On Fri, Oct 26, 2012 at 03:52:15AM +0900, Hiroki Sato wrote: > Brian Somers <br...@freebsd.org> wrote > in <20121025171827.ga59...@thong.lan.awfulhak.org>: > > br> After upgrading from 8-STABLE to 9-STABLE on Monday, IPv6 routing > br> advertisments were broken. Disabling accept (enabling send) appeared > br> to be necessary to get things up and running. > br> > br> As you say, net.inet6.ip6.accept_rtadv is set to zero (off, meaning > br> that we *can* send advertisments), so I don't now what the issue > br> is. Irrespective of this, I think it's useful to explicitly set > br> the interface to be able to send advertisments when running rtadvd > br> - just in case the sysctl is set to 1 elsewhere. > br> > br> Doing an "ifconfig <interface> inet6 accept_rtadv" after boot doesn't > br> seem to disable sending advertisments, so I'm finding it difficult > br> to test this remotely... testing is awkward when I'm not at home > br> as this machine is also suffering from the "can't reboot" issue!! > br> > br> I'll look into why the sysctl doesn't seem to behave as expected > br> when I get home this evening. > > In 9.X and later the meaning of net.inet6.ip6.accept_rtadv has been > changed and the flag for whether receiving RAs or not is now in a > per-IF basis. 9.0R release note says the following: > > | The sysctl(8) variable net.inet6.ip6.accept_rtadv has been > | changed. It was a system-wide configuration knob which controlled > | whether the system accepts ICMPv6 Router Advertisement messages or > | not. In FreeBSD 9.0-RELEASE, this knob is converted into a > | per-interface inet6 accept_rtadv ifconfig(8) option. Although the > | sysctl(8) variable is available still in FreeBSD 9.0-RELEASE, it > | now controls whether the per-interface option is set by default or > | not. The default value is 0 (not accept the RA messages). > > So, by default RAs can be sent on any interface even if setting > net.inet6.ip6.accept_rtadv=1 manually after a boot because no > accept_rtadv per-IF flag is set. I guess this was a source of the > confusion. I am not sure why setting accept_rtadv flag on an > interface did not prevent from sending RAs in your case. It is not > an intended behavior. If it is reproducible, please let me know. > > The release notes explains more details of IPv6 configuration > migration from 8.X to 9.X.
When I reboot and don't use -accept_rtadv (and leave net.inet6.ip6.accept_rtadv set to zero), I repeatedly see this in /var/log/messages: Oct 26 16:31:26 gw rtadvd[2879]: non-zero lifetime RA on RA receiving interface sk0. Ignored. Oct 26 16:31:33 gw rtadvd[2879]: non-zero lifetime RA on RA receiving interface bridge0. Ignored. Oct 26 16:31:42 gw rtadvd[2879]: non-zero lifetime RA on RA receiving interface sk0. Ignored. Oct 26 16:31:49 gw rtadvd[2879]: non-zero lifetime RA on RA receiving interface bridge0. Ignored. This seems to be the problem. Because check_accept_rtadv() (in rtadvd) reports the interface as being able to accept RAs (it finds the ND6_IFF_ACCEPT_RTADV flag), it drops outgoing RAs and nothing happens. -- Brian Somers <br...@awfulhak.org> Don't _EVER_ lose your sense of humour ! <br...@freebsd.org>
pgpDiEVGHFZfw.pgp
Description: PGP signature