Ipv6 host table entries added as a full /32 subnet
I don't know how long this has been happening, but I just noticed it today, and it is still happening on the latest snapshot:
built on Thu Jun 28 03:21:18 EDT 2012
I have lists of FQDN hostnames that I like to either block or allow in some fashion through pfsense.
If the FQDN that I add has an AAAA record it is added to the list but as a /32 network, which is a whole lot of IP addresses in IPv6 but (of course) only one IP in IPv4.
go to Firewall –> Aliases
under the IP tab, click the + icon to create a new IP alias list
name the list and add a FQDN that contains at least one AAAA record. I suggest www.google-analytics.com
click the save button
click the Apply Changes Button
go to Diagnostics --> Tables
find the newly created table and look at the bottom. In my case the IPv6 alias is there as a /32:
Another probably non-important issue with these tables is that when you delete an alias list from Firewall --> Aliases it doesn't get deleted (at least right away) from Diagnostics --> Tables
Does anyone else have the same problem? This is kind of major for me as I can't even use a fully qualified domain name in a host alias list if it resolves to an IPv6 IP address. If it does, it will add the IPv6 IP address to the aliases table as a /32 network. This breaks the whole concept of FQDN hosts in an alias table…
I have looked through the code to see if I could find where the /32 is being added in the case where a FQDN host is entered.
It may be in one of these files but I may be wrong ;-) :
function address_to_pconfig has no case for a /128 and falls through to a /32:
if (!$pmask) $pmask = 32;