From: Neil Horman <nhorman@tuxdriver.com>
To: "YOSHIFUJI Hideaki / 吉藤英明" <yoshfuji@linux-ipv6.org>
Cc: davem@davemloft.net, kuznet@ms2.inr.ac.ru, pekkas@netcore.fi,
jmorris@namei.org, kaber@coreworks.de, netdev@vger.kernel.org
Subject: Re: [PATCH] IPv6: Implement RFC 4429 Optimistic Duplicate Address Detection
Date: Tue, 23 Jan 2007 15:51:18 -0500 [thread overview]
Message-ID: <20070123205118.GC582@hmsreliant.homelinux.net> (raw)
In-Reply-To: <20070123.091820.104515696.yoshfuji@linux-ipv6.org>
On Tue, Jan 23, 2007 at 09:18:20AM +0900, YOSHIFUJI Hideaki / 吉藤英明 wrote:
> Hello.
<snip>
New patch attached, incorporating Yoshijui and Vlads latest comments. I didn't
follow guidance on the ndisc_recv_ns comment, Yoshifuji, since Vlad had already
suggested an alternate solution in a previous post, but from looking at them
both, they should be equivalent.
Thanks & Regards
Neil
Signed-off-by: Neil Horman <nhorman@tuxdriver.com>
include/linux/if_addr.h | 1
include/linux/ipv6.h | 2 +
include/linux/sysctl.h | 1
include/net/addrconf.h | 4 +-
net/ipv6/addrconf.c | 56 ++++++++++++++++++++++++++++----
net/ipv6/mcast.c | 4 +-
net/ipv6/ndisc.c | 82 +++++++++++++++++++++++++++++++++++-------------
7 files changed, 117 insertions(+), 33 deletions(-)
diff --git a/include/linux/if_addr.h b/include/linux/if_addr.h
index d557e4c..43f3bed 100644
--- a/include/linux/if_addr.h
+++ b/include/linux/if_addr.h
@@ -39,6 +39,7 @@ enum
#define IFA_F_TEMPORARY IFA_F_SECONDARY
#define IFA_F_NODAD 0x02
+#define IFA_F_OPTIMISTIC 0x04
#define IFA_F_HOMEADDRESS 0x10
#define IFA_F_DEPRECATED 0x20
#define IFA_F_TENTATIVE 0x40
diff --git a/include/linux/ipv6.h b/include/linux/ipv6.h
index f824113..5d37abf 100644
--- a/include/linux/ipv6.h
+++ b/include/linux/ipv6.h
@@ -177,6 +177,7 @@ struct ipv6_devconf {
#endif
#endif
__s32 proxy_ndp;
+ __s32 optimistic_dad;
void *sysctl;
};
@@ -205,6 +206,7 @@ enum {
DEVCONF_RTR_PROBE_INTERVAL,
DEVCONF_ACCEPT_RA_RT_INFO_MAX_PLEN,
DEVCONF_PROXY_NDP,
+ DEVCONF_OPTIMISTIC_DAD,
DEVCONF_MAX
};
diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h
index 81480e6..972a33a 100644
--- a/include/linux/sysctl.h
+++ b/include/linux/sysctl.h
@@ -570,6 +570,7 @@ enum {
NET_IPV6_RTR_PROBE_INTERVAL=21,
NET_IPV6_ACCEPT_RA_RT_INFO_MAX_PLEN=22,
NET_IPV6_PROXY_NDP=23,
+ NET_IPV6_OPTIMISTIC_DAD=24,
__NET_IPV6_MAX
};
diff --git a/include/net/addrconf.h b/include/net/addrconf.h
index 88df8fc..d248a19 100644
--- a/include/net/addrconf.h
+++ b/include/net/addrconf.h
@@ -73,7 +73,9 @@ extern int ipv6_get_saddr(struct dst_entry *dst,
extern int ipv6_dev_get_saddr(struct net_device *dev,
struct in6_addr *daddr,
struct in6_addr *saddr);
-extern int ipv6_get_lladdr(struct net_device *dev, struct in6_addr *);
+extern int ipv6_get_lladdr(struct net_device *dev,
+ struct in6_addr *,
+ unsigned char banned_flags);
extern int ipv6_rcv_saddr_equal(const struct sock *sk,
const struct sock *sk2);
extern void addrconf_join_solict(struct net_device *dev,
diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
index 2a7e461..d2b01ec 100644
--- a/net/ipv6/addrconf.c
+++ b/net/ipv6/addrconf.c
@@ -830,7 +830,8 @@ retry:
ift = !max_addresses ||
ipv6_count_addresses(idev) < max_addresses ?
