On Mon, 29 Oct 2001, [iso-8859-15] Jürgen Nagler wrote:
> This showed to things:
>
> 1. the intermediate host is only forwarding if
> /proc/sys/net/ipv6/conf/all/forwarding is set to 1. It isn't enough
> setting .../conf/eth1/forwarding to 1 (with eth1 being the used
> interface for forwarding). You must start setting .../all/forwarding to
> 1, after that it's safe to set 0 for all unused interfaces but vice
> versa setting .../all/forwarding to 0 and setting the only used
> interface to 1 doesn't work. Why not?
Current design is such that all/forwarding is a general setting for
enabling the forwarding itself, eth0/forwarding etc. just enable
certain IPv6 features of forwarding (like responding to router
solicitations). Please see Documentation/networking/ip-sysctl.txt.
> 2. after the first ping6 Echo request/reply pair (node_left pinged
> node_right) the intermediate node sends a redirect for every
> request/reply back to the source saying it should send it the direct
> way. The source ignores the redirect (not sending a new direct packet or
> changing his behavior the next time) and the intermediate node is
> nevertheless forwarding the packet. Is this correct?
When configuring routes:
node_left:
ifconfig eth1 add fec0::202:2dff:fe02:6f3
route -A inet6 add fec0::202:2dff:fe0d:b94a dev eth1
route -A inet6 add fec0::202:2dff:fe05:400c gw fec0::202:2dff:fe0d:b94a
^^^^
please try using fe80 instead; next-hops should be link-local addresses.
The behaviour you're seeing (that is, not accepting the redirects), could
be caused by the fact that redirects are sent from the link-local address
but the next-hop is site-local; these are compared when receiving the
redirect and they don't match.
Actually one should not accept non - link-local nexthop's (there is a
comment about that in route.c), and this could be one issue big issue
caused by that.
--
Pekka Savola "Tell me of difficulties surmounted,
Netcore Oy not those you stumble over and fall"
Systems. Networks. Security. -- Robert Jordan: A Crown of Swords
|