Re: [RFD] First draft of RDNSS-in-RA support for IPv6 DNS autoconfiguration

["Rémi Denis-Courmont" <rdenis@simphalempin.com>]

[-- Attachment #1: Type: text/plain, Size: 1626 bytes --]

	Hello,

Le samedi 23 juin 2007, David Stevens a écrit :
>         Why not make the application that writes resolv.conf
> also listen on a raw ICMPv6 socket? I don't believe you'd need
> any kernel changes, then, and it seems pretty simple and
> straightforward.

Unfortunately, ICMPv6 raw sockets will not work quite properly here, 
without modifications. At the moment, such a socket will queue just 
about any Router Advertisement that is received by the host.

Now, assuming the userland daemon did sanity check the message (properly 
formatted, source and destination addresses are sane, etc), it needs to 
know whether the IPv6 kernel stack has "accepted" it or not. It could 
be that the interface the RA was received on had autoconf disabled at 
the time the packet showed up, or it could be that the system is 
currently configured as a router, or it could be that we have a 
SeND-patched kernel and the RA did not pass authentication checks.

And then, what happens if IPv6 networking has been initialized before 
init got the chance to start the daemon, for instance root over 
NFS/IPv6? The RA is lost.

Similarly, the daemon has no way to know when information gathered from 
an RA becomes invalid. Of course, it can duplicate the lifetime timers 
in userland, but only the kernel knows if the link has been reset to 
off and on earlier than lifetime expiration.


Whether parsing RDNSS-in-RA belong in the kernel is irrelevant to me, as 
the kernel does not provide any interface for userland to do it 
properly at the moment.

-- 
Rémi Denis-Courmont
http://www.remlab.net/

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 197 bytes --]