Recent changes in routing or IPv6 related parts?
Alexander Leidinger
Alexander at leidinger.net
Sun May 27 19:12:58 UTC 2018
Quoting Chris H <bsd-lists at bsdforge.com> (from Tue, 22 May 2018
09:59:04 -0700):
> On Tue, 22 May 2018 10:12:22 +0200 "Alexander Leidinger"
> <Alexander at leidinger.net> said
>
>> Hi,
>>
>> I've updated 2 machines to r333966 and I see a change in the
>> behavior in the network area on one of the systems.
>>
>> To begin with, the "original" behavior was not OK either, the em
>> NIC fails to "do proper network communication"
>> (https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=220997). A
>> workaround for me was so far to do an IPv4 ping to the router from
>> time to time, and if it fails do some ifconfig down/up. If the ping
>> doesn't work afterwards, reboot. Most of the time this worked.
>>
>> Now I see a change in behavior, the scripts kicks in, all is ok for
>> the script afterwards, but internally (inside the machine) I can't
>> reach ipv6 jails. The system is reachable externally (only tested
>> so far is the main host-IP).
>>
>> The setup is vimage based, several jails (via iocage) on epairs
>> connected via bridge to the NIC. One bridge for IPv6, one for IPv4.
>> rc.conf has prefer IPv4 setting after encountering another issue.
>>
>> One IPv4 address (/32) for the host where a nginx is running to
>> proxy port 80 and 443 requests on IPv4 to the IPv6 addresses of
>> the jails (IPv6 access is going directly to the jails).
>>
>> After a reboot, the nginx on the main IPv4 address delivers data
>> from the ipv6 addresses of the jails (rev-proxy setup). After a
>> while this stops working. The workaround-script mentioned above
>> doesn't change this behavior. Restarting nginx doesn't help. A
>> reboot helps.
>>
>> Has someone an idea of recent changes in a related area which may
>> be able to cause such an issue? Any rev I could try to revert to
>> check if it is related?
> Hello, Alexander.
> I'm not sure if this landed in -CURRENT. I only know it landed in 11.
> But your trouble might be related to pr #224247 :
>
> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=224247
>
> Hope this helps.
Thanks, I've compiled a kernel which will print a message with the
interface name when a packet will be dropped because of this. If I see
something which makes it look like it could be related, I will disable
it and try again.
Bye,
Alexander.
--
http://www.Leidinger.net Alexander at Leidinger.net: PGP 0x8F31830F9F2772BF
http://www.FreeBSD.org netchild at FreeBSD.org : PGP 0x8F31830F9F2772BF
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: Digitale PGP-Signatur
URL: <http://lists.freebsd.org/pipermail/freebsd-current/attachments/20180527/6e5cab33/attachment.sig>
More information about the freebsd-current
mailing list