Hi. My name is KOZUKA masahiro.
I'm trying the Source Address Based Routing of IPv6.
Pf has such a function, route-to, so I used Pf on FreeBSD 5.1R.
But packets weren't forwarded. rule is following.
--
pass in on fxp1 route-to (fxp0 fe80::1) from 3ffe:****:****:****::/16 to !fe80::/16
pass in on fxp1 route-to (fxp0 fe80::2) from 2001:****:****:****::/16 to !fe80::/16
--
I expected,
packets having 3ffe:****:****:****::/64 are forwarded to fe80::1%fxp0
packets having 2001:****:****:****::/64 are forwarded to fe80::2%fxp0.
( This router advertises 3ffe:****:****:****/64 and 2001:****:****:****::/64
under fxp1 )
I think that pf_route6 's output rouine is wrong.
After following fix, packets are forwarder as I expect.
--
--- pf_freebsd_1.0.orig/pf/pf.c Tue Jun 24 00:56:35 2003
+++ pf_freebsd_1.0/pf/pf.c Tue Jun 24 01:26:09 2003
@@ -4613,8 +4613,10 @@
* If the packet is too large for the outgoing interface,
* send back an icmp6 error.
*/
+ if (IN6_IS_ADDR_LINKLOCAL(&dst->sin6_addr))
+ dst->sin6_addr.s6_addr[3] = ifp->if_index;
if ((u_long)m0->m_pkthdr.len <= ifp->if_mtu) {
- error = (*ifp->if_output)(ifp, m0, (struct sockaddr *)dst,
+ error = nd6_output(ifp, ifp, m0, (struct sockaddr *)dst,
NULL);
} else {
in6_ifstat_inc(ifp, ifs6_in_toobig);
--
Sumary:
1. modify dst, if it is a linklocal address.
Because on KAME implementation, 4th octet must be set to scpeid(if_index), I think:)
2. change (*ifp->if_output) to nd6_output.
Thanks.
--
{^-^}[EMAIL PROTECTED] / KOZUKA Masahiro
