[6bone] Re: 6bone digest, Vol 1 #210 - 6 msgs

Harish Nair hari@UDel.Edu
Wed, 11 Dec 2002 19:25:01 -0500 (EST) 

This message concerns about site multicasting across subnets. We have two
IPv6 site local subnets here : fec0::1 and fec0::2

Each subnet has a FreeBSD machine acting as a router.
The two routers have only IPv4 connectivity between them and so are
"Ipv6 connected" using gif Ipv6-Ipv4 tunnels.

Both routers have the pim6dd deamon running for multicast. One node in
sunbet 1 functions as an NTP multicast server transmitting timestamps to
the site multicast address ff05::101. All other nodes in both subnets act
as ntp multicast clients looking for timestamps from ff05::101. However we
only nodes in subnet 1 are able to receive the timestamps. The gif tunnels
in both routers are multicast enabled.

How do I get both routers to forward multicast packets across the tunnels?

Thanks,
Harish

On Wed, 11 Dec 2002 6bone-request@mailman.isi.edu wrote:

> Send 6bone mailing list submissions to
> 	6bone@mailman.isi.edu
>
> To subscribe or unsubscribe via the World Wide Web, visit
> 	http://mailman.isi.edu/mailman/listinfo/6bone
> or, via email, send a message with subject or body 'help' to
> 	6bone-request@mailman.isi.edu
>
> You can reach the person managing the list at
> 	6bone-admin@mailman.isi.edu
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of 6bone digest..."
>
>
> Today's Topics:
>
>    1. RE: Two IPv6 Hosts Communicating over IPv4 network (Tony Langdon)
>    2. freebsd src addr wrong (David Waitzman)
>    3. Re: freebsd src addr wrong (Paul Timmins)
>    4. Re: freebsd src addr wrong (Jan Oravec)
>    5. Re: freebsd src addr wrong (Kimmo Suominen)
>    6. RE: freebsd src addr wrong (Jeroen Massar)
>
> --__--__--
>
> Message: 1
> From: Tony Langdon <tlangdon@atctraining.com.au>
> To: "'Chen Zhigao'" <zgchen@psl.com.sg>,
>    Stephane Bortzmeyer
> 	 <bortzmeyer@gitoyen.net>, pasky@xs26.net
> Cc: 6bone@mailman.isi.edu
> Subject: RE: [6bone] Two IPv6 Hosts Communicating over IPv4 network
> Date: Wed, 11 Dec 2002 08:37:05 +1100
>
> > Thanks for all of ur advice. Because our network is behind a
> > NAT server, the
> > two IPv6 hosts might not be assigned global IPv4 addresses so
> > as to act as
>
> As long as the NAT gateway is not between the two hosts, there isn't a
> problem (if you look closely at the Red Hat configuration I sent yesterday,
> you'll notice private IP addresses in the IPv4 endpoints.  Yes, the IPv6
> host-host tunnel I'm running is in private IPv4 space.
>
> ---
> Outgoing mail has been scanned for Viruses
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.427 / Virus Database: 240 - Release Date: 6/12/2002
>
>
> This correspondence is for the named person’s use only. It may contain
> confidential or legally privileged information or both. No confidentiality
> or privilege is waived or lost by any mistransmission. If you receive this
> correspondence in error, please immediately delete it from your system and
> notify the sender. You must not disclose, copy or rely on any part of this
> correspondence if you are not the intended recipient.
>
> Any opinions expressed in this message are those of the individual sender.
>
>
> --__--__--
>
> Message: 2
> Date: Wed, 11 Dec 2002 11:36:25 -0500
> From: David Waitzman <djw@bbn.com>
> To: 6bone@mailman.isi.edu
> Subject: [6bone] freebsd src addr wrong
>
> I have a 6bone tunnel connection with a non-routed tunnel endpoint 2001::
> address.  I also have an official 6bone 3ffe:: address, which is assigned
> to one of my ether interfaces.
>
> When I "ping6 www.kame.net" I see that my side of the tunnel is used as a
