Hi there,
I have a FreeBSD 12.1 server, which has 2 network interfaces:
First of all, tun0 can get the IPv6 address from ISP via SLAAC(ICMPv6 RS/RA) and it works correctly so far.
Now, what i'm going to do is to let the devices located in the intranet get the IPv6 address from ISP via SLAAC. That means the FreeBSD should forward RS from re0 to tun0, and RA from tun0 to re0. Please give me some hints.
Here are 2 ways I tried but failed.
But it seems not working, and pfctl(5) complained syntax error.
It seems that rtadvd(8) received RS but didn't reply with RA.
OK, that's all. Any comments are welcome.
I have a FreeBSD 12.1 server, which has 2 network interfaces:
- re0: the only physical ethernet interface, connecting with the internal devices
- tun0: the external interface, to be assigned IPv6 prefix by ISP via PPPoE
# /etc/rc.conf
ipv6_enable="YES"
ipv6_gateway_enable="YES"
ipv6_activate_all_interfaces="YES"
# /etc/ppp/ppp.conf
default:
set log Phase Chat LCP IPCP tun command
telcom:
set device PPPoE:re0
add default HISADDR6
# /etc/sysctl.conf
net.inet6.ip6.accept_rtadv=1
# /etc/pf.conf
pass inet6 all
First of all, tun0 can get the IPv6 address from ISP via SLAAC(ICMPv6 RS/RA) and it works correctly so far.
# ifconfig tun0 inet6
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1492
options=80000<LINKSTATE>
inet6 fe80::76d0:2b60:a19c:cb9a%tun0 prefixlen 64 scopeid 0x4
inet6 AAAA:BBBB:CCCC:DDDD:76d0:2b60:a19c:cb9a prefixlen 64 autoconf
nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
Opened by PID 77027
# ping6 -c 1 2606:4700:4700::1111
PING6(56=40+8+8 bytes) AAAA:BBBB:CCCC:DDDD:76d0:2b60:a19c:cb9a --> 2606:4700:4700::1111
16 bytes from 2606:4700:4700::1111, icmp_seq=0 hlim=55 time=138.142 ms
--- 2606:4700:4700::1111 ping6 statistics ---
1 packets transmitted, 1 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 138.142/138.142/138.142/0.000 ms
Now, what i'm going to do is to let the devices located in the intranet get the IPv6 address from ISP via SLAAC. That means the FreeBSD should forward RS from re0 to tun0, and RA from tun0 to re0. Please give me some hints.
Here are 2 ways I tried but failed.
- Using PF:
pass in on tun0 inet6 proto icmp6 icmp6-type routeradv dup-to (re0 ff02::1)
pass in on re0 inet6 proto icmp6 icmp6-type routersol dup-to (tun0 ff02::2)
But it seems not working, and pfctl(5) complained syntax error.
- Sending RA by using rtadvd(8)
# ifconfig re0 inet6 AAAA:BBBB:CCCC:DDDD:1::3/80
# ifconfig re0 inet6
re0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=82099<RXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE>
inet6 fe80::76d0:2bff:fe9c:cb9a%re0 prefixlen 64 scopeid 0x1
inet6 AAAA:BBBB:CCCC:DDDD:1::3 prefixlen 80
nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
#
# cat /etc/rtadvd.conf
re0:\
:addr="AAAA:BBBB:CCCC:DDDD:1::":prefixlen#80:
#
# rtadvd -dDf re0
rtadvd 27484 - - <sock_open> enter
rtadvd 27484 - - <update_ifinfo> enter
rtadvd 27484 - - <update_ifinfo> ifm = 0x800684000, lim = 0x8006851f8, diff = 4600
rtadvd 27484 - - <update_ifinfo> RTM_IFINFO found. ifm_index = 1, ifindex = 0
...
rtadvd 27484 - - <getconfig> re0 isn't defined in the configuration file or the configuration file doesn't exist. Treat it as default
rtadvd 27484 - - <get_prefix> add AAAA:BBBB:CCCC:DDDD:1::/80 to prefix list on re0
rtadvd 27484 - - <sock_mc_join> enter
rtadvd 27484 - - <sock_mc_join> re0: join link-local all-routers MC group
rtadvd 27484 - - <ra_timer_update> RA timer on re0 is set to 16:0
rtadvd 27484 - - <getconfig> ifname=re0 marked as TRANSITIVE (initial burst).
rtadvd 27484 - - <loadconfig_ifname> tun0 is not a target interface. Ignored at this moment.
rtadvd 27484 - - configuration file reloaded.
rtadvd 33911 - - <main> set timer to 16:0. waiting for inputs or timeout
rtadvd 33911 - - <rtadvd_input> enter
rtadvd 33911 - - <rs_input> RS received from fe80::840:136a:c967:820c on re0
rtadvd 33911 - - <main> set timer to 11:750772. waiting for inputs or timeout
It seems that rtadvd(8) received RS but didn't reply with RA.
OK, that's all. Any comments are welcome.