RE: Support for IPv6 SNMP and IPv6 SYSLOG
Hi, Update, specifically does FreeBSD ucd-snmp patch function as a SNMP Server? _ From: McGuerty, Jay S. Sent: Friday, February 10, 2006 9:15 AM To: 'freebsd-questions@FreeBSD.org' Subject: Support for IPv6 SNMP and IPv6 SYSLOG Hi, I've looked through the release notes for the latest version of FreeBSD and it is not clear whether it supports SNMPv6 and SYSLOGv6.Can you confirm IPv6 support for these protocols? Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPV6
jaroonsak paokeaw [EMAIL PROTECTED] writes: plzplzplz i want to make my server(freeBSD) to work with ipv6. but i'm new people for linux operation ( T T ). Can you have how to or handbook for setup my server to ipv6( Step-by-step) . FreeBSD isn't Linux, but assuming you actually do mean FreeBSD, the IPv6 section of the FreeBSD Handbook is at: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-ipv6.html ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
IPV6
plzplzplz i want to make my server(freeBSD) to work with ipv6. but i'm new people for linux operation ( T T ). Can you have how to or handbook for setup my server to ipv6( Step-by-step) . Thx very much [EMAIL PROTECTED] [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ipfw+antispoof breaks IPv6 link local
Wojciech Puchar [EMAIL PROTECTED] writes: can it be solved? with first rule in my firewall config i have flush add 2 deny ip from any to any not antispoof works fine - as long as no IPv6 link-local communication is needed - route6d is an example. changing it to add 2 deny ip4 from any to any not antispoof is using link-local addresses spoofing?! I don't have time to come up with a fix at the moment, but that does look like a bug to me. I'm not sure I can see any way around having special-case code in the ip_fw2 code for link-local addresses... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ipfw+antispoof breaks IPv6 link local
can it be solved? with first rule in my firewall config i have flush add 2 deny ip from any to any not antispoof works fine - as long as no IPv6 link-local communication is needed - route6d is an example. changing it to add 2 deny ip4 from any to any not antispoof is using link-local addresses spoofing?! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: turning off IPv6 in kernel
fbsd_user [EMAIL PROTECTED] writes: if I comment out the ipv6net statement in the kernel source and recompile, how do I tell ipfilter and the ports not to include ipv6 support? make.conf(5) has a knob for this, but individual ports may have their own separate knobs. -- Lowell Gilbert, embedded/networking software engineer, Boston area http://be-well.ilk.org/~lowell/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
turning off IPv6 in kernel
if I comment out the ipv6net statement in the kernel source and recompile, how do I tell ipfilter and the ports not to include ipv6 support? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPv6: routing on the local LAN
On 25 Dec 2005 at 2:59, Ariff Abdullah wrote: On Sat, 24 Dec 2005 12:37:56 -0500 Dan Langille [EMAIL PROTECTED] wrote: Gidday folks, I have an IPv6 routing problem within my LAN behind the gateway. I have an IPv6 tunnel supplied by Hurricane Electric. The tunnel is setup and working. From my gateway I can access various IPv6 websites (e.g http://www.kame.net). I have enabled rtadvd(8) on my gateway. For the netstat, ifconfig, etc, see [1]. From a computer inside my gateway, I cannot ping anything, not even the gateway. I suspect it's because the routing tables are not being set up on the gateway. I expected the system to do that automatically. I also expected fxp0 to get an IPv6 address out of this. Did I guess wrong? I suspect that if I can get fxp0 on the gateway, all will be well. If not, I think Ineed to set up static routes. Add a single 2001:470:1F00:1979::/64 address each for both fxp0/1. You don't even need rtadv.conf :) rc.conf:- ipv6_ifconfig_fxp0=2001:470:1F00:1979::1/64 ipv6_ifconfig_fxp1=2001:470:1F00:1979::2/64 Right you are! I just renamed /etc/rtadvd.conf to something else, rebooted the gateway, confirmed rtadvd was running, then I rebooted the workstation. It came back with: $ ifconfig fxp0 fxp0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 inet 10.55.0.23 netmask 0xff00 broadcast 10.55.0.255 inet6 fe80::204:acff:fed3:7823%fxp0 prefixlen 64 scopeid 0x1 inet6 2001:470:1f00:1979:204:acff:fed3:7823 prefixlen 64 autoconf ether 00:04:ac:d3:78:23 media: Ethernet autoselect (100baseTX full-duplex) status: active $ You suggested putting an IPv6 address on fxp0 (the NIC on my gateway that faces my ISP). Why? No IPv6 traffic should meet that NIC. It should all go out the tunnel on gif0. fxp1 is my LAN, so I can see why I need an IPv6 address there. Thank you. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPv6: routing on the local LAN
On 25 Dec 2005 at 15:05, Ariff Abdullah wrote: On Sat, 24 Dec 2005 21:22:20 -0500 Dan Langille [EMAIL PROTECTED] wrote: On 25 Dec 2005 at 2:59, Ariff Abdullah wrote: On Sat, 24 Dec 2005 12:37:56 -0500 Dan Langille [EMAIL PROTECTED] wrote: Gidday folks, I have an IPv6 routing problem within my LAN behind the gateway. I have an IPv6 tunnel supplied by Hurricane Electric. The tunnel is setup and working. From my gateway I can access various IPv6 websites (e.g http://www.kame.net). I have enabled rtadvd(8) on my gateway. For the netstat, ifconfig, etc, see [1]. From a computer inside my gateway, I cannot ping anything, not even the gateway. I suspect it's because the routing tables are not being set up on the gateway. I expected the system to do that automatically. I also expected fxp0 to get an IPv6 address out of this. Did I guess wrong? I suspect that if I can get fxp0 on the gateway, all will be well. If not, I think Ineed to set up static routes. Add a single 2001:470:1F00:1979::/64 address each for both fxp0/1. You don't even need rtadv.conf :) rc.conf:- ipv6_ifconfig_fxp0=2001:470:1F00:1979::1/64 ipv6_ifconfig_fxp1=2001:470:1F00:1979::2/64 Thanks. I wanted to run rtadvd for the boxes inside the LAN. That ensure they get an address in the right range (AFAIK). For this simple configuration, you don't even need rtadvd.conf. Adding anyprefix/64 address to router interface and running rtadvd -D router_interface will do the job. man rtadvd shows that -D is debugging. $ grep rtad /etc/rc.conf rtadvd_enable=YES # let our LAN know the IPv6 default route rtadvd_interfaces=fxp1# our private LAN I can't try it yet, but it looks like removing /etc/rtadvd.conf may do the trick. Merry Christmas. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
IPv6: routing on the local LAN
Gidday folks, I have an IPv6 routing problem within my LAN behind the gateway. I have an IPv6 tunnel supplied by Hurricane Electric. The tunnel is setup and working. From my gateway I can access various IPv6 websites (e.g http://www.kame.net). I have enabled rtadvd(8) on my gateway. For the netstat, ifconfig, etc, see [1]. From a computer inside my gateway, I cannot ping anything, not even the gateway. I suspect it's because the routing tables are not being set up on the gateway. I expected the system to do that automatically. I also expected fxp0 to get an IPv6 address out of this. Did I guess wrong? I suspect that if I can get fxp0 on the gateway, all will be well. If not, I think Ineed to set up static routes. The workstation inside the LAN has the config shown in [2]. Checking via tcpdump on the gateway, I can see pings from the client hitting the internal NIC (fxp1) and going out the IPv6 tunnel (gif0). In case I've missed something about setting up the tunnel, the details are [3]. Suggestions, comments, thanks. [1] Gateway - http://www.langille.org/tmp/ipv6-config-gateway.txt [2] Client - http://www.langille.org/tmp/ipv6-config-client.txt [3] Tunnel - http://www.langille.org/tmp/ipv6-config-tunnel.txt -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPv6: routing on the local LAN
On Sat, 24 Dec 2005 12:37:56 -0500 Dan Langille [EMAIL PROTECTED] wrote: Gidday folks, I have an IPv6 routing problem within my LAN behind the gateway. I have an IPv6 tunnel supplied by Hurricane Electric. The tunnel is setup and working. From my gateway I can access various IPv6 websites (e.g http://www.kame.net). I have enabled rtadvd(8) on my gateway. For the netstat, ifconfig, etc, see [1]. From a computer inside my gateway, I cannot ping anything, not even the gateway. I suspect it's because the routing tables are not being set up on the gateway. I expected the system to do that automatically. I also expected fxp0 to get an IPv6 address out of this. Did I guess wrong? I suspect that if I can get fxp0 on the gateway, all will be well. If not, I think Ineed to set up static routes. Add a single 2001:470:1F00:1979::/64 address each for both fxp0/1. You don't even need rtadv.conf :) rc.conf:- ipv6_ifconfig_fxp0=2001:470:1F00:1979::1/64 ipv6_ifconfig_fxp1=2001:470:1F00:1979::2/64 The workstation inside the LAN has the config shown in [2]. Checking via tcpdump on the gateway, I can see pings from the client hitting the internal NIC (fxp1) and going out the IPv6 tunnel (gif0). In case I've missed something about setting up the tunnel, the details are [3]. Suggestions, comments, thanks. [1] Gateway - http://www.langille.org/tmp/ipv6-config-gateway.txt [2] Client - http://www.langille.org/tmp/ipv6-config-client.txt [3] Tunnel - http://www.langille.org/tmp/ipv6-config-tunnel.txt -- Ariff Abdullah MyBSD http://www.MyBSD.org.my (IPv6/IPv4) http://staff.MyBSD.org.my (IPv6/IPv4) http://tomoyo.MyBSD.org.my (IPv6/IPv4) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPv6: routing on the local LAN
On 25 Dec 2005 at 2:59, Ariff Abdullah wrote: On Sat, 24 Dec 2005 12:37:56 -0500 Dan Langille [EMAIL PROTECTED] wrote: Gidday folks, I have an IPv6 routing problem within my LAN behind the gateway. I have an IPv6 tunnel supplied by Hurricane Electric. The tunnel is setup and working. From my gateway I can access various IPv6 websites (e.g http://www.kame.net). I have enabled rtadvd(8) on my gateway. For the netstat, ifconfig, etc, see [1]. From a computer inside my gateway, I cannot ping anything, not even the gateway. I suspect it's because the routing tables are not being set up on the gateway. I expected the system to do that automatically. I also expected fxp0 to get an IPv6 address out of this. Did I guess wrong? I suspect that if I can get fxp0 on the gateway, all will be well. If not, I think Ineed to set up static routes. Add a single 2001:470:1F00:1979::/64 address each for both fxp0/1. You don't even need rtadv.conf :) rc.conf:- ipv6_ifconfig_fxp0=2001:470:1F00:1979::1/64 ipv6_ifconfig_fxp1=2001:470:1F00:1979::2/64 Thanks. I wanted to run rtadvd for the boxes inside the LAN. That ensure they get an address in the right range (AFAIK). Now... I just have to find someone with services, such as cvsup, available only over IPv6 But what I've been reading indicates that cvsup is not IPv6 aware. -- Dan Langille : http://www.langille.org/ BSDCan - The Technical BSD Conference - http://www.bsdcan.org/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPv6: routing on the local LAN
On Sat, 24 Dec 2005 21:22:20 -0500 Dan Langille [EMAIL PROTECTED] wrote: On 25 Dec 2005 at 2:59, Ariff Abdullah wrote: On Sat, 24 Dec 2005 12:37:56 -0500 Dan Langille [EMAIL PROTECTED] wrote: Gidday folks, I have an IPv6 routing problem within my LAN behind the gateway. I have an IPv6 tunnel supplied by Hurricane Electric. The tunnel is setup and working. From my gateway I can access various IPv6 websites (e.g http://www.kame.net). I have enabled rtadvd(8) on my gateway. For the netstat, ifconfig, etc, see [1]. From a computer inside my gateway, I cannot ping anything, not even the gateway. I suspect it's because the routing tables are not being set up on the gateway. I expected the system to do that automatically. I also expected fxp0 to get an IPv6 address out of this. Did I guess wrong? I suspect that if I can get fxp0 on the gateway, all will be well. If not, I think Ineed to set up static routes. Add a single 2001:470:1F00:1979::/64 address each for both fxp0/1. You don't even need rtadv.conf :) rc.conf:- ipv6_ifconfig_fxp0=2001:470:1F00:1979::1/64 ipv6_ifconfig_fxp1=2001:470:1F00:1979::2/64 Thanks. I wanted to run rtadvd for the boxes inside the LAN. That ensure they get an address in the right range (AFAIK). For this simple configuration, you don't even need rtadvd.conf. Adding anyprefix/64 address to router interface and running rtadvd -D router_interface will do the job. Now... I just have to find someone with services, such as cvsup, available only over IPv6 But what I've been reading indicates that cvsup is not IPv6 aware. AFAIK we're out of luck for now. -- Ariff Abdullah MyBSD http://www.MyBSD.org.my (IPv6/IPv4) http://staff.MyBSD.org.my (IPv6/IPv4) http://tomoyo.MyBSD.org.my (IPv6/IPv4) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
IPv6 Addressing Question
When using Literal IPv6 addresses to access a share, is this how it would be done with the following address?: 3ffe:8311::f288:203:47ff:fe4e:2393 it’s file sharing literal would look like this: 3ffe-8311--f288-203-47ff-fe4e-2393.ipv6-literal.net Or can the actual address (3ffe:8311::f288:203:47ff:fe4e:2393) be used? Thanks, Jim Bonner -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.344 / Virus Database: 267.12.4/143 - Release Date: 10/19/2005 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: New user getting very discouraged with IPv6 problems, cannot get tunnel working completely :(
Am 25.09.2005 um 03:32 schrieb aksis: On the HE site, after you login, in the Tunnel Details section, there is an option to rebuild the tunnel, this might fix the problem. Beyond that I would email HE, send them the relative info and ask them to look at it. Additional check your ipv6 routing table that everything is correct. (e.g. the tspc program is not running and messing with your routingtable) Check with tcpdump/ethereal that the ping packets are leaving your site correctly. regards arved ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Eggdrop 1.6.15 with Ipv6 support + FreeBSD 5.4-RELEASE
Hi all! I've been struggling with some problems lately after going from FreeBSD 4.11-STABLE to FreeBSD 5.4-RELEASE. Eggdrop will not listen to tcp4, at any cost. It will only listen to IPv6 (tcp6), no matter what i do. The same error occurs with muh, but works fine on psybnc. Here's an output from sockstat: # sockstat|grep eggdrop melsom eggdrop-1. 79529 3 tcp6 *:9699*:* melsom eggdrop-1. 79529 4 udp4 *:59442 *:* melsom eggdrop-1. 79529 6 tcp6 2001:1448:80:276:c0::290:613082001:888:0:2::2:6667 As you can see, it only listens to tcp6, and a random udp port (?!). The port i've sat in the config is 9699. I've checked the my-ip6 and my-ip settings.Does anyone know why it listens to the udp port? It's random every time i start the Eggdrop. I've no idea what it could be. I have recompiled the eggdrop, tcl and everything, still no results. Is this a common bug? Does anyone have any suggestions? Regards, Andreas Melsom ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
New user getting very discouraged with IPv6 problems, cannot get tunnel working completely :(
Hi all, I'm a brand new poster to the forums, and consider myself a novice FreeBSD user.. I used to use an IPv6 tunnel broker that worked fine, and even had a great program in C to do all the configuring of my tunnel automatically, but sadly, they are sharing my /48 with like 4 other people making it impossible to log into IRC servers. So somebody on #FreeBSD @ irc.freenode.nethttp://irc.freenode.netreccomended 2 OTHER brokers for me, one was BTexaCT and another was Hurricane Electric (www.tunnelbroker.net http://www.tunnelbroker.net, which he advised me to use.) So I got my tunnel approved at both places, but am seriously at a dead end here and it has become very discouraging, to the point where I'm blaming myself because this should be so straight-forward :( Here are the full tunnel details I was approved for Server IPV4 Address: 64.71.128.83 http://64.71.128.83 Server IPV6 Address: 2001:470:1F01:::DD2/127 Client IPV4 Address: 70.28.MY.IP Client IPV6 Address: 2001:470:1F01:::DD3/127 in my /etc/rc.conf, I have ipv6_enable=YES ipv6_gateway_enable=YES The guide I was following was: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-ipv6.html Okay, so, the steps I follow are.. ifconfig gif0 create ifconfig gif0 tunnel 70.28.MY.IP 64.71.128.83 http://64.71.128.83 (my ip then their ipv4 ip) ifconfig gif0 inet6 alias 2001:470:1F01:::DD3 That goes off without any errors or anything, and then that guide tells me to 'ping6 ff02::1%gif0' and it works perfectly, and I get ping replies, so I get REALLY excited. Then, the guide tells me to finish by route add -inet6 default -interface gif0 Then, it should be ready according to the manual, but I can only resolve IPV6 addresses, I can't actually communicate with any. ping6 'ing ipv6 addresses resolves to the proper address, but no packets are received irc'ing an ipv6 server just resolves the IPV6 address but doesn't actually get past the CONNECTING stage As I said, I'm getting really discouraged and downright depressed, and I don't know what further action to take to pursue this problem, so hopefully people here can get me up and running.. This really shouldn't be a difficult thing to do.. Also, as a side note, I also took the exact same steps with the OTHER broker I was approved for (BTexaCT) but its the same thing, I can only resolve IPV6 IP's, not communicate with them What should I do!! Thanks in advance, everyone :) -Ryan, a new FBSD user :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: New user getting very discouraged with IPv6 problems, cannot get tunnel working completely :(