> source address.  I don't get ping responses back (presumably because
> www.kame.net does not know where to send responses, given that the address
> it is getting is not routed).
>
> If I do a ping6 -S, selecting my 6bone 3ffe:: address as the source, then
> ping6 gets responses from kame just fine.
>
> I am using FreeBSD 4.6.
> We run Zebra-based BGP+ with our tunnel provider and thus have no default
> route.
>
> My questions:
> 1. Should tunnel endpoint addresses be routable?
> 2. Or how do I force FreeBSD to use the ether's IPv6 address as a source by
> default?  (Not all applications have the equivalent of Ping6's -S option to
> force the source address selection.)
>
> -david waitzman
>
>
> --__--__--
>
> Message: 3
> Date: Wed, 11 Dec 2002 13:23:48 -0500
> To: David Waitzman <djw@bbn.com>
> From: Paul Timmins <paul@timmins.net>
> Subject: Re: [6bone] freebsd src addr wrong
> Cc: 6bone@mailman.isi.edu
>
> At 11:36 AM 12/11/2002 -0500, you wrote:
> >I have a 6bone tunnel connection with a non-routed tunnel endpoint 2001::
> >address.  I also have an official 6bone 3ffe:: address, which is assigned
> >to one of my ether interfaces.
> >
> >When I "ping6 www.kame.net" I see that my side of the tunnel is used as a
> >source address.  I don't get ping responses back (presumably because
> >www.kame.net does not know where to send responses, given that the address
> >it is getting is not routed).
>
> What it is doing is correct, and all implementations do this. They take the
> IP address of the closest egress interface, being your tunnel.
>
> This is generally a good thing, as if you have a machine with a RFC-1918
> address on fxp0, and an internet wide interface on ppp0, you don't want to
> source packets out ppp0 with the IP address of fxp0. Put in this
> perspective, it makes more sense. :-)
>
> >If I do a ping6 -S, selecting my 6bone 3ffe:: address as the source, then
> >ping6 gets responses from kame just fine.
>
> This beats the logic that gives you the IP of the egress interface.
>
> >I am using FreeBSD 4.6.
> >We run Zebra-based BGP+ with our tunnel provider and thus have no default
> >route.
>
> Behavior is the same with my Linux 2.4.19 machine running defaultless BGP4+
> with Zebra.
>
> >My questions:
> >1. Should tunnel endpoint addresses be routable?
>
> Yes
>
> >2. Or how do I force FreeBSD to use the ether's IPv6 address as a source
> >by default?  (Not all applications have the equivalent of Ping6's -S
> >option to force the source address selection.)
>
> No idea. Haven't used *BSD in a long enough time to remember.
>
> -Paul
>
>
> --__--__--
>
> Message: 4
> Date: Wed, 11 Dec 2002 20:19:02 +0100
> From: Jan Oravec <jan.oravec@6com.sk>
> To: Paul Timmins <paul@timmins.net>
> Cc: David Waitzman <djw@bbn.com>, 6bone@mailman.isi.edu
> Subject: Re: [6bone] freebsd src addr wrong
> Reply-To: Jan Oravec <jan.oravec@6com.sk>
>
> > >My questions:
> > >1. Should tunnel endpoint addresses be routable?
> >
> > Yes
>
> I do not see a reason for IPv6-numbering PtP interfaces. We usually need
> that for special connections (usually routing software) between two nodes
> which are connected. The great advantage of IPv6 is that we have link-local
> addresses, thus we do not need public-routable addresses for that.
>
> You will need to specify interface in bgpd.conf, e.g.:
>
> neighbor fe80::201:3ff:fed5:bd1e remote-as 12345
> neighbor fe80::201:3ff:fed5:bd1e interface gif0
>
> Best Regards,
>
> --
> Jan Oravec                           XS26 coordinator
> 6COM s.r.o.                          'Access to IPv6'
