IPv6 NDP proxying with ocserv
Kevin Cernekee
cernekee at gmail.com
Fri Jun 17 22:02:11 PDT 2016
On Thu, Jun 16, 2016 at 3:48 AM, Nikos Mavrogiannopoulos
<nmav at gnutls.org> wrote:
>> ipv6-network = fc00::/10
>> ipv6-subnet-prefix = 128
>> explicit-ipv6 = 2001:db8::f
>>
>> The X-CSTP-Address-IP6 header is "2001:db8::f/10". The IPv6 address
>> assigned to the vpns0 interface on the ocserv box is fc00::1/128 (no
>> idea if that matters).
>> I think we really want to be sending /128 to the client in this case,
>> to keep the client from thinking it is free to generate more addresses
>> in that range?
>
> I agree with you. I don't remember why the subnet prefix is not sent
> in that case. If you try this (untested) patch does everything work
> for you? I remember I had some issues by using a /128 for ptp links,
> and had to use a /127 instead.
Yes, the patch works. Thanks.
More information about the openconnect-devel
mailing list