On Friday 23 September 2005 01:08, resonant evil wrote: Here are the full tunnel details I was approved for Server IPV4 Address: 64.71.128.83 http://64.71.128.83 Server IPV6 Address: 2001:470:1F01:::DD2/127 Client IPV4 Address: 70.28.MY.IP Client IPV6 Address: 2001:470:1F01:::DD3/127 in my /etc/rc.conf, I have ipv6_enable=YES ipv6_gateway_enable=YES Im using Hurricane Electric as well, When you login to HE they have a link for an example config generation, this is what I used. I had some problems with the handbook as well. My rc.conf: ... snip ... gif_interfaces=gif0 gif1 # IPv6 tunnel gifconfig_gif0=63.226.12.96 64.71.128.82 # IPv4 tunnel for IPv6 tunnel ipv6_enable=YES# Set to YES to set up for IPv6. ipv6_network_interfaces=rl0 gif0 # List of network interfaces. ipv6_defaultrouter=2001:470:1F00:::22E # Set to IPv6 default gateway ipv6_ifconfig_rl0=2001:470:1F00:379::1 # assigned from my /64to a nic ipv6_ifconfig_gif0=2001:470:1F00:::22F 2001:470:1F00:::22E prefixlen 128 --- wrapped, should be on the above line. ... snip ... My Assigned Prefix: 2001:470:1F00:379::/64 # ifconfig gif0 gif0: flags=8051UP,POINTOPOINT,RUNNING,MULTICAST mtu 1280 tunnel inet 63.226.12.96 -- 64.71.128.82 inet6 fe80::2c0:f0ff:fe2a:aa7c%gif0 prefixlen 64 scopeid 0x8 inet6 2001:470:1f00:::22f -- 2001:470:1f00:::22e prefixlen 128 Is your firewall blocking ipv6? # /etc/rc.firewall6 open Don't leave this open after you get the tunnel working. That goes off without any errors or anything, and then that guide tells me to 'ping6 ff02::1%gif0' and it works perfectly, and I get ping replies, so I get REALLY excited. Then, the guide tells me to finish by ping their ipv6 end point of the tunnel: # ping6 2001:470:1F01:::DD2 (you sure its /127 and not /128?) If you don't get replies then there is a problem with the tunnel. irc'ing an ipv6 server just resolves the IPV6 address but doesn't actually get past the CONNECTING stage Last I knew, freenode has all HE ipv6 blocked because of abuse. This might have been lifted, I don't use ipv6 for irc. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: New user getting very discouraged with IPv6 problems, cannot get tunnel working completely :(
Hi, thanks for the response, but alas it's still not working :( On 9/24/05, aksis [EMAIL PROTECTED] wrote: Im using Hurricane Electric as well, When you login to HE they have a link for an example config generation, this is what I used. I had some problems with the handbook as well. Yeah, I was following their example configs also, I saw it there :( My rc.conf: ... snip ... gif_interfaces=gif0 gif1 # IPv6 tunnel gifconfig_gif0=63.226.12.96 http://63.226.12.96 64.71.128.82http://64.71.128.82 # IPv4 tunnel for IPv6 tunnel ipv6_enable=YES # Set to YES to set up for IPv6. ipv6_network_interfaces=rl0 gif0 # List of network interfaces. ipv6_defaultrouter=2001:470:1F00:::22E # Set to IPv6 default gateway ipv6_ifconfig_rl0=2001:470:1F00:379::1 # assigned from my /64to a nic ipv6_ifconfig_gif0=2001:470:1F00:::22F 2001:470:1F00:::22E prefixlen 128 --- wrapped, should be on the above line. ... snip ... I was missing alot of that stuff, so I filled it in with the appropriate values, here's what mine looks like (and upon reboot everything looked good) ... ipv6_enable=YES ipv6_gateway_enable=YES gif_interfaces=gif0 gif1 gifconfig_gif0=70.28.134.212 http://70.28.134.212 64.71.128.83http://64.71.128.83 ipv6_network_interfaces=rl0 gif0 ipv6_defaultrouter=2001:470:1F01:::DD2 # default ipv6 gateway ipv6_ifconfig_gif0=2001:470:1F01:::DD3 2001:470:1F01:::DD2 prefixlen 128 is the ipv6 section of my /etc/rc.conf, on bootup everything seemed to take effect properly # ifconfig gif0 gif0: flags=8051UP,POINTOPOINT,RUNNING,MULTICAST mtu 1280 tunnel inet 63.226.12.96 http://63.226.12.96 -- 64.71.128.82http://64.71.128.82 inet6 fe80::2c0:f0ff:fe2a:aa7c%gif0 prefixlen 64 scopeid 0x8 inet6 2001:470:1f00:::22f -- 2001:470:1f00:::22e prefixlen 128 su-3.00# ifconfig gif0 gif0: flags=8051UP,POINTOPOINT,RUNNING,MULTICAST mtu 1280 tunnel inet 70.28.134.212 http://70.28.134.212 -- 64.71.128.83http://64.71.128.83 inet6 fe80::240:f4ff:fe2d:a9f7%gif0 prefixlen 64 scopeid 0x4 inet6 2001:470:1f01:::dd3 -- 2001:470:1f01:::dd2 prefixlen 128 which from what I can gather looks absolutely correct, doesn't it :( Is your firewall blocking ipv6? # /etc/rc.firewall6 open No such file on my system, I'm using 5.3-RELEASE I don't think the firewall is blocking ipv6 because www.hexago.comhttp://www.hexago.com(my old broker, freenet6) had a great 'tspc' program (that was compiled from C) that did all the work for me, and that tunnel still works great, except its unstable for me and is completely blacklisted from most IRC networks Don't leave this open after you get the tunnel working. That goes off without any errors or anything, and then that guide tells me to 'ping6 ff02::1%gif0' and it works perfectly, and I get ping replies, so I get REALLY excited. Then, the guide tells me to finish by ping their ipv6 end point of the tunnel: # ping6 2001:470:1F01:::DD2 (you sure its /127 and not /128?) If you don't get replies then there is a problem with the tunnel. su-3.00# ping6 2001:470:1F01:::DD2 PING6(56=40+8+8 bytes) 2001:470:1f01:::dd3 -- 2001:470:1f01:::dd2 ^C --- 2001:470:1F01:::DD2 ping6 statistics --- 9 packets transmitted, 0 packets received, 100.0% packet loss I really appreciate the help thus far man :) Any other suggestions or reccomendations would be greatly appreciated.. I can also provide output from anything you might find useful, just let me know :) I really would love to get this working, it would be a good confidence boost for me if I could just figure this out Thanks again :) -Ryan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: New user getting very discouraged with IPv6 problems, cannot get tunnel working completely :(
On the HE site, after you login, in the Tunnel Details section, there is an option to rebuild the tunnel, this might fix the problem. Beyond that I would email HE, send them the relative info and ask them to look at it. Your side looks correct. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
vlc problem with freebsd4.10 + kame snap (ipv6 tunneling)
dear all I'm using vlc for ipv6 multicast on the ipv6 in ipv6 tunneling. but there are some problems. my test environments; pc router: freebsd 4.10R host: linux (kernel 2.6.11), windows xp service pack2 pim6sd: kame-20050131-snap-kit vlc: vlc-0.8.2 and vlc-0.7.2 dbeacon: dbeacon-0.3.5 network topology H1 --- R1(rp, bsr) --- ipv6 in ipv6 tunneling --- R2 --- H2 * H: host, R: pc router I tested vlc; ver 0.8.2 and 0.7.2, and dbeacon dbeacon was no problem. but vlc test was shown strange results. I success vlc test when h2 is a sender and h1 is a receiver. but the opposite case (h1-sender, h2-receiver) was failed tcpdump result at the h2 is like this when h1 is a sender and h2 is a receiver. -- 02:48:08.488389 fe80::204:75ff:fee2:21e5 ff0e::8320:2078: HBH icmp6: multicast listener report max resp delay: 0 addr: ff0e::8320:2078 [hlim 1] I checked pim6sd log of sender(h1) and I can see following message -- 19:57:29.920 warning - SIOCGETSGCNT_IN6 on (2001:220:806:11::17 ff0e::8320:15): No such process 19:57:29.920 Deleting MFC entry for source 2001:220:806:11::17 and group ff0e::8320:15 19:57:29.920 warning - setsockopt MRT6_DEL_MFC: Can't assign requested address 19:57:29.920 Join_or_prune : upstream_router is null 19:57:29.920 src_action = 0 19:57:29.920 SSM src_action = 1 I cann't understand why one direction (from h2 to h1) works but the other direction(from h1 to h2) does not work in addition to no problem with dbeacon. thanks.. -- followings are pim6sd logs related with multicast pim6sd log of H1 -- 19:57:13.113 Cache miss, src 2001:220:806:11::17, dst ff0e::8320:15, iif 6 19:57:13.114 create group entry, group ff0e::8320:15 19:57:13.114 Rp_grp_match found 3ffe:2e01:1:e::1 for group ff0e::8320:15 19:57:13.114 create source entry, source 2001:220:806:11::17 19:57:13.114 create SG entry, source 2001:220:806:11::17, group ff0e::8320:15 .. 19:57:15.910 Cache miss, src 2001:220:806:11::17, dst ff0e::8320:15, iif 6 19:57:15.910 create group entry, group ff0e::8320:15 19:57:15.910 Rp_grp_match found 3ffe:2e01:1:e::1 for group ff0e::8320:15 19:57:15.910 create source entry, source 2001:220:806:11::17 19:57:15.910 create SG entry, source 2001:220:806:11::17, group ff0e::8320:15 .. 19:57:29.920 warning - SIOCGETSGCNT_IN6 on (2001:220:806:11::17 ff0e::8320:15): No such process 19:57:29.920 Deleting MFC entry for source 2001:220:806:11::17 and group ff0e::8320:15 19:57:29.920 warning - setsockopt MRT6_DEL_MFC: Can't assign requested address 19:57:29.920 Join_or_prune : upstream_router is null 19:57:29.920 src_action = 0 19:57:29.920 SSM src_action = 1 .. 20:01:12.929 Receiving PIM v2 Join/Prune from fe80::200:f0ff:fe94:5be 20:01:12.929 I'm the target of the JOIN/PRUNE message 20:01:12.929 Number of groups to process : 2 20:01:12.929 Group to process : ff0e::8320:15 20:01:12.929 Number of join : 1 20:01:12.929 Number of prune : 0 20:01:12.930 I'm looking for the (*,*,RP) entry, skip to next entry 20:01:12.930 Group to process : ff0e::1234:1234 20:01:12.930 Number of join : 1 20:01:12.930 Number of prune : 0 20:01:12.930 I'm looking for the (*,*,RP) entry, skip to next entry 20:01:12.930 Group to process : ff0e::8320:15 20:01:12.930 Number of join : 1 20:01:12.930 Number of prune : 0 20:01:12.930 Rp_grp_match found 3ffe:2e01:1:e::1 for group ff0e::8320:15 20:01:12.930 The rp for this JOIN/PRUNE is 3ffe:2e01:1:e::1 20:01:12.930 Group to process : ff0e::1234:1234 20:01:12.930 Number of join : 1 20:01:12.930 Number of prune : 0 pim6sd log of H2 -- 20:13:12.062 accepting multicast listener report: src fe80::204:75ff:fee2:21e5,dst ff0e::8320:15, grp f f0e::8320:15 20:13:12.062 The group doesn't exist, trying to add it 20:13:12.062 creates a group in MLDv1 compat-mode for ff0e::8320:15 on Mif em0 20:13:12.062 create group entry, group ff0e::8320:15 20:13:12.062 Rp_grp_match found 3ffe:2e01:1:e::1 for group ff0e::8320:15 20:13:12.062 Adding vif 1 for group ff0e::8320:15 .. 20:13:36.097 accepting multicast listener report: src fe80::204:75ff:fee2:21e5,dst ff0e::8320:15, grp f f0e::8320:15 20:13:36.097 The group already exists 20:13:36.097 goes into MLDv1-compat-mode for ff0e::8320:15 on Mif em0 20:13:36.098 Adding vif 1 for group ff0e::8320:15 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Simple IPv6 question [Was: Re: IPv6 site local EUI-64 adresses and jails]
Am Freitag, 12. August 2005 21:24 CEST schrieb Emanuel Strobl: Am Freitag, 12. August 2005 20:53 CEST schrieb Emanuel Strobl: Hi all, I'm quiet new to IPv6 so I'd like to ask some questions: Here are two more: How do I use the eui64 option of ifconfig? 'ifconfig fxp0 inet6 fe80:0:0:0:eui64 ' doesn't work! What's the meaning of the %fxp0 tail of the ifconfig output for the inet6 address? Dear inet6 guys, I don't know the kind of addresses FreeBSD uses for autoconfigured link-local addresses. For example: fe80::20e:cff:fe34:2bf8%em0 What the hack is %em0 ??? Interestingly I can use this address, but ping6 fe80::20e:cff:fe34:2bf8 doesn't work The Handbook doesn't clarify this mysterious address. Is it FreeBSD specific? Thanks in andvance, I posted this also to current@ since I got no answer from questions@ -Harry Thanks, -Harry So far I know how to generate s site-local address on basis of the MAC address of the interface. That's what FreeBSD does itself for INET6 enabled kernels. Now in the 24-16-24 scheme of th interface id part of the IPv6 address, the 16 bits were inserted with the value FFFE. And bit 57 was changed to one! Why What if it is alread one? Or isn't tehre any vendor who can have bit 41 of his MAC 1? Now I want to use a dedicated interface, which is in a different subnet, for 5 jails. How do I do that if I want to keep the MAC relation and if I'm not allewd to change the FFFE insert? It isn't possible then, is it? What should I do instead? Invent my own 64-bit scheme? I hope you understand my questions, thanks a lot in advance, -Harr pgptY0pgdPFKS.pgp Description: PGP signature
Re: Simple IPv6 question [Was: Re: IPv6 site local EUI-64 adresses and jails]
On 2005-08-15T20:51:05+0200, Emanuel Strobl wrote: Dear inet6 guys, I don't know the kind of addresses FreeBSD uses for autoconfigured link-local addresses. For example: fe80::20e:cff:fe34:2bf8%em0 What the hack is %em0 ??? Interestingly I can use this address, but ping6 fe80::20e:cff:fe34:2bf8 doesn't work The Handbook doesn't clarify this mysterious address. Is it FreeBSD specific? Check out http://www.freebsd.org/doc/en_US.ISO8859-1/books/developers-handbook/ipv6.html ``Some of the userland tools support extended numeric IPv6 syntax, as documented in draft-ietf-ipngwg-scopedaddr-format-00.txt. You can specify outgoing link, by using name of the outgoing interface like fe80::1%ne0. This way you will be able to specify link-local scoped address without much trouble.'' -- Mike Oliver [see complete headers for contact information] pgp2o1kLD0K0u.pgp Description: PGP signature
Re: IPv6 site local EUI-64 adresses and jails
On Fri, Aug 12, 2005 at 08:53:20PM +0200, Emanuel Strobl wrote: Now in the 24-16-24 scheme of th interface id part of the IPv6 address, the 16 bits were inserted with the value FFFE. And bit 57 was changed to one! Why What if it is alread one? Or isn't tehre any vendor who can have bit 41 of his MAC 1? Some of the bits of a MAC address are reserved. There is a bit that indicates if the address is the address of a group of machines (for multicast) or the address of a single machine. The bit that is flipped when generating IPv6 addresses is the local/global bit, that indicates if the address has been assigned locally or by some global authority. For normal ethernet cards, this bit would always be 0. Now I want to use a dedicated interface, which is in a different subnet, for 5 jails. How do I do that if I want to keep the MAC relation and if I'm not allewd to change the FFFE insert? It isn't possible then, is it? What should I do instead? Invent my own 64-bit scheme? I'd suggest that you use manually assigned addresses in cases like this. You know what sort of addresses will be generated by autoconfiguration, so it should be easy for you to choose addresses that won't clash. Unfortunately jails do not actually support restricting the use of IPv6 addresses right now. David. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPv6 site local EUI-64 adresses and jails
Am Samstag, 13. August 2005 10:53 CEST schrieb David Malone:
On Fri, Aug 12, 2005 at 08:53:20PM +0200, Emanuel Strobl wrote:
Now in the 24-16-24 scheme of th interface id part of the IPv6
address, the 16 bits were inserted with the value FFFE. And bit 57 was
changed to one! Why What if it is alread one? Or isn't tehre any
vendor who can have bit 41 of his MAC 1?
Some of the bits of a MAC address are reserved. There is a bit that
indicates if the address is the address of a group of machines (for
multicast) or the address of a single machine. The bit that is
flipped when generating IPv6 addresses is the local/global bit,
that indicates if the address has been assigned locally or by some
global authority. For normal ethernet cards, this bit would always
be 0.
Now I want to use a dedicated interface, which is in a different
subnet, for 5 jails. How do I do that if I want to keep the MAC
relation and if I'm not allewd to change the FFFE insert? It isn't
possible then, is it? What should I do instead? Invent my own 64-bit
scheme?
I'd suggest that you use manually assigned addresses in cases like this.
You know what sort of addresses will be generated by autoconfiguration,
so it should be easy for you to choose addresses that won't clash.
Unfortunately jails do not actually support restricting the use of IPv6
addresses right now.
Thanks a lot for your explanation! I have patches from Olivier Houchard for
testing which extends jails for IPv6 :)
He wrote it some time ago for RELENG_5 but wasn't sure if it is secure
enough to committ it.
I think more teseters are welcome, I have to solve some other IPv6
proplems first (like auto host config and DNS?), so I attach the patches
here, I can't imagine why Olivier wouldn't want that.
