Discussion:
Correct method for IPv6 over IPv4 tunneling
(too old to reply)
Darren Reed
2012-05-16 10:50:39 UTC
Permalink
In trying to configure an IPv6 over IPv6 tunnel,
I seem to be running into a roadblock:

netbsd ~# ifconfig gif0 create
netbsd ~# ifconfig gif0 inet6 2001::1 2001::2 prefixlen 126
ifconfig: SIOCAIFADDR_IN6: Invalid argument

And I'm using:

netbsd ~# uname -a
NetBSD netbsd 5.99.59 NetBSD 5.99.59 (GENERIC) #0: Thu Dec 22 11:25:50 UTC 2011 ***@b8.netbsd.org:/home/builds/ab/HEAD/i386/201112220420Z-obj/home/builds/ab/HEAD/src/sys/arch/i386/compile/GENERIC i386

Is my NetBSD foo wrong or...?

Darren


--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Hubert Feyrer
2012-05-16 11:15:02 UTC
Permalink
Post by Darren Reed
netbsd ~# ifconfig gif0 create
netbsd ~# ifconfig gif0 inet6 2001::1 2001::2 prefixlen 126
ifconfig: SIOCAIFADDR_IN6: Invalid argument
...
Post by Darren Reed
Is my NetBSD foo wrong or...?
Maybe you need something like

ifconfig gif0 tunnel a.a.a.a. b.b.b.b

between those two lines? See here for a working example (no more in
operation):

http://www.feyrer.de/IPv6/netstart.local


- Hubert

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Darren Reed
2012-05-16 11:34:11 UTC
Permalink
Post by Hubert Feyrer
Post by Darren Reed
netbsd ~# ifconfig gif0 create
netbsd ~# ifconfig gif0 inet6 2001::1 2001::2 prefixlen 126
ifconfig: SIOCAIFADDR_IN6: Invalid argument
...
Post by Darren Reed
Is my NetBSD foo wrong or...?
Maybe you need something like
ifconfig gif0 tunnel a.a.a.a. b.b.b.b
http://www.feyrer.de/IPv6/netstart.local
The problem was I was missing "prefixlen 128".
I had tried other prefix lengths but to no avail.

Without that, it is not possible to configure an IPv6 over IPv4
gif tunnel.

Thanks,
Darren

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Ignatios Souvatzis
2012-05-16 12:07:02 UTC
Permalink
Post by Darren Reed
Post by Hubert Feyrer
Post by Darren Reed
netbsd ~# ifconfig gif0 create
netbsd ~# ifconfig gif0 inet6 2001::1 2001::2 prefixlen 126
ifconfig: SIOCAIFADDR_IN6: Invalid argument
...
Post by Darren Reed
Is my NetBSD foo wrong or...?
Maybe you need something like
ifconfig gif0 tunnel a.a.a.a. b.b.b.b
http://www.feyrer.de/IPv6/netstart.local
The problem was I was missing "prefixlen 128".
I had tried other prefix lengths but to no avail.
Without that, it is not possible to configure an IPv6 over IPv4
gif tunnel.
Hm. Let me check my @work tunnel startup scripts.

create
tunnel labIV-gw-outer labIV-gw-outer-remote
inet6 fe80::1/64 up
!/sbin/route add -inet6 2001:db8:0042:5040:: fe80::2%$int -prefixlen 60

Hm...

I think (but didn't look at the source) you'd need prefixlen 128 for
point to point addresses, and get a network otherwise.

Regards,
-is
--
seal your e-mail: http://www.gnupg.org/

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Darren Reed
2012-05-16 15:13:19 UTC
Permalink
Post by Darren Reed
Post by Darren Reed
Post by Hubert Feyrer
Post by Darren Reed
netbsd ~# ifconfig gif0 create
netbsd ~# ifconfig gif0 inet6 2001::1 2001::2 prefixlen 126
ifconfig: SIOCAIFADDR_IN6: Invalid argument
...
Post by Darren Reed
Is my NetBSD foo wrong or...?
Maybe you need something like
ifconfig gif0 tunnel a.a.a.a. b.b.b.b
http://www.feyrer.de/IPv6/netstart.local
The problem was I was missing "prefixlen 128".
I had tried other prefix lengths but to no avail.
Without that, it is not possible to configure an IPv6 over IPv4
gif tunnel.
create
tunnel labIV-gw-outer labIV-gw-outer-remote
inet6 fe80::1/64 up
!/sbin/route add -inet6 2001:db8:0042:5040:: fe80::2%$int -prefixlen 60
Hm...
I think (but didn't look at the source) you'd need prefixlen 128 for
point to point addresses, and get a network otherwise.
I suppose that's what confused me. Doing this:

