Michael Richardson
2010-11-16 20:33:44 UTC
I have a machine at a colo running NetBSD-5.1.
It is a utility machine, doing many routing things that can't be done by
expensive hardware assisted systems... I am about to use it to build an
IPv6-in-v4 tunnel to he.net, because Cogent and he.net can't get along.
I have dual connections to two switches, and I have vlan tags:
vr0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
address: 00:40:63:e2:0b:04
media: Ethernet autoselect (100baseTX full-duplex)
status: active
vr1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
address: 00:40:63:e2:0a:8c
media: Ethernet autoselect (100baseTX full-duplex)
status: active
agr0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
agrport: vr0, flags=0x3<COLLECTING,DISTRIBUTING>
agrport: vr1, flags=0x3<COLLECTING,DISTRIBUTING>
address: 00:40:63:e2:0b:04
inet 123.123.99.123 netmask 0xffffffc0 broadcast 123.123.11.123
inet6 fe80::240:63ff:fee2:b04%agr0 prefixlen 64 scopeid 0x5
vlan82: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1496
vlan: 82 parent: agr0
address: 00:40:63:e2:0b:04
inet 11.222.33.444 netmask 0xffffffe0 broadcast 11.222.33.255
inet6 fe80::240:63ff:fee2:b04%vlan82 prefixlen 64 scopeid 0x6
inet6 2001:abc:efg:82::251 prefixlen 64
When I look at the network, I see:
rtr3-[~] root 6 #tcpdump -v -e -i agr0 -n -p
(btw: without -p, the NetBSD-5.1-rc2 sometimes crashed)
15:37:02.715610 00:40:63:e2:0b:04 > 33:33:ff:00:02:54, ethertype 802.1Q (0x8100), length 90: vlan 82, p 0, ethertype IPv6, (hlim 255, next-header: ICMPv6 (58), length: 32) 2001:abc:efg:82::251 > ff02::1:ff00:254: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has 2001:abc:efg:82::254
source link-address option (1), length 8 (1): 00:40:63:e2:0b:04
15:37:02.715925 00:24:38:ef:20:81 > 00:40:63:e2:0b:04, ethertype IPv6 (0x86dd), length 86: (class 0xc0, hlim 255, next-header: ICMPv6 (58), length: 32) 2001:abc:efg:82::254 > 2001:abc:efg:82::251: [icmp6 sum ok] ICMP6, neighbor advertisement, length 32, tgt is 2001:abc:efg:82::254, Flags [router, solicited, override]
destination link-address option (2), length 8 (1): 00:24:38:ef:20:81
(addresses changed to protect the guilty)
Notice how it comes in on vlan82, but goes out without a vlan82 tag.
The two interfaces, which technically are in seperate broadcast domains,
have the same mac-address by default. I could try changing that.
What I think is happening is that the outgoing NA is going out with the
wrong ifindex on it, or I don't know.
I THINK that if I could turn off IPv6 on agr0, then the problem would go
away.
--
] He who is tired of Weird Al is tired of life! | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] ***@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
Kyoto Plus: watch the video
then sign the petition.
--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
It is a utility machine, doing many routing things that can't be done by
expensive hardware assisted systems... I am about to use it to build an
IPv6-in-v4 tunnel to he.net, because Cogent and he.net can't get along.
I have dual connections to two switches, and I have vlan tags:
vr0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
address: 00:40:63:e2:0b:04
media: Ethernet autoselect (100baseTX full-duplex)
status: active
vr1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
address: 00:40:63:e2:0a:8c
media: Ethernet autoselect (100baseTX full-duplex)
status: active
agr0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
agrport: vr0, flags=0x3<COLLECTING,DISTRIBUTING>
agrport: vr1, flags=0x3<COLLECTING,DISTRIBUTING>
address: 00:40:63:e2:0b:04
inet 123.123.99.123 netmask 0xffffffc0 broadcast 123.123.11.123
inet6 fe80::240:63ff:fee2:b04%agr0 prefixlen 64 scopeid 0x5
vlan82: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1496
vlan: 82 parent: agr0
address: 00:40:63:e2:0b:04
inet 11.222.33.444 netmask 0xffffffe0 broadcast 11.222.33.255
inet6 fe80::240:63ff:fee2:b04%vlan82 prefixlen 64 scopeid 0x6
inet6 2001:abc:efg:82::251 prefixlen 64
When I look at the network, I see:
rtr3-[~] root 6 #tcpdump -v -e -i agr0 -n -p
(btw: without -p, the NetBSD-5.1-rc2 sometimes crashed)
15:37:02.715610 00:40:63:e2:0b:04 > 33:33:ff:00:02:54, ethertype 802.1Q (0x8100), length 90: vlan 82, p 0, ethertype IPv6, (hlim 255, next-header: ICMPv6 (58), length: 32) 2001:abc:efg:82::251 > ff02::1:ff00:254: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has 2001:abc:efg:82::254
source link-address option (1), length 8 (1): 00:40:63:e2:0b:04
15:37:02.715925 00:24:38:ef:20:81 > 00:40:63:e2:0b:04, ethertype IPv6 (0x86dd), length 86: (class 0xc0, hlim 255, next-header: ICMPv6 (58), length: 32) 2001:abc:efg:82::254 > 2001:abc:efg:82::251: [icmp6 sum ok] ICMP6, neighbor advertisement, length 32, tgt is 2001:abc:efg:82::254, Flags [router, solicited, override]
destination link-address option (2), length 8 (1): 00:24:38:ef:20:81
(addresses changed to protect the guilty)
Notice how it comes in on vlan82, but goes out without a vlan82 tag.
The two interfaces, which technically are in seperate broadcast domains,
have the same mac-address by default. I could try changing that.
What I think is happening is that the outgoing NA is going out with the
wrong ifindex on it, or I don't know.
I THINK that if I could turn off IPv6 on agr0, then the problem would go
away.
--
] He who is tired of Weird Al is tired of life! | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] ***@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
Kyoto Plus: watch the video
then sign the petition.
--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de