Best regards,
-Harry
David.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
[EMAIL PROTECTED]
Index: sys/kern/kern_jail.c
===
RCS file: /cognet/ncvs/src/sys/kern/kern_jail.c,v
retrieving revision 1.50
diff -u -p -r1.50 kern_jail.c
--- sys/kern/kern_jail.c 23 Jun 2005 22:13:28 - 1.50
+++ sys/kern/kern_jail.c 12 Aug 2005 22:57:21 -
@@ -12,6 +12,7 @@ __FBSDID($FreeBSD: src/sys/kern/kern_ja
#include opt_mac.h
+#include opt_inet6.h
#include sys/param.h
#include sys/types.h
#include sys/kernel.h
@@ -49,7 +50,7 @@ SYSCTL_INT(_security_jail, OID_AUTO, set
int jail_socket_unixiproute_only = 1;
SYSCTL_INT(_security_jail, OID_AUTO, socket_unixiproute_only, CTLFLAG_RW,
jail_socket_unixiproute_only, 0,
-Processes in jail are limited to creating UNIX/IPv4/route sockets only);
+Processes in jail are limited to creating UNIX/IP/route sockets only);
int jail_sysvipc_allowed = 0;
SYSCTL_INT(_security_jail, OID_AUTO, sysvipc_allowed, CTLFLAG_RW,
@@ -134,6 +135,9 @@ jail(struct thread *td, struct jail_args
error = copyinstr(j.hostname, pr-pr_host, sizeof(pr-pr_host), 0);
if (error)
goto e_dropvnref;
+#ifdef INET6
+ memcpy(pr-pr_ip6, j.ip6_number, sizeof(pr-pr_ip6));
+#endif
pr-pr_ip = j.ip_number;
pr-pr_linux = NULL;
pr-pr_securelevel = securelevel;
@@ -375,18 +379,82 @@ prison_remote_ip(struct ucred *cred, int
return;
}
+#ifdef INET6
+void
+prison_getip6(struct ucred *ucred, u_int8_t **ip6)
+{
+
+ memcpy(ip6, ucred-cr_prison-pr_ip6,
+ sizeof(ucred-cr_prison-pr_ip6));
+}
+
+int
+prison_ip6(struct ucred *ucred, u_int8_t **ip6)
+{
+ struct in6_addr tmp;
+
+ if (!jailed(ucred))
+ return (0);
+ memcpy(tmp, ip6, sizeof(tmp));
+ if (IN6_IS_ADDR_LOOPBACK(tmp) ||
+ IN6_IS_ADDR_UNSPECIFIED(tmp)) {
+ memcpy(ip6, ucred-cr_prison-pr_ip6, sizeof(tmp));
+ return (0);
+ }
+ if (IN6_ARE_ADDR_EQUAL((struct in6_addr *)ip6,
+ (struct in6_addr *)ucred-cr_prison-pr_ip6))
+ return (1);
+ return (0);
+}
+
+void
+prison_remote_ip6(struct ucred *cred, u_int8_t **ip)
+{
+ struct in6_addr tmp;
+
+ if (!jailed(cred))
+ return;
+ memcpy(tmp, ip, sizeof(tmp));
+ if (IN6_IS_ADDR_LOOPBACK(tmp)) {
+ memcpy(ip, cred-cr_prison-pr_ip6, sizeof(tmp));
+ return;
+ }
+ return;
+}
+
+#endif
+
int
prison_if(struct ucred *cred, struct sockaddr *sa)
{
struct sockaddr_in *sai;
+#ifdef INET6
+ struct sockaddr_in6 *sa6;
+#endif
int ok;
sai = (struct sockaddr_in *)sa;
- if ((sai-sin_family != AF_INET) jail_socket_unixiproute_only)
- ok = 1;
- else if (sai-sin_family != AF_INET)
- ok = 0;
- else if (cred-cr_prison-pr_ip != ntohl(sai-sin_addr.s_addr))
+#ifdef INET6
+ sa6 = (struct sockaddr_in6 *)sa;
+#endif
+ if (sai-sin_family == AF_INET) {
+ if (cred-cr_prison-pr_ip != ntohl(sai-sin_addr.s_addr))
+ ok = 1;
+ else
+ ok = 0;
+ } else
+#ifdef INET6
+ if (sai-sin_family == AF_INET6) {
+ if (!IN6_ARE_ADDR_EQUAL((struct in6_addr *)
+ cred-cr_prison-pr_ip6,
+ (struct in6_addr *)sa6-sin6_addr))
+ ok = 1
IPv6 site local EUI-64 adresses and jails
Hi all, I'm quiet new to IPv6 so I'd like to ask some questions: So far I know how to generate s site-local address on basis of the MAC address of the interface. That's what FreeBSD does itself for INET6 enabled kernels. Now in the 24-16-24 scheme of th interface id part of the IPv6 address, the 16 bits were inserted with the value FFFE. And bit 57 was changed to one! Why What if it is alread one? Or isn't tehre any vendor who can have bit 41 of his MAC 1? Now I want to use a dedicated interface, which is in a different subnet, for 5 jails. How do I do that if I want to keep the MAC relation and if I'm not allewd to change the FFFE insert? It isn't possible then, is it? What should I do instead? Invent my own 64-bit scheme? I hope you understand my questions, thanks a lot in advance, -Harr pgpk2do0FKcxZ.pgp Description: PGP signature
Re: IPv6 site local EUI-64 adresses and jails
Am Freitag, 12. August 2005 20:53 CEST schrieb Emanuel Strobl: Hi all, I'm quiet new to IPv6 so I'd like to ask some questions: So far I know how to generate s site-local address on basis of the MAC address of the interface. That's what FreeBSD does itself for INET6 enabled kernels. Ok, here I found my first error, it's in fact a link-local addres, no site-local. If I need a site-local, is it correct to just assign it another (almost similar) address, or should I disable link-local autogeneration? Thanks, -Harry Now in the 24-16-24 scheme of th interface id part of the IPv6 address, the 16 bits were inserted with the value FFFE. And bit 57 was changed to one! Why What if it is alread one? Or isn't tehre any vendor who can have bit 41 of his MAC 1? Now I want to use a dedicated interface, which is in a different subnet, for 5 jails. How do I do that if I want to keep the MAC relation and if I'm not allewd to change the FFFE insert? It isn't possible then, is it? What should I do instead? Invent my own 64-bit scheme? I hope you understand my questions, thanks a lot in advance, -Harr pgpirO64RezBs.pgp Description: PGP signature
Re: IPv6 site local EUI-64 adresses and jails
Am Freitag, 12. August 2005 20:53 CEST schrieb Emanuel Strobl: Hi all, I'm quiet new to IPv6 so I'd like to ask some questions: Here are two more: How do I use the eui64 option of ifconfig? 'ifconfig fxp0 inet6 fe80:0:0:0:eui64 ' doesn't work! What's the meaning of the %fxp0 tail of the ifconfig output for the inet6 address? Thanks, -Harry So far I know how to generate s site-local address on basis of the MAC address of the interface. That's what FreeBSD does itself for INET6 enabled kernels. Now in the 24-16-24 scheme of th interface id part of the IPv6 address, the 16 bits were inserted with the value FFFE. And bit 57 was changed to one! Why What if it is alread one? Or isn't tehre any vendor who can have bit 41 of his MAC 1? Now I want to use a dedicated interface, which is in a different subnet, for 5 jails. How do I do that if I want to keep the MAC relation and if I'm not allewd to change the FFFE insert? It isn't possible then, is it? What should I do instead? Invent my own 64-bit scheme? I hope you understand my questions, thanks a lot in advance, -Harr pgpXYJzFJPq2f.pgp Description: PGP signature
Re: IPv6 site local EUI-64 adresses and jails
On 2005-08-12T21:03:35+0200, Emanuel Strobl wrote: Am Freitag, 12. August 2005 20:53 CEST schrieb Emanuel Strobl: Hi all, I'm quiet new to IPv6 so I'd like to ask some questions: So far I know how to generate s site-local address on basis of the MAC address of the interface. That's what FreeBSD does itself for INET6 enabled kernels. Ok, here I found my first error, it's in fact a link-local addres, no site-local. If I need a site-local, is it correct to just assign it another (almost similar) address, or should I disable link-local autogeneration? Don't disable link-local address auto-generation. You can assign your own addresses, based on the /48 you have been given by your provider or tunnel broker. Something like this ifconfig fxp0 inet6 3ffe:dead:beef:cafe::/64 eui64 alias That is only if you want to use auto-configured host addresses based on the (IHMO) wasteful EUI64 junk... topic for another thread (and list, probably!). There are lots of differing opinions about the usefulness of EUI64-based auto-config. -- Mike Oliver [see complete headers for contact information] pgpGVDfizZsiv.pgp Description: PGP signature
Re: IPv6 site local EUI-64 adresses and jails
Am Freitag, 12. August 2005 22:48 CEST schrieb Michael W. Oliver: On 2005-08-12T21:03:35+0200, Emanuel Strobl wrote: Am Freitag, 12. August 2005 20:53 CEST schrieb Emanuel Strobl: Hi all, I'm quiet new to IPv6 so I'd like to ask some questions: So far I know how to generate s site-local address on basis of the MAC address of the interface. That's what FreeBSD does itself for INET6 enabled kernels. Ok, here I found my first error, it's in fact a link-local addres, no site-local. If I need a site-local, is it correct to just assign it another (almost similar) address, or should I disable link-local autogeneration? Don't disable link-local address auto-generation. You can assign your own addresses, based on the /48 you have been given by your provider or tunnel broker. Something like this ifconfig fxp0 inet6 3ffe:dead:beef:cafe::/64 eui64 alias Ahh, ok, this answers the question how to use eui64 with ifconfig :) And dead beef cafe is kewl ;) (first I'll use FEC0::eui64) Thanks, -Harry P.S.: Do you know what's the clue with the (mac)bit 41 change for eui64? That is only if you want to use auto-configured host addresses based on the (IHMO) wasteful EUI64 junk... topic for another thread (and list, probably!). There are lots of differing opinions about the usefulness of EUI64-based auto-config. pgpceNS99BKvU.pgp Description: PGP signature
Re: IPv6 site local EUI-64 adresses and jails
Am Freitag, 12. August 2005 22:48 CEST schrieb Michael W. Oliver: On 2005-08-12T21:03:35+0200, Emanuel Strobl wrote: Am Freitag, 12. August 2005 20:53 CEST schrieb Emanuel Strobl: Hi all, I'm quiet new to IPv6 so I'd like to ask some questions: So far I know how to generate s site-local address on basis of the MAC address of the interface. That's what FreeBSD does itself for INET6 enabled kernels. Ok, here I found my first error, it's in fact a link-local addres, no site-local. If I need a site-local, is it correct to just assign it another (almost similar) address, or should I disable link-local autogeneration? Don't disable link-local address auto-generation. You can assign your own addresses, based on the /48 you have been given by your provider or tunnel broker. Something like this ifconfig fxp0 inet6 3ffe:dead:beef:cafe::/64 eui64 alias Hmmm, that doesn't work here (6.0-beta2): ifconfig fxp0 inet6 fec0::/64 eui64 alias ifconfig: could not determine link local address -Harry That is only if you want to use auto-configured host addresses based on the (IHMO) wasteful EUI64 junk... topic for another thread (and list, probably!). There are lots of differing opinions about the usefulness of EUI64-based auto-config. pgpK93ppA6fUk.pgp Description: PGP signature
Re: IPv6 site local EUI-64 adresses and jails
On 2005-08-12T22:56:19+0200, Emanuel Strobl wrote: Am Freitag, 12. August 2005 22:48 CEST schrieb Michael W. Oliver: ifconfig fxp0 inet6 3ffe:dead:beef:cafe::/64 eui64 alias Hmmm, that doesn't work here (6.0-beta2): ifconfig fxp0 inet6 fec0::/64 eui64 alias ifconfig: could not determine link local address The link-local address is automatically configured, based on the mac address of the interface, so you can't (and wouldn't want to) configure it manually. If you want to configure unicast addresses manually, use the /48 from your provider/broker, broken down into whatever prefixlen you want. What is your current fxp0 configuration? -- Mike Oliver [see complete headers for contact information] pgpRY5lFVSdP6.pgp Description: PGP signature
Re: IPv6 site local EUI-64 adresses and jails
Am Samstag, 13. August 2005 00:03 CEST schrieb Michael W. Oliver: On 2005-08-12T22:56:19+0200, Emanuel Strobl wrote: Am Freitag, 12. August 2005 22:48 CEST schrieb Michael W. Oliver: ifconfig fxp0 inet6 3ffe:dead:beef:cafe::/64 eui64 alias Hmmm, that doesn't work here (6.0-beta2): ifconfig fxp0 inet6 fec0::/64 eui64 alias ifconfig: could not determine link local address The link-local address is automatically configured, based on the mac address of the interface, so you can't (and wouldn't want to) configure it manually. If you want to configure unicast addresses manually, use the /48 from your provider/broker, broken down into whatever prefixlen you want. Just for playing I disabled auto link-local address generation, then I found that ifconfig fxp0 inet6 fec0::1 delete worked after I added that one (without alias, which was my testing reason). Then I also deleted the eui64 address and wanted to reassign it. Another reason I tried to use the -eui64 option with ifconfig was because my fwe0 got no inet6 address! Either the man page of ifconfig is wrong or something else, I couldn't get a working syntax with option eui64. Thanks, -Harry What is your current fxp0 configuration? pgpsyRqn6jeef.pgp Description: PGP signature
FreeBSD 4.11 IPv6-over-IPv4 tunnel problem
Hi List, I want to establish an IPv6-over-IPv4 tunnel to my ISP. After some hours trying i got myself acounts at HE and XS26 for testing and they work. My Setup is FreeBSD 4.11-STABLE with ip(6)fw (stateful) and natd running. My ISP gave the appended setup information which is for Debian Linux (which i've never used). The IPv4 endpoints are 217.197.85.214(me) and 192.109.42.23(ISP) the IPv6 endpoints are 2001:bf0:c00c::c00c:0002:2(me) and 2001:bf0:c00c::c00c:0002:1(ISP). I asked my ISP for support but they don't know the way for FreeBSD and they tell me the tunnel is definitely working. I tried doing the following but this and several other approaches did not yield anything : zwelf:~# ifconfig gif0 create tunnel 217.197.85.214 192.109.42.23 up zwelf:~# ifconfig gif0 inet6 alias 2001:bf0:c00c::c00c:0002:2 zwelf:~# ping6 ff02::1%gif0 PING6(56=40+8+8 bytes) fe80::250:bfff:fe58:6c75%gif0 -- ff02::1%gif0 16 bytes from fe80::250:bfff:fe58:6c75%gif0, icmp_seq=0 hlim=64 time=0.746 ms 16 bytes from fe80::250:bfff:fe58:6c75%gif0, icmp_seq=1 hlim=64 time=0.422 ms 16 bytes from fe80::250:bfff:fe58:6c75%gif0, icmp_seq=2 hlim=64 time=0.427 ms ^C --- ff02::1%gif0 ping6 statistics --- 3 packets transmitted, 3 packets received, 0% packet loss round-trip min/avg/max/std-dev = 0.422/0.532/0.746/0.152 ms Thanks for reading, any comments appreciated Leon /* /etc/network/interfaces for a Debian system */ auto zwelf6 iface zwelf6 inet6 v4tunnel address 2001:bf0:c00c::c00c:0002:2 netmask 112 local 217.197.85.214 endpoint 192.109.42.23 ttl 64 up ip tunnel change zwelf6 ttl 64 up echo 1 /proc/sys/net/ipv6/conf/all/forwarding up ip -6 route add2001::/3 dev zwelf6 down ip -6 route delete 2001::/3 dev zwelf6 /* full ifconfig */ rl0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 options=40POLLING inet 192.168.10.1 netmask 0xff00 broadcast 192.168.10.255 inet6 fe80::250:bfff:fe58:6c75%rl0 prefixlen 64 scopeid 0x1 ether 00:50:bf:58:6c:75 media: Ethernet autoselect (100baseTX full-duplex) status: active rl1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 options=40POLLING inet6 fe80::230:84ff:fe0b:15d4%rl1 prefixlen 64 scopeid 0x2 ether 00:30:84:0b:15:d4 media: Ethernet 10baseT/UTP status: active lp0: flags=8851UP,POINTOPOINT,RUNNING,SIMPLEX,MULTICAST mtu 1500 lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 inet 127.0.0.1 netmask 0xff00 ppp0: flags=8010POINTOPOINT,MULTICAST mtu 1500 sl0: flags=c010POINTOPOINT,LINK2,MULTICAST mtu 552 tun0: flags=8051UP,POINTOPOINT,RUNNING,MULTICAST mtu 1492 inet 217.197.85.214 -- 192.109.42.172 netmask 0x inet6 fe80::250:bfff:fe58:6c75%tun0 prefixlen 64 scopeid 0x7 Opened by PID 70 gif0: flags=8051UP,POINTOPOINT,RUNNING,MULTICAST mtu 1280 tunnel inet 217.197.85.214 -- 192.109.42.23 inet6 fe80::250:bfff:fe58:6c75%gif0 prefixlen 64 scopeid 0x8 inet6 2001:bf0:c00c::c00c:2:2 prefixlen 64 -- gnupg key ID: 9B820836 Fingerprint: 6081 8F41 8FEC 0D69 DB98 F014 0FD4 B47D 9B82 0836 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Problem with IPSec tunnel, using IPv6 addresses, between Two FreeBSD systems.....
Hi All, I need to establish an IPSec tunnel between two FreeBSD systems, using IPv6 addresses.The connetcion is host-to-host between two FreeBSD( RELEASE 4.11) systems with KAME IPSec implementation. I tried to establish the connection, but it has some problems which are explained below. |-| host1-[mohan]| |host2-[ram] |-| host1 IPv6 address : fe80::2b0:d0ff:fe6f:dfa0 host2 IPv6 address : fe80::2b0:d0ff:fe48:7ce7 The 'ipsec.conf' file at Host1 and Host2 are attached along with this email.(you can refer them) IPsec is started with the following commands at both systems:(ipsec SA SPD are set according to ipsec.conf files at both sides) ***at Host1*** mohan# /usr/local/etc/rc.d/setkey.sh start Starting VPN tunnel encryption..Ok mohan# *** ***at Host2*** ram# /usr/local/etc/rc.d/setkey.sh start Starting VPN tunnel encryption..Ok ram# *** (File setkey.sh is also attached with the email below for ur reference) After that I executed 'ping6' and 'tcpdump' commands to test the ipsec connection(on my system i.e.,host1-mohan), but it seems, it is not working properly... ### ping6 command output at host1 mohan# ping6 -I xl0 fe80::2b0:d0ff:fe48:7ce7 PING6(56=40+8+8 bytes) fe80::2b0:d0ff:fe6f:dfa0%xl0 -- fe80::2b0:d0ff:fe48:7ce7 ^C --- fe80::2b0:d0ff:fe48:7ce7 ping6 statistics --- 6 packets transmitted, 0 packets received, 100% packet loss mohan# # But, with tcpdump command it seems like packets are moving from host1 to host2 without ESP(encryption) and reply packets from host2 to host1 with ESP(encryption) header. It is shown in the following output: ## tcpdump at host1 ### mohan# tcpdump -i xl0 host fe80::2b0:d0ff:fe6f:dfa0 tcpdump: listening on xl0 10:08:43.844723 fe80::2b0:d0ff:fe6f:dfa0[host1] ff02::1:ff48:7ce7[host2]: icmp6: neighbor sol: who has fe80::2b0:d0ff:fe48:7ce7 10:08:43.845127 fe80::2b0:d0ff:fe48:7ce7 fe80::2b0:d0ff:fe6f:dfa0: ESP(spi=0xfead,seq=0xf) 10:08:44.844736 fe80::2b0:d0ff:fe6f:dfa0 ff02::1:ff48:7ce7: icmp6: neighbor sol: who has fe80::2b0:d0ff:fe48:7ce7 10:08:44.845109 fe80::2b0:d0ff:fe48:7ce7 fe80::2b0:d0ff:fe6f:dfa0: ESP(spi=0xfead,seq=0x10) 10:08:48.844804 fe80::2b0:d0ff:fe6f:dfa0 ff02::1:ff48:7ce7: icmp6: neighbor sol: who has fe80::2b0:d0ff:fe48:7ce7 10:08:48.845150 fe80::2b0:d0ff:fe48:7ce7 fe80::2b0:d0ff:fe6f:dfa0: ESP(spi=0xfead,seq=0x13) 10:08:49.085694 fe80::2b0:d0ff:fe48:7ce7 fe80::2b0:d0ff:fe6f:dfa0: ESP(spi=0xfead,seq=0x14) 10:08:49.844840 fe80::2b0:d0ff:fe6f:dfa0 ff02::1:ff48:7ce7: icmp6: neighbor sol: who has fe80::2b0:d0ff:fe48:7ce7 10:08:49.845232 fe80::2b0:d0ff:fe48:7ce7 fe80::2b0:d0ff:fe6f:dfa0: ESP(spi=0xfead,seq=0x15) 10:08:50.085696 fe80::2b0:d0ff:fe48:7ce7 fe80::2b0:d0ff:fe6f:dfa0: ESP(spi=0xfead,seq=0x16) 10:08:51.085741 fe80::2b0:d0ff:fe48:7ce7 fe80::2b0:d0ff:fe6f:dfa0: ESP(spi=0xfead,seq=0x17) ## Please, reply me what is the problem with the connection setup.Inform me is there any mistakes with the ipsec.conf files attached with this email or policy setup..? Reply as soon as possible.. The connection works with IPv4 addresses without any problems. If you need any detail regarding the setup, I will send you the details.. Please, give me proper suggestions..any help will be greatly appreciated .. Thanx, with Regards Mohan. ___ Too much spam in your inbox? Yahoo! Mail gives you the best spam protection for FREE! http://in.mail.yahoo.comThe 'ipsec.conf' file at Host1 # # flush configs flush ; spdflush ; # add a SAD entry add fe80::2b0:d0ff:fe6f:dfa0 fe80::2b0:d0ff:fe48:7ce7 esp 0xFEED -m transport -E 3des-cbc host1tohost2host1tohost2 -A hmac-sha1 host1tohost2hmacsha1; add fe80::2b0:d0ff:fe48:7ce7 fe80::2b0:d0ff:fe6f:dfa0 esp 0xFEAD -m transport -E 3des-cbc host2tohost1host2tohost1 -A hmac-sha1 host2tohost1hmacsha1; # and specify what has to be encrypted spdadd fe80::2b0:d0ff:fe6f:dfa0 fe80::2b0:d0ff:fe48:7ce7 any -P out ipsec esp/transport/fe80::2b0:d0ff:fe6f:dfa0-fe80::2b0:d0ff:fe48:7ce7/require ; spdadd fe80::2b0:d0ff:fe48:7ce7 fe80::2b0:d0ff:fe6f:dfa0 any -P in ipsec esp/transport/fe80::2b0:d0ff:fe48:7ce7-fe80::2b0:d0ff:fe6f:dfa0/require ;The 'ipsec.conf' file at Host2 # # flush configs flush ; spdflush ; # add a SAD entry add fe80::2b0:d0ff:fe48:7ce7 fe80::2b0:d0ff:fe6f:dfa0 esp 0xFEAD -m transport -E 3des-cbc host2tohost1host2tohost1 -A hmac-sha1 host2tohost1hmacsha1; add fe80::2b0:d0ff:fe6f:dfa0 fe80::2b0:d0ff:fe48:7ce7 esp 0xFEED -m transport -E 3des-cbc host1tohost2host1tohost2 -A hmac-sha1 host1tohost2hmacsha1; # and specify what has to be encrypted spdadd fe80::2b0:d0ff:fe48:7ce7 fe80::2b0:d0ff:fe6f:dfa0 any -P out ipsec esp
Problem with IPSec tunnel, using IPv6 addresses, between Two FreeBSD systems.....
