IPv6 aliases: one doesn't work, the other do

Frédéric Perrin frederic.perrin at resel.fr
Sun Apr 25 20:51:45 UTC 2010 

Le Lundi 26 à  2:18, Hiroki Sato a écrit :
> Frédéric Perrin <frederic.perrin at resel.fr> wrote
>   in <20100425183825.2ee419d3 at girafe.home>:
>fr> I have a box running 8.0-RELEASE on i386. It has several jails,
>fr> each one being given an IPv6 alias. I notice that some jails can
>fr> be reached from the outside, others can't. Conversely, if I set
>fr> as the source address alias1, nothing comes back; it I set as the
>fr> source address alias2, it works as expected. The following
>fr> transcript may be clearer:
>fr> 
>fr> This is happening on papillon, the host (meaning not a jail),
>fr> after a fresh reboot.
>
>  Did you get the same results of traceroute6 lines even before setting
>  up the jails, or only after it?  I am interested in whether this
>  symptom appears or not when just adding IPv6 aliases to vr0 and no
>  jail.

Sure. I just set ezjail_enable="NO" and rebooted. And the result is...

It looks like the aliases that don't work were juste shuffled around.
(NB, in the previous run, the non-functionning aliases were ::3 and
::5. Now, only ::5 is broken. I seem to remember having issues with
others, but as I don't use IPv6 very often, I didn't keep track of
which aliases were working or not.)

,----
| papillon:~% traceroute6 -s 2001:41d0:1:8248::3 www.renater.fr 
| traceroute6 to www.renater.fr (2001:660:3001:4002::10) from 2001:41d0:1:8248::3, 64 hops max, 12 byte packets
|  1  2001:41d0:1:82ff:ff:ff:ff:ff  3.332 ms *  141.131 ms
|  2  ipv6.th1-1-6k.routers.net  9.994 ms *  13.867 ms
|  3  ipv6.th2-1-6k.routers.net  4.810 ms *  18.300 ms
|  4  renater-th2.sfinx.tm.fr  5.476 ms  4.456 ms  4.232 ms
|  5  te0-3-4-0-paris1-rtr-001.noc.renater.fr  4.670 ms  4.647 ms  4.450 ms
|  6  te2-1-paris1-rtr-021.noc.renater.fr  4.412 ms  4.393 ms  4.353 ms
|  7  gip-renater-vl300-gi8-15-paris1-rtr-021.noc.renater.fr  5.279 ms !P  5.210 ms !P  5.190 ms !P
| papillon:~% traceroute6 -n -s 2001:41d0:1:8248::5 www.renater.fr 
| traceroute6 to www.renater.fr (2001:660:3001:4002::10) from 2001:41d0:1:8248::5, 64 hops max, 12 byte packets
|  1  * * *
|  2  * * *
|  3  * * *
|  4  * * *
| ^C
`----

And if I ping my server from a remote host (tweaked the ping6 options
to have more samples while trying not to stress the network):

,----
| fperrin at gadget:~$ for i in $( seq 5); do echo -n "$i - "; ping6 -c10 -i30 2001:41d0:1:8248::$i|grep loss; done
| 1 - 10 packets transmitted, 10 received, 0% packet loss, time 270036ms
| 2 - 10 packets transmitted, 10 received, 0% packet loss, time 270030ms
| 3 - 10 packets transmitted, 10 received, 0% packet loss, time 270034ms
| 4 - 10 packets transmitted, 10 received, 0% packet loss, time 270032ms
| 5 - 10 packets transmitted, 0 received, +10 errors, 100% packet loss, time 270030ms
`----

I get the same results after starting the jails (with
/usr/local/etc/rc.d/ezjail onestart).

Oh, and keeping me in the Cc: list as you did is a good idea, I'm not
subscribed to the list.

-- 
Fred
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-net/attachments/20100425/8b2140e1/signature.pgp

More information about the freebsd-net mailing list