IPv6 MLD packets blocked
Bernhard Schmidt
berni at birkenwald.de
Sat Dec 4 11:13:10 PST 2004
Hi,
> > I'm currently trying to enable IPv6 multicast forwarding on my FreeBSD
> > home gateway. With both pim6sd and xorp I had the problem that MLD (IGMP
> > for IPv6) from clients did not come through to the appropriate daemon
> > and therefor groups are never subscribed.
> >
> > This seems to be a problem with pf. When I disable pf with "pfctl -d" it
> > works like a charm; when I enable pf again, even with the simple ruleset
> >
> > pass all
> Does your setup include a 6to4 (stf(4)) device? If so then you should move to
> a RELENG_5 with pf_if.c, rev. 1.5.2.2. (you can simply move that one file).
No, but several gif-Interfaces. The interface I have troubles with
receiving MLD messages is a plain ethernet, vr(4).
> To debug a problem like this you should use a ruleset like:
>
> block log all
> pass all
>
> and watch pflog on tcpdump. It'll give you information why a packet is
> dropped.
No packets are dropped according to tcpdump, but it still doesn't work.
> Increasing the verbosity of pf's debug facilities might also be
> helpful: # pfctl -xm
Should that help when no packets are dropped? I can see no obvious error
messages in syslog. Even setting the debug level to 'loud' doesn't give
me anything. I would assume that pf is dropping because of the router
alert option set in MLD messages (see the dump).
> pf_if.c went in "Nov 24 16:57:32 2004 UTC" so you might have missed it.
No changes for != stf, right?
Bernhard
More information about the freebsd-pf
mailing list