00:10:42 how does FreeBSD decide between two IPv4 addresses on the same interface, I have a public /32 and a private address, but it always picks the private address, on Linux it picks the first, but the /32 public address is first yet freebsd is still sending http/icmp traffic using the second address (private address) which will be dropped by the router when trying to access the internet 00:15:55 polarian: man ifconfig; prefer_source 00:17:30 polarian: you should also ensure the non-preffered ip(s) are listed as alias 00:22:15 zi: thats IPv6 only 00:22:49 rgr, check the alias bits 00:43:27 hmm alright, alias is meant to be deprefered, yet it seems to have no affect, I swap around the two addresses, one alias one not, and it still picks the same one regardless of which way around or whether its an alias or not :/ 04:52:07 public /32 eh? what's that default route eh 04:57:01 polarian: the easiest way to do this is to simply route the IPv4 /32s via IPv6 link local addresses, then you don't need to care about arp or ptp 05:17:09 if my switch sees the mac addresses of the hosts i'm trying to ping, then how else can i diagnose why arp who has / pings don't work 05:19:06 my bridge doesn't need an IP, does it 05:20:48 rtprio: a layer 2 switch does not need an IP address, but if you want the switch to be able to ping hosts, it needs an IP address on that vlan 05:21:35 i have a few hosts on the vlan. the 2 physical hosts ping ok, the 3rd is a bhyve vm. 05:22:10 the bhyve vm seems deaf, which is unfortunate as it's acting as the dhcpd 05:23:23 it was working last night, but i don't think i changed anything; 05:23:37 show ifconfig for the bridge, the bridge members and any other relevant interfaces 05:26:39 http://paste.debian.net/1400944/ 05:27:26 standard `vm switch ` config 05:28:10 interface lagg0.4000 appears not to be up? 05:28:29 what the shit 05:28:47 vlans interfaces don't come up by default, you need ifconfig_lagg0_4000="up" 05:29:39 yeah, that appears to be it 05:30:15 thank you 05:31:10 now i can move onto the yak of why i can't pxe with boot.efi 05:31:36 i assume you don't literally mean PXE, since that only works with BIOS boot, as far as i'm aware. UEFI netboot is something else 05:32:35 hm, maybe that's not true actually 05:33:16 i was able to `filename "/boot/loader.efi";` on my bhyve vms and they netboot no problem 05:33:47 there are a number of different netboot protocols at this point, but referring to them all as pxe is ubiquitous unless one is talking about specific support 05:33:57 but on this hardware system, i get the 05:34:17 ... can't find it now, basically 'that blob is too large' 05:36:28 it gets very confusing 08:50:56 ivy: didn't realise you could mix the inet families... 08:51:09 in fact I thought you explicitly couldn't 08:53:56 rtprio: the default route is a point to point address 08:54:23 but for some reason freebsd IP priority doesnt seem to do anything 08:54:37 it doesnt matter which one I alias, and which I add, in whatever order, it selects the exact same IP no matter what 09:00:13 hello, aloha and al-salam aleyqom. sup y'all? 09:05:35 much more than should be 09:33:46 ivy, we did it! https://cgit.freebsd.org/src/commit/?id=de3faa85d8f99d260cbfa6242dd8e4ece693e4f8 09:33:48 good job team 09:51:46 hey 09:52:34 i have question about ipv6 autoconfig. On my FreeBSD machine, IPv6 is autoconfigured when i plug the ethernet wire but it doesn't configure the IPv6 default gateway 09:52:42 i don't have this problem with other operating systems 09:53:05 (note that i enabled ipv6_gateway for other purposes) 09:53:24 how can i ask to FreeBSD to also autoconfigure the default IPv6 gateway 09:53:45 titou: please show the output of ifconfig for the interface you expected to get a default route via 09:54:38 ivy: you gotta modify the default route right? in his case i mean. 09:54:57 scottpedia: no, IPv6 default route configuration is supposed to be automatic when an RA is received 09:55:11 RA? 09:55:16 router advertisement 