Remove unsolicited unicast RAs, adjust intervals
authorSteven Barth <steven@midlink.org>
Tue, 14 Jul 2015 15:56:38 +0000 (17:56 +0200)
committerSteven Barth <steven@midlink.org>
Tue, 14 Jul 2015 15:56:38 +0000 (17:56 +0200)
src/config.c
src/ndp.c
src/odhcpd.c
src/odhcpd.h
src/router.c
src/router.h

index f9ad3b8bc10a73bd1d44d8ae325ae09ff1c2a667..7d870f129b27047a8eb8bb57c805908aee3f842f 100644 (file)
@@ -40,6 +40,7 @@ enum {
        IFACE_ATTR_RA_OFFLINK,
        IFACE_ATTR_RA_PREFERENCE,
        IFACE_ATTR_RA_ADVROUTER,
+       IFACE_ATTR_RA_MAXINTERVAL,
        IFACE_ATTR_PD_MANAGER,
        IFACE_ATTR_PD_CER,
        IFACE_ATTR_NDPROXY_ROUTING,
@@ -74,6 +75,7 @@ static const struct blobmsg_policy iface_attrs[IFACE_ATTR_MAX] = {
        [IFACE_ATTR_RA_OFFLINK] = { .name = "ra_offlink", .type = BLOBMSG_TYPE_BOOL },
        [IFACE_ATTR_RA_PREFERENCE] = { .name = "ra_preference", .type = BLOBMSG_TYPE_STRING },
        [IFACE_ATTR_RA_ADVROUTER] = { .name = "ra_advrouter", .type = BLOBMSG_TYPE_BOOL },
+       [IFACE_ATTR_RA_MAXINTERVAL] = { .name = "ra_maxinterval", .type = BLOBMSG_TYPE_INT32 },
        [IFACE_ATTR_NDPROXY_ROUTING] = { .name = "ndproxy_routing", .type = BLOBMSG_TYPE_BOOL },
        [IFACE_ATTR_NDPROXY_SLAVE] = { .name = "ndproxy_slave", .type = BLOBMSG_TYPE_BOOL },
 };
@@ -515,6 +517,9 @@ int config_parse_interface(void *data, size_t len, const char *name, bool overwr
        if ((c = tb[IFACE_ATTR_RA_ADVROUTER]))
                iface->ra_advrouter = blobmsg_get_bool(c);
 
+       if ((c = tb[IFACE_ATTR_RA_MAXINTERVAL]))
+               iface->ra_maxinterval = blobmsg_get_u32(c);
+
        if ((c = tb[IFACE_ATTR_RA_PREFERENCE])) {
                const char *prio = blobmsg_get_string(c);
 
index d5e9a398a3f87958e72c3cbbafb2b5de937127af..d1683b9a90f84fd0b6b9f6c6015ac0082ac2ebee 100644 (file)
--- a/src/ndp.c
+++ b/src/ndp.c
@@ -324,11 +324,6 @@ static void handle_rtnetlink(_unused void *addr, void *data, size_t len,
                if (!iface)
                        continue;
 
-               // Keep-alive neighbor entries for RA sending
-               if (nh->nlmsg_type == RTM_DELNEIGH && !(ndm->ndm_state & NUD_FAILED) &&
-                               addr && IN6_IS_ADDR_LINKLOCAL(addr) && iface->ra == RELAYD_SERVER)
-                       ping6(addr, iface);
-
                // Address not specified or unrelated
                if (!addr || IN6_IS_ADDR_LINKLOCAL(addr) ||
                                IN6_IS_ADDR_MULTICAST(addr))
index c4115424e73bd850c57b9b00eef950162372d5f0..5774a4f5d399006bb2a2b60df219fde88c6cfdc9 100644 (file)
@@ -188,61 +188,6 @@ ssize_t odhcpd_send(int socket, struct sockaddr_in6 *dest,
 }
 
