ipv6 default router Operation not permitted

Schrodinger schrodinger at konundrum.org
Tue Mar 12 22:50:30 UTC 2013 

Hi,

I have a problem reaching my ipv6 default router.

# ping6 -c 1 2001:41d0:2:e7ff:ff:ff:ff:ff
PING6(56=40+8+8 bytes) 2001:41d0:2:e7c4::1 --> 2001:41d0:2:e7ff:ff:ff:ff:ff
ping6: sendmsg: Operation not permitted
ping6: wrote 2001:41d0:2:e7ff:ff:ff:ff:ff 16 chars, ret=-1

--- 2001:41d0:2:e7ff:ff:ff:ff:ff ping6 statistics ---
1 packets transmitted, 0 packets received, 100.0% packet loss

It is the same issue as posted here :

 http://lists.freebsd.org/pipermail/freebsd-net/2012-February/031518.html

However, I believe the problem Mr Dandy was experiencing was he should
have changed his default gateway from:

 ipv6_defaultrouter="2a01:4f8:61:50c0::1"

To:

 ipv6_defaultrouter="fe80::1%re0"

As per Hertzner documentation.

http://wiki.hetzner.de/index.php/FreeBSD_installieren/en#Network_Configuration

I am not hosted with Hertzner but I have the same broken network
configuration and am uncertain of the Correct Fix.

I have:

::: /etc/rc.conf :::

ipv6_activate_all_interfaces="YES"
ipv6_default_interface="re0"
ipv6_network_interfaces="auto"
ip6addrctl_policy="ipv6_prefer"

ifconfig_re0_ipv6="inet6 2001:41D0:2:E7c4::1 prefixlen 64"

ipv6_static_routes="ovhgw default"
ipv6_route_ovhgw="2001:41d0:2:e7ff:ff:ff:ff:ff -prefixlen 128 -interface re0"
ipv6_route_default="default 2001:41d0:2:e7ff:ff:ff:ff:ff"

The default IPv6 router is _outside_ of my assigned /64 prefix, this is
why an interface route is set and is configured this way to ensure the
interface route is applied before the default IPv6 router is added to
the routing table. If I do not do this I will receive an error on boot
to say that the default gateway cannot be reached. There is also no
firewall in place on the host OS.

However this configuration does not work.

# ping6 -c 1 2001:41d0:2:e7ff:ff:ff:ff:ff
PING6(56=40+8+8 bytes) 2001:41d0:2:e7c4::1 --> 2001:41d0:2:e7ff:ff:ff:ff:ff
ping6: sendmsg: Operation not permitted
ping6: wrote 2001:41d0:2:e7ff:ff:ff:ff:ff 16 chars, ret=-1

--- 2001:41d0:2:e7ff:ff:ff:ff:ff ping6 statistics ---
1 packets transmitted, 0 packets received, 100.0% packet loss

If I do 

 # ifconfig re0 inet6 accept_rtadv

It works :

# ping6 -c 1 2001:41d0:2:e7ff:ff:ff:ff:ff
PING6(56=40+8+8 bytes) 2001:41d0:2:e7c4::1 --> 2001:41d0:2:e7ff:ff:ff:ff:ff
16 bytes from 2001:41d0:2:e7ff:ff:ff:ff:ff, icmp_seq=0 hlim=64 time=4.935 ms

--- 2001:41d0:2:e7ff:ff:ff:ff:ff ping6 statistics ---
1 packets transmitted, 1 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 4.935/4.935/4.935/0.000 ms


Alternatively, knowing the Linklayer Address of my default gateway, I
could set a static ndp pair :

 # ifconfig re0 inet6 -accept_rtadv
 # ndp -s 2001:41d0:2:e7ff:ff:ff:ff:ff 00:05:73:a0:00:00

And it works:

# ping6 -c 1 2001:41d0:2:e7ff:ff:ff:ff:ff
PING6(56=40+8+8 bytes) 2001:41d0:2:e7c4::1 --> 2001:41d0:2:e7ff:ff:ff:ff:ff
16 bytes from 2001:41d0:2:e7ff:ff:ff:ff:ff, icmp_seq=0 hlim=64 time=3.582 ms

--- 2001:41d0:2:e7ff:ff:ff:ff:ff ping6 statistics ---
1 packets transmitted, 1 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 3.582/3.582/3.582/0.000 ms

If I do :

 # ndp -d 2001:41d0:2:e7ff:ff:ff:ff:ff

It stops working again :

# ping6 -c 1 2001:41d0:2:e7ff:ff:ff:ff:ff
PING6(56=40+8+8 bytes) 2001:41d0:2:e7c4::1 --> 2001:41d0:2:e7ff:ff:ff:ff:ff
ping6: sendmsg: Operation not permitted
ping6: wrote 2001:41d0:2:e7ff:ff:ff:ff:ff 16 chars, ret=-1

--- 2001:41d0:2:e7ff:ff:ff:ff:ff ping6 statistics ---
1 packets transmitted, 0 packets received, 100.0% packet loss

It seems the simple solution is to have re0 ACCEPT_RTADV but I am told
that my default gateway does not perform router advertisements. 

In my own networks I have a static default route for inet6 and I am not
required to set any interfaces ACCEPT_RTADV.

Can anybody shed some light on the correct configuration?

Who is at fault here ?

 - Me
 - Hosting
 - FreeBSD
 - The universe

Cheers,
C.
-- 
+---------------------------------------------------------------+
Quidquid latine dictum sit, altum sonatur.
ICQ: 112562229
GPG: http://www.konundrum.org/schro.asc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 834 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-net/attachments/20130312/37f82602/attachment.sig>

More information about the freebsd-net mailing list