ipv6_add_addr(idev, &addr, tmp_plen,
- ipv6_addr_type(&addr)&IPV6_ADDR_SCOPE_MASK, IFA_F_TEMPORARY) : NULL;
+ ipv6_addr_type(&addr)&IPV6_ADDR_SCOPE_MASK,
+ IFA_F_TEMPORARY|IFA_F_OPTIMISTIC) : NULL;
if (!ift || IS_ERR(ift)) {
in6_ifa_put(ifp);
in6_dev_put(idev);
@@ -1174,7 +1175,8 @@ int ipv6_get_saddr(struct dst_entry *dst,
}
-int ipv6_get_lladdr(struct net_device *dev, struct in6_addr *addr)
+int ipv6_get_lladdr(struct net_device *dev, struct in6_addr *addr,
+ unsigned char banned_flags)
{
struct inet6_dev *idev;
int err = -EADDRNOTAVAIL;
@@ -1185,7 +1187,7 @@ int ipv6_get_lladdr(struct net_device *dev, struct in6_addr *addr)
read_lock_bh(&idev->lock);
for (ifp=idev->addr_list; ifp; ifp=ifp->if_next) {
- if (ifp->scope == IFA_LINK && !(ifp->flags&IFA_F_TENTATIVE)) {
+ if (ifp->scope == IFA_LINK && !(ifp->flags & banned_flags)) {
ipv6_addr_copy(addr, &ifp->addr);
err = 0;
break;
@@ -1751,6 +1753,7 @@ ok:
update_lft = create = 1;
ifp->cstamp = jiffies;
+ ifp->flags |= IFA_F_OPTIMISTIC;
addrconf_dad_start(ifp, RTF_ADDRCONF|RTF_PREFIX_RT);
}
@@ -1945,7 +1948,11 @@ static int inet6_addr_add(int ifindex, struct in6_addr *pfx, int plen,
ifp->prefered_lft = prefered_lft;
ifp->tstamp = jiffies;
spin_unlock_bh(&ifp->lock);
-
+ /*
+ * Note that section 3.1 of RFC 4429 indicates
+ * That the Optimistic flag should not be set for
+ * manually configured addresses
+ */
addrconf_dad_start(ifp, 0);
in6_ifa_put(ifp);
addrconf_verify(0);
@@ -2123,7 +2130,8 @@ static void addrconf_add_linklocal(struct inet6_dev *idev, struct in6_addr *addr
{
struct inet6_ifaddr * ifp;
- ifp = ipv6_add_addr(idev, addr, 64, IFA_LINK, IFA_F_PERMANENT);
+ ifp = ipv6_add_addr(idev, addr, 64, IFA_LINK,
+ IFA_F_PERMANENT|IFA_F_OPTIMISTIC);
if (!IS_ERR(ifp)) {
addrconf_dad_start(ifp, 0);
in6_ifa_put(ifp);
@@ -2190,7 +2198,7 @@ ipv6_inherit_linklocal(struct inet6_dev *idev, struct net_device *link_dev)
{
struct in6_addr lladdr;
- if (!ipv6_get_lladdr(link_dev, &lladdr)) {
+ if (!ipv6_get_lladdr(link_dev, &lladdr, IFA_F_TENTATIVE)) {
addrconf_add_linklocal(idev, &lladdr);
return 0;
}
@@ -2537,8 +2545,18 @@ static void addrconf_dad_start(struct inet6_ifaddr *ifp, u32 flags)
struct inet6_dev *idev = ifp->idev;
struct net_device *dev = idev->dev;
+ if (!idev->cnf.optimistic_dad)
+ ifp->flags &= ~IFA_F_OPTIMISTIC;
+
addrconf_join_solict(dev, &ifp->addr);
+ /*
+ * Optimistic nodes need to joing the anycast address
+ * right away
+ */
+ if (ifp->flags & IFA_F_OPTIMISTIC)
+ addrconf_join_anycast(ifp);
+
if (ifp->prefix_len != 128 && (ifp->flags&IFA_F_PERMANENT))
