From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-we0-f171.google.com (mail-we0-f171.google.com [74.125.82.171]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority" (verified OK)) by huchra.bufferbloat.net (Postfix) with ESMTPS id EC55020082F for ; Sun, 18 Mar 2012 14:22:09 -0700 (PDT) Received: by werm1 with SMTP id m1so9445910wer.16 for ; Sun, 18 Mar 2012 14:22:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=oNKzS6Xca6CZoz+lu8s0EEGNFuzNzrCd7FNRjvb9ZB8=; b=mBqvic/dWeOBxPjFrQRxrrafaQ0utf0ZSo7hSbyQBFvB0AZ5gujrQXxkpO/UpU3UKn DRQoVa7FOPf42ZFZdMBxBDsc3g4DJbCxqz6eCJzZySQo/VXO6efbO0Mpq3RHc/LpKcNX 2YUe2rXIVtMnFyJVwt4oiCWwc/JQF5v1h+4RzOKaSsGcW7LuL8eGxBRwu+cvflaFX2iD 5gd253WrEvcjCgJg/ExqT5wQZARyJAtZHhgQxmaROw2WfoWcsHH6Er7XoH8YbUxz4NJh lGFoYyxXn2f29fhYClj036odPpruEIupZ6xh6h+QvfGYoVOO5ZuuSi44dJa6vOYMDvsl FMXQ== MIME-Version: 1.0 Received: by 10.180.101.230 with SMTP id fj6mr14691982wib.13.1332105727162; Sun, 18 Mar 2012 14:22:07 -0700 (PDT) Received: by 10.223.126.209 with HTTP; Sun, 18 Mar 2012 14:22:07 -0700 (PDT) Date: Sun, 18 Mar 2012 14:22:07 -0700 Message-ID: From: Dave Taht To: cerowrt-devel@lists.bufferbloat.net Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Subject: [Cerowrt-devel] mdns reflector issues on ipv6/babel routing through nat. X-BeenThere: cerowrt-devel@lists.bufferbloat.net X-Mailman-Version: 2.1.13 Precedence: list List-Id: Development issues regarding the cerowrt test router project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Mar 2012 21:22:10 -0000 Once you get to a few routers, a few deep, (3 in series in this case, 9 overall), the avahi mdns proxy starts to malfunction over ipv6, and I ended up with a rather nasty broadcast storm. So I had to disable the ipv6 multicast of mdns in order to get my network back in this (excessively) complex network. use-ipv6=3Dno in the /etc/avahi/avahi-daemon file Seems to work fine, two deep. Curiously, I did not observe a similar storm for ipv4... Now this is across like 5 different versions of cerowrt, but it would not surprise me that this is a generic problem with avahi on ipv6, and/or a symptom of the brain-damaged-ness of mdns in the first place. use-ipv6=3Dno I note that when you connect cero boxes together in a babel mesh configuration, site-local multicast is not a problem, because it doesn't work in the first place (by design). This can be construed as an advantage (no broadcast storm), or disadvantage (mdns and site-local multicast doesn't work across meshed links) Incidentally, I don't know if anyone would purposely inflict a network this complex on themselves: http://pastebin.com/LzeeiCXg but it does illustrate that a complex, automagically routed, fault tolerant ipv4 and ipv6 network IS feasible, so long as all internal addresses are unique. The biggest problem I run into is that 'failover-capable, fault-tolerant routing' introduces major headaches with firewall rules. Another thing the above paste illustrates that you can mix and match ipv4 nat with ipv6 fully meshed routing. The box I took that trace off has babel enabled on all interfaces, and has the following rule at the top of it's babeld.conf file out if ge00 ip 0.0.0.0/0 deny (as do multiple other boxes in the lab on the external network) this prohibits announcing ipv4 routes across the natted ge00 interface, but allows ipv6. In the caseof that paste, this particular router has NO internal wired connections at all, it just meshes internally for ipv4, and because ge00 is a higher quality (ethernet) interface, babel chooses it for the default for ipv6 for most routes. --=20 Dave T=E4ht SKYPE: davetaht US Tel: 1-239-829-5608 http://www.bufferbloat.net