Hi All, I need to establish an IPSec tunnel between two FreeBSD systems using IPv6 addresses.The connetcion is host-to-host between two FreeBSD( RELEASE 4.11) systems with KAME IPSec implementation. |-| host1-[mohan]| |host2-[ram] |-| host1 IPv6 address : fe80::2b0:d0ff:fe6f:dfa0 host2 IPv6 address : fe80::2b0:d0ff:fe48:7ce7 The 'ipsec.conf' file at Host1 and Host2 are attached along with this email.(you can refer them) IPsec is started with the following commands at both systems: ***at Host1*** mohan# /usr/local/etc/rc.d/setkey.sh start Starting VPN tunnel encryption..Ok mohan# *** ***at Host2*** ram# /usr/local/etc/rc.d/setkey.sh start Starting VPN tunnel encryption..Ok ram# *** (File setkey.sh is also attached with the email below for ur reference) After that I executed 'ping6' and 'tcpdump' commands to test the connection(on my system i.e.,host1-mohan), but, it seems is not working properly... ### ping6 command output at host1 mohan# ping6 -I xl0 fe80::2b0:d0ff:fe48:7ce7 PING6(56=40+8+8 bytes) fe80::2b0:d0ff:fe6f:dfa0%xl0 -- fe80::2b0:d0ff:fe48:7ce7 ^C --- fe80::2b0:d0ff:fe48:7ce7 ping6 statistics --- 6 packets transmitted, 0 packets received, 100% packet loss mohan# # But, with tcpdump command it seems like packets are moving from host1 to host2 without ESP(encryption) and reply packets from host2 to host1 with ESP(encryption) header. It is shown in the following output: ## tcpdump at host1 ### mohan# tcpdump -i xl0 host fe80::2b0:d0ff:fe6f:dfa0 tcpdump: listening on xl0 10:08:43.844723 fe80::2b0:d0ff:fe6f:dfa0[host1] ff02::1:ff48:7ce7[host2]: icmp6: neighbor sol: who has fe80::2b0:d0ff:fe48:7ce7 10:08:43.845127 fe80::2b0:d0ff:fe48:7ce7 fe80::2b0:d0ff:fe6f:dfa0: ESP(spi=0xfead,seq=0xf) 10:08:44.844736 fe80::2b0:d0ff:fe6f:dfa0 ff02::1:ff48:7ce7: icmp6: neighbor sol: who has fe80::2b0:d0ff:fe48:7ce7 10:08:44.845109 fe80::2b0:d0ff:fe48:7ce7 fe80::2b0:d0ff:fe6f:dfa0: ESP(spi=0xfead,seq=0x10) 10:08:48.844804 fe80::2b0:d0ff:fe6f:dfa0 ff02::1:ff48:7ce7: icmp6: neighbor sol: who has fe80::2b0:d0ff:fe48:7ce7 10:08:48.845150 fe80::2b0:d0ff:fe48:7ce7 fe80::2b0:d0ff:fe6f:dfa0: ESP(spi=0xfead,seq=0x13) 10:08:49.085694 fe80::2b0:d0ff:fe48:7ce7 fe80::2b0:d0ff:fe6f:dfa0: ESP(spi=0xfead,seq=0x14) 10:08:49.844840 fe80::2b0:d0ff:fe6f:dfa0 ff02::1:ff48:7ce7: icmp6: neighbor sol: who has fe80::2b0:d0ff:fe48:7ce7 10:08:49.845232 fe80::2b0:d0ff:fe48:7ce7 fe80::2b0:d0ff:fe6f:dfa0: ESP(spi=0xfead,seq=0x15) 10:08:50.085696 fe80::2b0:d0ff:fe48:7ce7 fe80::2b0:d0ff:fe6f:dfa0: ESP(spi=0xfead,seq=0x16) 10:08:51.085741 fe80::2b0:d0ff:fe48:7ce7 fe80::2b0:d0ff:fe6f:dfa0: ESP(spi=0xfead,seq=0x17) ## Please, reply me what is the problem with the connection setup.Inform me is there any mistakes with the ipsec.conf file, policy setup..? Reply as soon as possible.. The connection works with IPv4 addresses without any problems. If you need any detail regarding the setup, I will send you the details.. Please, give me proper suggestions..any help will be greatly appreciated .. Thanx, with Regards Mohan. __ The 'ipsec.conf' file at Host2 # # flush configs flush ; spdflush ; # add a SAD entry add fe80::2b0:d0ff:fe48:7ce7 fe80::2b0:d0ff:fe6f:dfa0 esp 0xFEAD -m transport -E 3des-cbc ipv6readylogo3descbcout1 -A hmac-sha1 ipv6readylogsha1out1; add fe80::2b0:d0ff:fe6f:dfa0 fe80::2b0:d0ff:fe48:7ce7 esp 0xFEED -m transport -E 3des-cbc ipv6readylogo3descbcin01 -A hmac-sha1 ipv6readylogsha1in01; # and specify what has to be encrypted spdadd fe80::2b0:d0ff:fe48:7ce7 fe80::2b0:d0ff:fe6f:dfa0 any -P out ipsec esp/transport/fe80::2b0:d0ff:fe48:7ce7-fe80::2b0:d0ff:fe6f:dfa0/require ; spdadd fe80::2b0:d0ff:fe6f:dfa0 fe80::2b0:d0ff:fe48:7ce7 any -P in ipsec esp/transport/fe80::2b0:d0ff:fe6f:dfa0-fe80::2b0:d0ff:fe48:7ce7/require ; - The 'ipsec.conf' file at Host2 # # flush configs flush ; spdflush ; # add a SAD entry add fe80::2b0:d0ff:fe48:7ce7 fe80::2b0:d0ff:fe6f:dfa0 esp 0xFEAD -m transport -E 3des-cbc ipv6readylogo3descbcout1 -A hmac-sha1 ipv6readylogsha1out1; add fe80::2b0:d0ff:fe6f:dfa0 fe80::2b0:d0ff:fe48:7ce7 esp 0xFEED -m transport -E 3des-cbc ipv6readylogo3descbcin01 -A hmac-sha1 ipv6readylogsha1in01; # and specify what has to be encrypted spdadd fe80::2b0:d0ff:fe48:7ce7 fe80::2b0:d0ff:fe6f:dfa0 any -P out ipsec esp/transport/fe80::2b0:d0ff:fe48:7ce7-fe80::2b0:d0ff:fe6f:dfa0/require ; spdadd fe80::2b0:d0ff:fe6f:dfa0 fe80::2b0:d0ff:fe48:7ce7 any -P in ipsec esp/transport/fe80::2b0:d0ff:fe6f:dfa0-fe80::2b0:d0ff:fe48:7ce7/require
Problem with IPSec tunnel, using IPv6 addresses, between Two FreeBSD systems....
Hi All, I need to establish an IPSec tunnel between two FreeBSD systems, using IPv6 addresses.The connetcion is host-to-host between two FreeBSD( RELEASE 4.11) systems with KAME IPSec implementation. I tried to establish the connection, but it has some problems which are explained below. |-| host1-[mohan]| |host2-[ram] |-| host1 IPv6 address : fe80::2b0:d0ff:fe6f:dfa0 host2 IPv6 address : fe80::2b0:d0ff:fe48:7ce7 The 'ipsec.conf' file at Host1 and Host2 are attached along with this email.(you can refer them) IPsec is started with the following commands at both systems:(ipsec SA SPD are set according to ipsec.conf files at both sides) ***at Host1*** mohan# /usr/local/etc/rc.d/setkey.sh start Starting VPN tunnel encryption..Ok mohan# *** ***at Host2*** ram# /usr/local/etc/rc.d/setkey.sh start Starting VPN tunnel encryption..Ok ram# *** (File setkey.sh is also attached with the email below for ur reference) After that I executed 'ping6' and 'tcpdump' commands to test the ipsec connection(on my system i.e.,host1-mohan), but it seems, it is not working properly... ### ping6 command output at host1 mohan# ping6 -I xl0 fe80::2b0:d0ff:fe48:7ce7 PING6(56=40+8+8 bytes) fe80::2b0:d0ff:fe6f:dfa0%xl0 -- fe80::2b0:d0ff:fe48:7ce7 ^C --- fe80::2b0:d0ff:fe48:7ce7 ping6 statistics --- 6 packets transmitted, 0 packets received, 100% packet loss mohan# # But, with tcpdump command it seems like packets are moving from host1 to host2 without ESP(encryption) and reply packets from host2 to host1 with ESP(encryption) header. It is shown in the following output: ## tcpdump at host1 ### mohan# tcpdump -i xl0 host fe80::2b0:d0ff:fe6f:dfa0 tcpdump: listening on xl0 10:08:43.844723 fe80::2b0:d0ff:fe6f:dfa0[host1] ff02::1:ff48:7ce7[host2]: icmp6: neighbor sol: who has fe80::2b0:d0ff:fe48:7ce7 10:08:43.845127 fe80::2b0:d0ff:fe48:7ce7 fe80::2b0:d0ff:fe6f:dfa0: ESP(spi=0xfead,seq=0xf) 10:08:44.844736 fe80::2b0:d0ff:fe6f:dfa0 ff02::1:ff48:7ce7: icmp6: neighbor sol: who has fe80::2b0:d0ff:fe48:7ce7 10:08:44.845109 fe80::2b0:d0ff:fe48:7ce7 fe80::2b0:d0ff:fe6f:dfa0: ESP(spi=0xfead,seq=0x10) 10:08:48.844804 fe80::2b0:d0ff:fe6f:dfa0 ff02::1:ff48:7ce7: icmp6: neighbor sol: who has fe80::2b0:d0ff:fe48:7ce7 10:08:48.845150 fe80::2b0:d0ff:fe48:7ce7 fe80::2b0:d0ff:fe6f:dfa0: ESP(spi=0xfead,seq=0x13) 10:08:49.085694 fe80::2b0:d0ff:fe48:7ce7 fe80::2b0:d0ff:fe6f:dfa0: ESP(spi=0xfead,seq=0x14) 10:08:49.844840 fe80::2b0:d0ff:fe6f:dfa0 ff02::1:ff48:7ce7: icmp6: neighbor sol: who has fe80::2b0:d0ff:fe48:7ce7 10:08:49.845232 fe80::2b0:d0ff:fe48:7ce7 fe80::2b0:d0ff:fe6f:dfa0: ESP(spi=0xfead,seq=0x15) 10:08:50.085696 fe80::2b0:d0ff:fe48:7ce7 fe80::2b0:d0ff:fe6f:dfa0: ESP(spi=0xfead,seq=0x16) 10:08:51.085741 fe80::2b0:d0ff:fe48:7ce7 fe80::2b0:d0ff:fe6f:dfa0: ESP(spi=0xfead,seq=0x17) ## Please, reply me what is the problem with the connection setup.Inform me is there any mistakes with the ipsec.conf files attached with this email or policy setup..? Reply as soon as possible.. The connection works with IPv4 addresses without any problems. If you need any detail regarding the setup, I will send you the details.. Please, give me proper suggestions..any help will be greatly appreciated .. Thanx, with Regards Mohan. ___ Too much spam in your inbox? Yahoo! Mail gives you the best spam protection for FREE! http://in.mail.yahoo.comThe 'ipsec.conf' file at Host1 # # flush configs flush ; spdflush ; # add a SAD entry add fe80::2b0:d0ff:fe6f:dfa0 fe80::2b0:d0ff:fe48:7ce7 esp 0xFEED -m transport -E 3des-cbc host1tohost2host1tohost2 -A hmac-sha1 host1tohost2hmacsha1; add fe80::2b0:d0ff:fe48:7ce7 fe80::2b0:d0ff:fe6f:dfa0 esp 0xFEAD -m transport -E 3des-cbc host2tohost1host2tohost1 -A hmac-sha1 host2tohost1hmacsha1; # and specify what has to be encrypted spdadd fe80::2b0:d0ff:fe6f:dfa0 fe80::2b0:d0ff:fe48:7ce7 any -P out ipsec esp/transport/fe80::2b0:d0ff:fe6f:dfa0-fe80::2b0:d0ff:fe48:7ce7/require ; spdadd fe80::2b0:d0ff:fe48:7ce7 fe80::2b0:d0ff:fe6f:dfa0 any -P in ipsec esp/transport/fe80::2b0:d0ff:fe48:7ce7-fe80::2b0:d0ff:fe6f:dfa0/require ;The 'ipsec.conf' file at Host2 # # flush configs flush ; spdflush ; # add a SAD entry add fe80::2b0:d0ff:fe48:7ce7 fe80::2b0:d0ff:fe6f:dfa0 esp 0xFEAD -m transport -E 3des-cbc host2tohost1host2tohost1 -A hmac-sha1 host2tohost1hmacsha1; add fe80::2b0:d0ff:fe6f:dfa0 fe80::2b0:d0ff:fe48:7ce7 esp 0xFEED -m transport -E 3des-cbc host1tohost2host1tohost2 -A hmac-sha1 host1tohost2hmacsha1; # and specify what has to be encrypted spdadd fe80::2b0:d0ff:fe48:7ce7 fe80::2b0:d0ff:fe6f:dfa0 any -P out ipsec esp
Questions about FreeBSD support for Multiple Monitors IPv6 Protocol
Does FreeBSD, Xorg or the Window Managers have support for more than one Monitor, and if so how would I enable that feature? Can I use IPv6 Protocol with FreeBSD on my internal network if I wanted to? _ Express yourself instantly with MSN Messenger! [1]MSN Messenger Download today it's FREE! References 1. http://g.msn.com/8HMBEN/2728??PS=47575 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Questions about FreeBSD support for Multiple Monitors IPv6 Protocol
Matthew Jordan wrote: Does FreeBSD, Xorg or the Window Managers have support for more than one Monitor, and if so how would I enable that feature? X.org supports this feature. I can offer a sample configuration that works for me: http://www.alpha-tierchen.de/dateien/etc/xorg.conf-dual.txt Can I use IPv6 Protocol with FreeBSD on my internal network if I wanted to? Yes, read the IPv6 section of the handbook http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-ipv6.html if you need further information about this topic. Björn ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Questions about FreeBSD support for Multiple Monitors IPv6 Protocol
# Matthew Jordan: Does FreeBSD, Xorg or the Window Managers have support for more than one Monitor, and if so how would I enable that feature? There are multiple ways to do this, i.e. xinerama. Try googling for multiple monitors xorg or something like that. If you use the nVidia-driver from ports, it's even easier, I just modified my xorg.conf: Section Device Identifier NV AGP Driver nvidia BusID PCI:1:0:0 Option TwinView on Option MetaModes 1280x1024,1280x1024; 1024x768,NULL Option SecondMonitorHorizSync 28-64 Option SecondMonitorVertRefresh 60 Option TwinViewOrientation LeftOf EndSection Can I use IPv6 Protocol with FreeBSD on my internal network if I wanted to? I haven't tried, but in all probability: yes. HTH, Mario -- Für Gegner der Reform wird ein Wagen, der an die Wand gefahren wurde, nicht dadurch wieder flott, dass man zwei seiner Räder für intakt erklärt. -- Hermann Unterstöger, SZ, über die Rechtschraipreform ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPv6 ICMP multicast response
Martin Petraschek [EMAIL PROTECTED] writes: By default, FreeBSD does not reply to ICMP multicast echo requests. For IPv4 this behaviour can be changed with sysctl net.inet.icmp.bmcastecho=0|1 Is there a similar control for IPv6? No. That would violate RFC 2463, section 2.4(e.2). As well as being a bad idea. If you need it for some custom application that won't be connected to the Internet, you can hack the source. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPv6 ICMP multicast response
On 07 Apr 2005 09:30:29 -0400, Lowell Gilbert wrote: Martin Petraschek [EMAIL PROTECTED] writes: By default, FreeBSD does not reply to ICMP multicast echo requests. For IPv4 this behaviour can be changed with sysctl net.inet.icmp.bmcastecho=0|1 Is there a similar control for IPv6? No. That would violate RFC 2463, section 2.4(e.2). As well as being a bad idea. The section you are referencing in RFC 2463 is concerning ICMP ERROR messages. Echo requests/responses are informational messages, therefore this section does not apply. The same RFC 2463, section 4.2 states: An Echo Reply SHOULD be sent in response to an Echo Request message sent to an IPv6 multicast address. The source address of the reply MUST be a unicast address belonging to the interface on which the multicast Echo Request message was received. Therefore, the OS _should_ respond to a multicast echo request! Martin ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPv6 ICMP multicast response
Martin Petraschek [EMAIL PROTECTED] writes: The section you are referencing in RFC 2463 is concerning ICMP ERROR messages. Echo requests/responses are informational messages, therefore this section does not apply. Ah. You're right; I was thinking about error handling because that's the code I happened to be working with this morning. I was looking at the error handling code, as well, so when I said it was impossible I may have been wrong also. [The ICMP6_ECHO_REQUEST handling in icmp6_input() doesn't do any special handling for multicast at all, so I don't see why it doesn't Just Work.] Sorry for not paying enough attention to the question. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPv6 ICMP multicast response
On 07 Apr 2005 10:29:07 -0400, Lowell Gilbert wrote: Martin Petraschek [EMAIL PROTECTED] writes: The section you are referencing in RFC 2463 is concerning ICMP ERROR messages. Echo requests/responses are informational messages, therefore this section does not apply. Ah. You're right; I was thinking about error handling because that's the code I happened to be working with this morning. I was looking at the error handling code, as well, so when I said it was impossible I may have been wrong also. [The ICMP6_ECHO_REQUEST handling in icmp6_input() doesn't do any special handling for multicast at all, so I don't see why it doesn't Just Work.] Sorry for not paying enough attention to the question. No problem. Anyway, because of your reply I double checked my setup and found out that FreeBSD does indeed answer to multicast ping requests. There just does not seem to be a sysctl switch to turn off this behaviour (as there is for IPv4). Thank you, Martin ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
IPv6 ICMP multicast response
Hi, By default, FreeBSD does not reply to ICMP multicast echo requests. For IPv4 this behaviour can be changed with sysctl net.inet.icmp.bmcastecho=0|1 Is there a similar control for IPv6? Thank you, Martin ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: IPv6 in rc.conf only: create gif0 / add route?