09:55:34 okay 09:55:43 https://pastebin.com/3yNJ2B4j 09:56:07 (also IPv6 autoconfig is quite long.. it takes several minutes before the interface got its IPv6 09:56:10 ) 09:56:30 for instance i just restarted the machine and as you can see the IPv6 is not set yet 09:56:58 titou: your interface doesn't have an IPv6 link local address. try setting ifconfig_igb0_ipv6="up" in /etc/rc.conf and rebooting 09:57:45 that should cause a link local address to be assigned immediately when the system boots, which is required for SLAAC to work correctly 09:58:39 https://pastebin.com/4zHN9ruS 09:58:46 for instance the IPv6 got its configuration now 09:58:53 ok i will try 09:59:43 in fact in my rc.conf I had: ifconfig_igb0_ipv6="inet6 accept_rtadv" 09:59:48 that's not good? 10:00:45 titou: try adding auto_linklocal to that: it isn't usually required, but for some reason it doesn't seem to be happening automatically on your system 10:01:07 in fact you don't have any nd6 flags at all, which is quite odd 10:01:12 what FreeBSD version is this? 10:01:22 13.4 10:01:29 sorry 14.3 10:01:48 so: inet6 accept_rtadv auto_linklocal ? 10:01:56 yes 10:02:42 are you sure you included the full ifconfig output in your first paste? it's quite odd not to have nd6 options there 10:03:16 indeed i'm sure 10:03:21 i will reboot and try again 10:03:22 at least by default every interface should have PERFORMNUD,IFDISABLED 10:05:50 now I got the local IPv6 after reboot 10:06:42 https://pastebin.com/TeqtFubh 10:07:30 and after IPv6 has been configured on the interface route is not set.. Thus when I try to ping an IPv6 server I got ping6: UDP connect: No route to host 10:07:43 if I manually set it, it works 10:08:08 run 'tcpdump -evi igb0 icmp6', wait for an RA to be sent (it might take a few minutes) and show what it looks like 10:08:31 you could temporarily increase the RA interval on the router to make that easier 10:11:20 [icmp6 sum ok] ICMP6, neighbor advertisement ... 10:11:25 but no route is configured.. 10:12:23 show the full packet please 10:15:37 https://pastebin.com/CgReq9bW 10:17:36 sorry, this is the wrong packet, i'd like to see the router advertisement (RA), not the ND/NS 10:19:23 oh sorry 10:20:55 ivy: https://pastebin.com/gbbQGhgp 10:20:58 while we're waiting, could you show 'netstat -rn -f inet6' and 'netstat -in -f inet6'? 10:23:40 ivy: what do these two cmds do? 10:24:17 scottpedia: netstat -r shows the routing table, netstat -i shows an overview of interfaces and assigned IP addresses. -n disabled DNS resolution, and -f inet6 restricts the output to IPv6 10:24:23 https://pastebin.com/d2C9qmtJ 10:24:29 don't care about vlan* 10:24:53 titou: okay, one more question, is the net.inet6.ip6.forwarding sysctl enabled? 10:25:10 yes 10:25:31 [11:53] (note that i enabled ipv6_gateway for other purposes) 10:25:40 titou: try setting net.inet6.ip6.rfc6204w3=1 10:26:01 done 10:26:09 usually, routers are not allowed to configured routes based on RAs, that sysctl enables this anyway 10:26:27 you may need to wait for another ra-interval to see if it worked (or just reboot) 10:26:33 yup 10:26:48 ok! 10:27:25 ivy: man how long've you been playing with fbsd or linux? 10:27:42 you seem extra-knowledgeable 10:28:23 scottpedia: i've been using FreeBSD since around 3.4, before that i used NetBSD. Linux i started around Debian hamm (2.0) 10:28:37 when was that? 10:29:10 FreeBSD 3.4 was 1999, Debian 2.0 was 1998 10:29:12 NetBSD <3 :) 10:29:26 okay that's hardcore 10:29:26 my first Unix system was NetBSD 1.0, around 1996 10:30:15 so you must be at least 20 years my senior I suppose 10:30:21 I must leave. I'll check and tell you ivy! 10:30:25 thank you so much for your time 10:30:31 titou: np 10:30:50 what was the computer you used those stuff on? ivy 10:32:06 scottpedia: NetBSD and Debian on an Amiga, later i moved to PC. i started using FreeBSD on servers (Pentium III, i think) 10:32:30 okay alright 10:32:38 dunno too much about those ones 10:32:39 Amiga PPC ? 