On 2021-05-08, Bastien Durel <bast...@geekwu.org> wrote:
> Le 08/05/2021 à 10:58, Stuart Henderson a écrit :
>> On 2021-05-08, Bastien Durel <bast...@durel.org> wrote:
>>> Le 07/05/2021 à 22:50, Stuart Henderson a écrit :
>>>> On 2021-05-07, Bastien Durel <bast...@durel.org> wrote:
>>>>> Hello,
>>>>>
>>>>> I have multiple ISPs plugged on my OpenBSD box, each one providing its
>>>>> IPv6 address space.
>>>>>
>>>>> I used to route outgoing streams with :
>>>>>
>>>>> net2_if = pppoe0
>>>>> ovh_v6_router = "(" $net2_if fe80::230:88ff:fe04:63c9 ")"
>>>>> ovh_v6_prefix = "2001:41d0:fe4b:ec00::0/56"
>>>>> table <internal6> const { $ovh_v6_prefix, $free_v6_prefix,
>>>>> $ripe_v6_prefix }
>>>>> pass out on $net_if from $ovh_v6_prefix to !<internal6> route-to
>>>>> $ovh_v6_router
>>>>> pass out on $tun_ifs from $ovh_v6_prefix to !<internal6> route-to
>>>>> $ovh_v6_router
>>>>
>>>> This is no longer valid syntax for route-to. Check the 6.9 upgrade notes.
>>>>
>>>>
>>> I read the upgrade note, but there is nothing about IPv6 LL addresses
>>>
>>> As said in my previous e-mail :
>>>> I replaced ovh_v6_router by fe80::230:88ff:fe04:63c9%pppoe0
>>
>> Does it work if you use the syntax suggested in the upgrade notes
>> for the example with "pass in on pppoe1 reply-to ..."?
>>
>>
> For incoming connections, I tried
>
> pass in on pppoe0 inet6 reply-to fe80::520f:80ff:fe65:8800%pppoe0 keep state
> pass in on pppoe0 inet6 reply-to fe80::520f:80ff:fe65:8800 keep state
Those aren't exactly expected to work (I don't think pf really
handles link locals)...
> pass in on pppoe0 inet6 reply-to (pppoe0:peer) keep state
...but I was hoping that this would (and it might possibly be a bug
that it doesn't).
>
> none of these worked
>