Hello again! Your answers were a bit out of my league: here is my rc.conf so far. i'm not sure if it's working i haven't had a chance to reboot yet. please let me know what you think of it? # *** IPv6 configuration # ipv6_enable=YES ipv6_gateway_enable=YES cloned_interfaces=gif0 ipv6_network_interfaces=gif0 ipv6_defaultrouter=fe80:: ifconfig_gif0=inet 213.181.153.22 213.121.24.85 ipv6_ifconfig_gif0_alias1=2001:618:400:33bb::1 prefixlen 64 ipv6_ifconfig_gif0_alias2=2001:618:400:33bb::2 prefixlen 64 ipv6_ifconfig_gif0_alias3=2001:618:400:33bb::3 prefixlen 64 ipv6_firewall_enable=YES ipv6_firewall_type=open rtadvd_enable=YES rtadvd_interfaces=gif0 You have nothing to specify the ipv6 part of the gif tunnel. should have 2 ipv6 addresses usualy on a /128. Could you please provide me with an example? Your ipv6 default gateway is a fe80: address (link local.) Usualy it would be your next hop out onto the ipv6 internet (in my case the other side of the ipv6 part of the gif tunnel.) How should my gateway be? You are advertising your machine as an ipv6 router but only on the gif interface, thus any ipv6 hosts you have on your network wont see the router advertisment packets and wont autoconfigure to the range you are advertising. My network interface connecting me to the Internet is lnc0. Should rtadvd be advertising it instead? Hope you get it working, I'm no expert but it works for me :) Now now :) You seem to know your way. All the best, -- Fafa - Original Message - From: Vince [EMAIL PROTECTED] To: 'Fafa Diliha Romanova' [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: RE: IPv6 in rc.conf only: create gif0 / add route? Date: Mon, 14 Mar 2005 20:26:53 - Since you are using a gif interface I assume you use a tunnel for your ipv6 connection. Here is the relevant parts of my rc.conf which works (I use a H.E. ipv6 tunnel (http://tunnelbroker.net) but any gif tunnel should be similar) gif_interfaces=gif0 # create the gif gifconfig_gif0=62.140.220.90 64.71.128.83 # setup the ipv4 endpoints of the tunnel ipv6_enable=YES# Set to YES to set up for IPv6. ipv6_gateway_enable=YES ipv6_network_interfaces=gif0 fxp0 # List of network interfaces (or auto). ipv6_defaultrouter=2001:470:1F01:::120# Set to IPv6 default gateway ipv6_ifconfig_gif0=2001:470:1F01:::121 2001:470:1F01:::120 prefixlen 128 #setup ipv6 tunnel ipv6_ifconfig_fxp0=2001:470:1F01:244::1 prefixlen 64 #set fxp0 ipv6 address rtadvd_enable=YES # Set to YES to enable an IPv6 router rtadvd_interfaces=fxp1 fxp0 wi0 # Interfaces rtadvd sends RA packets. Some lines may wrap. Vince -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Fafa Diliha Romanova Sent: 13 March 2005 20:11 To: [EMAIL PROTECTED] Subject: IPv6 in rc.conf only: create gif0 / add route? Hey! I am trying to add my entire IPv6 setup into rc.conf. But it seems it won't automagically create gif0, nor will it add the default route. This is my rc.conf: # *** IPv6 configuration # ipv6_enable=YES ipv6_gateway_enable=YES ipv6_network_interfaces=gif0 ipv6_defaultrouter=fe80::%gif0 ipv6_ifconfig_gif0=inet 213.183.143.59 213.121.24.85 ipv6_ifconfig_gif0=inet6 alias 2001:618:400:4572::1 prefixlen 64 ipv6_ifconfig_gif0=inet6 alias 2001:618:400:4572::2 prefixlen 64 ipv6_ifconfig_gif0=inet6 alias 2001:618:400:4572::3 prefixlen 64 ipv6_firewall_enable=YES ipv6_firewall_type=open rtadvd_enable=YES rtadvd_interfaces=gif0 Is anybody able to tell what I lack? I certainly cannot ping6 6bone.net after reboot. Thanks! All the best, -- Fafa -- ___ Sign-up for Ads Free at Mail.com http://promo.mail.com/adsfreejump.htm ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Anybody using BTExact's IPv6 tunnel?
If you are, please show me your working setup :) Either in the form of rc.conf, or a custom shell script. Thank you, -- Fafa -- ___ Sign-up for Ads Free at Mail.com http://promo.mail.com/adsfreejump.htm ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: IPv6 in rc.conf only: create gif0 / add route?
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Fafa Diliha Romanova Sent: 20 March 2005 19:22 To: Vince Hoffman Cc: [EMAIL PROTECTED] Subject: RE: IPv6 in rc.conf only: create gif0 / add route? Hello again! Hi, Your answers were a bit out of my league: Or badly worded ;) here is my rc.conf so far. i'm not sure if it's working i haven't had a chance to reboot yet. please let me know what you think of it? # *** IPv6 configuration # ipv6_enable=YES ipv6_gateway_enable=YES cloned_interfaces=gif0 ipv6_network_interfaces=gif0 ipv6_defaultrouter=fe80:: ifconfig_gif0=inet 213.181.153.22 213.121.24.85 ipv6_ifconfig_gif0_alias1=2001:618:400:33bb::1 prefixlen 64 ipv6_ifconfig_gif0_alias2=2001:618:400:33bb::2 prefixlen 64 ipv6_ifconfig_gif0_alias3=2001:618:400:33bb::3 prefixlen 64 ipv6_firewall_enable=YES ipv6_firewall_type=open rtadvd_enable=YES rtadvd_interfaces=gif0 You have nothing to specify the ipv6 part of the gif tunnel. should have 2 ipv6 addresses usualy on a /128. Could you please provide me with an example? Ok I had a headstart here as I had already used a gif s an ipv4 over ipv4 tunnel and the HE tunnelbroker page gives you a basic config (for every operating system you're likely to use anyway which includes FreeBSD.) I'll go through the steps of creating the tunnel and then translate them to rc.conf variables. 1) create the gif ifconfig gif0 create-- you have this with cloned_interfaces=gif0 2) the command they give was slightly wrong you need ifconfig gif0 inet 62.140.220.90 64.71.128.83 -- again you have this as ifconfig_gif0=inet 213.181.153.22 213.121.24.85 3) configure the ipv6 point to point tunnel ifconfig gif0 inet6 2001:470:1F01:::121 2001:470:1F01:::120 prefixlen 128 --- you are missing this command. I have ipv6_ifconfig_gif0=2001:470:1F01:::121 2001:470:1F01:::120 prefixlen 128 4) add you ipv6 default route (the far end of the tunnel makes sense) route -n add -inet6 default 2001:470:1F01:::120 In rc.conf ipv6_defaultrouter=2001:470:1F01:::120 Your ipv6 default gateway is a fe80: address (link local.) Usualy it would be your next hop out onto the ipv6 internet (in my case the other side of the ipv6 part of the gif tunnel.) How should my gateway be? Your first hop out onto the ipv6 internet, as provided by your tunnel provider. You are advertising your machine as an ipv6 router but only on the gif interface, thus any ipv6 hosts you have on your network wont see the router advertisment packets and wont autoconfigure to the range you are advertising. My network interface connecting me to the Internet is lnc0. Should rtadvd be advertising it instead? Do you have any hosts that need to use rtadvd? (hosts on your network that are running rtsold/rtsol or equivalent? If not don't run it, if you do then run it on the interface those hosts are connected to. Good luck, Vince Hope you get it working, I'm no expert but it works for me :) Now now :) You seem to know your way. All the best, -- Fafa - Original Message - From: Vince [EMAIL PROTECTED] To: 'Fafa Diliha Romanova' [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: RE: IPv6 in rc.conf only: create gif0 / add route? Date: Mon, 14 Mar 2005 20:26:53 - Since you are using a gif interface I assume you use a tunnel for your ipv6 connection. Here is the relevant parts of my rc.conf which works (I use a H.E. ipv6 tunnel (http://tunnelbroker.net) but any gif tunnel should be similar) gif_interfaces=gif0 # create the gif gifconfig_gif0=62.140.220.90 64.71.128.83 # setup the ipv4 endpoints of the tunnel ipv6_enable=YES# Set to YES to set up for IPv6. ipv6_gateway_enable=YES ipv6_network_interfaces=gif0 fxp0 # List of network interfaces (or auto). ipv6_defaultrouter=2001:470:1F01:::120# Set to IPv6 default gateway ipv6_ifconfig_gif0=2001:470:1F01:::121 2001:470:1F01:::120 prefixlen 128 #setup ipv6 tunnel ipv6_ifconfig_fxp0=2001:470:1F01:244::1 prefixlen 64 #set fxp0 ipv6 address rtadvd_enable=YES # Set to YES to enable an IPv6 router rtadvd_interfaces=fxp1 fxp0 wi0 # Interfaces rtadvd sends RA packets. Some lines may wrap. Vince -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Fafa Diliha Romanova Sent: 13 March 2005 20:11 To: [EMAIL PROTECTED] Subject: IPv6 in rc.conf only: create gif0 / add route? Hey! I am trying to add my entire IPv6 setup into rc.conf. But it seems it won't automagically create gif0, nor will it add the default route. This is my rc.conf: # *** IPv6 configuration # ipv6_enable=YES ipv6_gateway_enable=YES
RE: IPv6 in rc.conf only: create gif0 / add route?
Since you are using a gif interface I assume you use a tunnel for your ipv6 connection. Here is the relevant parts of my rc.conf which works (I use a H.E. ipv6 tunnel (http://tunnelbroker.net) but any gif tunnel should be similar) gif_interfaces=gif0 # create the gif gifconfig_gif0=62.140.220.90 64.71.128.83 # setup the ipv4 endpoints of the tunnel ipv6_enable=YES# Set to YES to set up for IPv6. ipv6_gateway_enable=YES ipv6_network_interfaces=gif0 fxp0 # List of network interfaces (or auto). ipv6_defaultrouter=2001:470:1F01:::120# Set to IPv6 default gateway ipv6_ifconfig_gif0=2001:470:1F01:::121 2001:470:1F01:::120 prefixlen 128 #setup ipv6 tunnel ipv6_ifconfig_fxp0=2001:470:1F01:244::1 prefixlen 64 #set fxp0 ipv6 address rtadvd_enable=YES # Set to YES to enable an IPv6 router rtadvd_interfaces=fxp1 fxp0 wi0 # Interfaces rtadvd sends RA packets. Some lines may wrap. Vince -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Fafa Diliha Romanova Sent: 13 March 2005 20:11 To: [EMAIL PROTECTED] Subject: IPv6 in rc.conf only: create gif0 / add route? Hey! I am trying to add my entire IPv6 setup into rc.conf. But it seems it won't automagically create gif0, nor will it add the default route. This is my rc.conf: # *** IPv6 configuration # ipv6_enable=YES ipv6_gateway_enable=YES ipv6_network_interfaces=gif0 ipv6_defaultrouter=fe80::%gif0 ipv6_ifconfig_gif0=inet 213.183.143.59 213.121.24.85 ipv6_ifconfig_gif0=inet6 alias 2001:618:400:4572::1 prefixlen 64 ipv6_ifconfig_gif0=inet6 alias 2001:618:400:4572::2 prefixlen 64 ipv6_ifconfig_gif0=inet6 alias 2001:618:400:4572::3 prefixlen 64 ipv6_firewall_enable=YES ipv6_firewall_type=open rtadvd_enable=YES rtadvd_interfaces=gif0 Is anybody able to tell what I lack? I certainly cannot ping6 6bone.net after reboot. Thanks! All the best, -- Fafa -- ___ Sign-up for Ads Free at Mail.com http://promo.mail.com/adsfreejump.htm ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Trying to turn ipv6.sh into rc.conf directives ...
Hey! I'm trying to centralize my system by placing as much as possible into rc.conf. I also think it looks prettier that way. These settings were given to me by BTExact: ifconfig gif create ifconfig gif0 inet 213.188.174.11 213.121.24.85 ifconfig gif0 inet6 2001:614:365::d5bb:b546 prefixlen 128 route add -inet6 default 'fe80::%gif0' ifconfig lnc0 inet6 2001:614:365:6ad9:: prefixlen 64 sysctl -w net.inet6.ip6.forwarding=1 /usr/sbin/rtadvd lnc0 So far I've converted them to this: ipv6_enable=YES ipv6_gateway_enable=YES ipv6_network_interfaces=gif0 ipv6_defaultrouter=2001:614:365:: ipv6_network_interfaces=gif0 lnc0 ipv6_ifconfig_gif0=inet 213.188.174.11 213.121.24.85 ipv6_ifconfig_gif0=inet6 2001:614:365::d5bb:b546 prefixlen 128 ipv6_ifconfig_lnc0=inet6 2001:614:365:6ad9:: prefixlen 64 ipv6_network_interfaces=gif0 lnc0 ipv6_firewall_enable=YES ipv6_firewall_type=open rtadvd_enable=YES rtadvd_interfaces=lnc0 Does that look alright to you IPv6 gurus? Will I now be able to reboot with a fully functional IPv6 connection? Thank you, -- Fafa -- ___ Sign-up for Ads Free at Mail.com http://promo.mail.com/adsfreejump.htm ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
IPv6 in rc.conf only: create gif0 / add route?
Hey! I am trying to add my entire IPv6 setup into rc.conf. But it seems it won't automagically create gif0, nor will it add the default route. This is my rc.conf: # *** IPv6 configuration # ipv6_enable=YES ipv6_gateway_enable=YES ipv6_network_interfaces=gif0 ipv6_defaultrouter=fe80::%gif0 ipv6_ifconfig_gif0=inet 213.183.143.59 213.121.24.85 ipv6_ifconfig_gif0=inet6 alias 2001:618:400:4572::1 prefixlen 64 ipv6_ifconfig_gif0=inet6 alias 2001:618:400:4572::2 prefixlen 64 ipv6_ifconfig_gif0=inet6 alias 2001:618:400:4572::3 prefixlen 64 ipv6_firewall_enable=YES ipv6_firewall_type=open rtadvd_enable=YES rtadvd_interfaces=gif0 Is anybody able to tell what I lack? I certainly cannot ping6 6bone.net after reboot. Thanks! All the best, -- Fafa -- ___ Sign-up for Ads Free at Mail.com http://promo.mail.com/adsfreejump.htm ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPv6 setup script ... doesn't work!!
Mario,
Thank you! I am beyond appreciation and respect to you!
I feel I also learned a lot about shell scripting while doing this.
You are truly a kind soul for letting your experience influence
my life, man. Again, thank you.
1) How would this setup look in rc.conf?
Since FreeBSD 5 is all about centralizing, they say,
I'd appreciate being able to move all my vital configuration
into one place.
2) Does this code look OK now then?
case $1 in
start)
ifconfig gif create
ifconfig gif0 inet 213.187.181.70 213.121.24.85
ifconfig gif0 inet6 2001:618:400::d5bb:b546 prefixlen 128
route add -inet6 default 'fe80::%gif0'
ifconfig lnc0 inet6 2001:618:400:6ad9:: prefixlen 64
sysctl -w net.inet6.ip6.forwarding=1
/usr/sbin/rtadvd lnc0
if [ $? = 0 ]; then
echo IPv6 activated.
else
echo IPv6 activation failed. 12
exit 1
fi
;;
stop)
killall -m rtadvd
sysctl -w net.inet6.ip6.forwarding=0
ifconfig fxp0 inet6 2001:618:400:6ad9:: prefixlen 64 delete
route delete -inet6 default fe80::%gif0
ifconfig gif0 inet6 2001:618:400::d5bb:b546 prefixlen 128 delete
ifconfig gif0 delete
if [ $? = 0 ]; then
echo IPv6 deactivated.
else
echo IPv6 deactivation failed 12
exit 1
fi
;;
restart)
$0 stop
echo Pausing 5 seconds before restart ...
sleep 5
$0 start
;;
*)
echo Usage: `basename $0` {start|stop|restart} 12
exit 1
esac
exit 0
3) By the way, are you up for hire?
All the best,
-- Fafa
- Original Message -
From: Mario Hoerich [EMAIL PROTECTED]
To: Fafa Diliha Romanova [EMAIL PROTECTED]
Subject: Re: IPv6 setup script ... doesn't work!!
Date: Thu, 10 Mar 2005 02:02:21 +0100
# Fafa Diliha Romanova:
# ifconfig gif create
Try uncommenting this (by removing the '#').
gifconfig gif0 inet 213.187.181.70 213.121.24.85
Looks like a typo, this is probably just ifconfig.
route add -inet6 default fe80::%gif0
The shell will mangle this. Quote it, like 'fe80::%gif0'.
ifconfig fxp0 inet6 2001:618:400:6ad9:: prefixlen 64
Replace every occurence of fxp0 with your ethernet NIC (i.e. xl0).
sysctl ?w net.inet6.ip6.forwarding=1
^^
Another typo, this is supposed to be -w.
echo IPv6 activation complete! ||
{ echo IPv6 activation failed! 12; exit 1; }
;;
Eh? So if echo on stdout fails, we're moving to stderr?
What am I missing here?
I'd guess the actual intent was more like
/usr/sbin/rtadvd fxp0
if [ $? = 0 ]; then
echo IPv6 activated.
else
echo IPv6 activation failed. 12
exit 1
fi
gifconfig gif0 delete
echo IPv6 deactivation complete! ||
{ echo IPv6 deactivation failed! 12; exit 1; }
;;
More junk code.
echo Usage: $0 {start|stop|restart}
echo Usage: `basename $0` {start|stop|restart} 12
Where did I go wrong?
You didn't. The script is rotten.
Regards,
Mario
--
___
Sign-up for Ads Free at Mail.com
http://promo.mail.com/adsfreejump.htm
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
X apps timeout on IPv6 after cvsup to Xfree86-4-clients-4.4.0.5
Guys/Gals;
I recently cvsup'ed my 4.11 machine to the latest XFree86 source - and ran into
a snag.