10:32:45 maccampus: 68030 10:33:00 it ran Debian Linux ? 10:33:06 what's their performance like? 10:33:19 maccampus: yes, Debian was one of the best platforms for m68k Linux at the time. NetBSD was the other one 10:33:35 scottpedia: slow. as in, leave it overnight to run make world 10:34:02 pfff, God needed 7 days 10:34:09 okay so what did people use those stuff to do back then? ivy 10:34:31 scottpedia: everything they on computers. at the time a 68030 was a relatively decent CPU, if not the fastest you could buy 10:34:36 s/they on/they did on/ 10:34:39 maccampus: 6 to be accurate. the seventh is the first sabbath 10:35:14 what were the typical applications? 10:35:33 as in "use cases" 10:35:40 uh... again, anything people did on computers. play games, send email, write documents, developer software... 10:35:44 oh, then it's correct, the song i mean, "on the 7th day he chilled out" 10:36:28 what kind of games can you play on that kind of hardware? 10:36:48 1990s games 10:36:51 on Mac 030 you could play Command & Conquer 10:36:54 ivy 10:37:01 are an amiga user? 10:37:02 you know video games have existed since the 1980s, right? 10:37:19 even before i think 10:37:22 mosaid: not anymore, i used to be 10:37:24 yeah I know but the firsts I played were like on xbox already 10:37:37 ivy: Main computer back then PPC? 10:37:47 can't imagine games played on "microcontrollers" 10:38:05 mosaid: m68k 10:38:13 an xbox consist also of a "Microcontroller" 10:38:19 scottpedia: the 68030 is not a microcontroller, it's a fully-featured CPU designed to run Unix 10:38:28 So you never upgraded to PPC 10:38:33 mosaid: no, i moved to PC 10:38:41 scottpedia: https://www.youtube.com/watch?v=tVwScInZfP8 10:39:00 the pc runs which OS ? 10:39:06 scottpedia: have you heard of Sun (the company)? their entire line of computers, and SunOS, was built on m68k until they switched to SPARC 10:39:08 Not Windows i hope 10:40:06 maccampus: I was a Macintosh user 10:40:15 ivy: yeah I know about Sun, where Gosling worked. but still they seem ancient cause I've never touched any of that kind of hardware. my first laptop was a macbook air in 2014. 10:40:17 i was indded 10:40:32 maccampus: uh, are you asking what i use now? my desktop is a Mac, i have a Windows PC for work and gaming, our home server runs FreeBSD and i have some hosting stuff that also runs FreeBSD 10:41:53 mosaid: so am I I guess 10:41:58 scottpedia: they are ancient. you can still buy m68k CPUs but they're firmly targeted at embedded, and they're much slower than basically any modern CPU. but in the 1990s, the m68k was competitive with the Intel 386/486. it's really the Pentium era where that changed; that's why AIM introduced PowerPC 10:42:16 my desktop is a Mac, i have a Windows PC from work and gaming i do on Playstation, my server runs Linux on a PPC Mac 10:42:50 ivy: in face of my overwhelming lack of knowledge, what do you recommend I do so that I may get a grasp of the age of computing before I was born? 10:43:15 I will move away from Mac/MacOS though as i will not buy an Apple CPU 10:43:50 scottpedia: i'm not the right person to ask about that, i don't need to read about that era since i lived it :-) 10:44:00 i'm sure there must be some books about it though 10:44:20 maccampus: same. after more than 10 years of using mac. I am compelled to move away because of apple's increasingly bad designs. 10:44:37 it'd become unprofitable if I keep using a mac 10:45:12 it's true sadly 10:45:35 did you work in the technical sector back then? like when Sun was still alive? ivy 10:45:49 last time i criticised Apple i got an angry message on the freebsd slack, so i won't say anything about this :-) 10:45:57 You get that when you put your stuff in the wrong hole 10:46:07 scottpedia: during the 1990s no, i was in a high school. i did work in tech when Sun was around 10:46:32 okay alright 10:46:51 I think the last great mbp was the 2015 version 10:47:21 since then apple's been abusing the consumers based on a solid "brand loyalty" 10:48:13 no replaceable