| Age | Commit message (Collapse) | Author |
|---|
|
Add support for getting interface linklocal address. This is needed to
make sure an interface have a valid link local address and such address
is not TENTATIVE. With these info we can check if an interface is ready
to accept packets.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
|
This reverts commit 29c934d7ab98ca0b5da0e3757b885a1d3c19a2f4.
Replace with a better more safe implementation.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
|
With ba30afcfec0a26ce4bcd96ea4d687c498b0ba4df it was found that odhcpd
service are setup even if an interface had no connection and was not
running. The commit introduced the change but required more fixup for
the feature to work correctly.
The close_interface() remove the interface from the avl list and this
cause the interface to be missing later in the code flow.
The intention of the commit was to just disable the service and enable
them later when the interface is correctly set to running with the flag
IFF_RUNNING.
Change the logic and introduce a new function reload_servies() that will
check IFF_RUNNING and enable or disable odhcp services.
This function is called on odhcpd_reload() for each interface. In
odhcpd_reload() also restore the original pattern with calling
close_interface() only when the interface is not inuse for odhcp.
Also call reload_services() on the single interface when a RTM_NEWLINK
event is fired reacting to a link change of an odhcp interface and
enabling the services if IFF_RUNNING is set.
Fixes ba30afcfec0a ("config: skip interface setup if interface not IFF_RUNNING")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
|
If an interface is already init in the odhcpd avl tables, have_link_local
is not set to true with a link local addr set as get ipv6 addr is skipped.
Move checking for have_link_local outside get_addr to better track when
an interface is ready and have a link local addr for interface already
init in odhcpd avl tables.
Fixes: #197
Fixes: 7c0f603abc14 ("router: skip RA and wait for LINK-LOCAL to be assigned")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
|
|
This fix a specific and corner case when the following error and similar
is printed in the log:
Failed to send to ff02::1%br-lan (Address not available)
The cause for this was tracked down to the lack of the interface of a
configured LINK-LOCAL IPV6 address resulting in odhcpd_send() always
failing.
A LINK-LOCAL IPV6 address is assigned only after the interface has
carrier and is set to IFF_RUNNING and require some time for the address
to be assigned due to DAD logic.
In the case where an interface was just UP, odhcpd RA may fail since the
LINK-LOCAL IPV6 address still needs to be assigned as it still need to
be "trained". From the kernel view this is flagged in the IPV6 interface
address with the flag IFA_F_TENTATIVE, that means the address still
needs to be checked and follow DAD process.
This is only a transient problem and the DAD process is required only
once till the interface is not set DOWN.
To handle this, add some check to verify if the address has to be
checked and add an additional bool to flag if the interface have a
LINK-LOCAL assigned.
Skip sending RA if the interface still doesn't have finished the DAD
process and retry at the next RA.
A notice log is added to track this special case to track problematic
case and even more corner case.
Logic to check if interface have LINK-LOCAL are:
- When interface is setup, on scanning for the interface ipv6 address
check if at least one address is NOT in IFA_F_TENTATIVE state.
- With interface already up but with still no LINK-LOCAL react on the
RTM_NEWADDR event and set LINK-LOCAL if the addrs added by the event
is a LINK-LOCAL reflecting that the interface finally ended the DAD
process and have a correct address.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Acked-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
We currently setup odhcp service even if the interface is not running.
This is the case for bridge or specific interface that are flagged as UP
but have no carrier as nothing is connected to it.
This cause a similar error like:
Failed to send to ff02::1%br-lan (Address not available)
This is caused by the kernel assigning IPV6 address only when the
interface is set to IFF_RUNNING.
A LINK-LOCAL IPV6 address is required for odhcpd_send() to work or every
request will be rejected.
To fix this setup services only when interface is in IFF_RUNNING state.
When an interface change state, odhcpd is reloaded and the services are
correctly setup again.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Acked-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Silencing an error message without properly understanding why it occurs
is terrible practice. "I think this would be better served as debug."
doesn't inspire confidence the author actually understood what was going
on, so revert this commit.
This reverts commit 90d6cc9cd48a333b95604ff90f7ffe67fe14efe3.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
|
|
When there's no network cable connected to LAN, then odhcpd does this:
Tue Jan 24 18:32:04 2023 daemon.err odhcpd[2017]: Failed to send to
ff02::1%lan@br-lan (Address not available)
Tue Jan 24 18:32:20 2023 daemon.err odhcpd[2017]: Failed to send to
ff02::1%lan@br-lan (Address not available)
Tue Jan 24 18:32:36 2023 daemon.err odhcpd[2017]: Failed to send to
ff02::1%lan@br-lan (Address not available)
Tue Jan 24 18:32:52 2023 daemon.err odhcpd[2017]: Failed to send to
ff02::1%lan@br-lan (Address not available)
Accurate, but not very interesting. I think this would be better served
as debug.
Signed-off-by: Peter Naulls <peter@chocky.org>
|
|
We currently only check ra_default when an interface has valid
addresses. This results in ra_default being ignored in case we have an
interface with only link-local addresses. This effectively breaks the
use of value 2 for the ra_default parameter.