I don't typically sit at console, so I didn't have a full X install (I do now -
as part of debugging this problem...) Instead, I use Xwin32/Putty's automatic
ssh tunnelling feature, and launch apps from my Windows desktop with icons
(really slick).
After the upgrade, though; apps take over 30 seconds to launch. This doesn't
happen locally - I tested this by completing the X installation, and launching
xterms from the console, and I didn't see any delay.
So, I ran xterm under truss from a SSH session, and discovered that it was
timing out on a connect with an IPv6 address. It later tried to connect using
an IPv4 address, and everything went fine. This makes sense - I don't have IPv6
configured on this system (though it is in the kernel).
Truss output:
output snipped
socket(0x1c,0x1,0x0) = 3 (0x3)
setsockopt(0x3,0x6,0x1,0xbfbff67c,0x4) = 0 (0x0)
open(/etc/host.conf,0x0,0666) = 4 (0x4)
fstat(4,0xbfbfef50) = 0 (0x0)
break(0x8097000) = 0 (0x0)
read(0x4,0x8093000,0x4000) = 205 (0xcd)
read(0x4,0x8093000,0x4000) = 0 (0x0)
close(4) = 0 (0x0)
open(/etc/hosts,0x0,0666) = 4 (0x4)
fstat(4,0xbfbfd2d0) = 0 (0x0)
read(0x4,0x8093000,0x4000) = 1085 (0x43d)
read(0x4,0x8093000,0x4000) = 0 (0x0)
close(4) = 0 (0x0)
setsockopt(0x3,0x,0x8,0xbfbff5ac,0x4)= 0 (0x0)
connect(0x3,{ AF_INET6 [::1]:6010 },28) ERR#60 'Operation timed out'
close(3) = 0 (0x0)
nanosleep(0xbfbff768,0xbfbff760) = 0 (0x0)
socket(0x1c,0x1,0x0) = 3 (0x3)
setsockopt(0x3,0x6,0x1,0xbfbff67c,0x4) = 0 (0x0)
close(3) = 0 (0x0)
socket(0x2,0x1,0x0) = 3 (0x3)
setsockopt(0x3,0x6,0x1,0xbfbff4fc,0x4) = 0 (0x0)
setsockopt(0x3,0x,0x8,0xbfbff5ac,0x4)= 0 (0x0)
connect(0x3,{ AF_INET 127.0.0.1:6010 },16) = 0 (0x0)
getsockname(0x3,{ AF_INET 127.0.0.1:4512 },0xbfbff4bc) = 0 (0x0)
getpeername(0x3,{ AF_INET 127.0.0.1:6010 },0xbfbff4bc) = 0 (0x0)
__sysctl(0xbfbff5c8,0x2,0xbfbff634,0xbfbff5c4,0x0,0x0) = 0 (0x0)
What is odd is that this DIDN'T happen before the update. I am going to try
disabling ipv6 support in the kernel, with the hopes that this will fix the
problem.
Has anyone else seen this?
Thanks,
Seth Henry
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
IPv6 setup script ... doesn't work!!
Hello!
I just registered with BTExact, and they sent me ipv6.sh:
#!/bin/sh
case $1 in
start)
#ifconfig gif create
gifconfig gif0 inet 213.187.181.70 213.121.24.85
ifconfig gif0 inet6 2001:618:400::d5bb:b546 prefixlen 128
route add -inet6 default fe80::%gif0
ifconfig fxp0 inet6 2001:618:400:6ad9:: prefixlen 64
sysctl ?w net.inet6.ip6.forwarding=1
/usr/sbin/rtadvd fxp0
echo IPv6 activation complete! ||
{ echo IPv6 activation failed! 12; exit 1; }
;;
stop)
killall -m rtadvd
sysctl -w net.inet6.ip6.forwarding=0
ifconfig fxp0 inet6 2001:618:400:6ad9:: prefixlen 64 delete
route delete -inet6 default fe80::%gif0
ifconfig gif0 inet6 2001:618:400::d5bb:b546 prefixlen 128 delete
gifconfig gif0 delete
echo IPv6 deactivation complete! ||
{ echo IPv6 deactivation failed! 12; exit 1; }
;;
restart)
$0 stop
echo Pausing 5 seconds before restart ...
sleep 5
$0 start
;;
*)
echo Usage: $0 {start|stop|restart}
exit 1
esac
exit 0
I get this when I run it:
gifconfig: not found
ifconfig: interface gif0 does not exist
fe80::%gif0: bad value
ifconfig: interface fxp0 does not exist
sysctl: unknown oid '?w'
IPv6 activation complete!
I have this configuration in /etc/rc.conf:
# *** IPv6 configuration
#
gif_interfaces=gif0
ipv6_enable=YES
ipv6_gateway_enable=YES
ipv6_defaultrouter=-interface gif0
ipv6_network_interfaces=gif0 lnc0 ep0
ipv6_firewall_enable=YES
ipv6_firewall_type=open
rtadvd_enable=YES
rtadvd_interfaces=ep0
Where did I go wrong?
Thanks! And all the best,
-- from Fafa!
--
___
Sign-up for Ads Free at Mail.com
http://promo.mail.com/adsfreejump.htm
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPv6 setup script ... doesn't work!!
# Fafa Diliha Romanova:
# ifconfig gif create
Try uncommenting this (by removing the '#').
gifconfig gif0 inet 213.187.181.70 213.121.24.85
Looks like a typo, this is probably just ifconfig.
route add -inet6 default fe80::%gif0
The shell will mangle this. Quote it, like 'fe80::%gif0'.
ifconfig fxp0 inet6 2001:618:400:6ad9:: prefixlen 64
Replace every occurence of fxp0 with your ethernet NIC (i.e. xl0).
sysctl ?w net.inet6.ip6.forwarding=1
^^
Another typo, this is supposed to be -w.
echo IPv6 activation complete! ||
{ echo IPv6 activation failed! 12; exit 1; }
;;
Eh? So if echo on stdout fails, we're moving to stderr?
What am I missing here?
I'd guess the actual intent was more like
/usr/sbin/rtadvd fxp0
if [ $? = 0 ]; then
echo IPv6 activated.
else
echo IPv6 activation failed. 12
exit 1
fi
gifconfig gif0 delete
echo IPv6 deactivation complete! ||
{ echo IPv6 deactivation failed! 12; exit 1; }
;;
More junk code.
echo Usage: $0 {start|stop|restart}
echo Usage: `basename $0` {start|stop|restart} 12
Where did I go wrong?
You didn't. The script is rotten.
Regards,
Mario
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
IPv6 with IPsec on FreeBSD 4.10-R with racoon-20040408a
When setting up IPsec at my home using FreeBSD 4.10-RELEASE and
racoon-20040408a, I came across a problem with IPv6 and IPsec.
First, here is the relevant information about my setup.
I have two computers in my network, each assigned a global unicast
address (do not worry about my abuse of these unicast addresses, my
network is completely isolated from the Internet):
Computer A is assigned 2001:0:2:3:20a:5eff:fe47:9709, and
Computer B is assigned 2001:0:2:3:260:8ff:fe7f:68b1
Both computers runs a 4.10-RELEASE kernel compiled with:
options INET
options INET6
options IPSEC
options IPSEC_ESP
options IPSEC_DEBUG
Both computers use racoon-20040408a, installed as a precompiled package,
for dynamical keying.
The racoon.conf on both computers looks like this:
path include /etc/racoon;
path pre_shared_key /etc/racoon/pre_shared_keys;
timer {
counter 20;
interval 25 sec;
phase1 20 sec;
phase2 20 sec;
}
remote anonymous {
exchange_mode main,aggressive,base;
doi ipsec_doi;
situation identity_only;
my_identifier address;
lifetime time 1 hour;
initial_contact on;
passive off;
proposal_check obey;
send_cert off;
send_cr off;
verify_cert off;
proposal {
encryption_algorithm blowfish;
hash_algorithm sha1;
authentication_method pre_shared_key;
dh_group 2;
}
}
sainfo anonymous {
pfs_group 2;
lifetime time 30 min;
encryption_algorithm blowfish 448,rijndael 256,cast128,3des;
authentication_algorithm hmac_sha1,hmac_md5;
compression_algorithm deflate;
}
I have trimmed the IPsec policy rules down to these ones (taken from
computer A):
# Flush the entries.
spdflush;
# ISAKMP between computers A and B may use ESP and AH.
spdadd 2001:0:2:3:20a:5eff:fe47:9709[500] 2001:0:2:3:260:8ff:fe7f:68b1[500]
udp -P out ipsec esp/transport//use ah/transport//use;
spdadd 2001:0:2:3:260:8ff:fe7f:68b1[500] 2001:0:2:3:20a:5eff:fe47:9709[500]
udp -P in ipsec esp/transport//use ah/transport//use;
# Any other traffic between computers A and B must use ESP and AH.
spdadd 2001:0:2:3:20a:5eff:fe47:9709 2001:0:2:3:260:8ff:fe7f:68b1 any -P out
ipsec esp/transport//require ah/transport//require;
spdadd 2001:0:2:3:260:8ff:fe7f:68b1 2001:0:2:3:20a:5eff:fe47:9709 any -P in
ipsec esp/transport//require ah/transport//require;
The policy rules on computer B corresponds to the ones above.
Similar policy rules for IPv4 works like a dream on my network, so why
does not it work for IPv6?
With the policy rules above in effect, racoon on both computers uses
almost infinite time when attempting to negotiate the keying for IPv6.
I.e., racoon is getting nowhere when it tries to initiate phase 1, and
racoon on neither computer seems to care of or even receive the
replies from each other. There are no firewalls between my computers,
nor does any of my computers run a firewall.
Contrast the above with these policy rules in effect:
# Flush the entries.
spdflush;
# Traffic between computers A and B may use ESP and AH.
spdadd 2001:0:2:3:20a:5eff:fe47:9709 2001:0:2:3:260:8ff:fe7f:68b1 any -P out
ipsec esp/transport//use ah/transport//use;
spdadd 2001:0:2:3:260:8ff:fe7f:68b1 2001:0:2:3:20a:5eff:fe47:9709 any -P in
ipsec esp/transport//use ah/transport//use;
It seems that phase 1 completes when I do not force the use of IPsec.
Should I specify require in my IPv6 policy rules and include policy
rules that allow IPv6 ISAKMP to pass unencrypted, phase 1 never
succeeds when the computer has just rebooted.
Should I boot the computer with use in the IPv6 policy rules and
later change use to require while racoon is running, phase 1 has
already completed so all that remains is phase 2. In this case there
are obviously no need for the special ISAKMP policy rules.
Once phase 1 is done, phase 2 completes independently on whether I
specify use or require in the policy rules. And strangely enough,
this only happens with IPv6. As I said before, IPv4 with IPsec works
like a charm, even with require and the special ISAKMP policy rules.
Personally, I can live with use instead of require in my IPv6
policy rules, but it is unbearable for environments where this is not
acceptable.
Hopefully someone will look into this matter and possibly fix it.
Please contact me if I have left out any details you need to know.
--
--
Trond Endrestøl |[EMAIL PROTECTED]
Patron of The Art of Computer Programming| FreeBSD 4.8-S Pine 4.55
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
dhcpd for ipv6
Hi, kame dhcpd does not support address allocation and isc-dhcpd does not support ipv6 - despite ipv6 being defined in 1996. This makes running an ipv6 based local network cumbersome to manage. Does anyone know of alternatives? I would like to set up a lan with ipv4/6 and an ipv6to4 gateway. How do you manage your ipv6 lan? Cheers, Erik -- Ph: +34.666334818 web: www.locolomo.org S/MIME Certificate: http://www.locolomo.org/crt/2004071206.crt Subject ID: A9:76:7A:ED:06:95:2B:8D:48:97:CE:F2:3F:42:C8:F2:22:DE:4C:B9 Fingerprint: 4A:E8:63:38:46:F6:9A:5D:B4:DC:29:41:3F:62:D3:0A:73:25:67:C2 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: dhcpd for ipv6
Erik Norgaard wrote: kame dhcpd does not support address allocation and isc-dhcpd does not support ipv6 - despite ipv6 being defined in 1996. This makes running an ipv6 based local network cumbersome to manage. You're absolutely right. Does anyone know of alternatives? Certainly: use IPv4. ISC's dhcpd does just fine with classic IPv4 addresses. -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: dhcpd for ipv6
On Thu, 13 Jan 2005 10:24:03 +0100 Erik Norgaard [EMAIL PROTECTED] wrote: Hi, Does anyone know of alternatives? I would like to set up a lan with ipv4/6 and an ipv6to4 gateway. How do you manage your ipv6 lan? I just run rtadvd on the box that handles my ipv6 tunnel (I'm using he.net for that) and let the other boxen autoconfigure. Since the addresses are generated using the MAC address I wrote them down and entered them in the dns config manually. Cheers, -- Miguel Mendez [EMAIL PROTECTED] http://www.energyhq.es.eu.org PGP Key: 0xDC8514F1 pgpDlQusxoXti.pgp Description: PGP signature
Re: dhcpd for ipv6
On Thu, 13 Jan 2005, Chuck Swiger wrote: Erik Norgaard wrote: kame dhcpd does not support address allocation and isc-dhcpd does not support ipv6 - despite ipv6 being defined in 1996. This makes running an ipv6 based local network cumbersome to manage. You're absolutely right. Does anyone know of alternatives? I'm confused, I have a /64 from the hurricane electric tunnelbroker. I use rtadvd on the server that is the tunnel endpoint, advertise the /64 using rtadvd and use rtsold or XPs equivelent so any address's are the prefix then the mac address of the client machine (am using rtsold on netbsd and windows XP's ipv6 both of which work fine) so it seems pretty easy to manage a single subnet lan. to me Vince Certainly: use IPv4. ISC's dhcpd does just fine with classic IPv4 addresses. -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
mpeg4ip require ipv6?
