From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-wg0-f41.google.com (mail-wg0-f41.google.com [74.125.82.41]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority" (verified OK)) by huchra.bufferbloat.net (Postfix) with ESMTPS id E9073200830 for ; Sun, 18 Mar 2012 14:30:43 -0700 (PDT) Received: by wgbds1 with SMTP id ds1so465809wgb.4 for ; Sun, 18 Mar 2012 14:30:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=NMebb97lQwFP0AELUeS30cHcjPMUUfsNvV6ryLJpiiM=; b=SDU3wIgXNuNhM9FwNp5EBE4ZAalCmDEfOiZYCAIVnwh6J7qQ+GohY7x081S2leimFy JEkZoDOCZKytEIRsf1eYxBIQwUVwt0oLcE77K2vrYEaeo+UCPDkPvB43bMHB2+lnL7xu D3EhLCm2lKiHbeHfK90I3EyskYiUdCgBw917IWT2HXgvRsWr/wUqVe/KDhrFVmBhdW+g W3tEJkIsB+bSkSxGM0m1TBLClLy6+SWtRtnvzgIwuw36a7srUKSbpuvqF+6fJ8gFmfkr SudAsMO7rU55zJxTF8IUyukVuEzsmulyRTZyuni2As0Gwhs82DXPRytWG8L9zSgPSO4A l+AA== MIME-Version: 1.0 Received: by 10.216.133.137 with SMTP id q9mr5793696wei.12.1332106241899; Sun, 18 Mar 2012 14:30:41 -0700 (PDT) Received: by 10.223.126.209 with HTTP; Sun, 18 Mar 2012 14:30:41 -0700 (PDT) In-Reply-To: <4F665342.2080103@freedesktop.org> References: <4F665342.2080103@freedesktop.org> Date: Sun, 18 Mar 2012 14:30:41 -0700 Message-ID: From: Dave Taht To: Jim Gettys Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: cerowrt-devel@lists.bufferbloat.net Subject: Re: [Cerowrt-devel] mdns reflector issues on ipv6/babel routing through nat. X-BeenThere: cerowrt-devel@lists.bufferbloat.net X-Mailman-Version: 2.1.13 Precedence: list List-Id: Development issues regarding the cerowrt test router project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Mar 2012 21:30:44 -0000 On Sun, Mar 18, 2012 at 2:27 PM, Jim Gettys wrote: > Oh, cool. =A0Broadcast storms are soooo much fun... I ended up having to disable avahi entirely. the NEAT thing about this, was that although my network was basically saturated, it still more or less worked and I hardly noticed I had a problem, due to having sfq everywhere.... > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0- Jim > > > On 03/18/2012 05:24 PM, Dave Taht wrote: >> On Sun, Mar 18, 2012 at 2:22 PM, Dave Taht wrote: >>> Once you get to a few routers, a few deep, (3 in series in this case, >>> 9 overall), the avahi mdns proxy starts to malfunction over ipv6, and >>> I ended up with a rather nasty broadcast storm. >>> >>> So I had to disable the ipv6 multicast of mdns in order to get my >>> network back in this (excessively) complex network. >>> >>> use-ipv6=3Dno in the /etc/avahi/avahi-daemon file >>> >>> Seems to work fine, two deep. Curiously, I did not observe a similar >>> storm for ipv4... >>> >>> Now this is across like 5 different versions of cerowrt, but it would >>> not surprise me that this is a =A0generic problem with avahi on ipv6, >>> and/or a symptom of the brain-damaged-ness of mdns in the first place. >>> >>> use-ipv6=3Dno >>> >>> I note that when you connect cero boxes together in a babel mesh >>> configuration, site-local multicast is not a problem, because it >>> doesn't work in the first place (by design). This can be construed as >>> an advantage (no broadcast storm), or disadvantage (mdns and >>> site-local multicast doesn't work across meshed links) >> Actually =A0I was wrong. I'm STILL observing a broadcast storm, AND it >> is taking place across the meshed links too.... aggggh..... >> >>> Incidentally, I don't know if anyone would purposely inflict a network >>> this complex on themselves: >>> >>> http://pastebin.com/LzeeiCXg >>> >>> but it does illustrate that a complex, automagically routed, fault >>> tolerant ipv4 and ipv6 network IS feasible, so long as all internal >>> addresses are unique. >>> >>> The biggest problem I run into is that 'failover-capable, >>> fault-tolerant routing' introduces major headaches with firewall >>> rules. >>> >>> Another thing the above paste illustrates that you can mix and match >>> ipv4 nat with ipv6 fully meshed routing. >>> >>> The box I took that trace off has babel enabled on all interfaces, and >>> has the following rule at the top of it's babeld.conf file >>> >>> out if ge00 ip 0.0.0.0/0 deny >>> >>> (as do multiple other boxes in the lab on the external network) >>> >>> this prohibits announcing ipv4 routes across the natted ge00 >>> interface, but allows ipv6. In the caseof that paste, this particular >>> router has NO internal wired connections at all, it just meshes >>> internally for ipv4, and because ge00 is a higher quality (ethernet) >>> interface, babel chooses it for the default for ipv6 for most routes. >>> >>> >>> >>> -- >>> Dave T=E4ht >>> SKYPE: davetaht >>> US Tel: 1-239-829-5608 >>> http://www.bufferbloat.net >> >> > --=20 Dave T=E4ht SKYPE: davetaht US Tel: 1-239-829-5608 http://www.bufferbloat.net