parts, etc... 10:48:42 yeah or replaable , but only by Apple splied hw 10:49:14 I have the 2017 iMac, the last desktop that offered some freedom 10:49:20 maccampus: I was using Macintosh Classic 1990 10:49:26 System 6 10:49:36 I was trying to upgrade to 7 10:49:43 you can't put replaceable parts in a laptop nowadays, LPDDR only provides such good power efficiency because it's connected directly to the CPU. everyone is switching to this, not just Apple 10:49:58 My first Mac was an 040 Duo & a PPC 7500 10:50:26 i've been procrastinating since a long time ago because of various life events. I should have done the migration already. 10:50:27 upgradeable laptops will be limited to enthusiast market which is willing to sacrifice battery life, like Framework 10:50:35 the 040 fell from the sky (; 10:50:50 ivy: I won't accept a arm processor on my laptop/desktop. 10:50:57 scottpedia: who mentioned ARM? 10:51:08 oh, Apple 10:51:19 ivy: i mean apple is switching full-scale to arm processors on mbps 10:51:23 the Mx is ARM 10:51:36 scottpedia: but you said your complaint was about replaceable parts. actually it's about the CPU architecture? 10:52:02 both 10:52:07 sorry gotta go nice chatting 10:52:23 i would accept it if the system would remain being modular & upgrdable & the OS wasn't closed down to unacceptable 10:53:16 they are taking too much away these days 10:53:41 I think the first Sun was on a difernt CPU before 68k 10:53:42 when they took away 32bit support basically all my steam games went to garbege 10:53:50 gargage* 10:53:53 garbage* 10:54:15 and they also plan to take out tun/tap support in a future version 10:54:24 what i want to know about Apple is when they stop supporting M1 Macs. this determines if they actually care about ewaste, or they're just lying about it to please their customer base 10:55:03 what does ewaster have to do with this? you can't recycle an m1 anyways. 10:55:21 i thik OS 28 will unsupport M1 10:55:25 maccampus: Sun-1 (1982) was M68000 10:55:29 scottpedia: once they end macOS support for M1 Macs, everyone will throw away their M1 Macs and buy new Macs. that creates ewaste. 10:55:51 scottpedia: by extending OS support to M1, which are still perfectly capable machines, they can reduce ewaste. 10:56:25 the ssd's will be burned up by then anyway so waste 10:56:47 maccampus: can you share the statistics / evidence your statement is based on? 10:57:28 maccampus: i assume you have something showing that SSD wear will render M1 Macs unusable in a particular time frame? 10:57:52 i cn tell you i already seen in reallife, 2 cases of worned up SSD's in M1 Macs because user ook to few Ram 10:58:17 2 cases, okay. how many M1 Macs did they sell again? 10:58:46 The virtualRam on SSD R/W constants so those chips die the virtual ram moves, the SSD keeps shrinking 10:59:57 As OS & Suftware gets newer they ned more Ram, so even those with adecaute ram will bcome too few & get in this cycle 11:01:43 Does not matter how much they sell, what does mater is that i know ew Mac users in reallife 11:01:53 few * 11:02:44 unfortunally Half of them are Mac users because of me, so i hear their complains first & loudest 11:03:44 evn though i did always say double the Ram, don't take the minimum 11:11:21 ivy: it worked!!! Thanks a lot :) 11:12:02 titou: great 11:17:18 aright I am starting to think there is no way to do this in freebsd, the man pages contain nothing... 11:17:24 theres interface priority 11:17:32 (metric) 11:22:40 polarian: do what? 11:23:13 ivy: prioritise/default a IPv4 when theres multiple on an interface 11:23:19 alias is meant to deprioritise but it doesn't 11:23:29 polarian: if you don't need arp, just put the aliases on lo0 11:23:37 if you do need arp, fix your network to not need arp 11:23:46 ... 11:23:49 ... 