I still can't get mpeg4ip upgraded from 1.0 to 1.1: cc -DHAVE_CONFIG_H -I. -I. -I. -I/usr/local/include -I/usr/X11R6/include -DDEBU G -I../.. -O -pipe -W -Wall -Wwrite-strings -Wbad-function-cast -Wmissing-protot ypes -Wmissing-declarations -Werror -MT net_udp.lo -MD -MP -MF .deps/net_udp.Tpo -c net_udp.c -fPIC -DPIC -o .libs/net_udp.o net_udp.c: In function `udp_init6': net_udp.c:612: error: `IPV6_ADD_MEMBERSHIP' undeclared (first use in this functi on) cc -DHAVE_CONFIG_H -I. -I. -I. -I/usr/local/include -I/usr/X11R6/include -DDEBUG -I../.. -O -pipe -W -Wall -Wwrite-strings -Wbad-function-cast -Wmissing-prototypes -Wmissing-declarations -Werror -MT net_udp.lo -MD -MP -MF .deps/net_udp.Tpo -c net_udp.c -fPIC -DPIC -o .libs/net_udp.o net_udp.c: In function `udp_init6': net_udp.c:612: error: `IPV6_ADD_MEMBERSHIP' undeclared (first use in this function) net_udp.c:612: error: (Each undeclared identifier is reported only once net_udp.c:612: error: for each function it appears in.) net_udp.c: In function `udp_exit6': net_udp.c:654: error: `IPV6_DROP_MEMBERSHIP' undeclared (first use in this function) gmake[5]: *** [net_udp.lo] Error 1 gmake[5]: Leaving directory `/usr/ports/multimedia/mpeg4ip/work/mpeg4ip-1.1/lib/rtp' gmake[4]: *** [all-recursive] Error 1 gmake[4]: Leaving directory `/usr/ports/multimedia/mpeg4ip/work/mpeg4ip-1.1/lib/rtp' gmake[3]: *** [all] Error 2 gmake[3]: Leaving directory `/usr/ports/multimedia/mpeg4ip/work/mpeg4ip-1.1/lib/rtp' gmake[2]: *** [all-recursive] Error 1 gmake[2]: Leaving directory `/usr/ports/multimedia/mpeg4ip/work/mpeg4ip-1.1/lib' gmake[1]: *** [all-recursive] Error 1 gmake[1]: Leaving directory `/usr/ports/multimedia/mpeg4ip/work/mpeg4ip-1.1' gmake: *** [all] Error 2 *** Error code 2 Stop in /usr/ports/multimedia/mpeg4ip. ** Command failed [exit code 1]: /usr/bin/script -qa /tmp/portupgrade99436.25 make ** Fix the problem and try again. ** Listing the failed packages (*:skipped / !:failed) ! multimedia/mpeg4ip (mpeg4ip-1.0) (compiler error) --- Packages processed: 0 done, 25 ignored, 0 skipped and 1 failed From that I'm suspecting that mpeg4ip might REQUIRE IPV6 support? Is that true? Why would this be the case? I have it commented out of my kernel. Could I be setting myself up for other problems by not using IPV6? Any insight appreciated... thanks! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: turning off IPv6 support in BSD
On Sun, 21 Nov 2004 03:59:23 +1100, andrew clarke [EMAIL PROTECTED] wrote: On Sat, Nov 20, 2004 at 04:50:58PM +, Danny Browne wrote: How do i turn off IPv6 support in FreeBSD 4.10? Remove options INET6 from your kernel config file (/sys/i386/conf/XXX), rebuild your kernel and reboot your machine. There may be a way to turn it off at runtime using sysctl, but I don't know what it is, and in hindsight it probably wouldn't make much sense to do that at runtime, although I'm willing to be convinced otherwise. :) Regards Andrew You can also comment out the 'ipv6_enable=YES' line in /etc/rc.conf. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: turning off IPv6 support in BSD
On Sun, 21 Nov 2004 12:27:19 +0200, Panagiotis Christias [EMAIL PROTECTED] wrote: On Sun, 21 Nov 2004 03:59:23 +1100, andrew clarke [EMAIL PROTECTED] wrote: On Sat, Nov 20, 2004 at 04:50:58PM +, Danny Browne wrote: How do i turn off IPv6 support in FreeBSD 4.10? Remove options INET6 from your kernel config file (/sys/i386/conf/XXX), rebuild your kernel and reboot your machine. There may be a way to turn it off at runtime using sysctl, but I don't know what it is, and in hindsight it probably wouldn't make much sense to do that at runtime, although I'm willing to be convinced otherwise. :) Regards Andrew You can also comment out the 'ipv6_enable=YES' line in /etc/rc.conf. I just ensured my rc.conf didn't have ipv6_enable=YES dropped to single user mode and came back up and it appears there is still support for IPv6 netstat -anf inet6 Active Internet connections (including servers) Proto Recv-Q Send-Q Local Address Foreign Address(state) tcp6 0 0 *.22 *.*LISTEN There also doesn't seem to be anything in `sysctl -a', so I would imagine you will have to rebuild the kernel with: options INET6 commented out or removed. Hope this helps. David ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: turning off IPv6 support in BSD
On 2004-11-21T11:01:09+, David Jenkins wrote: On Sun, 21 Nov 2004 12:27:19 +0200, Panagiotis Christias [EMAIL PROTECTED] wrote: On Sun, 21 Nov 2004 03:59:23 +1100, andrew clarke [EMAIL PROTECTED] wrote: On Sat, Nov 20, 2004 at 04:50:58PM +, Danny Browne wrote: How do i turn off IPv6 support in FreeBSD 4.10? Remove options INET6 from your kernel config file (/sys/i386/conf/XXX), rebuild your kernel and reboot your machine. There may be a way to turn it off at runtime using sysctl, but I don't know what it is, and in hindsight it probably wouldn't make much sense to do that at runtime, although I'm willing to be convinced otherwise. :) Regards Andrew You can also comment out the 'ipv6_enable=YES' line in /etc/rc.conf. I just ensured my rc.conf didn't have ipv6_enable=YES dropped to single user mode and came back up and it appears there is still support for IPv6 ipv6_enable=YES is defined in /etc/defaults/rc.conf, so you have to define ipv6_enable=NO in /etc/rc.conf to realize any change. FYI, since I actively use IPv6, I can't really say what the above definition will actually accomplish, but wanted to clear up what needed to be defined in /etc/rc.conf. To get rid of IPv6 completely (why would you want this? :) ), you should definitely rebuild your kernel without INET6. -- Michael W. Oliver [see complete headers for contact information] pgpZSE3kPhrt0.pgp Description: PGP signature
Re: turning off IPv6 support in BSD
On Sun, Nov 21, 2004 at 09:58:39AM -0500, Michael W. Oliver wrote: To get rid of IPv6 completely (why would you want this? :) ), you should definitely rebuild your kernel without INET6. I suppose it would be a good idea to remove IPv6 support from hosts on IPv4-only intranets because it's then one less thing to worry about from a security point of view. Plus, of course, marginally less overhead in the kernel. Regards Andrew ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: turning off IPv6 support in BSD
Isn't it supposed to be ipv6_enable=NONE I could be wrong. andrew clarke wrote: On Sun, Nov 21, 2004 at 09:58:39AM -0500, Michael W. Oliver wrote: To get rid of IPv6 completely (why would you want this? :) ), you should definitely rebuild your kernel without INET6. I suppose it would be a good idea to remove IPv6 support from hosts on IPv4-only intranets because it's then one less thing to worry about from a security point of view. Plus, of course, marginally less overhead in the kernel. Regards Andrew ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: turning off IPv6 support in BSD
On Sun, 21 Nov 2004 09:58:39 -0500, Michael W. Oliver [EMAIL PROTECTED] wrote: On 2004-11-21T11:01:09+, David Jenkins wrote: On Sun, 21 Nov 2004 12:27:19 +0200, Panagiotis Christias [EMAIL PROTECTED] wrote: On Sun, 21 Nov 2004 03:59:23 +1100, andrew clarke [EMAIL PROTECTED] wrote: On Sat, Nov 20, 2004 at 04:50:58PM +, Danny Browne wrote: How do i turn off IPv6 support in FreeBSD 4.10? Remove options INET6 from your kernel config file (/sys/i386/conf/XXX), rebuild your kernel and reboot your machine. There may be a way to turn it off at runtime using sysctl, but I don't know what it is, and in hindsight it probably wouldn't make much sense to do that at runtime, although I'm willing to be convinced otherwise. :) Regards Andrew You can also comment out the 'ipv6_enable=YES' line in /etc/rc.conf. I just ensured my rc.conf didn't have ipv6_enable=YES dropped to single user mode and came back up and it appears there is still support for IPv6 ipv6_enable=YES is defined in /etc/defaults/rc.conf, so you have to define ipv6_enable=NO in /etc/rc.conf to realize any change. Not on my system (RELENG_5_3)... # cat /etc/defaults/rc.conf | grep ipv6_enable ipv6_enable=NO# Set to YES to set up for IPv6. David ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: turning off IPv6 support in BSD
David Jenkins writes: ipv6_enable=YES is defined in /etc/defaults/rc.conf, so you have to define ipv6_enable=NO in /etc/rc.conf to realize any change. Not on my system (RELENG_5_3)... # cat /etc/defaults/rc.conf | grep ipv6_enable ipv6_enable=NO# Set to YES to set up for IPv6. Affirmed for -CURRENT. Robert Huff ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: turning off IPv6 support in BSD
On 2004-11-21T11:31:44-0500, Robert Huff wrote: David Jenkins writes: ipv6_enable=YES is defined in /etc/defaults/rc.conf, so you have to define ipv6_enable=NO in /etc/rc.conf to realize any change. Not on my system (RELENG_5_3)... # cat /etc/defaults/rc.conf | grep ipv6_enable ipv6_enable=NO# Set to YES to set up for IPv6. Affirmed for -CURRENT. Robert Huff Doh! Yeah, you guys are right... as far as I can tell, it's always been set to NO in /etc/defaults/rc.conf. Sorry 'bout that. -- Michael W. Oliver [see complete headers for contact information] pgpQPw2UGjENZ.pgp Description: PGP signature
Re: turning off IPv6 support in BSD
On Sun, 21 Nov 2004, Michael W. Oliver wrote: On 2004-11-21T11:31:44-0500, Robert Huff wrote: David Jenkins writes: ipv6_enable=YES is defined in /etc/defaults/rc.conf, so you have to define ipv6_enable=NO in /etc/rc.conf to realize any change. Not on my system (RELENG_5_3)... # cat /etc/defaults/rc.conf | grep ipv6_enable ipv6_enable=NO# Set to YES to set up for IPv6. Affirmed for -CURRENT. Yeah, you guys are right... as far as I can tell, it's always been set to NO in /etc/defaults/rc.conf. Sorry 'bout that. Not only that, but it appears not to matter. I'm running 4.10 on this machine (same as the OP), with ipv6_enable=NO in /etc/defaults/rc.conf and nothing to override it in /etc/rc.conf. Yet the machine booted with IPv6 enabled. Only when I disabled IPv6 in the kernel did v6 stop trying to happen. This also had the effect of speeding up name resolution by Mozilla and friends, which IIRC was the OP's issue in the first place. -- Chris Hill [EMAIL PROTECTED] ** [ Busy Expunging | ] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: turning off IPv6 support in BSD
Hello, If you turn off ipv6 support either in the kernel or via rc.conf will it be possible to load ipfilter as a module vs. compiling it in to the kernel? I turned off ipv6 in the kernel on a 5.3 box, but ipfilter was unable to load the module was not found because it depended on ipv6. Thanks. Dave. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
turning off IPv6 support in BSD
How do i turn off IPv6 support in FreeBSD 4.10? Regards, Danny Browne _ Sign up for eircom broadband now and get a free two month trial.* Phone 1850 73 00 73 or visit http://home.eircom.net/broadbandoffer ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: turning off IPv6 support in BSD
On Sat, Nov 20, 2004 at 04:50:58PM +, Danny Browne wrote: How do i turn off IPv6 support in FreeBSD 4.10? Remove options INET6 from your kernel config file (/sys/i386/conf/XXX), rebuild your kernel and reboot your machine. There may be a way to turn it off at runtime using sysctl, but I don't know what it is, and in hindsight it probably wouldn't make much sense to do that at runtime, although I'm willing to be convinced otherwise. :) Regards Andrew ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Set IPv6 address on the interface
Hello, I'd like to set an IPv6 address to the ethernet interface from a user process, but I don't understand which system call may be used. For getting information about interfaces and addresses there are some methods: ioctl (with SIOCGIFCONF), sysctl (witch NET_RT_IFLIST), AF_ROUTE socket, getifaddrs(). I've tried ioctl() and sysctl() for this purpose. For setting an IPv4 addreess to the interface there is ioctl() with SIOCSIFADDR. How set an IPv6 address? There is SIOCSIFADDR_IN6 for setting address, but it doesen't work as say the comment in in6.c. And there are two commands SIOCDIFADDR_IN6 and SIOCAIFADDR_IN6, delete/add address accordingly, but I've got error: Invalid argument. Or I don't know how use them. My questions: 1) How can I set an IPv6 on the ethernet interface? 2) How can I get IPv6 multicast addresses from each interface? If anyone knows something about, please, give me an answer or reference to it. Best regards, Grigory Klyuchnikov. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
IPv4/IPv6 Multicast Streaming problem
why i having such a problem, its is because network or or because vls 0.5.6 not support multicast? . I can stream IPv6/IPv4 unicast stream? my vls server is freeBSD 4.10 while vlc on redhat notebook. Any expert can help? IPv4 Multicast with address 239.2.12.42 [EMAIL PROTECTED] start matrix client2 local1 --loop Provider: Manager Error: -1 Provider: local1 Error: -1 Info: Unable to start program matrix Info: Error: unable to start streaming of program matrix Error: Unable to create thread Error: Unable to init streamer Error: Net4Output initialisation failed Error: Unable to change value for option 12: Can't assign requested address [EMAIL PROTECTED] Connection closed by foreign host. 2004-10-14 21:45:15 [ERROR/local1] Unable to start program matrix 2004-10-14 21:45:15 [ERROR/local1] Error: unable to start streaming of program matrix Error: Unable to create thread Error: Unable to init streamer Error: Net4Output initialisation failed Error: Unable to change value for option 12: Can't assign requested address pure virtual method called Abort (core dumped) IPV6 Multicast with address ff6e:1:1:1:: ceynet# vls -vv VideoLAN Server v 0.5.6 (Aug 27 2004) - (c)1999-2003 VideoLAN 2004-10-14 03:55:06 [INFO/Vls] Module channel:file registered 2004-10-14 03:55:06 [INFO/Vls] Module channel:network registered 2004-10-14 03:55:06 [INFO/Vls] Module mpegreader:file registered 2004-10-14 03:55:06 [INFO/Vls] Module mpegconverter:ts2ts registered 2004-10-14 03:55:06 [INFO/Vls] Module mpegconverter:ps2ts registered 2004-10-14 03:55:06 [INFO/Vls] Module input:local registered 2004-10-14 03:55:06 [INFO/Vls] Module input:video registered 2004-10-14 03:55:06 [INFO/Vls] Browsing modules in directory . 2004-10-14 03:55:06 [INFO/Vls] Browsing modules in directory /usr/local/lib/videolan/vls 2004-10-14 03:55:06 [INFO/Vls] Module mpegreader:dvd registered 2004-10-14 03:55:06 [INFO/Vls] Channel 'unicast' created 2004-10-14 03:55:06 [INFO/Vls] Channel 'localhost' created 2004-10-14 03:55:06 [INFO/Vls] Channel 'multicast' created 2004-10-14 03:55:06 [INFO/Vls] Channel 'client1' created 2004-10-14 03:55:06 [INFO/Vls] Starting input 'local1' 2004-10-14 03:55:06 [INFO/local1] Added program 'matrix' 2004-10-14 03:55:06 [INFO/Vls] Input 'local1' sucessfully initialised 2004-10-14 03:55:06 [INFO/Vls] New admin group monitor is ok 2004-10-14 03:55:06 [INFO/Vls] New admin group master is ok 2004-10-14 03:55:06 [INFO/Vls] New admin user mipv6 is ok 2004-10-14 03:55:06 [INFO/Vls] New admin user ceyong is ok 2004-10-14 03:55:06 [INFO/Vls] Telnet server initialised 2004-10-14 04:05:17 [INFO/Vls] Processing incoming connection from 127.0.0.1 2004-10-14 04:05:25 [INFO/Vls] User mipv6 successfully authenticated Synchronised with PS stream New Pid assigned: 80 PMT Add, PID : 0x80 , Type : 0x5 Synchronised with PS stream New Pid assigned: 81 PMT Add, PID : 0x81 , Type : 0x5 New Pid assigned: 82 PMT Add, PID : 0x82 , Type : 0x5 New Pid assigned: 83 Video: 0x83 , 131 PMT Add, PID : 0x83 , Type : 0x1 updating PCR_PID to value 131 (current pid = 0) New Pid assigned: 84 Audio: 0x84 , 132 PMT Add, PID : 0x84 , Type : 0x3 2004-10-14 04:05:36 [ERROR/local1] Unable to start program matrix 2004-10-14 04:05:36 [ERROR/local1] Error: unable to start streaming of program matrix Error: Unable to create thread Error: Unable to init streamer Error: Net6Output initialisation failed Error: Unable to change value for option 12: Can't assign requested address pure virtual method called Abort (core dumped) ceynet# telnet localhost Trying ::1... telnet: connect to address ::1: Connection refused Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Videolan Server Administration System Login: mipv6 Password: [EMAIL PROTECTED] start matrix multicast local1 --loop Provider: Manager Error: -1 Provider: local1 Error: -1 Info: Unable to start program matrix Info: Error: unable to start streaming of program matrix Error: Unable to create thread Error: Unable to init streamer Error: Net6Output initialisation failed Error: Unable to change value for option 12: Can't assign requested address [EMAIL PROTECTED] Connection closed by foreign host. = Ô¸ÄúÓÀÔ¶ÐÒ¸££¬¿ìÀֺͰ²Ïê Happy Healthy Always ! ^_^ ! ¸öÈËÍøÒ³ Homepage:http://planet.time.net.my/sunwaycity/ceyong ¸öÈË·ðѧÍøÒ³ Buddhist Page: http://planet.time.net.my/SunwayCity/ceyong/artikel.htm ICQ:16994867/ Yahoo Messenger ID:ceyong /MSN Messenger:ceyong at hotmail.com
IPv4/IPv6 Multicast Streaming problem
why i having such a problem, its is because network or . I can stream IPv6/IPv4 unicast stream? my vls server is freeBSD 4.10 while vlc on redhat notebook. Any expert can help? its is because vls 0.5.6 not support multicast? IPv4 Multicast with address 239.2.12.42 [EMAIL PROTECTED] start matrix client2 local1 --loop Provider: Manager Error: -1 Provider: local1 Error: -1 Info: Unable to start program matrix Info: Error: unable to start streaming of program matrix Error: Unable to create thread Error: Unable to init streamer Error: Net4Output initialisation failed Error: Unable to change value for option 12: Can't assign requested address [EMAIL PROTECTED] Connection closed by foreign host. 2004-10-14 21:45:15 [ERROR/local1] Unable to start program matrix 2004-10-14 21:45:15 [ERROR/local1] Error: unable to start streaming of program matrix Error: Unable to create thread Error: Unable to init streamer Error: Net4Output initialisation failed Error: Unable to change value for option 12: Can't assign requested address pure virtual method called Abort (core dumped) IPV6 Multicast with address ff6e:1:1:1:: ceynet# vls -vv VideoLAN Server v 0.5.6 (Aug 27 2004) - (c)1999-2003 VideoLAN 2004-10-14 03:55:06 [INFO/Vls] Module channel:file registered 2004-10-14 03:55:06 [INFO/Vls] Module channel:network registered 2004-10-14 03:55:06 [INFO/Vls] Module mpegreader:file registered 2004-10-14 03:55:06 [INFO/Vls] Module mpegconverter:ts2ts registered 2004-10-14 03:55:06 [INFO/Vls] Module mpegconverter:ps2ts registered 2004-10-14 03:55:06 [INFO/Vls] Module input:local registered 2004-10-14 03:55:06 [INFO/Vls] Module input:video registered 2004-10-14 03:55:06 [INFO/Vls] Browsing modules in directory . 2004-10-14 03:55:06 [INFO/Vls] Browsing modules in directory /usr/local/lib/videolan/vls 2004-10-14 03:55:06 [INFO/Vls] Module mpegreader:dvd registered 2004-10-14 03:55:06 [INFO/Vls] Channel 'unicast' created 2004-10-14 03:55:06 [INFO/Vls] Channel 'localhost' created 2004-10-14 03:55:06 [INFO/Vls] Channel 'multicast' created 2004-10-14 03:55:06 [INFO/Vls] Channel 'client1' created 2004-10-14 03:55:06 [INFO/Vls] Starting input 'local1' 2004-10-14 03:55:06 [INFO/local1] Added program 'matrix' 2004-10-14 03:55:06 [INFO/Vls] Input 'local1' sucessfully initialised 2004-10-14 03:55:06 [INFO/Vls] New admin group monitor is ok 2004-10-14 03:55:06 [INFO/Vls] New admin group master is ok 2004-10-14 03:55:06 [INFO/Vls] New admin user mipv6 is ok 2004-10-14 03:55:06 [INFO/Vls] New admin user ceyong is ok 2004-10-14 03:55:06 [INFO/Vls] Telnet server initialised 2004-10-14 04:05:17 [INFO/Vls] Processing incoming connection from 127.0.0.1 2004-10-14 04:05:25 [INFO/Vls] User mipv6 successfully authenticated Synchronised with PS stream New Pid assigned: 80 PMT Add, PID : 0x80 , Type : 0x5 Synchronised with PS stream New Pid assigned: 81 PMT Add, PID : 0x81 , Type : 0x5 New Pid assigned: 82 PMT Add, PID : 0x82 , Type : 0x5 New Pid assigned: 83 Video: 0x83 , 131 PMT Add, PID : 0x83 , Type : 0x1 updating PCR_PID to value 131 (current pid = 0) New Pid assigned: 84 Audio: 0x84 , 132 PMT Add, PID : 0x84 , Type : 0x3 2004-10-14 04:05:36 [ERROR/local1] Unable to start program matrix 2004-10-14 04:05:36 [ERROR/local1] Error: unable to start streaming of program matrix Error: Unable to create thread Error: Unable to init streamer Error: Net6Output initialisation failed Error: Unable to change value for option 12: Can't assign requested address pure virtual method called Abort (core dumped) ceynet# telnet localhost Trying ::1... telnet: connect to address ::1: Connection refused Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Videolan Server Administration System Login: mipv6 Password: [EMAIL PROTECTED] start matrix multicast local1 --loop Provider: Manager Error: -1 Provider: local1 Error: -1 Info: Unable to start program matrix Info: Error: unable to start streaming of program matrix Error: Unable to create thread Error: Unable to init streamer Error: Net6Output initialisation failed Error: Unable to change value for option 12: Can't assign requested address [EMAIL PROTECTED] Connection closed by foreign host. = Ô¸ÄúÓÀÔ¶ÐÒ¸££¬¿ìÀֺͰ²Ïê Happy Healthy Always ! ^_^ ! ¸öÈËÍøÒ³ Homepage:http://planet.time.net.my/sunwaycity/ceyong ¸öÈË·ðѧÍøÒ³ Buddhist Page: http://planet.time.net.my/SunwayCity/ceyong/artikel.htm ICQ:16994867/ Yahoo Messenger ID:ceyong /MSN Messenger:ceyong at hotmail.com