Fix this by always checking ra_lifetime, regardless of the interface
having public addresses or not.
Fixes: #11930
Fixes: 83e14f455817 ("router: advertise removed addresses as invalid in 3 consecutive RAs")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by:Hans Dedecker <dedeckeh@gmail.com>
|
|
We only set the RA lifetime to what is configured in UCI when there is a
default route and valid prefix. In any other case, we set it to 0. This
leads to confusion where people believe ra_lifetime is completely
ignored. In case there is a default route, but no valid prefix, a debug
message explains this, but if there is no default route, we silently
override ra_lifetime.
Add a debug message for the latter case, and explicitly mention
overriding ra_lifetime in both cases.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Don't add ARP entries to interfaces with IFF_NOARP, it causes
problems with for example WireGuard interfaces (which requires
this change to be usable with DHCPv4-over-DHCPv6).
Signed-off-by: Mikael Magnusson <mikma@users.sourceforge.net>
|
|
Use a hidden . prefixed temporary lease file instead of appending
'.tmp'. Dnsmasq is capable of scanning files/directories using inotify
to receive file change notifications and updating its view of hostname
ip address mapping without being SIGHUPped. Until dnsmasq v2.88 this
mechanism allows additions to hostnames, no deletions. dnsmasq v2.88
when released will understand how to remove mappings.
Unfortunately without this change dnsmasq sees odhcpd's temporary lease
file via inotify and it also sees the change when odhcpd atomically
renames the file from '.tmp' to the correct name.
dnsmasq excludes hidden '.' files from it's inotify scans, thus changing
odhcpd to use a hidden temporary lease file reduces load and makes
sense.
Also, while here, only rename the temporary file if it actually contains
different content.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
|
|
|
|
Support for DHCPv6 Option NTP (Option-56) and SNTP (Option-31),
DHCP Option NTP(Option-42) is implemented.
ntp list is supported for IPv4, IPv6 and FQDN.
Signed-off-by: Avinash Tekumalla <avinash.tekumalla@technicolor.com>
Signed-off-by: Alin Nastac <alin.nastac@technicolor.com>
Signed-off-by: Ashutosh Shandilya <ashutosh.shandilya@technicolor.com>
Signed-off-by: Vidya Rajagopal <vidya.rajagopal@technicolor.com>
|
|
On prefix removal, router advertisement daemon is supposed to send
advertise with an invalid PI entry (see RFC 7084 L-13).
Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
The hostname buffer is uninitialized if the client doesn't provide
DHCPV4_OPT_HOSTNAME. Use hostname from the assignment which is present if
a static lease contains the hostname or if the client provides one, and
the hostname is valid. It's also used in the ubus ipv4leases method.
Signed-off-by: Mikael Magnusson <mikma@users.sourceforge.net>
|
|
Add dhcpv6_hostid_len config option which controls the number
of bits in the host identifier of dynamically assigned IPv6
addresses. The default is 12 bits which is also the minimum.
The maximum is the whole interface identifier, i.e. 64 bits.
Allow up to 64 bit wide hostid in static leases.
Fixes #84 and #27.
Signed-off-by: Mikael Magnusson <mikma@users.sourceforge.net>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Preferred lifetime cannot be greater than the valid lifetime of an IA;
fix this by checking if the preferred lifetime does not exceed the
valid lifetime of an IA
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Fixes commit a12fcb3cee2d489b8648a2398812d7bed2f25faa which wrongly
removed setting ra_flags to 0
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
An invalid config setting for an interface lead to a flush of all config
settings of the related interface and thus made the interface unusable.
Change the behavior by logging config parse failures to syslog and
not flushing all config settings
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Let's catch compile errors by enabling extra compiler checks
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
src/odhcpd.c:143:2: error: format not a string literal, argument types not checked [-Werror=format-nonliteral]
snprintf(buf, sizeof(buf), sysctl_pattern, ifname, what);
^~~~~~~~
cc1: all warnings being treated as errors
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
The prefix_filter allows to select which prefix should be assigned
to clients if you have multiple prefixes on an interface.
Currently, the filter only applies to RAs and does work with
a dhcpv6 server.
This commit enables the filter also on dhcpv6.
Signed-off-by: Nick Hainke <vincent@systemli.org>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
"valid_lft" and "preferred_lft" are different. If the "preferred_lft"
is expired the prefix should be avoided in source prefix selection.
However, the interface is allowed to still receive downstream traffic.
preferred_lfetime:
Limit for preferred lifetime of a prefix
If you want the old behavior, you have to set preferred_lifetime to
the same value as leasetime.
Signed-off-by: Nick Hainke <vincent@systemli.org>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Remove the checks as they're leftovers of the old static lease
implementation which created assigments with assigned equal to 0
whihc is not the case anymore in the reworked static lease
implementation
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Make sure IA_PD prefixes for which no preferred and valid lifetimes
can be returned are included in the reply with a preferred and valid
lifetime to 0.
