# I'm crashing FreeBSD with IPv6 somehow



## kestasjk (May 21, 2010)

I'm not sure how, but I'm managing to crash FreeBSD consistently for the first time ever with my IPv6 config.

It works fine when I connect up using 6to4 via stf0, typical stuff, I can ping and request webpages no problem. But when I configure an internal interface with IPv6 to allow internal computers to connect I can consistently get it to crash by doing "wget -6 http://[any IPv6 site]"

Also if I configure an internal interface with IPv6, but leave PF disabled, it doesn't crash. 
If I turn PF on and have internal IPv6 it doesn't crash when I do "wget -6 http://[any IPv6 site]" from _inside_ the network (the wget gets connection refused, even with a wide open pf.conf, and even though ping6 works). But it does crash when I run the wget on the gateway machine.

This is my first real venture into IPv6, I'm learning slowly but I'm pretty sure no matter what I do it shouldn't crash. Anyone have any thoughts on where I should look or what I should try?


----------



## SirDice (May 23, 2010)

What version of FreeBSD are you running and on what architecture?


----------



## kestasjk (May 24, 2010)

SirDice said:
			
		

> What version of FreeBSD are you running and on what architecture?


Here's my uname -a: 
	
	



```
FreeBSD gatewaybsd.KULIUKAS 8.0-RELEASE-p2 FreeBSD 8.0-RELEASE-p2 #0: Fri May 21 20:06:13 WST 2010     kestas@gatewaybsd.KULIUKAS:/usr/obj/usr/src/sys/kgateway  i386
```
I since found out that it can crash without IPv6 forwarding, just having one IPv6 interface and PF enabled is enough 

It's weird because I always assumed FreeBSD, being an IPv6 trendsetter with the KAME project, would have the most stable IPv6 support


----------



## SirDice (May 24, 2010)

Odd. I've been running IPv6 for years and I never encountered an IPv6 related panic. 

You seem to be running a custom kernel, do you still have the crashes with GENERIC?


----------



## kestasjk (May 25, 2010)

Here is the diff GENERIC [mykernel] output:

```
[root@gatewaybsd /usr/src/sys/i386/conf]# diff GENERIC kgateway
334a335,346
>
> # -- Custom options Kestas
> options         ALTQ
> options         ALTQ_CBQ        # Class Bases Queuing (CBQ)
> options         ALTQ_RED        # Random Early Detection (RED)
> options         ALTQ_RIO        # RED In/Out
> options         ALTQ_HFSC       # Hierarchical Packet Scheduler (HFSC)
> options         ALTQ_PRIQ       # Priority Queuing (PRIQ)
>
> # -- 6to4 told me to add these two
> device                stf
[root@gatewaybsd /usr/src/sys/i386/conf]#
```
It's just ALTQ stuff, required for packet queuing in PF, and the STF IPv6 tunneling driver which hf6to4 was complaining about. I assume I can't get rid of STF, which leaves only ALTQ (which we really need in the long term)

I guess step 1 is to try and remove the stf reference, since if you're using it on GENERIC it must not be needed statically.
Step 2 then is to try and remove ALTQ, but this is more of a diagnostic thing than a solution, because we need ALTQ more than IPv6

Ill put it up on the whiteboard for _some time soon_ and see how it goes, but don't anyone say I didn't try to embrace the next-gen internet protocol


----------



## kestasjk (May 25, 2010)

Sigh.. why is editing your posts disabled?.. Now I have to write here to address an inconsistancy above:


> It's just ALTQ stuff, required for packet queuing in PF, and the STF IPv6 tunneling driver which hf6to4 was complaining about <b>(I since found out hf6to4 is a pretty shoddy netBSD-oriented shell script, and that it just wasn't creating a new stf tunnel correctly but thinking there was no driver)</b>
> That leaves only ALTQ (which we really need in the long term)


----------



## SirDice (May 25, 2010)

kestasjk said:
			
		

> Sigh.. why is editing your posts disabled?..


You can edit after 10 posts (and 10 days).

I don't use stf. I have a gif 6over4 tunnel running. IPv6 gets tunneled over the gif interface. Everything else just follows the 'old' IPv4 path to the internet.


