Age | Commit message (Collapse) | Author |
|
A ping for an IPv6 address not present on an interface will generate a
netlink neighbor message with as status fail; launching again an IPv6
ping on other proxy enabled interfaces will create a cascade effect of
netlink neighbor messages with as status fail which in its turn will
again trigger an IPv6 ping on proxy enabled interfaces ...
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Proxy neighbor entries were not created for proxy enabled interfaces
if the first interface was not enabled
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Create assignment for unknown identity association in rebind messages which is
equivalent to the handling of identity association for solicit/request messages.
However don't consider identity associations in rebind messages as a request so
that addresses/prefixes which are not apropriate for the link are returned with
lifetimes of 0.
This aligns with the behavior of the ISC DHCPv6 server.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Don't return anymore the link local IPv6 address as DNS IPv6 address
since different OS implementations (e.g. android, ...) cannot handle
a link local IPv6 address as DNS address.
IPv6 DNS address selection is reworked as follows :
-Consider all global/ULA IPv6 address having a valid lifetime
-Give preference to global/ULA IPv6 addresses being not deprecated
-Give preference to ULA IPv6 addresses over IPv6 global addresses
-Give preference to the IPv6 address with the longest preferred lifetime in
its selected category (ULA or global)
-If no global/ULA IPv6 address is present use the IPv6 link local address
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Don't reset the final 32 bit IPv6 host suffix when storing the IPv6 addresses
in the interface structure. This will allow exact lookup aand return of IPv6
addresses stored in the interface structure when needed.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Make the code more logical by moving the IPv6 address dump logic into the
different protocol interface enable handlers so it's clear which protocols
require interface IPv6 address tracking.
At the same time restructure the IPv6 address dump logic so less IPv6 address
netlink dumps are created.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Add extra LOG_DEBUG syslog tracing for trouble shooting
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Check the lockf return value to fix the following warning/error:
/home/fainelli/dev/openwrt/trunk/build_dir/target-mipsel-linux-gnu_glibc/odhcpd-2017-02-21-1b630f8b/src/dhcpv6-ia.c: In function 'dhcpv6_write_statefile':
/home/fainelli/dev/openwrt/trunk/build_dir/target-mipsel-linux-gnu_glibc/odhcpd-2017-02-21-1b630f8b/src/dhcpv6-ia.c:246:8: error: ignoring return value of 'lockf', declared with attribute warn_unused_result [-Werror=unused-result]
lockf(fd, F_LOCK, 0);
^
cc1: all warnings being treated as errors
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
|
|
Don't set prefix valid lifetime to 0 in case the preferred lifetime
equals 0 and valid lifetime gets smaller than 7200.
In corner cases it leads to router lifetime being set although no
prefixes are announced with a valid lifetime different from 0.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Add config option ra_useleasetime which allows the RA prefix lifetime
being set to the leasetime in case the valid and/or preferred prefix
lifetime is bigger than the configured leasetime.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Set dhcp leasetim to 43200 seconds for all interfaces independant
if dhcpv4 is enabled for an interface. Minimum allowed leasetime
is 60 seconds when parsing leastime configuration; this allows to
clean up the awkward leasetime checks on different places in the code
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Add support for uci parameters ra_mininterval and ra_lifetime as described
in RFC4861 paragraph 6.2.1.
Variable ra_mininterval allows to configure the minimum interval time
between unsolicited router advertisement messages; default value is
200 seconds. The minimum allowed value is 4 seconds while the maximum
value is limited to 0.75 of the maximum interval time.
