Hurricane Electric's IPv6 Tunnel Broker Forums

Advanced search  

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Author Topic: How to disable stateless autoconf on FreeBSD router  (Read 7148 times)

tibordp

  • Newbie
  • *
  • Posts: 9
How to disable stateless autoconf on FreeBSD router
« on: March 07, 2011, 01:22:09 PM »

Hello!

I have a problem I have been unable to solve. I have successfuly configured an embedded FreeBSD box to perform as a IPv6 gateway for my home network via HE's tunnel broker. I use rtadvd to distribute IPs from my /64 to other PCs on LAN whilst the gateway itself uses a *::2 as provided by HE tunnel configuration.

I have a problem though. Since I enabled rtadv on the gateway, it gets an autoconfigured adress as well. I am not talking about a link-local addresses (which I am okay with) but a globally routable address. I would like to minimize the mess with all those IPs - I would like the gateway to only use *::2.

Is there any way I can disable the machine picking up its own router advertisments.

Code: [Select]
ae0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=82018<VLAN_MTU,VLAN_HWTAGGING,WOL_MAGIC,LINKSTATE>
        ether 00:1e:8c:06:95:56
        inet 192.168.201.2 netmask 0xffffff00 broadcast 192.168.201.255
        inet6 fe80::21e:8cff:fe06:9556%ae0 prefixlen 64 scopeid 0x1
        inet6 2001:470:****:****:21e:8cff:fe06:9556 prefixlen 64                    <----------------------- This is what I am talking about.
        inet6 2001:470:****:****:: prefixlen 64 anycast
        nd6 options=3<PERFORMNUD,ACCEPT_RTADV>
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=3<RXCSUM,TXCSUM>
        inet 127.0.0.1 netmask 0xff000000
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
        nd6 options=3<PERFORMNUD,ACCEPT_RTADV>
gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1280
        tunnel inet 192.168.201.2 --> 216.66.80.30
        inet6 fe80::21e:8cff:fe06:9556%gif0 prefixlen 64 scopeid 0x3
        inet6 2001:470:****:****::2 --> 2001:470:1f0a:187c::1 prefixlen 128
        nd6 options=3<PERFORMNUD,ACCEPT_RTADV>
        options=1<ACCEPT_REV_ETHIP_VER>

I am using a rc.conf type of configuration:
Code: [Select]
ipv6_enable="YES"
ipv6_defaultrouter="2001:470:****:****::1"
ipv6_prefix_ae0="2001:470:****:****"

gif_interfaces="gif0 gif1"
gifconfig_gif0="192.168.201.2 216.66.80.30"
ipv6_ifconfig_gif0="2001:470:****:****::2 2001:470:****:****::1 prefixlen 128"

ipv6_gateway_enable="YES"
ipv6_router_enable="YES"
ipv6_router="/usr/sbin/route6d"
rtadvd_enable="YES"
rtadvd_interfaces="ae0"

And rtadvd configuration:
Code: [Select]
ae0:\
        :addrs#1:addr="2001:470:****:****::":prefixlen#64:tc=ether:

Thank you!
« Last Edit: March 07, 2011, 01:26:42 PM by tibordp »
Logged

cholzhauer

  • Hero Member
  • *****
  • Posts: 2736
Re: disable stateless autoconf on router
« Reply #1 on: March 07, 2011, 01:25:41 PM »

get rid of

Code: [Select]
ipv6_prefix_ae0="2001:470:****:****"
in rc.conf

also, blocking out IP addresses makes it hard to read.
Logged

tibordp

  • Newbie
  • *
  • Posts: 9
Re: How to disable stateless autoconf on FreeBSD router
« Reply #2 on: March 07, 2011, 01:35:00 PM »

I tried to do as you suggested but now even though router advertisements work, IPv6 packets don't get routed from/to LAN.

I apologize for censoring my prefix but I do feel slightly uneasy with it being published like this...
Logged

cholzhauer

  • Hero Member
  • *****
  • Posts: 2736
Re: How to disable stateless autoconf on FreeBSD router
« Reply #3 on: March 07, 2011, 02:53:58 PM »

you need some sort of ip address on your adapter..you'll either have to set it statically or use ra
« Last Edit: March 08, 2011, 07:07:38 PM by cholzhauer »
Logged

thixotropy

  • Newbie
  • *
  • Posts: 2
Re: How to disable stateless autoconf on FreeBSD router
« Reply #4 on: March 08, 2011, 05:27:14 PM »

I tried to do as you suggested but now even though router advertisements work, IPv6 packets don't get routed from/to LAN.

I apologize for censoring my prefix but I do feel slightly uneasy with it being published like this...

You assume that people who care can't figure it out anyways. 

You need to tell your machine not to accept router adverts, by setting net.inet6.ip6.accept_rtadv to 0. 
#sysctl net.inet6.ip6.accept_rtadv=0
That's the default, though, so you probably have set it to 1.
Logged

tibordp

  • Newbie
  • *
  • Posts: 9
Re: How to disable stateless autoconf on FreeBSD router
« Reply #5 on: March 09, 2011, 12:49:21 AM »

I don't assume anything. It is just that I feel uneasy about it. Like you wouldn't post your private phone number on a public forum despite being listed in white pages. I do apologize for the inconvenience though and I will not mask my prefix in my further posts, should there be any.

I tried to do it the sysctl way (even explicitly setting it to 0 in sysctl.conf) but it doesn't appear to change anything.
Logged

cholzhauer

  • Hero Member
  • *****
  • Posts: 2736
Re: How to disable stateless autoconf on FreeBSD router
« Reply #6 on: March 09, 2011, 03:56:06 AM »

You removed the line I told you to and routing broke...did you re-add a manual address?  Your ae0 adapter has to have an IP on it so I can route packets
Logged