Re: BIND9 built w/--disable-ipv6 on 8.1-STABLE
On Mon, Sep 20, 2010 at 03:34:05PM -0700, Doug Barton wrote: > | Although, that still does beg the question, > > No, it doesn't. :) See http://en.wikipedia.org/wiki/Beg_the_question http://en.wikipedia.org/wiki/Beg_the_question#Modern_usage > | why don't we want IPv6 enabled by default on new BIND installations? > > It has to do with whether or not IPv6 support is compiled into the > FreeBSD base system which is compiling BIND. If the configure option > is set to enable but there is not the proper support in the base, then > Bad Things(TM) happen. However, the way that it is set up now if the > binaries are running on a system that has IPv6 support then that is > detected, and you can use it if you choose. If the binaries are > running on a system without IPv6 support, no harm, no foul. I see, that makes sense. However, as IPv6 becomes more widely used (perhaps quite far in the future, when folks are turning /off/ IPv4), it might need revisiting. - Mark -- Mark Kamichoff p...@prolixium.com http://www.prolixium.com/ signature.asc Description: Digital signature
Re: BIND9 built w/--disable-ipv6 on 8.1-STABLE
On Sun, Sep 19, 2010 at 02:37:21PM -0400, Mark Kamichoff wrote: > I just noticed (well, via a discussion in #ipv6 on freenode) that the > default configure arguments for BIND9 on 8.1 include '--disable-ipv6'. > > % grep CONFIGARGS /usr/src/usr.sbin/named/Makefile > CONFIGARGS='--prefix=/usr' '--infodir=/usr/share/info' > '--mandir=/usr/share/man' '--enable-threads' '--disable-ipv6' > '--enable-getifaddrs' '--disable-linux-caps' '--with-openssl=/usr' > '--with-randomdev=/dev/random' > > This results in BIND9 not listening on IPv6 sockets, even if the > listen-on-v6 directive is explicitly configured in the configuration > file. Even worse, and why I didn't pick up on it until now, is that no > warnings or errors are emitted about this during startup, although I > suppose that is more of a BIND problem than a FreeBSD one. Strangely > enough, the control socket still listens on ::1 in addition to > 127.0.0.1. > > Does anyone know why this was done, or if there's any harm in reenabling > it and rebuilding? Well, you can safely ignore this! I realized afterwards that '--disable-ipv6' just disables the default use of IPv6 in BIND, it doesn't completely disable the protocol. Turns out I was querying the wrong address with DIG when testing this, too. listen-on-v6 certainly works as expected, and enables IPv6 like it should. Although, that still does beg the question, why don't we want IPv6 enabled by default on new BIND installations? - Mark -- Mark Kamichoff p...@prolixium.com http://www.prolixium.com/ signature.asc Description: Digital signature
BIND9 built w/--disable-ipv6 on 8.1-STABLE
Hi - I just noticed (well, via a discussion in #ipv6 on freenode) that the default configure arguments for BIND9 on 8.1 include '--disable-ipv6'. % grep CONFIGARGS /usr/src/usr.sbin/named/Makefile CONFIGARGS='--prefix=/usr' '--infodir=/usr/share/info' '--mandir=/usr/share/man' '--enable-threads' '--disable-ipv6' '--enable-getifaddrs' '--disable-linux-caps' '--with-openssl=/usr' '--with-randomdev=/dev/random' This results in BIND9 not listening on IPv6 sockets, even if the listen-on-v6 directive is explicitly configured in the configuration file. Even worse, and why I didn't pick up on it until now, is that no warnings or errors are emitted about this during startup, although I suppose that is more of a BIND problem than a FreeBSD one. Strangely enough, the control socket still listens on ::1 in addition to 127.0.0.1. Does anyone know why this was done, or if there's any harm in reenabling it and rebuilding? - Mark -- Mark Kamichoff p...@prolixium.com http://www.prolixium.com/ signature.asc Description: Digital signature
