Ok confusing me for a while now - tunnel mask not same?

  • LAYER 8 Global Moderator

    Ok so everything is working great, but not understand why it shows this.

    So if you look on web ui, you see set for /128 on the tunnel, and if you look on ifconfg you see that its 128

    But why does the console info show that its /126??

    See here in the pictures.

  • Rebel Alliance Developer Netgate

    IIRC that's a quirk of how the OS wants/requires it to be. Though I use /64 for both and mine is happy these days.

  • LAYER 8 Global Moderator

    huh?  If that is the way the OS wanted it, why does it display 128 on the ifconfig output?  That console menu is just something pfsense put together is it not?

    so I see this in rc.banner

    $subnet6 = get_interface_subnetv6($ifname);

    Where does it get that info?

    edit what's this in interfaces.inc?

    if (!isset($interface_snv6_arr_cache[$interface]) or $flush) {
    		$ifinfo = pfSense_get_interface_addresses($interface);
    		// FIXME: Add IPv6 support to the pfSense module
    		exec("/sbin/ifconfig {$interface} inet6", $output);
    		foreach($output as $line) {
    			if(preg_match("/inet6/", $line)) {
    				$parts = explode(" ", $line);
    				if(! preg_match("/fe80::/", $parts[1])) {
    					$ifinfo['ipaddrv6'] = $parts[1];
    					if($parts[2] == "-->") {
    						$parts[5] = "126";
    						$ifinfo['subnetbitsv6'] = $parts[5];
    					} else {
    						$ifinfo['subnetbitsv6'] = $parts[3];

    See the $parts[5] = "126";

  • Rebel Alliance Developer Netgate

    I'd have to check on that, but databeestje would be the one to ask. Time permitting, he keeps an eye on this forum, though he has not been around much lately (on vacation and other personal things going on).

    I believe in part that is due to the gif setup quirks there. It reports that in ifconfig because that's what the gif setup does, but having the interface assigned causes a different ifconfig setting to run, which could clobber the gif's settings if it was improper.

  • LAYER 8 Global Moderator

    ok just ran that command in that piece of code by hand

    ifconfig gif0 inet6
    gif0: flags=8051 <up,pointopoint,running,multicast>metric 0 mtu 1480
           tunnel inet 24.13.xxx.xxx –>
           inet6 2001:470:xxxx:b85::2 –> 2001:470:xxxx:b85::1 prefixlen 128
           inet6 fe80::209:5bff:fee2:ccdb%gif0 prefixlen 64 scopeid 0x8

    And I see the –> so from the way I read the code it sets it to 126, even though you can see the prefixlen is clearly 128

    Im fairly sure could just remove this line
    $parts[5] = "126";

    And it would show the correct mask, wouldn't it??</up,pointopoint,running,multicast>

  • Rebel Alliance Developer Netgate

    Have at it, give it a spin. I don't have one handy I can break at the moment.

  • LAYER 8 Global Moderator

    I will when I get home, don't want to break it or even reboot it while remote unless really had too ;)  Im no coder but what I can make of it it does not seem to really have any impact on anything other than what is displayed.

    I will give it a test when I get home and report back.

  • We need to lie about the real network mask for gateway checks to validate. Alternatively you can remove it there but add code on the gateway edit page to satisfy the subnet check.

  • LAYER 8 Global Moderator

    Ok this went BAD!!  I removed that line, no ipv6

    I then put it back and rebooted, still no go.  Figured out my default gateway was missing?

    Tried undo default he_net gateway and then reapply, still not working getting this error.

    php: /system_gateways.php: The command '/sbin/route -inet6 default '2001:470:1f10:b85::1'' returned exit code '64', the output was 'route: illegal option – i usage: route [-dnqtv] command [[modifiers] args]'

    Something changed on how default routes are added?  I had to manually add the route with this command

    route -n add -inet6 default 2001:470:1f10:b85::1

    Yeah somebody changed something, I have not rebooted in a while – but now just rebooted and getting this.

    Jul 27 07:48:40 php: : The command '/sbin/route -inet6 default '2001:470:1f10:b85::1'' returned exit code '64', the output was 'route: illegal option -- i usage: route [-dnqtv] command [[modifiers] args]'
    Jul 27 07:48:40 php: : ROUTING: setting IPv6 default route to 2001:470:1f10:b85::1

    And I put that 1 line back, and what would that have to do with wrong command?  And even changed my mask to /64 vs the /128