From: James Simmons <jsimmons@infradead.org>
To: Andreas Dilger <adilger@whamcloud.com>,
Oleg Drokin <green@whamcloud.com>, NeilBrown <neilb@suse.de>
Cc: Lustre Development List <lustre-devel@lists.lustre.org>
Subject: [lustre-devel] [PATCH 08/20] lnet: only use PUBLIC IP6 addresses for connections
Date: Fri, 14 Oct 2022 17:37:59 -0400 [thread overview]
Message-ID: <1665783491-13827-9-git-send-email-jsimmons@infradead.org> (raw)
In-Reply-To: <1665783491-13827-1-git-send-email-jsimmons@infradead.org>
From: Mr NeilBrown <neilb@suse.de>
IPv6 can have temporary address. These can be used for short-lives
outgoing connections to increase privacy. They are not suitable for
long-term connections.
So request that only PUBLIC IPv6 addresses are used when making a
connection.
WC-bug-id: https://jira.whamcloud.com/browse/LU-10391
Lustre-commit: cd3b89be221b4c5b6 ("LU-10391 lnet: only use PUBLIC IP6 addresses for connections")
Signed-off-by: Mr NeilBrown <neilb@suse.de>
Reviewed-on: https://review.whamcloud.com/c/fs/lustre-release/+/48571
Reviewed-by: jsimmons <jsimmons@infradead.org>
Reviewed-by: Frank Sehr <fsehr@whamcloud.com>
Reviewed-by: Serguei Smirnov <ssmirnov@whamcloud.com>
Reviewed-by: Oleg Drokin <green@whamcloud.com>
Signed-off-by: James Simmons <jsimmons@infradead.org>
---
net/lnet/lnet/lib-socket.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/net/lnet/lnet/lib-socket.c b/net/lnet/lnet/lib-socket.c
index 3a99cb69f66f..01f375ed96a3 100644
--- a/net/lnet/lnet/lib-socket.c
+++ b/net/lnet/lnet/lib-socket.c
@@ -379,6 +379,17 @@ lnet_sock_connect(int interface, int local_port,
if (IS_ERR(sock))
return sock;
+ /* Avoid temporary address, they are bad for long-lived
+ * connections such as lustre mounts.
+ * RFC4941, section 3.6 suggests that:
+ * Individual applications, which have specific
+ * knowledge about the normal duration of connections,
+ * MAY override this as appropriate.
+ */
+ if (peeraddr->sa_family == PF_INET6)
+ ip6_sock_set_addr_preferences(sock->sk,
+ IPV6_PREFER_SRC_PUBLIC);
+
rc = kernel_connect(sock, peeraddr, sizeof(struct sockaddr_in6), 0);
if (!rc)
return sock;
--
2.27.0
_______________________________________________
lustre-devel mailing list
lustre-devel@lists.lustre.org
http://lists.lustre.org/listinfo.cgi/lustre-devel-lustre.org
next prev parent reply other threads:[~2022-10-14 21:38 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-10-14 21:37 [lustre-devel] [PATCH 00/20] lustre: backport OpenSFS work as of Oct 14, 2022 James Simmons
2022-10-14 21:37 ` [lustre-devel] [PATCH 01/20] lustre: ptlrpc: protect rq_repmsg in ptlrpc_req_drop_rs() James Simmons
2022-10-14 21:37 ` [lustre-devel] [PATCH 02/20] lustre: obdclass: set OBD_MD_FLGROUP for ladvise RPC James Simmons
2022-10-14 21:37 ` [lustre-devel] [PATCH 03/20] lustre: obdclass: free inst_name correctly James Simmons
2022-10-14 21:37 ` [lustre-devel] [PATCH 04/20] lustre: osc: take ldlm lock when queue sync pages James Simmons
2022-10-14 21:37 ` [lustre-devel] [PATCH 05/20] lnet: track pinginfo size in bytes, not nis James Simmons
2022-10-14 21:37 ` [lustre-devel] [PATCH 06/20] lnet: add iface index to struct lnet_inetdev James Simmons
2022-10-14 21:37 ` [lustre-devel] [PATCH 07/20] lnet: ksocklnd: support IPv6 in ksocknal_ip2index() James Simmons
2022-10-14 21:37 ` James Simmons [this message]
2022-10-14 21:38 ` [lustre-devel] [PATCH 09/20] lustre: osc: Remove oap_magic James Simmons
2022-10-14 21:38 ` [lustre-devel] [PATCH 10/20] lustre: ptlrpc: add assert for ptlrpc_service_purge_all James Simmons
2022-10-14 21:38 ` [lustre-devel] [PATCH 11/20] lustre: ptlrpc: lower the message level in no resend case James Simmons
2022-10-14 21:38 ` [lustre-devel] [PATCH 12/20] lustre: obdclass: user netlink to collect devices information James Simmons
2022-10-14 21:38 ` [lustre-devel] [PATCH 13/20] lnet: use %pISc for formatting IP addresses James Simmons
2022-10-14 21:38 ` [lustre-devel] [PATCH 14/20] lustre: llog: correct llog FID and path output James Simmons
2022-10-14 21:38 ` [lustre-devel] [PATCH 15/20] lnet: o2iblnd: fix handling of RDMA_CM_EVENT_UNREACHABLE James Simmons
2022-10-14 21:38 ` [lustre-devel] [PATCH 16/20] lnet: socklnd: remove remnants of tcp bonding James Simmons
2022-10-14 21:38 ` [lustre-devel] [PATCH 17/20] lnet: Router test interop check and aarch fix James Simmons
2022-10-14 21:38 ` [lustre-devel] [PATCH 18/20] lnet: o2iblnd: fix deadline for tx on peer queue James Simmons
2022-10-14 21:38 ` [lustre-devel] [PATCH 19/20] lnet: o2iblnd: detect link state to set fatal error on ni James Simmons
2022-10-14 21:38 ` [lustre-devel] [PATCH 20/20] lnet: socklnd: limit retries on conns_per_peer mismatch James Simmons
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1665783491-13827-9-git-send-email-jsimmons@infradead.org \
--to=jsimmons@infradead.org \
--cc=adilger@whamcloud.com \
--cc=green@whamcloud.com \
--cc=lustre-devel@lists.lustre.org \
--cc=neilb@suse.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).