11 3ffe::/16 1 12 For more explanation, look at /etc/rc.d/ip6addrctl and /etc/network.subr. The list of prefixes set by it should match what I list above. If 'ipv6_activate_all_interfaces=NO', or ipaddrctl_policy=ipv4_prefer, you should get: ::1/128 50 0 ::/0 40 1 :::0:0/96 100 4 2002::/16 30 2 2001::/32 5 5 fc00::/7 3 13 ::/96 1 3 fec0::/10 1 11 3ffe::/16 1 12 Any other output indicates manual setting of the policy. the magic is the precedence of :::0:0/96 which is an odd way of saying IPv4. I generally recommend ipv6_activate_all. Now I fear Peter will explain how I have misread the code. Please excuse me if I'm wrong, but I think ipv6_activate_all_interfaces=NO only ifdisable's interfaces which don't explicitly have an ifconfig_IF_ipv6 line. Partly because it's set to NO by default, and partly because of the following extract from /etc/defaults/rc.conf: If NO, interfaces which have no corresponding $ifconfig_IF_ipv6 is marked as IFDISABLED for security reason. This being the case, what exactly does the ifdisable stop the interface doing if it doesn't have an address anyway? I was over-simplifying and, as you state, any interface explicitly configured for IPv6 will have IPv6 disabled. Those with explicit IPv6 configuration will not be disabled. Most end-user systems are NOT configured with an address. In most cases SLAAC (and, perhaps DHCPv6) along with things like NDP and RTSOL do allof hte configuration. If ipv6_activate_)all_interfaces is NO, only explicitly configured interfaces will run IPv6. If it i YES, any interface with no explicit configuration will auto-configure and run IPv6. The system I am typing this on is entirely auto-configured as are almost all Windows systems running 7 or 8. (Maybe Vista, too. Don't recall.) -- R. Kevin Oberman, Network Engineer, Retired E-mail: rkober...@gmail.com ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to freebsd-net-unsubscr...@freebsd.org
Re: Should I be using ipv6_activate_all_interfaces or ip6addrctl_policy=ipv6_prefer
I was over-simplifying and, as you state, any interface explicitly configured for IPv6 will have IPv6 disabled. Those with explicit IPv6 configuration will not be disabled. Most end-user systems are NOT configured with an address. In most cases SLAAC (and, perhaps DHCPv6) along with things like NDP and RTSOL do allof hte configuration. If ipv6_activate_)all_interfaces is NO, only explicitly configured interfaces will run IPv6. If it i YES, any interface with no explicit configuration will auto-configure and run IPv6. The system I am typing this on is entirely auto-configured as are almost all Windows systems running 7 or 8. (Maybe Vista, too. Don't recall.) -- R. Kevin Oberman, Network Engineer, Retired E-mail: rkober...@gmail.com mailto:rkober...@gmail.com Ah, thanks, that makes sense. Would that mean that a line such as 'ifconfig_IF=DHCP' would not count the interface as being explicitly configured? I haven't looked into SLAAC or DHCPv6 configuration yet, so I'm not sure if either of those require a line like the one above. I couldn't word that particularly well. Basically, my question is, does any ifconfig_IF_... line count IF as being explicitly configured, or is it just interfaces with statically assigned addresses? Thanks, Jonathan. ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to freebsd-net-unsubscr...@freebsd.org
Re: Should I be using ipv6_activate_all_interfaces or ip6addrctl_policy=ipv6_prefer
On 27 Aug 2014, at 18:55 , Jonathan Price free...@jonathanprice.org wrote: Would that mean that a line such as 'ifconfig_IF=DHCP' would not count the interface as being explicitly configured? I haven’t looked into SLAAC or DHCPv6 configuration yet, so I'm not sure if either of those require a line like the one above. Not for v6. That only does v4. I am doing: ifconfig_IF_ipv6=“up or ifconfig_IF_ipv6=“inet6 accept_rtadv” depending on what I want to accomplish. The former is largly for systems where I configure more than one address manually and then I tend to put them all in _aliasN lines to avoid confusion (and I do the same with v4 basically); the latter is for SLAAC. /bz — Bjoern A. Zeeb Come on. Learn, goddamn it., WarGames, 1983 ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to freebsd-net-unsubscr...@freebsd.org
