[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

RE: Quick 'n' Easy IPv6 for Debian

-----BEGIN PGP SIGNED MESSAGE-----

John Goerzen [mailto:jgoerzen@complete.org] wrote:

> On Tue, Jan 20, 2004 at 02:32:07PM +0100, Jeroen Massar wrote:
> > John Goerzen [mailto:jgoerzen@complete.org] wrote:
> > 
> > > > Thus you are using one /64 but are splitting it over 2 
> > > interfaces? :)
> > > 
> > > eth0 is for your internal network (if you have a router.)
> > 
> > I know what you mean, but in your example you are using the
> > same prefix for more than one link, which simply is not correct.
> 
> Is this something new with IPv6?  Because that is fairly standard
> practice for IPv4...  for instance, if you get a /24 in IPv4, 
> and you're setting up a router, you might set an IP address from that 
> range on each interface.

Let's say you are running samba in 192.0.2.0/24 but you have
2 subnets, thus you configure it like:

eth0: 192.0.2.1/24
eth1: 192.0.2.2/24

What is the broadcast address of eth0 and what for eth1?
Indeed both have 192.0.2.255 as a broadcast, now where
shall we send the packets? :)

The correct logic would be to split it into 2 /25's orso and use:
eth0: 192.0.2.1/25
eth1: 192.0.2.129/25

In IPv6 we don't have broadcasts ofcourse, thus another example:

Host bar:
eth0: 2001:db8::1/64
eth1: 2001:db8::2/64

and on the link of eth1 we have a host called foo using 2001:db8::3/64.
Thus we have:

[foo] 2001:db8::3 <--------> 2001:db8::2/64 [bar] 2001:db8::1/64

How is foo going to reacha 2001:db8::1 ?
bar should not (or prolly must not) get 2001:db8::1 of the wire
as it isn't configured on the interface connected to foo.
We thus have a problemo and one that isn't immediatly obvious.

Thus subnet that /48 you have, there are 65535 /64's in it, which
was the reason for doing so, thus use it ;)

> Anyway, since there's no reason why not, I went ahead and made that
> change.
> 
> > I removed the "AdvLinkMTU" from the command above as the interfaces
> > themselves will figure out that part. PathMTU discovery will take
> > care of the rest. If you really want to force it, set it to 1280 as
> > that is th MTU that tunnels use and will be the most common MTU
> > you will find at the moment.
> 
> In my experience, it doesn't work this way.  I've had a lot of trouble
> pulling up www.netbsd.org, and traced it to MTU problems.  Setting
> AdvLinkMTU to 1480 made things work a lot better.  I tried 1280 just
> now, and that rendered it impossible for me to access *any* website that
> I tried.

automatic or 1280 doesn't work? That is very odd, you might want to do
some tcpdumps and tracepath6's and see what the problems are. See the
below dumps from three ISP's. Ofcourse using 6to4 it requires quite a
bit of magic to really figure out where your packets flow and where/how
they are relayed along the way.

Greets,
 Jeroen

jeroen@purgatory:~$ tracepath6 www.netbsd.org
 1?: [LOCALHOST]                      pmtu 1280
 1:  gw-20.ams-02.nl.sixxs.net                 46.482ms
 2:  Amsterdam.core.ipv6.intouch.net           47. 28ms
 3:  ge-0.ams-ix.amstnl02.nl.bb.verio.net     asymm  4  53.836ms
 4:  p16-1-0-0.r80.asbnva01.us.bb.verio.net   asymm  5 130.947ms
 5:  p16-1-2-0.r21.asbnva01.us.bb.verio.net   asymm  6 131.352ms
 6:  p16-0-1-2.r20.plalca01.us.bb.verio.net   asymm  7 193.461ms
 7:  p16-1-0-0.r06.plalca01.us.bb.verio.net   asymm  8 193.859ms
 8:  no reply
 9:  no reply
10:  no reply
11:  www.netbsd.org                           asymm  7 226.687ms reached
     Resume: pmtu 1280 hops 11 back 7

jeroen@noc:~$ tracepath6 www.netbsd.org
 1?: [LOCALHOST]                      pmtu 1500
 1:  fe0.breda.ipv6.concepts-ict.net            1.258ms
 2:  no reply
 3:  ge-0.ams-ix.amstnl02.nl.bb.verio.net     asymm  4   5.894ms
 4:  p16-1-0-0.r80.asbnva01.us.bb.verio.net   asymm  5  87.922ms
 5:  p16-1-2-0.r21.asbnva01.us.bb.verio.net   asymm  6  87.404ms
 6:  p16-0-1-2.r20.plalca01.us.bb.verio.net   asymm  7 149.981ms
 7:  p16-1-0-0.r06.plalca01.us.bb.verio.net   asymm  8 151.310ms
 8:  no reply
 9:  no reply
10:  no reply
11:  www.netbsd.org                           asymm  9 216.980ms reached
     Resume: pmtu 1500 hops 11 back 9

Even from Estonia it becomes:

jeroen@eetll01:~> tracepath6 www.netbsd.org
 1?: [LOCALHOST]                      pmtu 1500
 1:  no reply
 2:  r2-Fa0-0-6-Tln-TIX.EE.DataBone.net       asymm  1   2.668ms
 3:  at1-0-0-633.r7.alto.esp.fi.eunetip.net   asymm  2   5.534ms
 4:  no reply
 5:  no reply
 6:  2001:7f8::b62:0:1                         33.548ms
 7:  ge-0-1-0.r01.frnkge02.de.bb.verio.net     33.264ms
 8:  p4-0-1-0.r01.amstnl02.nl.bb.verio.net    asymm 10  56.631ms
 9:  p16-1-0-0.r80.asbnva01.us.bb.verio.net   asymm  6 218.178ms
10:  p16-1-2-0.r21.asbnva01.us.bb.verio.net   asymm  5 222.463ms
11:  p16-0-1-2.r20.plalca01.us.bb.verio.net   asymm  9 298.787ms
12:  p16-1-0-0.r06.plalca01.us.bb.verio.net   asymm  8 390.701ms
13:  no reply
14:  no reply
15:  no reply
16:  www.netbsd.org                           asymm  7 210.978ms reached
     Resume: pmtu 1500 hops 16 back 7

-----BEGIN PGP SIGNATURE-----
Version: Unfix PGP for Outlook Alpha 13 Int.
Comment: Jeroen Massar / http://unfix.org/~jeroen

iQA/AwUBQA0+sCmqKFIzPnwjEQKdoQCglc6irJ7O98cLl0Gmlr0fdYjoWb0An3Jg
6QP+EjolVrZJ7pnAHhOSZLSd
=G8qF
-----END PGP SIGNATURE-----
Reply to: