| Age | Commit message (Collapse) | Author |
|---|
|
This avoids creating invalid routes in cases where another daemon is
handling local routes for an interface, e.g. on mesh interfaces
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
Check if a mac address is actually present when generating an eui64 based
IPv6 address; in case of failure bail out.
At the same time make sure the active mac address is used as input for the
eui64 based IPv6 address and guarantee IPv6 prefix address generation is
based on the actual config by resetting the IPv6 prefix address in the
assignment structure when it gets deleted.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Don't generate an IPv6 prefix address without taking into account the
interface state. In case eui64 is configured to generate the ifaceid this
could fail as the layer3 device mac address could not yet be available if
the interface is not yet in setup or up state.
While at it remove the interface metric assignment as this is already done
by the function interface_set_route_info.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Commit 2f31bff38d4dc2f36006ded6b8a7d039cb569eaa added interface routing
table support; as a result for IPv6 the prefix route linked to the IPv6
address is added to the specified IPv6 interface routing table.
In order to route traffic having as destination the IPv6 prefix a policy
rule is required using the prefix destination as policy so the traffic is
passed to the correct routing table.
The IPv6 prefix address logic was not installing this policy rule effectively
breaking routing when trying to reach a global or ULA IPv6 address in the
lan from either the device or another wan device.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Add config support support for point-to-point IPv4 addresses by providing
the uci parameter ptpaddr. This allows to support a gateway being in a
different subnet than the assigned IP by modeling the local IP having a
point-to-point address.
This is similar to the point-to-point IPv4 address support already present
for the protocol handlers.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Tested-by: Stijn Tintel <stijn@linux-ipv6.be>
|
|
Commit 235a02424c3ab1b59308895c4f00395dacf2557c adds support for IPv6 link-local
DNS server by appending the device name; however the interface ifname parameter
does not always contain the layer 3 device name (e.g it can hold the aliased
interface name)
Fix this by passing the device name of the referenced layer 3 device.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Trigger interface update event when IPv6 prefix lifetime changes by setting
the prefix indicator flag to inform external subsystems (eg hnetd) about IPv6
prefix lifetime changes.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
In case of prefix delegation prefixes are assigned to one or more
configured downstream interfaces. The delegated prefix length in
combination with the assignment length of the downstream interfaces
determines the number of subnets which can be allocated from the
delegated prefix.
The interface ip6weight parameter allows to prioritize the allocation
of subnets to interfaces in case of multiple configured downstream
interfaces.
The order of interface prefix assignment from a delegated prefix is
based on the following parameters:
- Primary key is prefix assignment based on the configured interface ip6hint
- Secondary key is the requested downstream interface prefix length,
interfaces configured with the smallest ip6hint will be assigned first
- Third key is the assigned interface ip6weight in case of equal prefix
assignment length; interfaces having the highest ip6weight will be
assigned first
- Finally the alphabetical order of the interfaces in case of equal
ip6weight
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [cleanup]
|
|
Route proto support is usefull when using route distribution
via a routing daemon.
The route proto parameter can be specified via the route proto
uci config parameter, it can hold a numerical value or the string
values unspec, kernel, boot, static or a string present in
/etc/iproute2/rt_protos.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Interface name servers when being written to resolv.conf.auto are sorted
based on the following parameters:
-Primary sorting key is interface dns_metric; name servers having lowest
interface dns_metric are listed first
-Secondary sorting key is interface metric; in case of equal interface
dns_metric name servers having lowest interface metric are listed first
-Finally alphabetical order of the interface names in case of equal
interface dns_metric and metric
In case the resolver queries the multiple servers in the order
listed; sorting is usefull in the following scenarios :
-Name resolving over a main and backup interface
-Assign priority to IPv6 name servers over IPv4 or vice versa
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Prevent external routes and address being added or deleted when changing
the state of the interface ip settings
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
After commit ebd3d8417c7a ("interface: fix moving interface address routes to
the table specified by ip[46]table"), it is no longer possible for clients on
LAN to reach machines on the WAN.
This patch restores support for clients on LAN reaching clients on WAN by using
rules. The rules are placed after the address rules, in order to make sure that
traffic originating from the router is routed correctly.
Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
|
|
interface_ip_set_enabled() is usually called two times right after one another,
once to handle config_ip and once to handle proto_ip. As long as
ip->iface->l3_dev.dev is set, the local/source policy rules are updated.
