Summary: | The rtadvd cannot avoid the prefix that doesn't want to advertise. | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Product: | Base System | Reporter: | Tatsuki Makino <tatsuki_makino> | ||||||||||||||||
Component: | bin | Assignee: | Hiroki Sato <hrs> | ||||||||||||||||
Status: | Open --- | ||||||||||||||||||
Severity: | Affects Only Me | ||||||||||||||||||
Priority: | Normal | ||||||||||||||||||
Version: | 6.4-RELEASE | ||||||||||||||||||
Hardware: | Any | ||||||||||||||||||
OS: | Any | ||||||||||||||||||
Attachments: |
|
Description
Tatsuki Makino
2010-02-27 11:50:01 UTC
Responsible Changed From-To: freebsd-bugs->hrs I'll take this. ----Security_Multipart(Sat_Feb_27_21_57_11_2010_461)-- Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Tatsuki Makino <tatsuki_makino@hotmail.com> wrote in <201002271145.o1RBjZ21027540@www.freebsd.org>: ta> ta> >Number: 144343 ta> >Category: bin ta> >Synopsis: The rtadvd cannot avoid the prefix that doesn't want to advertise. ta> >Confidential: no ta> >Severity: non-critical ta> >Priority: low ta> >Responsible: freebsd-bugs ta> >State: open ta> >Quarter: ta> >Keywords: ta> >Date-Required: ta> >Class: change-request ta> >Submitter-Id: current-users ta> >Arrival-Date: Sat Feb 27 11:50:01 UTC 2010 ta> >Closed-Date: ta> >Last-Modified: ta> >Originator: Tatsuki Makino ta> >Release: FreeBSD 6.4-RELEASE-p9 i386 ta> >Organization: ta> >Environment: ta> FreeBSD T0.test 6.4-RELEASE-p9 FreeBSD 6.4-RELEASE-p9 #0: Thu Jan 7 11:28:17 GMT 2010 root@T0.test:/usr/obj/usr/src/sys/GENERIC i386 ta> >Description: ta> When one network interface has 2 prefixes or more, all prefixes are advertised. I don't hope for it. ta> When choice prefixes to advertise by configuration file, it is limited only to static prefixes. I want also to advertise dynamic prefix. ta> >How-To-Repeat: ta> -- Host T0: ta> ta> /etc/rc.conf (snipped) ta> ipv6_gateway_enable="YES" ta> rtadvd_enable="YES" ta> rtadvd_interfaces="rl0" ta> ta> rl0 has these addresses as follows ta> inet6 2001:db8:0:0::0 prefixlen 64 # fixed ta> inet6 2001:db8:0:1:: prefixlen 64 # add or remove dynamically ta> inet6 2001:db8:0:2:: prefixlen 64 # add or remove dynamically ta> inet6 2001:db8:0:3:: prefixlen 64 # add or remove dynamically ta> (snip) ta> inet6 2001:db8:0:ffff:: prefixlen 64 # add or remove dynamically ta> ta> -- ta> ta> -- Host T2: ta> ta> /etc/sysctl.conf (snipped) ta> net.inet6.ip6.use_tempaddr=1 ta> net.inet6.ip6.prefer_tempaddr=1 ta> ta> rl0 has these addresses as follows ta> ether XX:XX:XX:XX:XX:XX ta> inet6 2001:db8:0:0::1 prefixlen 64 # fixed (A) ta> inet6 2001:db8:0:0:XXXX:XXff:feXX:XXXX prefixlen 64 # or this (B) ta> ta> -- ta> ta> rl0 on T0 and rl0 on T2 are connected via cable. ta> When T2 used inet6 address (A), T2 generate tempaddr. I don't want to tempaddr for 2001:db8:0:0/64. ta> When T2 used inet6 address (B), T2 log a lot of messages as "in6_ifadd: 2001:db8::XXXX:XXff:feXX:XXXX is already configured". ta> >Fix: ta> Patch it (written for 6.4-RELEASE). ta> Build and install. ta> Configure /etc/rtadvd.conf as follows ta> ta> rl0:\ ta> :ignoreaddr="2001:db8::":ignoreprefixlen#8: ta> ta> Start rtadvd. ta> ta> I don't know it is useful for you... ta> If it is not useful for you, close this PR immediately. I am still not sure what you think as an issue. Especially the following are cryptic for me: a) Is Host T0 really a host? Or you mean a router instead? b) Does Host T2 use SLAAC? If so, is it necessary for you in your scenario for some reason? c) How do you control which address is used on T2? ip6addrctl? d) If it is correct that you do not want communication with 2001:db8:: from T2 by using a tempaddr generated within 2001:db8::/64 subnet as the src addr, what case do you want the tempaddr in? -- Hiroki ----Security_Multipart(Sat_Feb_27_21_57_11_2010_461)-- Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iEYEABECAAYFAkuJFqcACgkQTyzT2CeTzy25TgCgoCrWJw+zav7F5LEGoikxJKwI 30kAnRmrcB6G1T2CGAmYS5QZaKFY7x5A =zvO0 -----END PGP SIGNATURE----- ----Security_Multipart(Sat_Feb_27_21_57_11_2010_461)---- I'm sorry. I mistook. I forgot some important points. T0 is working for routing. It has 2 network interfaces, ndis0 and rl0. ndis0 is established 2001:db8:0::/48 at this time. rl0 has already been described. T2 uses fixed address 2001:db8:0:0::1 for source address when connecting to T0. T2 uses generated tempaddr (prefix 2001:db8:0:1::/64 from RA) for source address when outgoing the Internet via T0. It is achieved by the following prefix policy. Prefix Prec Label ::1/128 50 0 ::/0 40 1 2002::/16 30 2 2001:db8:0:0::/64 25 5 ::/96 20 3 ::ffff:0.0.0.0/96 10 4 The goal is T2's address is acknowledged as 2001:db8:0:0::1 by T0. At the same time, T2's address is acknowledged as 2001:db8:0:1:XXXX:XXXX:XXXX:XXXX by www.FreeBSD.org. And correction: Wrong part is as follows. Configure /etc/rtadvd.conf as follows rl0:\ :ignoreaddr="2001:db8::":ignoreprefixlen#8: Correction is as follows. Configure /etc/rtadvd.conf as follows rl0:\ :ignoreaddr="2001:db8::":ignoreprefixlen#64: -- This is a patch remade for 8-STABLE (svn rev. 208589). These are patches that can apply to 8.2-STABLE (patch-8-...) and 9.0-STABLE (patch-9-...). patch-9 is also applicable to http://svn.freebsd.org/base/head/usr.sbin/rtadvd Revision 230465. These patches has been changed parts of below since my first report. * Stopped the diversion of struct prefix. * ignoreplen capability substituted for ignoreprefixlen. Configure file included with this archive is example. If it load, # ifconfig rl0 inet6 2001:db8:0:0:: prefixlen 64 alias # this prefix is not advertised. # ifconfig rl0 inet6 2001:db8:0:1:: prefixlen 64 alias # this prefix is not advertised. # ifconfig rl0 inet6 2001:db8:0:2:: prefixlen 64 alias # this prefix is advertised. It can control prefix to advertise without editing. Created attachment 155714 [details]
patch for 9-STABLE r275352-r281326
I am using this patch now.
This patch could be applied to head r281721 without editing.
Created attachment 155715 [details]
config file when using this patch
Besides, add prefix policy by ip6addrctl like below.
2001:db8:0:0::/64 38 20
2001:db8:0:1::/64 38 21
And, em0 has inet6 addresses like below.
inet6 fe80::XXXX:XXff:feXX:XXXX%em0 prefixlen 64 scopeid 0x1
inet6 XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX prefixlen 64
inet6 2001:db8:0:0::1 prefixlen 64
Created attachment 170079 [details]
patch for 10-STABLE (r292068)
batch change: For bugs that match the following - Status Is In progress AND - Untouched since 2018-01-01. AND - Affects Base System OR Documentation DO: Reset to open status. Note: I did a quick pass but if you are getting this email it might be worthwhile to double check to see if this bug ought to be closed. Created attachment 193803 [details] patch for head (revision 333475) This is a regenerated patch for head. But I actually use it for stable/10. It is activated by writing like a attachment 155715 [details] in the rtadvd.conf. The interface has multiple IPv6 addresses as follows. em0: flags=... inet6 2001:db8:: prefixlen 64 inet6 2001:db8:0:1:: prefixlen 64 inet6 2001:db8:0:2:: prefixlen 64 These prefixes are set to use properly. ip6addrctl add 2001:db8:0;1::/64 38 21 ip6addrctl add 2001:db8:0;2::/64 38 22 Computers on the far side of em0 get only 2001:db8::/64 of prefixes. Computers on the far side of em0 can use 2001:db8:0:1::/64 and 2001:db8:0:2::/64 prefixes if additional IPv6 address and address selection policy are set manually. Even after years, English is difficult :) |