diff options
author | Ghanan Gowripalan <ghanan@google.com> | 2019-11-12 14:02:53 -0800 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2019-11-12 14:09:43 -0800 |
commit | 5398530e45634b6f5ea4344d1a34b41cc8123457 (patch) | |
tree | 5201f9f48d30c8a27e4471bf41de90695a893d97 /pkg/sentry/syscalls/syscalls.go | |
parent | 57a2a5ea3359e0879f5e4cc40fdb9ad973c689a8 (diff) |
Discover on-link prefixes from Router Advertisements' Prefix Information options
This change allows the netstack to do NDP's Prefix Discovery as outlined by
RFC 4861 section 6.3.4. If configured to do so, when a new on-link prefix is
discovered, the routing table will be updated with a device route through
the nic the RA arrived at. Likewise, when such a prefix gets invalidated, the
device route will be removed.
Note, this change will not break existing uses of netstack as the default
configuration for the stack options is set in such a way that Prefix Discovery
will not be performed. See `stack.Options` and `stack.NDPConfigurations` for
more details.
This change reuses 1 option and introduces a new one that is required to take
advantage of Prefix Discovery, all available under NDPConfigurations:
- HandleRAs: Whether or not NDP RAs are processes
- DiscoverOnLinkPrefixes: Whether or not Prefix Discovery is performed (new)
Another note: for a NIC to process Prefix Information options (in Router
Advertisements), it must not be a router itself. Currently the netstack does not
have per-interface routing configuration; the routing/forwarding configuration
is controlled stack-wide. Therefore, if the stack is configured to enable
forwarding/routing, no router Advertisements (and by extension the Prefix
Information options) will be processed.
Tests: Unittest to make sure that Prefix Discovery and updates to the routing
table only occur if explicitly configured to do so. Unittest to make sure at
max stack.MaxDiscoveredOnLinkPrefixes discovered on-link prefixes are
remembered.
PiperOrigin-RevId: 280049278
Diffstat (limited to 'pkg/sentry/syscalls/syscalls.go')
0 files changed, 0 insertions, 0 deletions