This value is in several cases set on both config_ip and proto_ip, causing the
rules to be added multiple time. The reason is that the kernel does not respect
the NLM_F_* flag for rules. In other words, the rule state has to be managed by
the routing daemon.
Since the local/source policy rules are bound to iface, this commit solves the
problem by adding a flag to interface which stores the current rule state. The
flag follows the enabled-paramter passed to interface_ip_set_enabled(), similar
to route-> and addr->enabled. The flag breaks the alignment of the interface
struct, but based on earlier commits this seems to be ok.
I have tested the patch in different configurations and have not found any
regression.
Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
|
|
handling for prefixes
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
|
|
When the kernel subnet route has to be replaced, the cleanup call needs
to match the properties of the replacement route exactly, mainly the
metric and the routing table.
Fix handling this by embedding the device_route for the subnet in the
device_addr struct and using it in the cleanup path.
This fixes issues on config reload with changes to the routing table
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
|
|
ip[46]table
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
|
|
|
|
|
|
|
|
A /31-addressed interface requires a broadcast address of 255.255.255.255,
because there is no room for a proper broadcast address. Without this,
any packet destinated to the other end of the link is sent as broadcast,
which is incorrect.
For consistency with the Linux kernel, /32-addressed interfaces are
treated in the same way.
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
|
|
Comparing valid_until will always return false as the value is updated for each
route update message. This causes IPv6 routes to jump more around than House of
Pain, which might have undesirable consequences for user-space and user-space
applications.
Removing the valid_until comparison when setting keep fixes this problem, and
seems to have no side-effects. I am no IPv6 expert, but I see that valid of the
route is updated correctly and route is deleted if I block the route update
messages.
Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
|
|
Routes are now inserted in the correct routing table when interface ip4table and/or
ip6table was changed during interface_change_config
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Prevents the creation of identical address and network IP rules
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Remove ip loop policy rules as workaround for the kernel using unspecified address
to lookup locally originating traffic is fixed by http://lkml.iu.edu/hypermail/linux/kernel/1505.0/03094.html
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Steven Barth <steven@midlink.org>
|
|
Signed-off-by: Steven Barth <steven@midlink.org>
|
|
Signed-off-by: Steven Barth <steven@midlink.org>
|
|
The ip6ifaceid UCI interface parameter makes the interface identifier of the delegated IPv6 address configurable.
The parameter can have the following values:
eui64 : Interface identifier is generated from the interface's MAC address
random : Interface identifier is generated randomly
fixed value : Interface identifier is a fixed value (eg ::1:2)
The latter is the default value with a fixed value of ::1 for backwards compatibility
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Joeri Barbarien <joeri.barbarien@gmail.com>
|
|
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Steven Barth <steven@midlink.org>
|
|
on-link routes for prefixes bigger than /64 make no sense and
might confuse some users
Signed-off-by: Steven Barth <steven@midlink.org>
|
|
Fix clear_if_addr for IPv6 addresses as an incorrect number of bytes were memset due to wrong sizeof argument
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Use system_is_default_rt_table() to test whether the resolved routing table
is the default one, in this case do not apply the table attribute to the
route object.
This is needed for backwards compatibility - only routes using a non-default
table shall report it in the ifstatus output.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Patch adds route type support in netifd by means of the route parameter type.
By default the route type was unicast; the parameter adss support for local/broadcast/multicast/unicast routes which will be put into the appropriate routing table.
If route type parameter is unset the route type will be unicast as before.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Steven Barth <steven@midlink.org>
|
|
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Not necessary since route table parameter is used as key element in route_cmp
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
|
|
Allows to add identical routes in different routing tables
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
No need to install policy routes if the prefix address cannot be installed; clean up of the policy routes
and the prefix address only needs to happen when the prefix assignment was active.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
interface name must be added to Link-local IPv6
DNS servers, otherwise they are unusable.
Signed-off-by: Ulrich Weber <uw@ocedo.com>
|
|
Interface metric needs to be assigned to the route metric parameter at route creation time. Otherwise if the interface metric is different from 0 route_cmp will wrongly conclude the routes are different.
In this case the route will be added/deleted and could end up with the route missing in the kernel depending on the add/delete order.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Actually check netlink return values and remember failure.
Signed-off-by: Steven Barth <steven@midlink.org>
|
|
|
|
|
|
|
|
|