 
-int odhcpd_iterate_interface_neighbors(const struct interface *iface,
-               void(*cb_neigh)(const struct in6_addr *addr,
-                               const struct interface *iface, void *data), void *data)
-{
-       struct {
-               struct nlmsghdr nhm;
-               struct ndmsg ndm;
-       } req = {{sizeof(req), RTM_GETNEIGH, NLM_F_REQUEST | NLM_F_DUMP,
-                       ++rtnl_seq, 0}, {AF_INET6, 0, 0, iface->ifindex, 0, 0, 0}};
-
-       if (send(rtnl_socket, &req, sizeof(req), 0) < (ssize_t)sizeof(req))
-               return -1;
-
-       uint8_t buf[8192];
-       ssize_t len = 0;
-
-       for (struct nlmsghdr *nhm = NULL; ; nhm = NLMSG_NEXT(nhm, len)) {
-               while (len < 0 || !NLMSG_OK(nhm, (size_t)len)) {
-                       len = recv(rtnl_socket, buf, sizeof(buf), 0);
-                       nhm = (struct nlmsghdr*)buf;
-                       if (len < 0 || !NLMSG_OK(nhm, (size_t)len)) {
-                               if (errno == EINTR)
-                                       continue;
-                               else
-                                       return -1;
-                       }
-               }
-
-               if (nhm->nlmsg_type != RTM_NEWNEIGH)
-                       break;
-
-               struct ndmsg *ndm = NLMSG_DATA(nhm);
-               if (ndm->ndm_ifindex != iface->ifindex ||
-                               !(ndm->ndm_state & (NUD_STALE | NUD_REACHABLE | NUD_PERMANENT)))
-                       continue;
-
-               struct rtattr *rta = (struct rtattr*)&ndm[1];
-               size_t alen = NLMSG_PAYLOAD(nhm, sizeof(*ndm));
-
-               while (RTA_OK(rta, alen)) {
-                       if (rta->rta_type == NDA_DST &&
-                                       RTA_PAYLOAD(rta) == sizeof(struct in6_addr)) {
-                               cb_neigh(RTA_DATA(rta), iface, data);
-                               break;
-                       } else {
-                               rta = RTA_NEXT(rta, alen);
-                       }
-               }
-
-       }
-
-       return 0;
-}
-
-
 // Detect an IPV6-address currently assigned to the given interface
 ssize_t odhcpd_get_interface_addresses(int ifindex,
                struct odhcpd_ipaddr *addrs, size_t cnt)
index 729b6291e70e5725b9e1b9496bfddeb1a3ab2fe5..ab24674e5f152c0e301333dbaf04160b2c3acbb6 100644 (file)
@@ -143,6 +143,7 @@ struct interface {
        int default_router;
        int managed;
        int route_preference;
+       int ra_maxinterval;
 
        // DHCPv4
        struct in_addr dhcpv4_start;
@@ -203,10 +204,6 @@ void odhcpd_hexlify(char *dst, const uint8_t *src, size_t len);
 int odhcpd_bmemcmp(const void *av, const void *bv, size_t bits);
 void odhcpd_bmemcpy(void *av, const void *bv, size_t bits);
 
-int odhcpd_iterate_interface_neighbors(const struct interface *iface,
-               void(*cb_neigh)(const struct in6_addr *addr,
-                               const struct interface *iface, void *data), void *data);
-
 int config_parse_interface(void *data, size_t len, const char *iname, bool overwrite);
 
 #ifdef WITH_UBUS
index a66f65f3d4a7931fa8d709cd47e62f9fd5190e10..e3a9aa9747ba44c6e93d4c6ee1d6c3b3a47d7815 100644 (file)
@@ -206,20 +206,6 @@ static bool parse_routes(struct odhcpd_ipaddr *n, ssize_t len)
        return found_default;
 }
 
-// Unicsat RAs
-static void send_neigh_ra(const struct in6_addr *addr,
-               const struct interface *iface, void *data)
-{
-       struct sockaddr_in6 dest = {
-               .sin6_family = AF_INET6,
-               .sin6_addr = *addr,
-               .sin6_scope_id = iface->ifindex,
-       };
-       if (IN6_IS_ADDR_LINKLOCAL(addr))
-               odhcpd_send(router_event.uloop.fd, &dest, data, RA_IOV_LEN, iface);
-}
-
-
 // Router Advert server mode
 static uint64_t send_router_advert(struct interface *iface, const struct in6_addr *from)
 {
@@ -258,7 +244,8 @@ static uint64_t send_router_advert(struct interface *iface, const struct in6_add
        // If not currently shutting down
        struct odhcpd_ipaddr addrs[RELAYD_MAX_PREFIXES];
        ssize_t ipcnt = 0;
-       uint64_t maxpreferred = 0;
+       uint64_t minvalid = UINT64_MAX;
+       uint64_t maxvalid = 0;
 
        // If not shutdown
        if (iface->timer_rs.cb) {
@@ -267,12 +254,10 @@ static uint64_t send_router_advert(struct interface *iface, const struct in6_add
 
                // Check default route
                if (parse_routes(addrs, ipcnt) || iface->default_router > 1)
-                       adv.h.nd_ra_router_lifetime =
-                                       htons(3 * MaxRtrAdvInterval);
+                       adv.h.nd_ra_router_lifetime = 1;
        }
 