The calculation of the maximum interval time between unsolicited
router advertisement messages has been reworked. The default value is 600
seconds as specified in RFC4861; if the maximum interval time exceeds
0.33 * the minimal valid lifetime of all IPv6 prefixes it will be limited
to 0.33 * the minimal valid lifetime of all IPv6 prefixes
Variable ra_lifetime allows to configure the Router Lifetime field
in the router advertisement messages; the value is either 0 or a value
between the maximum interval time and 9000 seconds. If the router lifetime
is smaller than the RA maximum interval it will be set equal to the RA
maximum interval time.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
This reverts commit 62ea54f5db4c636710781056541c4b85d043bef8.
|
|
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Deregister netlink event socket in case of error different
from ENOBUFS or failure to set netlink rx buffer size
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Start with a netlink receive buffersize of 130k for the netlink event socket;
double the netlink receive buffer size in case an ENOBUFS is reported.
Also align function naming and its parameters.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Rework the IPv6 relay logic to make it more robust by making
use of libnltiny to process netlink messages.
At the same time reimplement the IPv6 relay finite state machine
to make the relay logic less error prone
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Interface defaults are whiped when clean interface is executed
resulting into loss of default behavior for the ndproxy_routing
and ra_management uci parameters
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Make adding and removing of routes via apply_lease dependant
on the assignment bound state as it makes no sense to delete
routes for an assignment which is not bound.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Use libnl-tiny to construct and process netlink messages when
manipulating IPv6 routes and fetching IPv6 addresses.
This fixes lingering netlink error messages on the netlink socket
in case route deletion failed causing fetching of IPv6 addresses
to be aborted and odhcpd faultly assuming no IPv6 addresses being
present on the interface.
|
|
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Rework the IPv6 address dump logic to make it more robust
and generate syslog traces in case of error situations
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Add extra syslog tracing for trouble shooting
and make some syslog traces more self explaining
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
This reverts commit 70fbf936839e02d526929be06ecba3059f78be3c.
|
|
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Rework prio of syslog messages allowing to filter out the relevant messages
by setting the correct log level
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
ia_reconf is only set but nowhere used; so let's remove it ...
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
In case a netlink route event is received for a default route
netlink data attributes were faulty processed as neigbor netlink
data. Fix this by not processing any netlink attribute for
any route event.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Function append_reply filters out addresses having invalid prefix length
when constructing prefixes being delegated to a client.
Now also filter out addresses with an invalid prefix length when writing
the delegated prefixes in the statefile and during logging of the delegated
prefixes.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Fix assignment dereference by dhcpv6_log in case
the assignment is freed when nothing has been
assigned.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
DHCPv6 client
Fix displaying IPv6 addresses which were not assigned to a DHCPv6 client
Clean up the code by using macro ADDR_ENTRY_VALID_IA_ADDR on different
places to align the checks.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
The odhcpd documentation currently implies that "option ignore 1" in a section
of type "dhcp" will disable any services on the referenced interface while the
code actually ignores the setting when initializing referenced interfaces.
This commonly leads to situations where users think that "option disabled"
will prevent any server activity on a given interface while in reality odhcpd
effectively acts as rogue DHCPv6 server in its default configuration.
To fully inhibit any activity, one has to specify both "option ignore 1" as
well as "option ra disabled", "option ndp disabled" and
"option dhcpv6 disabled" which is highly counter intuitive at best.
A previous commit (5f425ed Respect interface "ignore" settings as documented.)
attempted to address the problem by observing the value of i->ignore instead
of unconditionally enabling all protocols but broke the ability to use DHCPv6
relay mode while having DHCPv4 disabled.
This patch changes ...
- the enabling of services on an interface to use the value of the ignore
option as default choice instead of hardcoding "true"
- the options "ra", "ndp", "dhcpv4" and "dhcpv6" to take precedence over the
default "ignore" state to allow selectively enabling services on ignored
interfaces
- the README to clarify the fact that "ra", "ndp", "dhcpv4" and "dhcpv6" can
now override "option ignore"
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Acked-by: Karl Palsson <karlp@etactica.com>
Tested-by: Stijn Tintel <stijn@linux-ipv6.be>
Tested-by: Hans Dedecker <dedeckeh@gmail.com>
|