Panics with 6.2-STABLE, Quagga-related
34 318
302 286 270 254 238 222 206 190 174 158 142 126 110 94 78 62 46 30 14
#0 doadump () at pcpu.h:165
165 __asm __volatile("movl %%fs:0,%0" : "=r" (td));
(kgdb) bt
#0 doadump () at pcpu.h:165
#1 0xc052fe16 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:409
#2 0xc0530120 in panic (fmt=0xc070b714 "%s") at
/usr/src/sys/kern/kern_shutdown.c:565
#3 0xc06e75c5 in trap_fatal (frame=0xd43f2ae8, eva=0) at
/usr/src/sys/i386/i386/trap.c:837
#4 0xc06e6cdd in trap (frame= {tf_fs = -1067450360, tf_es = -734068696, tf_ds =
40, tf_edi = -1019703296, tf_esi = -1020561536, tf_ebp = -734057684, tf_isp =
-734057708, tf_ebx = -1020603584, tf_edx = -1020561536, tf_ecx = 4, tf_eax = 4,
tf_trapno = 12, tf_err = 0, tf_eip = -1068149383, tf_cs = 32, tf_eflags =
65543, tf_esp = -1020561536, tf_ss = -734057648}) at
/usr/src/sys/i386/i386/trap.c:270
#5 0xc06d408a in calltrap () at /usr/src/sys/i386/i386/exception.s:139
#6 0xc079 in turnstile_setowner (ts=0xc32ad340, owner=0x4)
at /usr/src/sys/kern/subr_turnstile.c:434
#7 0xc05558a5 in turnstile_wait (lock=0xc38a9504, owner=0x4)
at /usr/src/sys/kern/subr_turnstile.c:593
#8 0xc0525783 in _mtx_lock_sleep (m=0xc38a9504, tid=3274405760, opts=0,
file=0x0, line=0) at /usr/src/sys/kern/kern_mutex.c:579
#9 0xc06016ae in nd6_output (ifp=0xc3389000, origifp=0x4, m0=0xc60f5500,
dst=0xc38a831c, rt0=0xc3764630) at /usr/src/sys/netinet6/nd6.c:2010
#10 0xc05f5218 in ip6_forward (m=0xc60f5500, srcrt=0) at
/usr/src/sys/netinet6/ip6_forward.c:626
#11 0xc05f64ad in ip6_input (m=0xc60f5500) at
/usr/src/sys/netinet6/ip6_input.c:732
#12 0xc05b8a67 in netisr_processqueue (ni=0xc0779d44) at
/usr/src/sys/net/netisr.c:236
#13 0xc05b8c5d in swi_net (dummy=0x0) at /usr/src/sys/net/netisr.c:343
#14 0xc0516cca in ithread_execute_handlers (p=0xc32b6a78, ie=0xc32f8300)
at /usr/src/sys/kern/kern_intr.c:682
#15 0xc0516e0b in ithread_loop (arg=0xc3283700) at
/usr/src/sys/kern/kern_intr.c:765
#16 0xc0515901 in fork_exit (callout=0xc0516da8 , arg=0x4,
frame=0x4) at /usr/src/sys/kern/kern_fork.c:821
#17 0xc06d40ec in fork_trampoline () at /usr/src/sys/i386/i386/exception.s:208
(kgdb)
Thanks!
- Mark
--
Mark Kamichoff
[EMAIL PROTECTED]
http://prolixium.com/
Rensselaer Polytechnic Institute, Class of 2004
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
6-STABLE and IPv6/Quagga
Greetings - I'm curious.. how many folks out there actually use FreeBSD 6-STABLE as an IPv6 firewall, with dynamic routing? I only pose the question, because it seems there have been (and still are) a few fairly major bugs that affect this certain type of setup: http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/105966 [solved, probably a dup anyway] http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/104569 [?] When I say IPv6 firewall with dynamic routing, it usually means the following setup: * FreeBSD 6.x w/pf * Quagga w/ospf6d, possibly ospfd, too * Multiple gif/tun and Ethernet interfaces Granted, most of these bugs involve the Quagga routing daemons, but shouldn't cause OS panicks. I still have a couple boxes sticking with 5.4-RELEASE, because of these issues. It'd be nice to move them to 6.x. Thoughts? If the suggestion is to avoid Quagga, are there other recommended alternatives that implement OSPFv2/3? Happy Holidays :-) - Mark -- Mark Kamichoff [EMAIL PROTECTED] http://prolixium.com/ Rensselaer Polytechnic Institute, Class of 2004 signature.asc Description: Digital signature