        // Construct Prefix Information options
-       bool have_public = false;
        size_t cnt = 0;
 
        struct in6_addr dns_pref = IN6ADDR_ANY_INIT, *dns_addr = &dns_pref;
@@ -284,8 +269,8 @@ static uint64_t send_router_advert(struct interface *iface, const struct in6_add
                if (addr->prefix > 96)
                        continue; // Address not suitable
 
-               if (addr->preferred > MaxPreferredTime)
-                       addr->preferred = MaxPreferredTime;
+               if (addr->preferred > MaxValidTime)
+                       addr->preferred = MaxValidTime;
 
                if (addr->valid > MaxValidTime)
                        addr->valid = MaxValidTime;
@@ -305,13 +290,16 @@ static uint64_t send_router_advert(struct interface *iface, const struct in6_add
                        p = &adv.prefix[cnt++];
                }
 
-               if ((addr->addr.s6_addr[0] & 0xfe) != 0xfc && addr->preferred > 0) {
-                       have_public = true;
+               if (addr->preferred > 0) {
+                       if (minvalid > 1000ULL * addr->valid)
+                               minvalid = 1000ULL * addr->valid;
 
-                       if (maxpreferred < 1000 * addr->preferred)
-                               maxpreferred = 1000 * addr->preferred;
+                       if (maxvalid < 1000ULL * addr->valid && (iface->default_router ||
+                                       (addr->addr.s6_addr[0] & 0xfe) != 0xfc))
+                               maxvalid = 1000ULL * addr->valid;
                }
 
+
                odhcpd_bmemcpy(&p->nd_opt_pi_prefix, &addr->addr,
                                (iface->ra_advrouter) ? 128 : addr->prefix);
                p->nd_opt_pi_type = ND_OPT_PREFIX_INFORMATION;
@@ -333,7 +321,7 @@ static uint64_t send_router_advert(struct interface *iface, const struct in6_add
                }
        }
 
-       if (!have_public && !iface->default_router && adv.h.nd_ra_router_lifetime) {
+       if (maxvalid && !iface->default_router && adv.h.nd_ra_router_lifetime) {
                syslog(LOG_WARNING, "A default route is present but there is no public prefix "
                                "on %s thus we don't announce a default route!", iface->ifname);
                adv.h.nd_ra_router_lifetime = 0;
@@ -434,20 +422,23 @@ static uint64_t send_router_advert(struct interface *iface, const struct in6_add
 
        // Calculate periodic transmit
        int msecs = 0;
-       uint32_t maxival = MaxRtrAdvInterval * 1000;
-       uint32_t minival = MinRtrAdvInterval * 1000;
+       uint32_t maxival = iface->ra_maxinterval * 1000;
+       uint32_t minival;
+
+       if (maxival < 4000 || maxival > MaxRtrAdvInterval * 1000)
+               maxival = MaxRtrAdvInterval * 1000;
+
+       if (minvalid < maxival / 3) {
+               maxival = minvalid / 3;
 
-       if (maxpreferred > 0 && maxival > maxpreferred / 2) {
-               maxival = maxpreferred / 2;
                if (maxival < 4000)
                        maxival = 4000;
-
-               if (maxival >= 9000)
-                       minival = maxival / 3;
-               else
-                       minival = (maxival * 3) / 4;
        }
 
+       minival = (maxival * 3) / 4;
+       if (adv.h.nd_ra_router_lifetime)
+               adv.h.nd_ra_router_lifetime = htons(maxvalid);
+
        odhcpd_urandom(&msecs, sizeof(msecs));
        msecs = (labs(msecs) % (maxival - minival)) + minival;
 
@@ -468,8 +459,6 @@ static uint64_t send_router_advert(struct interface *iface, const struct in6_add
 
        if (from && !IN6_IS_ADDR_UNSPECIFIED(from))
                dest.sin6_addr = *from;
-       else
-               odhcpd_iterate_interface_neighbors(iface, send_neigh_ra, iov);
 
        odhcpd_send(router_event.uloop.fd,
                        &dest, iov, ARRAY_SIZE(iov), iface);
index 1e8649cfc114cba59365e6283f5cbec604e7da4b..db8ab9dc6d41d4d9e512482f28630d0e63098bb2 100644 (file)
@@ -30,10 +30,8 @@ struct icmpv6_opt {
        (void*)(opt + opt->len) <= (void*)(end); opt += opt->len)
 
 
-#define MaxRtrAdvInterval 600
-#define MinRtrAdvInterval (MaxRtrAdvInterval / 3)
-#define MaxValidTime 7200
-#define MaxPreferredTime  (3 * MaxRtrAdvInterval)
+#define MaxRtrAdvInterval 1800
+#define MaxValidTime 65535
 
 #define ND_RA_FLAG_PROXY       0x4
 #define ND_RA_PREF_HIGH        (1 << 3)