pfSense Support Subscription

Author Topic: ok confusing me for a while now - tunnel mask not same?  (Read 1709 times)

0 Members and 1 Guest are viewing this topic.

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 2893
  • Karma: +0/-0
    • View Profile
ok confusing me for a while now - tunnel mask not same?
« on: July 24, 2011, 09:03:52 am »
Ok so everything is working great, but not understand why it shows this.

So if you look on web ui, you see set for /128 on the tunnel, and if you look on ifconfg you see that its 128

But why does the console info show that its /126??

See here in the pictures.

- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Have I helped you, want to say thanks?  Donate to pfsense the cost of a beer http://pfsense.org/donate.html

Offline jimp

  • Administrator
  • Hero Member
  • *****
  • Posts: 14998
  • Karma: +4/-0
    • View Profile
Re: ok confusing me for a while now - tunnel mask not same?
« Reply #1 on: July 26, 2011, 01:23:06 pm »
IIRC that's a quirk of how the OS wants/requires it to be. Though I use /64 for both and mine is happy these days.

Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 2893
  • Karma: +0/-0
    • View Profile
Re: ok confusing me for a while now - tunnel mask not same?
« Reply #2 on: July 26, 2011, 02:28:47 pm »
huh?  If that is the way the OS wanted it, why does it display 128 on the ifconfig output?  That console menu is just something pfsense put together is it not?

so I see this in rc.banner

$subnet6 = get_interface_subnetv6($ifname);

Where does it get that info?

edit what's this in interfaces.inc?

Code: [Select]
if (!isset($interface_snv6_arr_cache[$interface]) or $flush) {
$ifinfo = pfSense_get_interface_addresses($interface);
// FIXME: Add IPv6 support to the pfSense module
exec("/sbin/ifconfig {$interface} inet6", $output);
foreach($output as $line) {
if(preg_match("/inet6/", $line)) {
$parts = explode(" ", $line);
if(! preg_match("/fe80::/", $parts[1])) {
$ifinfo['ipaddrv6'] = $parts[1];
if($parts[2] == "-->") {
$parts[5] = "126";
$ifinfo['subnetbitsv6'] = $parts[5];
} else {
$ifinfo['subnetbitsv6'] = $parts[3];

See the $parts[5] = "126";
« Last Edit: July 26, 2011, 02:55:06 pm by johnpoz »
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Have I helped you, want to say thanks?  Donate to pfsense the cost of a beer http://pfsense.org/donate.html

Offline jimp

  • Administrator
  • Hero Member
  • *****
  • Posts: 14998
  • Karma: +4/-0
    • View Profile
Re: ok confusing me for a while now - tunnel mask not same?
« Reply #3 on: July 26, 2011, 02:45:55 pm »
I'd have to check on that, but databeestje would be the one to ask. Time permitting, he keeps an eye on this forum, though he has not been around much lately (on vacation and other personal things going on).

I believe in part that is due to the gif setup quirks there. It reports that in ifconfig because that's what the gif setup does, but having the interface assigned causes a _different_ ifconfig setting to run, which could clobber the gif's settings if it was improper.
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 2893
  • Karma: +0/-0
    • View Profile
Re: ok confusing me for a while now - tunnel mask not same?
« Reply #4 on: July 26, 2011, 03:00:53 pm »
ok just ran that command in that piece of code by hand

ifconfig gif0 inet6
gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1480
        tunnel inet 24.13.xxx.xxx --> 209.51.181.2
        inet6 2001:470:xxxx:b85::2 --> 2001:470:xxxx:b85::1 prefixlen 128
        inet6 fe80::209:5bff:fee2:ccdb%gif0 prefixlen 64 scopeid 0x8

And I see the --> so from the way I read the code it sets it to 126, even though you can see the prefixlen is clearly 128
;)

Im fairly sure could just remove this line
$parts[5] = "126";

And it would show the correct mask, wouldn't it??
« Last Edit: July 26, 2011, 03:09:37 pm by johnpoz »
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Have I helped you, want to say thanks?  Donate to pfsense the cost of a beer http://pfsense.org/donate.html

Offline jimp

  • Administrator
  • Hero Member
  • *****
  • Posts: 14998
  • Karma: +4/-0
    • View Profile
Re: ok confusing me for a while now - tunnel mask not same?
« Reply #5 on: July 26, 2011, 03:14:12 pm »
Have at it, give it a spin. I don't have one handy I can break at the moment.
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 2893
  • Karma: +0/-0
    • View Profile
Re: ok confusing me for a while now - tunnel mask not same?
« Reply #6 on: July 26, 2011, 04:23:32 pm »
I will when I get home, don't want to break it or even reboot it while remote unless really had too ;)  Im no coder but what I can make of it it does not seem to really have any impact on anything other than what is displayed.

I will give it a test when I get home and report back.
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Have I helped you, want to say thanks?  Donate to pfsense the cost of a beer http://pfsense.org/donate.html

Offline databeestje

  • Administrator
  • Hero Member
  • *****
  • Posts: 1048
  • Karma: +0/-0
  • It just might be your luck day, if you only knew.
    • View Profile
Re: ok confusing me for a while now - tunnel mask not same?
« Reply #7 on: July 27, 2011, 07:24:20 am »
We need to lie about the real network mask for gateway checks to validate. Alternatively you can remove it there but add code on the gateway edit page to satisfy the subnet check.

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 2893
  • Karma: +0/-0
    • View Profile
Re: ok confusing me for a while now - tunnel mask not same?
« Reply #8 on: July 27, 2011, 07:45:34 am »
Ok this went BAD!!  I removed that line, no ipv6

I then put it back and rebooted, still no go.  Figured out my default gateway was missing?

Tried undo default he_net gateway and then reapply, still not working getting this error.

php: /system_gateways.php: The command '/sbin/route -inet6 default '2001:470:1f10:b85::1'' returned exit code '64', the output was 'route: illegal option -- i usage: route [-dnqtv] command [[modifiers] args]'

Something changed on how default routes are added?  I had to manually add the route with this command

route -n add -inet6 default 2001:470:1f10:b85::1

Yeah somebody changed something, I have not rebooted in a while -- but now just rebooted and getting this.

Jul 27 07:48:40    php: : The command '/sbin/route -inet6 default '2001:470:1f10:b85::1'' returned exit code '64', the output was 'route: illegal option -- i usage: route [-dnqtv] command [[modifiers] args]'
Jul 27 07:48:40    php: : ROUTING: setting IPv6 default route to 2001:470:1f10:b85::1

And I put that 1 line back, and what would that have to do with wrong command?  And even changed my mask to /64 vs the /128
« Last Edit: July 27, 2011, 07:53:18 am by johnpoz »
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Have I helped you, want to say thanks?  Donate to pfsense the cost of a beer http://pfsense.org/donate.html