Hurricane Electric's IPv6 Tunnel Broker Forums

Advanced search  

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Author Topic: General IPv6 quirks on OS X  (Read 6501 times)

nathana

  • Newbie
  • *
  • Posts: 11
General IPv6 quirks on OS X
« on: March 01, 2012, 04:40:12 PM »

So I've got a tunnel set up with HE and have spent the past several days playing with v6 on as many platforms as possible, and have run into a few frustrating issues with some of them.  On this thread, I hope to document the problems I've run into on OS X, and see if anyone else has run into these issues and/or if I'm just being stupid.

I'm not running the tunnel directly TO an OS X machine; the tunnel is being terminated on a a MikroTik RouterOS box.  OS X is getting IPv6 via the router either via direct ethernet or via a PPTP connection (I've tried both).  So far I only have experience with Leopard (10.5.x) and Snow Leopard (10.6.x).

1) Neither Leopard nor Snow Leopard seem to support getting DNS information automatically via either DHCPv6 or via the RDNSS extensions to RA, as far as I can tell.  (Rumor has it that Lion/10.7 now supports both; any anecdotal evidence to back this up?)

2) If I connect via PPTP to the IPv6 router and manually add (IPv6-reachable) static DNS resolvers to the PPTP interface, OS X does not ever seem to use any of those resolvers.  Instead, it sends AAAA lookups to the default IPv4 resolvers configured under the main network interface.  (At least it actually performs quad-A lookups.)

3) After a random period of time, it seems as though OS X "forgets" my IPv6 default route added via stateless autoconf.  It just flat-out disappears from the routing table.  I either have to re-add it by hand with route(8) or disable and then re-enable IPv6 on the interface in question to force stateless autoconf to add it back.  If I add it manually, OS X never forgets that routing table entry.

If you have any experience with IPv6 on OS X and can suggest workaround for any of the above problems, I would be extremely grateful.

Thanks,

-- Nathan
« Last Edit: March 02, 2012, 03:51:37 PM by nathana »
Logged

nathana

  • Newbie
  • *
  • Posts: 11
Re: General IPv6 quirks on OS X
« Reply #1 on: March 10, 2012, 12:04:07 AM »

So I finally tried out OS X Lion, and...ugh, it seems to be even more broken than the previous versions.

1) The "Happy Eyeballs" dual-stack policy that Apple came up with is *terrible*. (http://lists.apple.com/archives/Ipv6-dev/2011/Jul/msg00022.html / http://lists.apple.com/archives/Ipv6-dev/2011/Jul/msg00014.html). I understand the motive, but if you're going to do that to people, at least give me the opportunity to turn that crap off on my own machine.

2) IPv6-only PPP is still broken, meaning that you have to explicitly "sysctl -w net.inet6.ip6.accept_rtadv=1" in order to get it to listen to IPCPv6-encapsulated router advertisements from the other endpoint (I forgot to mention this in my original post). Except now doing so causes all sorts of other fun: IPv6 can no longer be disabled on a per-interface basis (which, okay, I'll go along with that), but instead can be set to link-local only. However, if you change that accept_rtadv MIB in order to fix PPP, it has system-wide ramifications. Like, oh, causing interfaces set to be link-local only to listen to RA and act on them.

3) Again, this is a PPP thing, but this was the icing on the cake for me: you turn on listening for RA across PPP links, OS X IPv6 goes through its SLAAC motions, adds a default route...but it's not usable. It's like it is not there. (...and, yes, I do have "Sent all traffic over VPN connection" checked.) The default is in the routing table plain-as-day (netstat -rn) but you go to ping6 or traceroute6 something and what you get back is 'no route to host'. Oh, and THIS IS THE BEST PART!: 'route delete -inet6 default' says 'not in table', even though IT'S RIGHT THERE! So now every time I bring up a PPP session that I want to use as my exclusive IPv6 path out, I have to go manually add myself a default route entry like an idiot and watch it stick it alongside the one that was autoconf'd by SLAAC/RA.

-- Nathan
Logged