addrconf_prefix_route(&ifp->addr, ifp->prefix_len, dev, 0,
flags);
@@ -2553,7 +2571,7 @@ static void addrconf_dad_start(struct inet6_ifaddr *ifp, u32 flags)
if (dev->flags&(IFF_NOARP|IFF_LOOPBACK) ||
!(ifp->flags&IFA_F_TENTATIVE) ||
ifp->flags & IFA_F_NODAD) {
- ifp->flags &= ~IFA_F_TENTATIVE;
+ ifp->flags &= ~(IFA_F_TENTATIVE|IFA_F_OPTIMISTIC);
spin_unlock_bh(&ifp->lock);
read_unlock_bh(&idev->lock);
@@ -2573,6 +2591,18 @@ static void addrconf_dad_start(struct inet6_ifaddr *ifp, u32 flags)
addrconf_dad_stop(ifp);
return;
}
+
+ /*
+ * Forwarding devices (routers) should not use
+ * optimistic addresses
+ * Nor should interfaces that don't know the
+ * Source address for their default gateway
+ * RFC 4429 Sec 3.3
+ */
+ if ((ipv6_devconf.forwarding) ||
+ (ifp->rt == NULL))
+ ifp->flags &= ~IFA_F_OPTIMISTIC;
+
addrconf_dad_kick(ifp);
spin_unlock_bh(&ifp->lock);
out:
@@ -2597,7 +2627,7 @@ static void addrconf_dad_timer(unsigned long data)
* DAD was successful
*/
- ifp->flags &= ~IFA_F_TENTATIVE;
+ ifp->flags &= ~(IFA_F_TENTATIVE|IFA_F_OPTIMISTIC);
spin_unlock_bh(&ifp->lock);
read_unlock_bh(&idev->lock);
@@ -3398,6 +3428,7 @@ static void inline ipv6_store_devconf(struct ipv6_devconf *cnf,
#endif
#endif
array[DEVCONF_PROXY_NDP] = cnf->proxy_ndp;
+ array[DEVCONF_OPTIMISTIC_DAD] = cnf->optimistic_dad;
}
static inline size_t inet6_if_nlmsg_size(void)
@@ -3918,6 +3949,15 @@ static struct addrconf_sysctl_table
.proc_handler = &proc_dointvec,
},
{
+ .ctl_name = NET_IPV6_OPTIMISTIC_DAD,
+ .procname = "optimistic_dad",
+ .data = &ipv6_devconf.optimistic_dad,
+ .maxlen = sizeof(int),
+ .mode = 0644,
+ .proc_handler = &proc_dointvec,
+
+ },
+ {
.ctl_name = 0, /* sentinel */
}
},
diff --git a/net/ipv6/mcast.c b/net/ipv6/mcast.c
index 882cde4..9c5273c 100644
--- a/net/ipv6/mcast.c
+++ b/net/ipv6/mcast.c
@@ -1411,7 +1411,7 @@ static struct sk_buff *mld_newpack(struct net_device *dev, int size)
skb_reserve(skb, LL_RESERVED_SPACE(dev));
- if (ipv6_get_lladdr(dev, &addr_buf)) {
+ if (ipv6_get_lladdr(dev, &addr_buf, IFA_F_TENTATIVE)) {
/* <draft-ietf-magma-mld-source-05.txt>:
* use unspecified address as the source address
* when a valid link-local address is not available.
@@ -1789,7 +1789,7 @@ static void igmp6_send(struct in6_addr *addr, struct net_device *dev, int type)
skb_reserve(skb, LL_RESERVED_SPACE(dev));
- if (ipv6_get_lladdr(dev, &addr_buf)) {
+ if (ipv6_get_lladdr(dev, &addr_buf, IFA_F_TENTATIVE)) {
/* <draft-ietf-magma-mld-source-05.txt>:
* use unspecified address as the source address
* when a valid link-local address is not available.