----------



## DutchDaemon (May 25, 2010)

kestasjk said:
			
		

> Sigh.. why is editing your posts disabled?



Why don't people read the information that is sent to them when they sign up?


----------



## kestasjk (May 26, 2010)

SirDice said:
			
		

> You can edit after 10 posts (and 10 days).
> 
> I don't use stf. I have a gif 6over4 tunnel running. IPv6 gets tunneled over the gif interface. Everything else just follows the 'old' IPv4 path to the internet.


I'm hoping to use stf because it has direct IPv4-IPv6 address mapping and I have a static IP, and because it doesn't rely on a specific gateway machine.
I think with a 2002 address that'll be something that'll stay even while IPv6 is rolled out, whereas with tunnels it'll reach a point where they're no longer needed or something; 2002 feels more like connecting to the real IPv6 internet basically, even though in reality they're both just tunneling over IPv4.



			
				DutchDaemon said:
			
		

> Why don't people read the information that is sent to them when they sign up?


If that was just a sarcastic zing okay, but honestly; because FAQs, rules, and how/where-to-post guides are usually common sense and the same for all vBulletin forums, the document is sent to you after you have confirmed registration so you probably won't read it before posting your first message, and when the list of documents to read contains "FreeBSD; what is it?" you don't assume it's a must-read list.


----------



## kestasjk (May 26, 2010)

kestasjk said:
			
		

> I'm hoping to use stf because it has direct IPv4-IPv6 address mapping and I have a static IP, and because it doesn't rely on a specific gateway machine.
> I think with a 2002 address that'll be something that'll stay even while IPv6 is rolled out, whereas with tunnels it'll reach a point where they're no longer needed or something; 2002 feels more like connecting to the real IPv6 internet basically, even though in reality they're both just tunneling over IPv4.



Just realized you meant that GENERIC might not contain stf, thought you were suggesting gif as an alternative, my mistake


----------



## kestasjk (May 26, 2010)

DutchDaemon said:
			
		

> Why don't people read the information that is sent to them when they sign up?



Also the question isn't answered. All I can gather is that it's supposed to be some "benefit" to members who have been here for a certain length of time (why not add the ability to write posts more than 10 lines long as a benefit too?).

As a new user I get that you want to encourage me to stay to promote an active forum, but having nonsensical policies such as basic forum functionality being for promoted-users only really gives me no incentive to become an active member.

I understand that you are the forum admin, who writes and enforces the rules, so you wouldn't admit this was a silly rule even if you believed it, but there it is.


----------



## kestasjk (May 26, 2010)

I would edit the previous post to note that it also makes no sense as a way to prevent spam (since you can still reply to approved posts) but need to add another reply to do so instead, resulting in a post that is 
itself spam by some definitions. Oh the irony


----------



## SirDice (May 26, 2010)

kestasjk said:
			
		

> I would edit the previous post to note that it also makes no sense as a way to prevent spam (since you can still reply to approved posts) but need to add another reply to do so instead, resulting in a post that is itself spam by some definitions. Oh the irony


It does prevent spam. Stop complaining about it, you only have 2 posts to go. Then you can edit your posts to your heart's content.


----------



## DutchDaemon (May 26, 2010)

kestasjk said:
			
		

> If that was just a sarcastic zing okay, but honestly; because FAQs, rules, and how/where-to-post guides are usually common sense and the same for all vBulletin forums, the document is sent to you after you have confirmed registration so you probably won't read it before posting your first message, and when the list of documents to read contains "FreeBSD; what is it?" you don't assume it's a must-read list.



You could have shortened that to: "Yeah, should have read that". Stop complaining.


----------



## kestasjk (May 27, 2010)

DutchDaemon said:
			
		

> You could have shortened that to: "Yeah, should have read that". Stop complaining.



Actually it was a sincere attempt to answer your question, but never mind

If anyone is using stf on a gateway machine with PF let me know


----------



## DutchDaemon (May 27, 2010)

Re: edit/post restrictions: discussed before.
http://forums.freebsd.org/showthread.php?t=10095
http://forums.freebsd.org/showthread.php?t=6242
[ the end ]


----------

