Jeremy Jackson wrote: > On Thu, 2009-02-05 at 15:55 +0100, Halassy Zoltán wrote: [..] <pendantic note="nice/helpful part at the end"> >> My ISP own the address space 1234::/16 A /16, that is a large ISP. I wonder which one it is as there is actually no ISP that has a /16 according to http://www.sixxs.net/tools/grh/dfp/ And there are only /32's in Hungary: http://www.sixxs.net/tools/grh/dfp/all/?country=hu Only "ISP" with such a large block (~</16) is the US DoD. Also note that there is no such thing as 'own' in IP space. You are 'leasing' it at most. aka s/own/have/ please ;) >> I own the address space 1234:100::/32 I guess you mean to say "you have 2001:db8::/48". If you have a /32 then you are an ISP as only those are supposed to get those large chunks and directly from the RIR in question. Also, when giving examples or malforming addresses, please use addresses from 2001:db8::/32 as that is the Documentation prefix. 192.0.2.0/24 is the one for IPv4. >> My ISP gave me the extra address 1234:0:ffff:100::2 (lower than my >> address space) from their address space, and using 1234:0:ffff:100::1 as >> gateway. This subnet is only /126 large. My ISP forbids to use this >> extra IP for global purposes, it's only for routing, they even firewall >> it out, when i try let's say ping6 ipv6.google.com with that address. Depending on which region your ISP is from, but as you are .hu, most likely RIPE, they are supposed to give: /128's to something where there never will be anything more than 1 host /64's to a where there will be exactly 1 subnet. /48's to a place where they don't know how many /64's they will need. Note that that /126 is not in the list. That prefix should be a /64. Also, if they are filtering that address ask them how you are supposed to have fully functioning PathMTU discovery. Something is bound to break there. </pendantic> [nice/helpful part here :) ] [...] >> And here started my problem, on the gateway i would like to maintain a >> service, eg. NTP. >> >> programs picks up the address 1234:0:ffff:100::2 so they won't reach >> their destination. > > In IPv4 you can set "src addr" for each route. So you could set your > default route to have src addr that is from eth1, even though the route > goes out over eth0. I wonder if ipv6 can do that also. You need to use policy routing tables to fix that up, or... [..] > NTP is one of those programs that handles multihomed hosts very poorly. > I hope it gets fixed one day. Install OpenNTPd instead of the IMHO broken(*) ISC ntpd, in openntpd you can specify "listen on 2001:db8::1" and "listen on 192.0.2.1" to specify exactly which IP addresses to listen on. Problem solved. Same for software like Postfix etc. Not nice that you have to do it per app, but that is the way it is. Greets, Jeroen (* specify the interface you really only want to listen on with -I (if you have that option) and it will still try and open all of them and normally listen on them individually, now it remembers and skips them. I just want 1 IPv4 and 1 IPv6 address please and not on all interfaces. Fun part there, even when specifying -I, it will hit a limit of something like 2000 interfaces and exit().)
Attachment:
signature.asc
Description: OpenPGP digital signature