diff --git a/net/ipv6/ndisc.c b/net/ipv6/ndisc.c
index 6a9f616..fcd22e3 100644
--- a/net/ipv6/ndisc.c
+++ b/net/ipv6/ndisc.c
@@ -498,7 +498,21 @@ static void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
msg->icmph.icmp6_unused = 0;
msg->icmph.icmp6_router = router;
msg->icmph.icmp6_solicited = solicited;
- msg->icmph.icmp6_override = override;
+ if (!ifp || !(ifp->flags & IFA_F_OPTIMISTIC))
+ msg->icmph.icmp6_override = override;
+ else {
+ /*
+ * We must clear the override flag on all
+ * neighbor advertisements from source
+ * addresses that are OPTIMISTIC - RFC 4429
+ * section 2.2
+ */
+ if (override)
+ printk(KERN_WARNING
+ "Disallowing override flag for OPTIMISTIC addr\n");
+ msg->icmph.icmp6_override = 0;
+ }
+
/* Set the target address. */
ipv6_addr_copy(&msg->target, solicited_addr);
@@ -542,7 +556,8 @@ void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
int send_llinfo;
if (saddr == NULL) {
- if (ipv6_get_lladdr(dev, &addr_buf))
+ if (ipv6_get_lladdr(dev, &addr_buf,
+ (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
return;
saddr = &addr_buf;
}
@@ -622,9 +637,20 @@ void ndisc_send_rs(struct net_device *dev, struct in6_addr *saddr,
struct sk_buff *skb;
struct icmp6hdr *hdr;
__u8 * opt;
+ struct inet6_ifaddr *ifp;
int len;
int err;
+ /*
+ * Check the source address. If its OPTIMISTIC
+ * and addr_len is non-zero (implying the sllao option)
+ * then don't send the RS (RFC 4429, section 2.2)
+ */
+ ifp = ipv6_get_ifaddr(saddr, dev, 1);
+
+ if ((!ifp) || ((ifp->flags & IFA_F_OPTIMISTIC) && dev->addr_len))
+ return;
+
ndisc_flow_init(&fl, NDISC_ROUTER_SOLICITATION, saddr, daddr,
dev->ifindex);
@@ -746,6 +772,7 @@ static void ndisc_recv_ns(struct sk_buff *skb)
int dad = ipv6_addr_any(saddr);
int inc;
int is_router;
+ int type;
if (ipv6_addr_is_multicast(&msg->target)) {
ND_PRINTK2(KERN_WARNING
@@ -796,28 +823,39 @@ static void ndisc_recv_ns(struct sk_buff *skb)
inc = ipv6_addr_is_multicast(daddr);
if ((ifp = ipv6_get_ifaddr(&msg->target, dev, 1)) != NULL) {
- if (ifp->flags & IFA_F_TENTATIVE) {
- /* Address is tentative. If the source
- is unspecified address, it is someone
- does DAD, otherwise we ignore solicitations
- until DAD timer expires.
- */
- if (!dad)
+
+ if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
+ if (dad) {
+ if (dev->type == ARPHRD_IEEE802_TR) {
+ unsigned char *sadr = skb->mac.raw;
+ if (((sadr[8] ^ dev->dev_addr[0]) & 0x7f) == 0 &&
+ sadr[9] == dev->dev_addr[1] &&
+ sadr[10] == dev->dev_addr[2] &&
+ sadr[11] == dev->dev_addr[3] &&
+ sadr[12] == dev->dev_addr[4] &&
+ sadr[13] == dev->dev_addr[5]) {
+ /* looped-back to us */
+ goto out;
+ }
+ }
+
+ /*
+ * We are colliding with another node
+ * who is doing DAD
+ * so fail our DAD process
+ */
+ addrconf_dad_failure(ifp);
goto out;
- if (dev->type == ARPHRD_IEEE802_TR) {
- unsigned char *sadr = skb->mac.raw;
- if (((sadr[8] ^ dev->dev_addr[0]) & 0x7f) == 0 &&
- sadr[9] == dev->dev_addr[1] &&
- sadr[10] == dev->dev_addr[2] &&
- sadr[11] == dev->dev_addr[3] &&
- sadr[12] == dev->dev_addr[4] &&
- sadr[13] == dev->dev_addr[5]) {
- /* looped-back to us */
+ } else {
+ /*
+ * This is not a dad solicitation.
+ * If we are an optimistic node,
+ * we should respond.
+ * Otherwise, we should ignore it.