11:23:53 I dont see how that helps 11:24:10 it helps because aliases on lo0 will never be picked as the outgoing address 11:24:31 you are going to need arp, unless you are using IPv6, like you suggested using the lladdr to route the addresses over, but afaik you cant mix inet and inet6 like that!?!? 11:24:47 ivy: I need the address to be the outgoing address though 11:24:51 yes, you can route inet addresses over an inet6 nexthop, everything supports this 11:25:00 the interface has a ptp address which is simply for connecting it to the router 11:25:04 the address I want used is not being used 11:25:06 polarian: put *the* outgoing address on ix0 (or whatever your external interface is), put the other addresses on lo0 11:25:29 freebsd keeps sending a RFC1918 src address when its trying to reach WAN and its being dropped by the router (for obvious reasons) 11:25:38 ivy: that will break arp 11:25:42 will it not? 11:25:54 polarian: so stop using arp. route the /32s to where they're meant to go 11:26:09 I tried that, without arp freebsd throws no route errors 11:26:13 despite adding a route 11:26:20 well ping throws no route 11:26:24 then you did something wrong, show ifconfig + netstat -rn 11:26:41 also I thought arp was mandatory 11:26:47 how would L2 work without arp?!? 11:27:06 arp is not mandatory if you route using IPv6 nexthops, but if you don't want to do that, put *one* IPv4 address on the interface and route the rest via that address 11:27:41 right... so stick the public IP address on lo? 11:27:57 i don't know what significance "the public IP address" has here 11:28:02 alright 11:28:14 do you have an RFC1918 network where you want to route one non-RFC1918 address to an internal machine? 11:28:22 I did some yapping last night when I was trying different ways of trying to assign a /32 address to a client which is behind a router 11:28:50 I was told the only way to make it work is if I use a /31 (or /30) private range between router and client 11:28:55 and then route the /32 public IP over that 11:29:24 if you do this over IPv4, then yes, you need at least one /31 or /30 on the link net, but that can be RFC1918 space 11:29:36 however I was told this works on Linux, where the first IP on the iface is the default, for some reason on FreeBSD it just picks the private IP, no matter which one I put as an alias (alias is meant to deprioritise it) 11:29:45 ivy: thats what I did 11:30:00 but the src header is ALWAYS the /31 address 11:30:14 polarian: yes, the IP address on the interface is the default outgoing address 11:30:22 fetch https://1.1.1.1 11:30:26 ivy: theres two addresses right now 11:30:38 which is why I am asking how to change the default 11:30:56 as freebsd no matter what I do (flip the order, alias the /31 address) I cant make it use the /32 address 11:31:10 polarian: do you have an RFC1918 internal network and you want to route a /32 to a specific machine, and that machine should use the public /32 as its default outgoing address? 11:31:46 alright the client is connected to a switch which is the sole client on a vlan which is on my router, the vlan on my router is setup to pass all packets from the /32 to WAN 11:32:07 ivy: "support" wdym support? i am using an 2018 intel mbp and it's been running perfectly without no "support" from Apple. 11:32:19 I was originally just going to NAT it but my friend moaned that I should be allocating the public IP directly to the client so its easier for him 11:32:43 you use AA right? and you have a /28 or whatever and you want to route one address from that /28 to an internal system? 11:33:05 ivy: pretty much 11:33:16 also its a /29, I have been on AA for years, the /28 is a recent thing 11:33:28 rumour has it they have handed out /27 and /26 as well on request :P 11:33:35 ~and if you can justify why you need it~ 11:33:44 anyways regardless of the point 11:34:08 I do not simply want to allocate a /29, lose a gateway addr, network address and broadcast, and also limit it to one vlan 11:34:31 my original plan was to just allocate a /32 per vlan and nat it, therefore meaning to change IP addresses, I can do it entirely router side 11:34:46 no need to modify any server network configs 11:35:00 this sounds awful and i don't think you should do this 11:35:02 but like I said, friend moaned I am being lazy and demanded I stuck the /32 onto the client 11:35:09 is your internal entirely IPv6 native? 