Should I be using ipv6_activate_all_interfaces or ip6addrctl_policy=ipv6_prefer
Hello, I am configuring a server with IPv4 and IPv6 addresses and have noticed that FreeBSD seems to be preferring IPv4, such as when establishing SSH connections. After reading through /etc/defaults/rc.conf, and later /etc/rc.d/ip6addrctl I have come to the conclusion that I have two ways to tell FreeBSD to prefer IPv6: 1) Add ipv6_activate_all_interfaces to /etc/rc.conf 2) Add ip6addrctl_policy=ipv6_prefer to /etc/rc.conf Could anybody with a little more knowledge on the matter explain to me which of the two options is more preferential? If it helps, I only have a single NIC in the server, and it does not function as a gateway. Thanks, Jonathan. (I do apologise if this email ends up being sent as HTML. I haven't tried sending plaintext from this particular webmail client before). ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to freebsd-net-unsubscr...@freebsd.org
Re: Should I be using ipv6_activate_all_interfaces or ip6addrctl_policy=ipv6_prefer
On Tue, Aug 26, 2014 at 3:40 AM, free...@jonathanprice.org wrote: Hello, I am configuring a server with IPv4 and IPv6 addresses and have noticed that FreeBSD seems to be preferring IPv4, such as when establishing SSH connections. After reading through /etc/defaults/rc.conf, and later /etc/rc.d/ip6addrctl I have come to the conclusion that I have two ways to tell FreeBSD to prefer IPv6: 1) Add ipv6_activate_all_interfaces to /etc/rc.conf 2) Add ip6addrctl_policy=ipv6_prefer to /etc/rc.conf Could anybody with a little more knowledge on the matter explain to me which of the two options is more preferential? If it helps, I only have a single NIC in the server, and it does not function as a gateway. Thanks, Jonathan. Can you confirm that IPv6 is actually working between the systems in question? ping6 to it is a trivial test.Many issues can arise when trying ot get IPv6 running. Firewalls are a common issue. What output do you get from ip6addrctl show? netstat -rnf inet6? -- R. Kevin Oberman, Network Engineer, Retired E-mail: rkober...@gmail.com ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to freebsd-net-unsubscr...@freebsd.org
Re: Should I be using ipv6_activate_all_interfaces or ip6addrctl_policy=ipv6_prefer
On Tuesday 26 August 2014 10:40:27 free...@jonathanprice.org wrote: Hello, I am configuring a server with IPv4 and IPv6 addresses and have noticed that FreeBSD seems to be preferring IPv4, such as when establishing SSH connections. After reading through /etc/defaults/rc.conf, and later /etc/rc.d/ip6addrctl I have come to the conclusion that I have two ways to tell FreeBSD to prefer IPv6: 1) Add ipv6_activate_all_interfaces to /etc/rc.conf 2) Add ip6addrctl_policy=ipv6_prefer to /etc/rc.conf Could anybody with a little more knowledge on the matter explain to me which of the two options is more preferential? They both do different things. The activate knob is to enable ipv6 on an interface. To oversimplify it, if you configure an address on an interface, it is enabled. However, this switch enables this on all the rest of the interfaces, even the ones you didn't configure. ip6addrctl* affects things like hostname lookups to sort the addresses returned to the caller. They are different things entirely. I think you are expecting the behavior that ip6_prefer policy gives you. That's what we use in the freebsd.org cluster to have it use ipv6 where possible. -- Peter Wemm - pe...@wemm.org; pe...@freebsd.org; pe...@yahoo-inc.com; KI6FJV UTF-8: for when a ' or ... just won\342\200\231t do\342\200\246 signature.asc Description: This is a digitally signed message part.
