From nobody Tue Dec 05 12:02:22 2023 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SkzgH1Tfhz52tGN for ; Tue, 5 Dec 2023 12:02:35 +0000 (UTC) (envelope-from meka@tilda.center) Received: from eniac.tilda.center (eniac.tilda.center [95.179.137.175]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4SkzgF5YDqz4WGK for ; Tue, 5 Dec 2023 12:02:33 +0000 (UTC) (envelope-from meka@tilda.center) Authentication-Results: mx1.freebsd.org; dkim=none; spf=pass (mx1.freebsd.org: domain of meka@tilda.center designates 95.179.137.175 as permitted sender) smtp.mailfrom=meka@tilda.center; dmarc=pass (policy=reject) header.from=tilda.center Received: from [192.168.111.5] (tilda.center [109.93.255.137]) by eniac.tilda.center (Postfix) with ESMTPSA id C0A7C29AEA for ; Tue, 5 Dec 2023 12:02:22 +0000 (UTC) Message-ID: Date: Tue, 5 Dec 2023 13:02:22 +0100 List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Content-Language: en-US To: freebsd-net@freebsd.org From: =?UTF-8?Q?Goran_Meki=C4=87?= Subject: Problems with IPv6 and Vultr Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Spamd-Result: default: False [-1.54 / 15.00]; NEURAL_HAM_SHORT(-0.96)[-0.955]; R_MIXED_CHARSET(0.63)[subject]; NEURAL_HAM_LONG(-0.59)[-0.593]; DMARC_POLICY_ALLOW(-0.50)[tilda.center,reject]; R_SPF_ALLOW(-0.20)[+mx]; MIME_GOOD(-0.10)[text/plain]; ONCE_RECEIVED(0.10)[]; NEURAL_SPAM_MEDIUM(0.08)[0.078]; XM_UA_NO_VERSION(0.01)[]; R_DKIM_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org]; ARC_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:20473, ipnet:95.179.128.0/20, country:US]; RCVD_COUNT_ONE(0.00)[1]; MLMMJ_DEST(0.00)[freebsd-net@freebsd.org]; FROM_HAS_DN(0.00)[]; TO_DN_NONE(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RCVD_TLS_ALL(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[] X-Rspamd-Queue-Id: 4SkzgF5YDqz4WGK X-Spamd-Bar: - Hello, I have a problem with IPv6 and Vultr VM. I am getting 2001:19f0:5401:1699::/64 on vtnet0 and I would like to use that block for host and jails, but for some reason that box doesn't respond to any ping except the one set on vtnet0. /etc/rc.conf: hostname="ipv6" sshd_enable="YES" ntpd_enable="YES" static_routes="linklocal" route_linklocal="-net 169.254.0.0/16 -interface vtnet0" sendmail_enable="NONE" dhclient_program="/usr/local/sbin/dhcpcd" ifconfig_vtnet0="DHCP -rxcsum -tso" ifconfig_vtnet0_ipv6="inet6 2001:19f0:5401:1699::1/128 -rxcsum6 -tso6" cloned_interfaces="bridge0" ifconfig_bridge0_ipv6="inet6 2001:19f0:5401:1699::2/64 auto_linklocal" ipv6_cpe_wanif="vtnet0" /usr/local/etc/dhcpcd.conf: duid persistent vendorclassid option domain_name_servers, domain_name, domain_search option classless_static_routes option interface_mtu option host_name option rapid_commit require dhcp_server_identifier slaac private interface vtnet0   ipv6rs   ipv6ra_noautoconf /usr/local/etc/dhcpcd.exit-hook: #!/bin/sh # Without this I can not ping jails from host, but I'm not sure why I have to # do it explicitly /sbin/route -6 change -net 2001:19f0:5401:1699::/64 -iface bridge0 Some more info: # netstat -rn Routing tables Internet: Destination        Gateway            Flags     Netif Expire 100.68.0.0/18      link#1             U        vtnet0 100.68.15.72       link#2             UHS         lo0 127.0.0.1          link#2             UH          lo0 169.254.0.0/16     link#1             US       vtnet0 169.254.169.254    100.68.0.1         UGH      vtnet0 Internet6: Destination                       