[UkOpenBSDUsers] Using 6to4 tunnels with 6.8 and newer
5 views
Skip to first unread message
Sevan Janiyan
Feb 18, 2021, 6:51:54 PM2/18/21
to uk-openb...@saneusergroup.org.uk
Hello,
It seems with the 6.8 release there was a change regarding IPv6,
changelog lists
"Set IPv6 source address selection to prefer the address with the
highest preferred lifetime in case of a tie."
With this, if you have a 6to4 gif tunnel and the same host has a routed
v6 address assigned to a "physical" interface (in my case it was a
virtio vio(4) interface), that address will not be reachable. If you
previously had a pltime value of 0 applied to the tunnel endpoint
address on your gif interface that will also break outbound v6
connectivity from the host it is configured on.
As a work around, you can move the routed address you had configured on
the "physical" interface previously to the gif interface as an alias.
Applying the pltime option to the endpoint address works fine then.
Needed this because online.net native v6 is terrible and needed the
pltime option working so that the origin of my outbound mail matched the
relevant DNS records.
2021: thought about switching back to v4only on a machine.
Sevan
_______________________________________________
Uk-OpenBSD-Users mailing list
Uk-OpenB...@saneusergroup.org.uk
http://ukopenbsdusers.saneusergroup.org.uk/mailman/listinfo/uk-openbsd-users
UK BSD Groups http://www.bsdgroups.org.uk/
It seems with the 6.8 release there was a change regarding IPv6,
changelog lists
"Set IPv6 source address selection to prefer the address with the
highest preferred lifetime in case of a tie."
With this, if you have a 6to4 gif tunnel and the same host has a routed
v6 address assigned to a "physical" interface (in my case it was a
virtio vio(4) interface), that address will not be reachable. If you
previously had a pltime value of 0 applied to the tunnel endpoint
address on your gif interface that will also break outbound v6
connectivity from the host it is configured on.
As a work around, you can move the routed address you had configured on
the "physical" interface previously to the gif interface as an alias.
Applying the pltime option to the endpoint address works fine then.
Needed this because online.net native v6 is terrible and needed the
pltime option working so that the origin of my outbound mail matched the
relevant DNS records.
2021: thought about switching back to v4only on a machine.
Sevan
_______________________________________________
Uk-OpenBSD-Users mailing list
Uk-OpenB...@saneusergroup.org.uk
http://ukopenbsdusers.saneusergroup.org.uk/mailman/listinfo/uk-openbsd-users
UK BSD Groups http://www.bsdgroups.org.uk/
Stuart Henderson
Feb 19, 2021, 9:01:46 AM2/19/21
to UK OpenBSD Users
On 2021/02/18 23:51, Sevan Janiyan wrote:
> Hello,
> It seems with the 6.8 release there was a change regarding IPv6,
> changelog lists
> "Set IPv6 source address selection to prefer the address with the
> highest preferred lifetime in case of a tie."
>
> With this, if you have a 6to4 gif tunnel and the same host has a routed
> v6 address assigned to a "physical" interface (in my case it was a
> virtio vio(4) interface), that address will not be reachable. If you
> previously had a pltime value of 0 applied to the tunnel endpoint
> address on your gif interface that will also break outbound v6
> connectivity from the host it is configured on.
>
> As a work around, you can move the routed address you had configured on
> the "physical" interface previously to the gif interface as an alias.
> Applying the pltime option to the endpoint address works fine then.
>
> Needed this because online.net native v6 is terrible and needed the
> pltime option working so that the origin of my outbound mail matched the
> relevant DNS records.
>
> 2021: thought about switching back to v4only on a machine.
I'm wondering if this is actually due to pltime changes or something
> Hello,
> It seems with the 6.8 release there was a change regarding IPv6,
> changelog lists
> "Set IPv6 source address selection to prefer the address with the
> highest preferred lifetime in case of a tie."
>
> With this, if you have a 6to4 gif tunnel and the same host has a routed
> v6 address assigned to a "physical" interface (in my case it was a
> virtio vio(4) interface), that address will not be reachable. If you
> previously had a pltime value of 0 applied to the tunnel endpoint
> address on your gif interface that will also break outbound v6
> connectivity from the host it is configured on.
>
> As a work around, you can move the routed address you had configured on
> the "physical" interface previously to the gif interface as an alias.
> Applying the pltime option to the endpoint address works fine then.
>
> Needed this because online.net native v6 is terrible and needed the
> pltime option working so that the origin of my outbound mail matched the
> relevant DNS records.
>
> 2021: thought about switching back to v4only on a machine.
else. What version were you running on it before?
https://marc.info/?l=openbsd-tech&m=157580561114203
Sevan Janiyan
Feb 19, 2021, 9:06:23 AM2/19/21
to uk-openb...@saneusergroup.org.uk
On 19/02/2021 14:01, Stuart Henderson wrote:
> I'm wondering if this is actually due to pltime changes or something
> else. What version were you running on it before?
>
> https://marc.info/?l=openbsd-tech&m=157580561114203
I was on 6.6 for a while then did the 6.7 & 6.8 upgrades back to back on
> I'm wondering if this is actually due to pltime changes or something
> else. What version were you running on it before?
>
> https://marc.info/?l=openbsd-tech&m=157580561114203
Wednesday.
Sevan
Sevan Janiyan
Feb 19, 2021, 9:09:16 AM2/19/21
to uk-openb...@saneusergroup.org.uk
On 19/02/2021 14:01, Stuart Henderson wrote:
> https://marc.info/?l=openbsd-tech&m=157580561114203
From the commit message "This check is enforced if and only
IP forwarding is disabled."
Which of course it was.
Sevan
Reply all
Reply to author
Forward
0 new messages