11:35:18 s/internal/internal network 11:35:31 err... on the wifi vlan there is :P 11:35:32 G.U.Y.S. 11:35:40 on this vlan there is a /64 block allocated to it 11:35:42 but not setup 11:35:59 although ideally I would stick the /64 on the host and route it via lladdr 11:36:05 polarian: my suggestion is to start by deploying IPv6 internally, then route your /32s over IPv6 nexthops. trust me, this is *much* easier 11:36:10 no need to waste an address on the gateway 11:36:35 ivy: giving up on this will piss me off though :/ 11:36:37 polarian: there's a reason basically all SP networks are switching to this design, and it still applies on the home network scale 11:36:39 I want to get it to work 11:36:51 ivy: when you finish with him, I'd love to continue our conversation. 11:36:52 I can make it better in the future 11:37:07 also ivy wont freebsd just drop a packet if there is no IPv4 route 11:37:09 scottpedia: sorry, i'm not interesting in discussing Apple hardware support any further 11:37:18 like I said I have not heard of IPv4 addresses routing via lladdr 11:37:29 polarian: you may not have heard of it, but it exists and works fine 11:37:36 ivy: okay what about other stuff? 11:37:58 so is it as simple as sticking the gateway addr as the lladdr of the router and then sticking the /32 onto the interface, or is there more to it? 11:38:00 11!rose ~# route get 46.235.229.111 11:38:00 route to: nightshade.ipv4.le-fay.org 11:38:00 destination: nightshade.ipv4.le-fay.org 11:38:00 gateway: fe80::2%vmnet.nightshad 11:38:09 ... 11:38:35 does the IPv4 packet get encapsulated in an IPv6 packet then? 11:38:54 no, it just uses IPv6 ND to find the Ethernet address of the nexthop, then it sends the IPv4 packet normally 11:39:02 ohhh 11:39:20 so you are basically replacing arp with IPv6 ND 11:39:26 yes 11:39:42 alright so you have the src mac, dest mac, and src IP 11:39:45 what about the dest IP? 11:39:51 ? 11:39:59 the dest IPv4 address is in the packet header 11:39:59 if the router iface has no inet address whats the dest IPv4? 11:40:33 you use IPv6 ND for the dest mac no? but if you arent using IPv4 at all what is in the dest IPv4 packet header 11:40:43 the destination address 11:40:54 which would mean the iface on the router still needs an IPv4 address... 11:41:01 no? 11:41:09 it does, but not because of this, i think you're misunderstanding something 11:41:17 I definitely am 11:41:18 a router never modifies the destination address of a routed packet 11:41:31 oh shit nevermind I am an idiot 11:41:44 like in my route above, say someone sends a packet to 46.235.229.111, the destination address in the header is 46.235.229.111 11:41:47 I was assuming you were only sending to the router, but this would prevent that 11:41:50 there is no IPv4 link to the router 11:41:54 the router simply hops the packet along 11:42:03 im an idiot nevermind :D 11:42:14 nah I get it I was just being an idiot 11:42:22 polarian: but you're right, you *do* need an IPv4 address on the interfaces for this to work properly, but that address can be a /32 11:42:27 it does mean router <--> client is IPv6 only 11:42:29 but thats not an issue 11:42:34 that address will be used for locally-originated traffic and for ICMP errors 11:42:36 you can do all your local traffic over lladdr 11:42:55 oh 11:42:57 so you allocate one /32 to your router and put that /32 on all its interface 11:43:11 wont it just forward 11:43:19 the /32 is held on pppoe0 11:43:32 you can put the same /32 on pppoe0, ix0, igb0, whatever 11:43:39 one system = one IPv4 address 11:43:53 Yeah I know that 11:44:05 but you said assign it to every iface, but its already assigned to one, so it is usable on all just not the default 11:44:17 no, if it's on one interface, it's only usable on that interface 11:44:28 you need to assign an IPv4 address to every interface that passes IPv4 traffic 11:44:33 I can ping my router with an IP address allocated to a separate subnet :) 11:44:55 yes, but you break ICMP error delivery and locally originated traffic 11:45:12 you *must* have one IPv4 address on *every* interface that passes IPv4 traffic 11:45:13 yes... but this is meant to be a client which is WAN-only 11:45:18 no local traffic 11:45:20 so it doesnt matter... 