Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Ok confusing me for a while now - tunnel mask not same?

    IPv6
    3
    9
    3070
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • johnpoz
      johnpoz LAYER 8 Global Moderator last edited by

      Ok so everything is working great, but not understand why it shows this.

      So if you look on web ui, you see set for /128 on the tunnel, and if you look on ifconfg you see that its 128

      But why does the console info show that its /126??

      See here in the pictures.




      An intelligent man is sometimes forced to be drunk to spend time with his fools
      If you get confused: Listen to the Music Play
      Please don't Chat/PM me for help, unless mod related
      SG-4860 23.01 | Lab VMs CE 2.6, 2.7

      1 Reply Last reply Reply Quote 0
      • jimp
        jimp Rebel Alliance Developer Netgate last edited by

        IIRC that's a quirk of how the OS wants/requires it to be. Though I use /64 for both and mine is happy these days.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • johnpoz
          johnpoz LAYER 8 Global Moderator last edited by

          huh?  If that is the way the OS wanted it, why does it display 128 on the ifconfig output?  That console menu is just something pfsense put together is it not?

          so I see this in rc.banner

          $subnet6 = get_interface_subnetv6($ifname);

          Where does it get that info?

          edit what's this in interfaces.inc?

          
          if (!isset($interface_snv6_arr_cache[$interface]) or $flush) {
          		$ifinfo = pfSense_get_interface_addresses($interface);
          		// FIXME: Add IPv6 support to the pfSense module
          		exec("/sbin/ifconfig {$interface} inet6", $output);
          		foreach($output as $line) {
          			if(preg_match("/inet6/", $line)) {
          				$parts = explode(" ", $line);
          				if(! preg_match("/fe80::/", $parts[1])) {
          					$ifinfo['ipaddrv6'] = $parts[1];
          					if($parts[2] == "-->") {
          						$parts[5] = "126";
          						$ifinfo['subnetbitsv6'] = $parts[5];
          					} else {
          						$ifinfo['subnetbitsv6'] = $parts[3];
          
          

          See the $parts[5] = "126";

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 23.01 | Lab VMs CE 2.6, 2.7

          1 Reply Last reply Reply Quote 0
          • jimp
            jimp Rebel Alliance Developer Netgate last edited by

            I'd have to check on that, but databeestje would be the one to ask. Time permitting, he keeps an eye on this forum, though he has not been around much lately (on vacation and other personal things going on).

            I believe in part that is due to the gif setup quirks there. It reports that in ifconfig because that's what the gif setup does, but having the interface assigned causes a different ifconfig setting to run, which could clobber the gif's settings if it was improper.

            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • johnpoz
              johnpoz LAYER 8 Global Moderator last edited by

              ok just ran that command in that piece of code by hand

              ifconfig gif0 inet6
              gif0: flags=8051 <up,pointopoint,running,multicast>metric 0 mtu 1480
                     tunnel inet 24.13.xxx.xxx –> 209.51.181.2
                     inet6 2001:470:xxxx:b85::2 –> 2001:470:xxxx:b85::1 prefixlen 128
                     inet6 fe80::209:5bff:fee2:ccdb%gif0 prefixlen 64 scopeid 0x8

              And I see the –> so from the way I read the code it sets it to 126, even though you can see the prefixlen is clearly 128
              ;)

              Im fairly sure could just remove this line
              $parts[5] = "126";

              And it would show the correct mask, wouldn't it??</up,pointopoint,running,multicast>

              An intelligent man is sometimes forced to be drunk to spend time with his fools
              If you get confused: Listen to the Music Play
              Please don't Chat/PM me for help, unless mod related
              SG-4860 23.01 | Lab VMs CE 2.6, 2.7

              1 Reply Last reply Reply Quote 0
              • jimp
                jimp Rebel Alliance Developer Netgate last edited by

                Have at it, give it a spin. I don't have one handy I can break at the moment.

                Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                Need help fast? Netgate Global Support!

                Do not Chat/PM for help!

                1 Reply Last reply Reply Quote 0
                • johnpoz
                  johnpoz LAYER 8 Global Moderator last edited by

                  I will when I get home, don't want to break it or even reboot it while remote unless really had too ;)  Im no coder but what I can make of it it does not seem to really have any impact on anything other than what is displayed.

                  I will give it a test when I get home and report back.

                  An intelligent man is sometimes forced to be drunk to spend time with his fools
                  If you get confused: Listen to the Music Play
                  Please don't Chat/PM me for help, unless mod related
                  SG-4860 23.01 | Lab VMs CE 2.6, 2.7

                  1 Reply Last reply Reply Quote 0
                  • D
                    databeestje last edited by

                    We need to lie about the real network mask for gateway checks to validate. Alternatively you can remove it there but add code on the gateway edit page to satisfy the subnet check.

                    1 Reply Last reply Reply Quote 0
                    • johnpoz
                      johnpoz LAYER 8 Global Moderator last edited by

                      Ok this went BAD!!  I removed that line, no ipv6

                      I then put it back and rebooted, still no go.  Figured out my default gateway was missing?

                      Tried undo default he_net gateway and then reapply, still not working getting this error.

                      php: /system_gateways.php: The command '/sbin/route -inet6 default '2001:470:1f10:b85::1'' returned exit code '64', the output was 'route: illegal option – i usage: route [-dnqtv] command [[modifiers] args]'

                      Something changed on how default routes are added?  I had to manually add the route with this command

                      route -n add -inet6 default 2001:470:1f10:b85::1

                      Yeah somebody changed something, I have not rebooted in a while – but now just rebooted and getting this.

                      Jul 27 07:48:40 php: : The command '/sbin/route -inet6 default '2001:470:1f10:b85::1'' returned exit code '64', the output was 'route: illegal option -- i usage: route [-dnqtv] command [[modifiers] args]'
                      Jul 27 07:48:40 php: : ROUTING: setting IPv6 default route to 2001:470:1f10:b85::1

                      And I put that 1 line back, and what would that have to do with wrong command?  And even changed my mask to /64 vs the /128

                      An intelligent man is sometimes forced to be drunk to spend time with his fools
                      If you get confused: Listen to the Music Play
                      Please don't Chat/PM me for help, unless mod related
                      SG-4860 23.01 | Lab VMs CE 2.6, 2.7

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post