# ifconfig gif0 inet6 10::1 10::2

didn't default to a prefixlen of 128 and it just fails with
a non-specific error message. I'd argue that ifconfig
should use a prefixlen of 128 in such situations automatically
and not require it on the command line, yes?

Darren


--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
i***@netbsd.org
2012-05-17 09:55:59 UTC
Permalink
Post by Darren Reed
# ifconfig gif0 inet6 10::1 10::2
didn't default to a prefixlen of 128 and it just fails with
a non-specific error message. I'd argue that ifconfig
should use a prefixlen of 128 in such situations automatically
and not require it on the command line, yes?
It would need a table prefixlen per protocol - because gif can do
any to any, at least in principle - and to somehow guess whether
an interface is dualuse as broad/multicast and pointtopoint device -
or to avoid the prefixlen when a destination address is named, and
let the device sort it out. That's a bit easier - in theory, we use
the same method (let the device sort out whether it can do that) now,
only that we always set /64 if the user hasn't specified an explicit
prefixlen.

Regards,
-is

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Izaac
2012-05-17 15:38:19 UTC
Permalink
Post by Darren Reed
# ifconfig gif0 inet6 10::1 10::2
Don't do that. It's not private address space. Don't develop bad
habits.

Use something in fc00::/7 if you want to play like this. It's not
RFC4193 compliant to say fc00::1 and fc00::2, but it's not nearly as
awful as squatting where you are.

Now, the real question is how to auto-magically prefix that. Is it /128
or /64?
--
. ___ ___ . . ___
. \ / |\ |\ \
. _\_ /__ |-\ |-\ \__

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Ignatios Souvatzis
2012-05-18 06:47:41 UTC
Permalink
Post by Izaac
Now, the real question is how to auto-magically prefix that. Is it /128
or /64?
p2p? /128, of course, if you *really* want to play it like that.

I, personally, leave it at /64 (with link-local only). But *if* you
operate it p2p...

-is

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Darren Reed
2012-05-18 09:28:13 UTC
Permalink
Post by Izaac
Post by Darren Reed
# ifconfig gif0 inet6 10::1 10::2
Don't do that. It's not private address space. Don't develop bad
habits.
Use something in fc00::/7 if you want to play like this. It's not
RFC4193 compliant to say fc00::1 and fc00::2, but it's not nearly as
awful as squatting where you are.
This isn't for permanent use, it's for testing and just easier to type.

FWIW, I often use 1.1.1.1 or 1::1 for similar purposes.

Darren

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Izaac
2012-05-18 11:21:00 UTC
Permalink
Post by Darren Reed
This isn't for permanent use, it's for testing and just easier to type.
FWIW, I often use 1.1.1.1 or 1::1 for similar purposes.
Don't do that. It's not private address space. Don't develop bad
habits. In others.
--
. ___ ___ . . ___
. \ / |\ |\ \
. _\_ /__ |-\ |-\ \__

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Thor Lancelot Simon
2012-05-18 16:07:36 UTC
Permalink
Post by Izaac
Post by Darren Reed
This isn't for permanent use, it's for testing and just easier to type.
FWIW, I often use 1.1.1.1 or 1::1 for similar purposes.
Don't do that. It's not private address space. Don't develop bad
habits. In others.
What he said. The result of the incautious doing this for decades, as
you probably know, is that network 1 has become unusable. And these days,
it would be awfully nice to actually be able to put it to use!

It's not that _you_ would let the addresses escape to the wild. It's
that idiots looking over your shoulder (or at your examples in code or
documentation etc.) will blindly copy them into production.
--
Thor Lancelot Simon ***@panix.com
"The liberties...lose much of their value whenever those who have greater
private means are permitted to use their advantages to control the course
of public debate." -John Rawls

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Loading...