> It seems to Do The Right Thing for my single-homed endhost case > (unfortunately I still do not have a router I can test). There is one > change I would make, as a result of some feedback from Ollivier Robert > <[EMAIL PROTECTED]>: All instances of the variable $mroute6d > should probably be replaced by $mroute6d_program. (Most of the > variables defining programs in /etc/defaults/rc.conf are of the form > *_program.) I fixed it and other problems, and added another changes. (In particular, I mistakenly left my testing part in router case. Sorry.) I'll attach the new diffs. > I think it's important that we get something like this commited before > the release, if we want to say we're serious about supporting IPv6 in > FreeBSD 4.0-RELEASE. It's asking a little too much of users to figure > out the right sequence of commands to bring up an IPv6 node, so that > they can stick it into /etc/rc.local or something like that. OK, but I'll wait some more time to check if there is any problems. Yoshinobu Inoue
Index: rc =================================================================== RCS file: /home/ncvs/src/etc/rc,v retrieving revision 1.210 diff -u -r1.210 rc --- rc 2000/02/03 06:06:36 1.210 +++ rc 2000/02/15 18:42:06 @@ -191,6 +191,15 @@ network_pass1 fi +case ${ipv6_enable} in +[Yy][Ee][Ss]) + if [ -r /etc/rc.net6 ]; then + . /etc/rc.net6 # We only need to do this once also. + net6_pass1 + fi + ;; +esac + # Mount NFS filesystems. echo -n "Mounting NFS file systems" mount -a -t nfs Index: rc.net6 =================================================================== RCS file: rc.net6 diff -N rc.net6 --- /dev/null Tue Feb 15 09:59:59 2000 +++ rc.net6 Tue Feb 15 10:42:07 2000 @@ -0,0 +1,198 @@ +#! /bin/sh +# $FreeBSD$ + +# Note that almost all of the user-configurable behavior is no longer in +# this file, but rather in /etc/defaults/rc.conf. Please check that file +# first before contemplating any changes here. If you do need to change +# this file for some reason, we would like to know about it. + +# IPv6 startup + +net6_pass1() { + + echo -n 'Doing IPv6 network setup:' + + if [ X"${ipv6_gateway_enable}" = X"YES" ]; then + # + # list of interfaces, and prefix for interfaces + # NOTE: no trailing double colon necessary here! + # + case ${ipv6_network_interfaces} in + [Aa][Uu][Tt][Oo]) + ipv6_network_interfaces="`ifconfig -l`" + ;; + esac + else + # + # manual configurations - in case ip6router=NO + # you can configure only single interface, + # as specification assumes that + # autoconfigured host has single interface only. + # + case ${ipv6_network_interfaces} in + [Aa][Uu][Tt][Oo]) + ipv6_network_interfaces="`ifconfig -l \ + | sed -e 's/ .*//'`" + ;; + esac + fi + + # tool locations + prefixconfig=/usr/sbin/prefix + rtsol=/sbin/rtsol + gifconfig=/usr/sbin/gifconfig + route=/sbin/route + rtadvd=/usr/sbin/rtadvd + ndp=/usr/sbin/ndp + + # just to make sure + ifconfig lo0 up + + #determine the "default interface" used below + #if [ X"$defaultiface" = X"" ]; then + # use 1st interface in the list + # for i in $ipv6_network_interfaces; do + # defaultiface=$i + # break + # done + #fi + # disallow unicast packets without outgoing scope identifiers. + # if you instead want to route such packets to a "default" interface, + # comment out the 1st two lines, and enable the lines after them. + if [ X"$defaultiface" != X"" ]; then + $route add -inet6 fe80:: ::1 -prefixlen 10 -interface \ + -ifp $defaultiface -cloning + $route add -inet6 fec0:: ::1 -prefixlen 10 -interface \ + -ifp $defaultiface -cloning + else + $route add -inet6 fe80:: -prefixlen 10 ::1 -reject + $route add -inet6 fec0:: -prefixlen 10 ::1 -reject + fi + + # disallow "internal" addresses to appear on the wire + $route add -inet6 ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject + $route add -inet6 ::0.0.0.0 -prefixlen 96 ::1 -reject + + if [ X"${ipv6_gateway_enable}" = X"YES" ]; then + # act as a router + sysctl -w net.inet6.ip6.forwarding=1 + sysctl -w net.inet6.ip6.accept_rtadv=0 + + # wait for DAD + for i in $ipv6_network_interfaces; do + ifconfig $i up + done + sleep `sysctl net.inet6.ip6.dad_count | awk '{print $NF}'` + sleep 1 + + # setting up interfaces + for i in $ipv6_network_interfaces; do + eval prefix=\$prefix_$i + if [ X"$prefix" = X"" ]; then + continue + fi + for j in $prefix; do + if [ -x $prefixconfig ]; then + $prefixconfig $i $j:: + else + laddr=`ifconfig $i inet6 \ + | grep 'inet6 fe80:' \ + | head -1 | awk '{print $2}'` + hostid=`echo $laddr | sed -e +'s/fe80:[0-9a-fA-F]+::/fe80::/' -e 's/fe80:://' -e 's/@.