Therefore exclude IPv6 prefixes with an invalid prefix length as
well so IA_PD prefixes for which not a preferred/valid lifetime is
returned are included with a preferred and valid lifetime set to 0
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
When an IPv6 address change is triggered each PD assignment is checked
if it is still consistent with the updated IPv6 prefix list.
If not consistent anymore a reconfigure is triggered for the assignment
and a best effort is made to assign a new IA_PD prefix.
If it not possible anymore to assign an IA_PD prefix delete the PD
assignment now so it will result into a NO BINDING status code for the
given IA_PD in the DHCPv6 reply when the client tries to renew the IA_PD prefix.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Replace local mkdir_p implementation in favour of using mkdir_p now
added to libubox.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
|
Allows sharing leases between odhcpd instances running
in multiple hosts.
Signed-off-by: Santiago Piccinini <spiccinini@altermundi.net>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Adds the config option to set if ipv6 dns service is availiable on the
interface. In some cases the dns service may not be listening on the
ipv6 address of the interface, and thus should not be announced to clients.
Signed-off-by: Paizhuo Chen <cc@icpz.dev>
|
|
Applications (e.g. unbound) need a consistent view of the statefile;
therefore write all the lease info to a temporary file which is later
renamed to the configured statefile name
Suggested-by : John Fremlin <john@fremlin.org>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Mikael Magnusson <mikma@users.sourceforge.net>
|
|
Include the All_DHCP_Relay_Agents_and_Servers multicast address
in the option explicitly. It shouldn't be needed according
to RFC 7341 section 7.2 but ISC dhclient logs an error otherwise:
dhcp4-o-dhcp6-server: expecting at least 16 bytes; got 0
Signed-off-by: Mikael Magnusson <mikma@users.sourceforge.net>
|
|
Add support for DHCPv4-over-DHCPv6 (DHCP 4o6) Transport (RFC 7341).
Signed-off-by: Mikael Magnusson <mikma@users.sourceforge.net>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Mikael Magnusson <mikma@users.sourceforge.net>
|
|
The variable maxival contains the maximum time in seconds between
successive unsolicited Router Advertisement messages; RFC6275 defines
the Advertisement Interval option as the time in milliseconds.
Therefore convert maxival to milliseconds when populating the
Advertisement Interval option.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
GCC10 mandates the C++ one definition rule, which breaks on multiple
definitions of config. Add the appropriate extern declaration.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
(FS#3056)
odhcpd includes RIO RA options according to requirement L3 in RFC7084.
However if the delegated prefix length received on the wan is equal to the
downstream delegated prefix length on the Lan this may pollute the
routing table of type C hosts as the RIO routing entry can take
precedence of the PIO routing entry meaning all traffic for the on link
hosts will go via the router iso direct on link communication.
If the traffic is dropped in the router hosts are unreachable; therefore
don't include RIO options with prefixes and prefix length identical to
those in a PIO RA option
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Since commit 6db312a698e920ff61505ef1f42469880829774d the preferred and
valid lifetimes of the addresses/prefixes is based on the configured leasetime;
as a result the displayed preferred and valid lifetimes need to be
calculated based on the assignment lifetime as this is set to the lowest
valid lifetime of the addresses/prefixes.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
SYS_clock_gettime is gone with musl 1.2.0. Switched to the function.
Also fixed two format strings that fail as time_t is 64-bit with 1.2.0.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
|
Further align the code to use DHCPv6 assignment flags to distinguish
between prefix delegation and non temporary address assignments
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Don't set the valid lifetime to infinite for static assignments
but rather set it to the IA lifetime given to the client.
This makes it possible to display the leasetime for static assigments
and simplifies the code in several places
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Don't set the valid lifetime to infinite for static assignments
but rather set it to the leasetime given to the client.
This makes it possible to display the leasetime for static assigments
and simplifies the code in several places
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Allow to set the preferred/valid lifetimes of IA_NA/IA_PD options based
on the configured dhcp leasetime.
DHCP leqasetime will be used to set the preferred/valid lifetimes in the
IA_NA/IA_PD options unless the preferred/valid lifetimes of the IPv6
address are smaller then the DHCP leasetime.
This will avoid IA_NA/IA_PD options being sent with infinite lifetimes
due to the IPv6 address having infinite preferred/valid lifetimes
like IPv6 ULA addresses.
While at it rename dhcpv4_leasetime into dhcp_leasetime as the leasetime
is used both for DHCPv4 and DHCPv6
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Simplify the code by using specific flags which identify the assignment
either as a DHCPv6 PD or NA assignment. This allows to remove implicit
checks for PD and NA assignments based on the value of the assignment
length parameter.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Remove prefix delegation routes as well in free_dhcpv6_assignment when
cleaning up the assignment resources
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
As the assignment struct holds a pointer to the interface struct
use this one in apply_lease iso passing interface as a parameter
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Fix endian issue introduced in commit 91a28e4 by using
ND_NA_FLAG_SOLICITED defined in netinet/icmp6.h
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
Fix potential infinite loops by checking the return code of
nl_send_auto_complete; if nl_send_auto_complete fails pending
will always have the value 1 as the finish callback will not
be called resulting into an infinite loop
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