> http://www.6com.sk                   http://www.xs26.net
> +421-903-316905
>
> --__--__--
>
> Message: 5
> To: Paul Timmins <paul@timmins.net>
> Cc: David Waitzman <djw@bbn.com>, 6bone@mailman.isi.edu
> Subject: Re: [6bone] freebsd src addr wrong
> Date: Wed, 11 Dec 2002 14:24:14 -0500
> From: Kimmo Suominen <kim@tac.nyc.ny.us>
>
> I've found that on a multihomed KAME (NetBSD) system the address
> numerically closest to that of the destination would be used, at
> least when all the egress interfaces (being tunnels) had no global
> addresses.  I would have liked to be able to mark one address as
> the primary to be used when a specific source address was not
> explicitly requested by the application.
>
> The workaround is not to use routers to talk to anyone...  :-)
>
> + Kim
>
>
> | From:    Paul Timmins <paul@timmins.net>
> | Date:    Wed, 11 Dec 2002 13:23:48 -0500
> |
> | At 11:36 AM 12/11/2002 -0500, you wrote:
> | >I have a 6bone tunnel connection with a non-routed tunnel endpoint 2001::
> | >address.  I also have an official 6bone 3ffe:: address, which is assigned
> | >to one of my ether interfaces.
> | >
> | >When I "ping6 www.kame.net" I see that my side of the tunnel is used as a
> | >source address.  I don't get ping responses back (presumably because
> | >www.kame.net does not know where to send responses, given that the address
> | >it is getting is not routed).
> |
> | What it is doing is correct, and all implementations do this. They take the
> | IP address of the closest egress interface, being your tunnel.
> |
> | This is generally a good thing, as if you have a machine with a RFC-1918
> | address on fxp0, and an internet wide interface on ppp0, you don't want to
> | source packets out ppp0 with the IP address of fxp0. Put in this
> | perspective, it makes more sense. :-)
>
> --__--__--
>
> Message: 6
> From: "Jeroen Massar" <jeroen@unfix.org>
> To: "'David Waitzman'" <djw@bbn.com>, <6bone@mailman.isi.edu>
> Subject: RE: [6bone] freebsd src addr wrong
> Date: Wed, 11 Dec 2002 20:27:08 +0100
> Organization: Unfix
>
> David Waitzman wrote:
>
> > I have a 6bone tunnel connection with a non-routed tunnel
> > endpoint 2001::
> > address.  I also have an official 6bone 3ffe:: address, which
> > is assigned
> > to one of my ether interfaces.
> >
> > When I "ping6 www.kame.net" I see that my side of the tunnel
> > is used as a
> > source address.  I don't get ping responses back (presumably because
> > www.kame.net does not know where to send responses, given
> > that the address
> > it is getting is not routed).
> >
> > If I do a ping6 -S, selecting my 6bone 3ffe:: address as the
> > source, then
> > ping6 gets responses from kame just fine.
> >
> > I am using FreeBSD 4.6.
> > We run Zebra-based BGP+ with our tunnel provider and thus
> > have no default
> > route.
> >
> > My questions:
> > 1. Should tunnel endpoint addresses be routable?
>
> They should be reachable thus they should be 'routable'.
>
> > 2. Or how do I force FreeBSD to use the ether's IPv6 address
> > as a source by
> > default?  (Not all applications have the equivalent of
> > Ping6's -S option to
> > force the source address selection.)
>
> Get yourself a decent OS with sourcerouting.
> Also your upstream SHOULD filter out any prefixes of source addresses
> not belonging to them (aka eggress filtering :).
>
> And yes this breaks 'multihoming', at least the way some people define
> it.
>
> Greets,
>  Jeroen
>
>
>
> --__--__--
>
> _______________________________________________
> 6bone mailing list
> 6bone@mailman.isi.edu
> http://mailman.isi.edu/mailman/listinfo/6bone
>
>
> End of 6bone Digest
>