Gateway Flags     Netif Expire ::/96                             link#2 URS         lo0 default                           fe80::fc00:4ff:feaa:8dae%vtnet0 UG     vtnet0 ::1                               link#2 UHS         lo0 ::ffff:0.0.0.0/96                 link#2 URS         lo0 2001:19f0:5401:1699::/64          link#3 US      bridge0 2001:19f0:5401:1699::1            link#2 UHS         lo0 2001:19f0:5401:1699::2            link#2 UHS         lo0 fe80::%lo0/10                     link#2 URS         lo0 fe80::%vtnet0/64                  link#1 U        vtnet0 fe80::5400:4ff:feaa:8dae%lo0      link#2 UHS         lo0 fe80::%lo0/64                     link#2 U           lo0 fe80::1%lo0                       link#2 UHS         lo0 fe80::%bridge0/64                 link#3 U       bridge0 fe80::5a9c:fcff:fe10:9356%lo0     link#2 UHS         lo0 ff02::/16                         link#2 URS         lo0 # ifconfig vtnet0: flags=1008843 metric 0 mtu 1500  options=4c00ba     ether 56:00:04:aa:8d:ae     inet 100.68.15.72 netmask 0xffffc000 broadcast 100.68.63.255     inet6 2001:19f0:5401:1699::1 prefixlen 128     inet6 fe80::5400:4ff:feaa:8dae%vtnet0 prefixlen 64 scopeid 0x1     media: Ethernet autoselect (10Gbase-T )     status: active     nd6 options=1 lo0: flags=1008049 metric 0 mtu 16384  options=680003     inet 127.0.0.1 netmask 0xff000000     inet6 ::1 prefixlen 128     inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2     groups: lo     nd6 options=21 bridge0: flags=1008843 metric 0 mtu 1500     options=0     ether 58:9c:fc:10:93:56     inet6 fe80::5a9c:fcff:fe10:9356%bridge0 prefixlen 64 scopeid 0x3     inet6 2001:19f0:5401:1699::2 prefixlen 64     id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15     maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200     root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0     groups: bridge     nd6 options=61 If I ping 2001:19f0:5401:1699::2 this is what I have on vtnet0: # tcpdump -nvi vtnet0 icmp6 tcpdump: listening on vtnet0, link-type EN10MB (Ethernet), snapshot length 262144 bytes 12:54:42.327405 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 32) fe80::fc00:4ff:feaa:8dae > ff02::1:ff00:2: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has 2001:19f0:5401:1699::2       source link-address option (1), length 8 (1): fe:00:04:aa:8d:ae 12:54:43.337581 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 32) fe80::fc00:4ff:feaa:8dae > ff02::1:ff00:2: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has 2001:19f0:5401:1699::2       source link-address option (1), length 8 (1): fe:00:04:aa:8d:ae 12:54:44.361596 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 32) fe80::fc00:4ff:feaa:8dae > ff02::1:ff00:2: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has 2001:19f0:5401:1699::2       source link-address option (1), length 8 (1): fe:00:04:aa:8d:ae What is weird is that the VM knows where that IP is: # ndp -na Neighbor                             Linklayer Address  Netif Expire    1s 5s 2001:19f0:5401:1699::1               56:00:04:aa:8d:ae vtnet0 permanent R fe80::fc00:4ff:feaa:8dae%vtnet0      fe:00:04:aa:8d:ae vtnet0 44s       R R fe80::5400:4ff:feaa:8dae%vtnet0      56:00:04:aa:8d:ae vtnet0 permanent R 2001:19f0:5401:1699::2               58:9c:fc:10:93:56 bridge0 permanent R fe80::5a9c:fcff:fe10:9356%bridge0    58:9c:fc:10:93:56 bridge0 permanent R What am I doing wrong? Regards, meka