+ */
+ if (!(ifp->flags & IFA_F_OPTIMISTIC))
goto out;
- }
}
- addrconf_dad_failure(ifp);
- return;
}
idev = ifp->idev;
@@ -1406,7 +1444,7 @@ void ndisc_send_redirect(struct sk_buff *skb, struct neighbour *neigh,
dev = skb->dev;
- if (ipv6_get_lladdr(dev, &saddr_buf)) {
+ if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
ND_PRINTK2(KERN_WARNING
"ICMPv6 Redirect: no link-local address on %s\n",
dev->name);
next prev parent reply other threads:[~2007-01-23 20:53 UTC|newest]
Thread overview: 71+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-01-19 21:23 [PATCH] IPv6: Implement RFC 4429 Optimistic Duplicate Address Detection Neil Horman
2007-01-19 23:05 ` YOSHIFUJI Hideaki / 吉藤英明
2007-01-20 1:41 ` Neil Horman
2007-01-22 18:15 ` Neil Horman
2007-01-22 18:39 ` Mika Penttilä
2007-01-22 19:45 ` Neil Horman
2007-01-22 20:25 ` Vlad Yasevich
2007-01-23 18:36 ` Neil Horman
2007-01-23 19:27 ` Vlad Yasevich
2007-01-23 0:18 ` YOSHIFUJI Hideaki / 吉藤英明
2007-01-23 20:51 ` Neil Horman [this message]
2007-01-25 1:54 ` Sridhar Samudrala
2007-01-25 13:33 ` Neil Horman
2007-01-25 17:16 ` Vlad Yasevich
2007-01-25 19:45 ` Neil Horman
2007-01-25 20:18 ` Vlad Yasevich
2007-01-25 21:26 ` Neil Horman
2007-01-25 22:13 ` Vlad Yasevich
2007-01-26 14:27 ` Neil Horman
2007-01-26 15:44 ` YOSHIFUJI Hideaki / 吉藤英明
2007-01-26 19:03 ` Neil Horman
2007-01-25 22:34 ` Vlad Yasevich
2007-01-26 0:13 ` YOSHIFUJI Hideaki / 吉藤英明
2007-01-26 14:20 ` Vlad Yasevich
2007-01-26 19:18 ` Neil Horman
2007-01-26 20:28 ` Vlad Yasevich
2007-01-26 21:35 ` Neil Horman
2007-01-26 21:42 ` Vlad Yasevich
2007-01-29 16:34 ` Neil Horman
2007-01-29 21:30 ` Neil Horman
2007-01-29 22:25 ` YOSHIFUJI Hideaki / 吉藤英明
2007-01-30 13:02 ` Neil Horman
2007-01-30 16:16 ` YOSHIFUJI Hideaki / 吉藤英明
2007-01-31 20:54 ` Neil Horman
2007-02-02 19:06 ` Neil Horman
2007-02-02 19:46 ` David Miller
2007-02-02 20:13 ` Neil Horman
2007-02-02 22:22 ` Vlad Yasevich
2007-02-03 15:06 ` Neil Horman
2007-02-02 21:28 ` Brian Haley
2007-02-02 22:05 ` Vlad Yasevich
2007-02-02 23:57 ` Brian Haley
2007-02-03 15:05 ` Neil Horman
2007-02-05 17:33 ` Brian Haley
2007-02-05 18:37 ` Neil Horman
2007-02-02 21:50 ` Vlad Yasevich
2007-02-03 15:03 ` Neil Horman
[not found] ` <20070205205651.GB484@hmsreliant.homelinux.net>
2007-02-06 1:24 ` YOSHIFUJI Hideaki / 吉藤英明
2007-02-06 1:32 ` David Miller
2007-02-06 1:44 ` YOSHIFUJI Hideaki / 吉藤英明
2007-02-06 1:43 ` David Miller
2007-02-06 12:51 ` Neil Horman
2007-02-06 20:09 ` Neil Horman
2007-02-06 21:13 ` Vlad Yasevich
2007-02-07 20:55 ` Neil Horman
2007-02-07 21:19 ` Vlad Yasevich
2007-02-07 21:52 ` YOSHIFUJI Hideaki / 吉藤英明
2007-02-08 13:07 ` Neil Horman
2007-02-12 23:27 ` YOSHIFUJI Hideaki / 吉藤英明
2007-02-13 18:22 ` Neil Horman
2007-02-07 22:26 ` YOSHIFUJI Hideaki / 吉藤英明
2007-02-08 16:41 ` Neil Horman
2007-02-08 17:10 ` YOSHIFUJI Hideaki / 吉藤英明
2007-02-08 19:32 ` Neil Horman
2007-02-12 21:20 ` Neil Horman
2007-02-13 20:45 ` Neil Horman
2007-02-13 21:46 ` YOSHIFUJI Hideaki / 吉藤英明
2007-02-13 21:53 ` David Miller
[not found] ` <20070221.040259.60395625.yoshfuji@linux-ipv6.org>
[not found] ` <20070221.000222.71087924.davem@davemloft.net>
2007-02-21 8:15 ` YOSHIFUJI Hideaki / 吉藤英明
2007-02-21 9:30 ` David Miller
2007-02-21 13:37 ` Neil Horman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20070123205118.GC582@hmsreliant.homelinux.net \
--to=nhorman@tuxdriver.com \
--cc=davem@davemloft.net \
--cc=jmorris@namei.org \
--cc=kaber@coreworks.de \
--cc=kuznet@ms2.inr.ac.ru \
--cc=netdev@vger.kernel.org \
--cc=pekkas@netcore.fi \
--cc=yoshfuji@linux-ipv6.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.