nfs + ipv6 on 5.3 beta3
Hi, I am having trouble setting an nfs mount within ipv6. DOes it support? I am getting nfs: can't get net id for host. My fstab: fe80::201:3ff:fec0:122d%rl0:/cdrom /cdrom nfs ro,noauto 0 0 I tried putting the hostname and adding the ipv6 address to the /etc/hosts file but I get the same message. Thanks, Paulo ___ Do you Yahoo!? Shop for Back-to-School deals on Yahoo! Shopping. http://shopping.yahoo.com/backtoschool ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ipv6 basic problem
On Tue, Jun 15, 2004 at 08:00:23PM +0900, Byung-hee H. wrote: Tue, Jun 15, 2004 at 12:04:29PM +0200 Feczak Szabolcs [EMAIL PROTECTED] wrote: # ping6 ::1 PING6(56=40+8+8 bytes) ::1 -- ::1 ping6: sendmsg: No route to host Any hint why it is not working ? thanks If you can not obtain native IPv6 address, try to connect via 6to4. But, 6to4 IPv6 address depends on IPv4 address. This means that you have to reconfigure your tunnel every time after your IPv4 address changes. no, the problem was that I couldn't even ping the loopback interface, and the problem was solved by commenting the following line out from the kernelconfig #optionsIPFILTER_DEFAULT_BLOCK #block all packets by default -- _(_)_ (_. o_)F3CZ0 (_,) http://feczo.nmi.rulez.org ()__ // // ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPv6
On Tue, 15 Jun 2004, Minnesota Slinky wrote: Hey all, I am wanting to venture into the world of IPv6, but I don't really know where to begin. AFAIK, I only have IPv4 routes out of my network, on a 1.5/1Mbps DSL connection, with a bunch of static IPs (IPv4). I remember there being services out there that allow you to do tunneling and such, but not sure any more. I use a tunnel from Hurricane Electric http://tunnelbroker.net but i seem to remeber there are various others (freenet6 for one which is in ports (net/freenet6) http://www.freenet6.net Vince TIA for the advice. Eric F Crist President AdTech Integrated Systems, Inc (612) 998-3588 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
IPv6
Minnesota Slinky writes: I am wanting to venture into the world of IPv6, but I don't really know where to begin. By reading the handbook: file:///usr/share/doc/en_US.ISO8859-1/books/handbook/network-ipv6.html. In this case, it doesn't actually tell one much about _how_ to get connected. The first part will be enabling the IPv6 options in your kernel config file and recompiling. Personally, I use Freenet6. Follow the instructions in the port and everything should work. Robert Huff ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPv6
At 2004-06-16T11:55:51Z, Vince Hoffman [EMAIL PROTECTED] writes: I use a tunnel from Hurricane Electric http://tunnelbroker.net I wholeheartedly recommending HE's IPv6 tunnels. I used Freenet6 for quite a while and it worked well for the most part, but I had several compelling reasons to move: 1) It requires a special client to regularly authenticate against their server to keep your tunnel configuration intact. If your client does not do this, then they will delete your tunnel. The problem is that by default this client only runs when you boot your server (from an rc.d script). If your server is stable and has substantial uptimes, then the period between client runs may be great enough to trigger the tunnel deletion. This has happened to me. 2) The whole system is slightly flaky. If you follow the mailing list, there are occasional outbreaks of can't-connect-itis when their tunnel server is down. Their actualy IPv6 network may be up, but you can't always authenticate to it. 3) Their netblock is in the deprecated 6bone address space. Addresses starting with 3ffe are slated to die in mid-2006. From RFC 3701: Thus after the 6bone phaseout date June 6, 2006, it is the intent that no 6bone 3FFE prefixes, of any size/length, be used on the Internet in any form. Network operators may filter 3FFE prefixes on their borders to ensure these prefixes are not misused. If you plan on making a long-term commitment to IPv6, then that may not be the best neighborhood to move into right now. 4) Because Freenet6 lives in the 6bone, you only get ip6.int for reverse DNS. This is deprecated in favor of ip6.arpa, although most clients and servers still support ip6.int. I don't mean any of this as a slam against Freenet6. I used their service for quite a while and enjoyed it as my first foray into the IPv6 Internet. However, I believe that better free alternatives exist. After much looking around, I chose to use Hurricane Electric's services and have been happy with the decision. -- Kirk Strauser 94 outdated ports on the box, 94 outdated ports. Portupgrade one, an hour 'til done, 82 outdated ports on the box. pgp9V7gWdeBTu.pgp Description: PGP signature
ipv6 basic problem
# netstat -f inet6 -rn Internet6: Destination Gateway Flags Netif Expire ::/96 ::1 UGRSlo0 ::1 ::1 UH lo0 :::0.0.0.0/96 ::1 UGRSlo0 fe80::/10 ::1 UGRSlo0 fe80::%fxp0/64link#1UC fxp0 fe80::202:b3ff:fed7:3453%fxp0 00:02:b3:d7:34:53 UHL lo0 fe80::%lo0/64 fe80::1%lo0 U lo0 fe80::1%lo0 link#2UHL lo0 ff01::/32 ::1 U lo0 ff02::/16 ::1 UGRSlo0 ff02::%fxp0/32link#1UC fxp0 ff02::%lo0/32 ::1 UC lo0 # ifconfig lo0 lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 16384 inet 127.0.0.1 netmask 0xff00 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2 # ping6 ::1 PING6(56=40+8+8 bytes) ::1 -- ::1 ping6: sendmsg: No route to host Any hint why it is not working ? thanks -- _(_)_ (_. o_)F3CZ0 (_,) http://feczo.nmi.rulez.org ()__ // // ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ipv6 basic problem
Tue, Jun 15, 2004 at 12:04:29PM +0200 Feczak Szabolcs [EMAIL PROTECTED] wrote: # netstat -f inet6 -rn Internet6: Destination Gateway Flags Netif Expire ::/96 ::1 UGRSlo0 ::1 ::1 UH lo0 :::0.0.0.0/96 ::1 UGRSlo0 fe80::/10 ::1 UGRSlo0 fe80::%fxp0/64link#1UC fxp0 fe80::202:b3ff:fed7:3453%fxp0 00:02:b3:d7:34:53 UHL lo0 fe80::%lo0/64 fe80::1%lo0 U lo0 fe80::1%lo0 link#2UHL lo0 ff01::/32 ::1 U lo0 ff02::/16 ::1 UGRSlo0 ff02::%fxp0/32link#1UC fxp0 ff02::%lo0/32 ::1 UC lo0 # ifconfig lo0 lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 16384 inet 127.0.0.1 netmask 0xff00 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2 # ping6 ::1 PING6(56=40+8+8 bytes) ::1 -- ::1 ping6: sendmsg: No route to host Any hint why it is not working ? thanks If you can not obtain native IPv6 address, try to connect via 6to4. But, 6to4 IPv6 address depends on IPv4 address. This means that you have to reconfigure your tunnel every time after your IPv4 address changes. Regards, Byung-hee H. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ipv6 basic problem
Byung-hee H. writes: If you can not obtain native IPv6 address, try to connect via 6to4. But, 6to4 IPv6 address depends on IPv4 address. This means that you have to reconfigure your tunnel every time after your IPv4 address changes. I use Freenet6 (net/freenet6) which (if I remember correctly) does not care if your IPv4 changes. Robert Huff ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
IPv6
Hey all, I am wanting to venture into the world of IPv6, but I don't really know where to begin. AFAIK, I only have IPv4 routes out of my network, on a 1.5/1Mbps DSL connection, with a bunch of static IPs (IPv4). I remember there being services out there that allow you to do tunneling and such, but not sure any more. TIA for the advice. Eric F Crist President AdTech Integrated Systems, Inc (612) 998-3588 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
IPv6 and PPP problem
Hello, Mozilla is apparantly broken when it comes to IPv6 and attempting to do DNS lookups. I found numerous google results that report this problem and suggested recompiling the kernel with IPv6 disabled. I did this, and Mozilla is again rip-roaring fast. But now PPP does not work! Does anybody know why PPP does not work when IPv6 is disabled in the kernel and what can I do about it? I am running: FreeBSD 5.2.1-RELEASE-p8 mozilla-1.6_4,2 To disable IPv6, I simply edited my custom kernel config and commented out: #options INET6 and recompiled. Thanks for any info, Duane Winner [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ipfilter rules for gif ipv6 tunnel
Hi all, I recently moved to using ipfilter from ipfw (no particular reason, just wanted to try another option.) The problem now is that where i used to have an ipv6 tunnel (from the people at http://tunnelbroker.net) (again no good reason but it gives me a change to try it out for when i may need to know about it.) the tunnel uses a gif interface to encapulate ipv6, this worked fine with ipfw but doesnt seem to work with ipfilter. i tried adding pass in quick on fxp0 proto gre all keep state pass out quick on fxp0 proto gre all keep state but no joy. any ideas ? what i need to add to let it pass ? i have no rules for ipv6 in ipfilter, but i tried adding an allow all rule which didnt seem to help. any ideas appreciated ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
IPv6 supported cvsup servers
Hi, I recently setup an IPv6 tunnel on my FreeBSD 5.2.1 machine. I know they're some IPv6 http mirrors like http://www1.uk.freebsd.org But I was wondering if they're any cvsup servers that are IPv6 ready? After some googling and a look around at the mailings lists I can't seem to find much information on it. Thanks Brian ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Implémentation Mobile IPv6
Bonjour. Je travaille au Celar et je réalise actuellement une étude sur les configurations martérielles existantes pour le protocole Mobile IPv6. J'aurais besoin de renseignements sur les dernières implémentations que vous avez développé pour ce protocole : Quelle version est actuellement utilisée? Quelles fonctionnalités de Mobile IPv6 sont implémentées? A quelle RFC se réfère t-elle et avec quelles restrictions? ... Pourriez vous m'envoyer (à moi et à mon collègue dont l'@ figure ci-dessus) un descriptif des implémentations répondant à ma demande. Merci d'avance Bruno Bouvard ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: IPv6 Tunnel
I haven't checked out freenet6, but, I have been using the HE.net tunnel broker (ipv6tb.he.net), they give you a /64 with reverse dns and everything, after using it for a while, I decided to get the commercial solution from them, but I don't want to have to buy it for each one of my boxes -Original Message- From: Robert Huff [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 16, 2004 12:36 AM To: Dukemaster Subject: IPv6 Tunnel Hello: At my first co-location my FreeBSD server has a native IPv6 onnection and a /64 subnet I have a second co-location with a different isp, that doesn't have IPv6. Is it possible to have my first FreeBSD box act as a tunnel to my second box, and get it on IPv6 over the existing IPv4 connection? Probably. Before you do so, check out the net/frennet6 port. Robert Huff ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPv6 Tunnel
On Tue, Mar 16, 2004 at 12:13:26AM -0500, Dukemaster wrote:
At my first co-location my FreeBSD server has a native IPv6 connection
and a /64 subnet
I have a second co-location with a different isp, that doesn't have
IPv6.
Is it possible to have my first FreeBSD box act as a tunnel to my second
box, and get it on IPv6 over the existing IPv4 connection?
Yes -- that's possible, but perhaps not ideal as all of the IPv6
packets from the net for co-lo2 will first have to go to co-lo1 and
back again.
The way I'd configure this is to set up a gif(4) IPv6 over IPv4 tunnel
(as per RFC 2893) between the machine at co-lo1 and the machine at
co-lo2. You can do that entirely by fiddling with entries in
/etc/rc.conf:
gif_interfaces=gif0
gifconfig_gif0=${thisIP4} ${thatIP4}
ipv6_enable=YES
ifconfig_gif0_alias0=inet6 ${thisIP6}/64
where ${thisIP4} is the IPv4 network interface address on the local
machine, ${thatIP4} is the address of the machine in the other co-lo
and ${thisIP6} is the IPv6 address you assign to the the local
system. Do the same deal on the other system, where obviously, which
addresses are local and which are remote will be the other way round.
On the machine without the IPv6 connectivity, you'll additionally
need:
ipv6_defaultrouter=-interface gif0
and on the co-lo1 machine you may need to add a static route telling
it how to reach the machine at co-lo2 -- see the section on
'ipv6_static_routes' in /etc/default/rc.conf.
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks
Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey Marlow
Tel: +44 1628 476614 Bucks., SL7 1TH UK
pgp0.pgp
Description: PGP signature
IPv6 Tunnel
At my first co-location my FreeBSD server has a native IPv6 connection and a /64 subnet I have a second co-location with a different isp, that doesn't have IPv6. Is it possible to have my first FreeBSD box act as a tunnel to my second box, and get it on IPv6 over the existing IPv4 connection? ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Link Suggestion for http://biterror.lo-res.org/fbsd/ipv6.html
Hi, My name is Linda, new webmaster of ipaddressworld.com, and I have been spending some time looking at your website at http://biterror.lo-res.org/fbsd/ipv6.html. It was an absolute pleasure visiting your site, and I found it linking to other Internet related sites but couldn't found our site. We at ipaddressworld.com would like to introduce you with this quality Website covering free Internet IP address lookup. It is for non-profit purpose and open for public to lookup their IP address. Please let me know if the above provides you with adequate information that you need to review and consider our website for linking. I can be reached via email at [EMAIL PROTECTED] Thank you for your time. OUR WEBSITES: TITLE: Free IP Address Lookup DESCRIPTION: What is your IP address? Free IP address lookup for all Internet connections. URL: http://www.ipaddressworld.com Html Code = a href=http://www.ipaddressworld.com;Free IP Address Lookup/apWhat is your IP address? Free IP address lookup for all Internet connections./p = End html = Thank you once again to support our public effort. Best wishes, Linda On Behalf of Free Public Project ipaddressworld.com Email: [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Link Suggestion for http://doc.fugspbr.org/handbook/network-ipv6.html
Hi, My name is Linda, new webmaster of ipaddressworld.com, and I have been spending some time looking at your website at http://doc.fugspbr.org/handbook/network-ipv6.html. It was an absolute pleasure visiting your site, and I found it linking to other Internet related sites but couldn't found our site. We at ipaddressworld.com would like to introduce you with this quality Website covering free Internet IP address lookup. It is for non-profit purpose and open for public to lookup their IP address. Please let me know if the above provides you with adequate information that you need to review and consider our website for linking. I can be reached via email at [EMAIL PROTECTED] Thank you for your time. OUR WEBSITES: TITLE: Free IP Address Lookup DESCRIPTION: What is your IP address? Free IP address lookup for all Internet connections. URL: http://www.ipaddressworld.com Html Code = a href=http://www.ipaddressworld.com;Free IP Address Lookup/apWhat is your IP address? Free IP address lookup for all Internet connections./p = End html = Thank you once again to support our public effort. Best wishes, Linda On Behalf of Free Public Project ipaddressworld.com Email: [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Link Suggestion for http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-ipv6.html
Hi, My name is Linda, new webmaster of ipaddressworld.com, and I have been spending some time looking at your website at http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-ipv6.html. It was an absolute pleasure visiting your site, and I found it linking to other Internet related sites but couldn't found our site. We at ipaddressworld.com would like to introduce you with this quality Website covering free Internet IP address lookup. It is for non-profit purpose and open for public to lookup their IP address. Please let me know if the above provides you with adequate information that you need to review and consider our website for linking. I can be reached via email at [EMAIL PROTECTED] Thank you for your time. OUR WEBSITES: TITLE: Free IP Address Lookup DESCRIPTION: What is your IP address? Free IP address lookup for all Internet connections. URL: http://www.ipaddressworld.com Html Code = a href=http://www.ipaddressworld.com;Free IP Address Lookup/apWhat is your IP address? Free IP address lookup for all Internet connections./p = End html = Thank you once again to support our public effort. Best wishes, Linda On Behalf of Free Public Project ipaddressworld.com Email: [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ipv6 gif0
Jerry, It looks like you're having a kernel that does not support dynamic gifs. Send us your kernel configuration and uname -a results. - Original Message - From: Jerry [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, February 03, 2004 3:24 PM Subject: ipv6 gif0 Hi! I have a problem with setting up my IPv6 box. Scripts are ok, and gifs are made but only one works. The one I start first works and others dont, doesnt matter wich one is first, but all other that follow link on the first one. I allready had a box like this one, and everything worked perfectly (had 4 gifs with ipv6). When i reistalled (same version of freebsd, same pc) this problem ocured. The only thing that changed is that I used Cabel connection before (no extra settings, just enterd IP), and now I use ADSL (PPPoE, NAT enabled). So maybe this could be a problem ? I'm kinda new to this system but I allready search for bugs/errors that I could made and I didnt find anything. So now I'm writeing this email to you, because I dont know how to fix this. I thank you for you help/replay! Lp, Jernej ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ipv6 gif0
Hi! I have a problem with setting up my IPv6 box. Scripts are ok, and gifs are made but only one works. The one I start first works and others dont, doesnt matter wich one is first, but all other that follow link on the first one. I allready had a box like this one, and everything worked perfectly (had 4 gifs with ipv6). When i reistalled (same version of freebsd, same pc) this problem ocured. The only thing that changed is that I used Cabel connection before (no extra settings, just enterd IP), and now I use ADSL (PPPoE, NAT enabled). So maybe this could be a problem ? I'm kinda new to this system but I allready search for bugs/errors that I could made and I didnt find anything. So now I'm writeing this email to you, because I dont know how to fix this. I thank you for you help/replay! Lp, Jernej ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
IPv6 and multiple interfaces
I'm using an IPv6 tunnel to Hurricane Electric on my FreeBSD 4.9-STABLE firewall. That firewall has multiple Ethernet interfaces. Should each of those interfaces be assigned a routable IPv6 address? And what *is* link-local? Is there a decent (English language) FAQ that's readable by technical users who aren't networking experts? -- Kirk Strauser 94 outdated ports on the box, 94 outdated ports. Portupgrade one, an hour 'til done, 82 outdated ports on the box. pgp0.pgp Description: PGP signature
Re: IPv6 and multiple interfaces
On Tue, 13 Jan 2004, Kirk Strauser wrote: I'm using an IPv6 tunnel to Hurricane Electric on my FreeBSD 4.9-STABLE firewall. That firewall has multiple Ethernet interfaces. Should each of those interfaces be assigned a routable IPv6 address? And what *is* If you want them to carry IPv6 traffic. To phrase it differently, you shouldn't use the same IPv6 address on multiple interfaces, but you don't have to run IPv6 on all interfaces. link-local? Is there a decent (English language) FAQ that's readable by technical users who aren't networking experts? http://www.ipv6.org/ http://www.v6.wide.ad.jp/ KeS ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPv6 and multiple interfaces
At 2004-01-13T18:30:19Z, Kevin Stevens [EMAIL PROTECTED] writes: If you want them to carry IPv6 traffic. To phrase it differently, you shouldn't use the same IPv6 address on multiple interfaces, but you don't have to run IPv6 on all interfaces. Gotcha. OK, back to being on-topic for FreeBSD: how would I assign v6 addresses to those interfaces? I'm running rtadvd on that machine and it's my understanding that sending and accepting advertisements on the same host is a no-no. Should I just give them all static assignments in /etc/rc.conf? And is there any suggested way for inventing the addresses for those interfaces? link-local? Is there a decent (English language) FAQ that's readable by technical users who aren't networking experts? http://www.ipv6.org/ That refers to: http://www.v6.wide.ad.jp/ ...which does not resolve. :-/ -- Kirk Strauser pgp0.pgp Description: PGP signature