11:45:28 surely? 11:45:31 you still need an IPv4 address on the interface or locally-originated traffic won't work 11:45:48 hm... 11:46:19 for example, if the default route is via igb0, the kernel will pick an IP address on igb0 to be the default source address, if igb0 has no IPv4 addresses, the default source address will be 0.0.0.0 11:46:30 this complicates shit though, the pppoe0 address is set when pppoe0 is established, theres no clean way to then set that addr on another iface too :/ 11:46:47 polarian: AA's WAN addresses are static, just set it in /etc/rc.conf 11:46:55 nah that will piss me off 11:46:58 also my router is OpenBSD 11:47:09 OpenBSD works the same way 11:47:18 well hostname.if(8) 11:47:21 (although i don't know off hand if they support ipv6 nexthops for ipv4) 11:47:27 not rc.conf(5) 11:47:33 ivy: well I can always try 11:47:40 but I still want to get this working v4-only 11:48:04 if you insist on using obsolete network protocols then you need at least one /31 and will waste IP addresses 11:48:11 I died on the same hill when I refused to use a bridge and spent a month getting routes to work instead 11:48:36 not the same hill. not using bridge is fine. refusing to use industry-standard networks protocols is just making work for yourself 11:48:53 its more me wanting to get it to work without using ipv6 stuff :P 11:49:00 obviously I will try the IPv6 stuff after... 11:49:21 okay, well, if your goal is to come up with the worst possible solution, good luck with that 11:49:26 ivy: I have been told by others that you can do this with only a /32 and a /31 block of RFC1918 11:49:34 (On Linux) 11:49:47 the issue is they dont know BSD... 11:50:26 it works in BSD in exactly the same way as Linux 11:50:27 what I have been told (on Linux) is the first address allocated is the default, so you would allocated the /32 first (therefore the default src is the public IP address) and then use the /31 to link the router to the client 11:50:34 route the additional /32s via the /31 address 11:50:36 arp is happy 11:50:42 and the public IP should be used 11:50:44 arp is not involved if you do this properly 11:50:53 other than for the /31, which obviously requires arp 11:50:56 ivy: I did... it still picks the /31 11:51:17 thats why I was asking how to set src addr priority 11:51:22 which I dont believe is possible 11:51:37 I spent last night switching the order I added, switched which one I added as an alias 11:51:52 it would *ALWAYS* use the /31 and get dropped router side as RFC1918 wont be forwarded to WAN 11:52:09 so I got pissed off and went to bed :P 11:52:27 there is no way to set preferred source address for a route 11:52:35 you are looking for Linux's prefsrc, which we don't implement 11:53:04 yeah, so i assume this approach is impossible on freebsd then? 11:53:23 freebsd simply will not use the /32 as the src header no matter what I try... 11:53:30 maybe? i haven't used IPv4-only networks for years 11:53:38 but probably yes 11:54:14 :/ 11:54:29 fuck so I guess IPv6 nethop is mandatory to do this then 11:54:47 question 11:54:55 what if you used a RFC1918 /32 address on the router iface 11:55:10 and used IPv6 nexthop instead of arp 11:55:21 well IPv6 ND 11:55:55 that's fine 11:56:03 hmmm 11:56:37 I guess I will try IPv6 nexthop then 11:57:17 believe me, once you realise how much easier things like this are on IPv6-native networks, you will never go back to the old way 11:57:25 question though, I know v4 is legacy and all but surely it is still a good idea to support an v4-only solution for those who cant use IPv6? 11:57:33