*//'` + address=$j\:$hostid + + eval hostid_$i=$hostid + eval address_$i=$address + + ifconfig $i inet6 $address \ + prefixlen 64 alias + fi + + # subnet-router anycast address (rfc2373) + ifconfig $i inet6 $j:: prefixlen 64 \ + alias anycast + done + + ifconfig $i inet6 + done + + # again, wait for DAD's completion (for global addrs) + sleep `sysctl net.inet6.ip6.dad_count | awk '{print $NF}'` + sleep 1 + + # gifconfig + case ${gifs} in + [Nn][Oo] | '') + ;; + *) + for i in $gifs; do + eval peers=\$gifconfig_$i + if [ X"$peers" = X"" ]; then + continue + fi + $gifconfig $i $peers + done + ;; + esac + + # ipv6_router + if [ X"${ipv6_router_enable}" = X"YES" -a -x $ipv6_router ]; then + $ipv6_router $ipv6_router_flags + fi + + # rtadvd + # This should enabled with a great care. + # You may want to fine-tune /etc/rtadvd.conf. + # + # And if you wish your rtadvd to receive and process + # router renumbering messages, specify your Router Renumbering + # security policy by -P option. + # + # See `man 3 ipsec_set_policy` for IPsec policy specification + # details. + # (CAUTION: This enables your routers prefix renumbering + # from another machine, so if you enable this, do it with + # enough care.) + # + if [ X"${rtadvd_enable}" = X"YES" -a -x $rtadvd ]; then + # default + $rtadvd $ipv6_network_interfaces + # + # Enable Router Renumbering, unicaset case + # (use correct src/dst addr) + # $rtadvd -P "in ipsec +ah/transport/fec0:0:0:1::1-fec0:0:0:10::1/require" \ + $ipv6_network_interfaces + # Enable Router Renumbering, multicast case + # (use correct src addr) + # $rtadvd -P "in ipsec +ah/transport/ff05::2-fec0:0:0:10::1/require" \ + $ipv6_network_interfaces + fi + + # mroute6d + if [ X"${mroute6d_enable}" = X"YES" -a -x $mroute6d ]; then + $mroute6d_program $mroute6d_flags + fi + else + # act as endhost - automatically configured + sysctl -w net.inet6.ip6.forwarding=0 + sysctl -w net.inet6.ip6.accept_rtadv=1 + + ifconfig $ipv6_network_interfaces up + $rtsol $ipv6_network_interfaces + + # install the "default interface" to kernel, which will be used + # as the default route when there's no router. + # [ -x $ndp ] && $ndp -I $defaultiface + + # wait for DAD's completion (for global addrs) + sleep `sysctl net.inet6.ip6.dad_count | awk '{print $NF}'` + sleep 1 + fi + + echo '.' + + # Let future generations know we made it. + # + net6_pass1_done=YES +} + Index: defaults/rc.conf =================================================================== RCS file: /home/ncvs/src/etc/defaults/rc.conf,v retrieving revision 1.48 diff -u -r1.48 rc.conf --- defaults/rc.conf 2000/02/06 19:25:00 1.48 +++ defaults/rc.conf 2000/02/15 18:42:08 @@ -184,6 +184,28 @@ ### Miscellaneous network options: ### icmp_bmcastecho="NO" # respond to broadcast ping packets +### IPv6 options: ### +ipv6_enable="NO" # Set to YES to set up for IPv6. +ipv6_network_interfaces="auto" # List of network interfaces (or "auto"). +ipv6_gateway_enable="NO" # Set to YES if this host will be a gateway. +ipv6_router_enable="NO" # Set to YES to enable an IPv6 routing daemon. +ipv6_router="/usr/sbin/route6d" # Name of IPv6 routing daemon. +ipv6_router_flags="" # Flags to IPv6 routing daemon. +#ipv6_router_flags="-l" # example for route6d with IPv6 site local addr +#ipv6_network_interfaces="ed0 ep0" #examples for router +#prefix_ed0="fec0:0000:0000:0001 fec0:0000:0000:0002" #examples for router +#prefix_ep0="fec0:0000:0000:0003 fec0:0000:0000:0004" #examples for router +rtadvd_enable="NO" # Set to YES to enable an IPv6 Router + # Advertisement daemon +mroute6d_enable="NO" # Do IPv6 multicast routing. +mroute6d_program="/usr/sbin/pim6dd" # Name of IPv6 multicast routing daemon +mroute6d_flags="" # Flags to IPv6 multicast routing daemon. +gifs="NO" # List of GIF tunnels (or "NO"). +#gifs="gif0 gif1" #examples typically for a router +#gifconfig_gif0="10.1.1.1 10.1.2.1" #examples typically for a router +#gifconfig_gif1="10.1.1.2 10.1.2.2" #examples typically for a router +defaultiface="" # Default output interface for scoped addrs + ############################################################## ### System console options #################################