* Re: With disable_ipv6 set to 1 on an interface, ff00:/8 and fe80::/64 are still added on device UP [not found] <AANLkTinHkaL49MS9agf525GRhWXSWIvVmn-Qz33Hcg6Y@mail.gmail.com> @ 2010-07-20 20:34 ` Brian Haley 2010-07-20 20:48 ` David Miller 2010-07-22 20:41 ` David Miller 0 siblings, 2 replies; 4+ messages in thread From: Brian Haley @ 2010-07-20 20:34 UTC (permalink / raw) To: Mahesh Kelkar; +Cc: netdev@vger.kernel.org Hi Mahesh, Cc-ing netdev... On 07/20/2010 12:07 PM, Mahesh Kelkar wrote: > Brian, > > I came across a patch that you submitted in 2009 (2009-05-29 20:48:49): > IPv6: Add 'autoconf' and 'disable_ipv6' module parameters > > Question: > With disable_ipv6 set to 1 on the interface, when device/interface > reaches UP state, the link local address is not added, but ipv6 routes > i.e. ff00::/8 & fe80::/64 routes are still added to the route table: > In net/ipv6/addrconf.c > addrconf_notify => addrconf_dev_config => addrconf_add_dev => > addrconf_add_mroute & addrconf_add_lroute > The link local address is not assigned because of the check > (idev->cnf.disable_ipv6) added in ipv6_add_addr. > > - Is there any particular reason for doing this? (i.e. not assigning > the link local address to interface, but adding link local & mcast > routes) > - when disable_ipv6 is set to 1, is there any reason not to skip the > NETDEV_UP processing in the addrconf_notify in addrconf.c I believe the easiest way to fix this is the following patch, can you please test it? Thanks, -Brian --- If the interface has IPv6 disabled, don't add a multicast or link-local route since we won't be adding a link-local address. Reported-by: Mahesh Kelkar <maheshkelkar@gmail.com> Signed-off-by: Brian Haley <brian.haley@hp.com> --- diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c index e81155d..ab70a3f 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c @@ -1763,7 +1763,10 @@ static struct inet6_dev *addrconf_add_dev(struct net_device *dev) idev = ipv6_find_idev(dev); if (!idev) - return NULL; + return ERR_PTR(-ENOBUFS); + + if (idev->cnf.disable_ipv6) + return ERR_PTR(-EACCES); /* Add default multicast route */ addrconf_add_mroute(dev); @@ -2132,8 +2135,9 @@ static int inet6_addr_add(struct net *net, int ifindex, struct in6_addr *pfx, if (!dev) return -ENODEV; - if ((idev = addrconf_add_dev(dev)) == NULL) - return -ENOBUFS; + idev = addrconf_add_dev(dev); + if (IS_ERR(idev)) + return PTR_ERR(idev); scope = ipv6_addr_scope(pfx); @@ -2380,7 +2384,7 @@ static void addrconf_dev_config(struct net_device *dev) } idev = addrconf_add_dev(dev); - if (idev == NULL) + if (IS_ERR(idev)) return; memset(&addr, 0, sizeof(struct in6_addr)); @@ -2471,7 +2475,7 @@ static void addrconf_ip6_tnl_config(struct net_device *dev) ASSERT_RTNL(); idev = addrconf_add_dev(dev); - if (!idev) { + if (IS_ERR(idev)) { printk(KERN_DEBUG "init ip6-ip6: add_dev failed\n"); return; } ^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: With disable_ipv6 set to 1 on an interface, ff00:/8 and fe80::/64 are still added on device UP 2010-07-20 20:34 ` With disable_ipv6 set to 1 on an interface, ff00:/8 and fe80::/64 are still added on device UP Brian Haley @ 2010-07-20 20:48 ` David Miller 2010-07-22 14:03 ` Mahesh Kelkar 2010-07-22 20:41 ` David Miller 1 sibling, 1 reply; 4+ messages in thread From: David Miller @ 2010-07-20 20:48 UTC (permalink / raw) To: brian.haley; +Cc: maheshkelkar, netdev From: Brian Haley <brian.haley@hp.com> Date: Tue, 20 Jul 2010 16:34:30 -0400 > I believe the easiest way to fix this is the following patch, can > you please test it? ... > If the interface has IPv6 disabled, don't add a multicast or > link-local route since we won't be adding a link-local address. > > Reported-by: Mahesh Kelkar <maheshkelkar@gmail.com> > Signed-off-by: Brian Haley <brian.haley@hp.com> This looks good to me, let me know when it has been tested. ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: With disable_ipv6 set to 1 on an interface, ff00:/8 and fe80::/64 are still added on device UP 2010-07-20 20:48 ` David Miller @ 2010-07-22 14:03 ` Mahesh Kelkar 0 siblings, 0 replies; 4+ messages in thread From: Mahesh Kelkar @ 2010-07-22 14:03 UTC (permalink / raw) To: Brian Haley; +Cc: netdev, David Miller Brian, Overall the patch seem to work. On one occasion I saw an error when it tried get rtnl_trylock() in "addrconf_disable_ipv6" in addrconf.c. I am investigating into it. If you could think of anything, please let me know. I also came across another odd behavior (unrelated to disable_ipv6 but related to multicast & link local route): A. configure unicast Ipv6 address (say 123:2:3:4:5:6:7:8/64) on an interface. (link-local will be assigned when interface comes up) B. Bring the interface down (ip link set eth0 down), you will get following set of netlink notifications (ip monitor all): 1. Deleted - unicast address connected route (123:2:3:4::/64) 2. Deleted - link local (fe80::/64) route 3. Deleted - multicast (ff00::/8) route 4. Deleted - unicast address (123:2:3:4:5:6:7:8/64) 5. Deleted - link local address C. re-configure the unicast Ipv6 address (say 123:2:3:4:5:6:7:8/64) on the interface. (link-local will NOT be assigned as interface is down) You wil see following netlink notifications: 6. Added - unicast address (123:2:3:4:5:6:7:8/64) 7. Added - unicast address connected route (123:2:3:4::/64) 8. Added - multicast (ff00::/8) route 9. Added - link local (fe80::/64) route etc. I am not sure why #7, #8 & #9 occured. It doesn't happen in case of IPv4. The routes show up when interface reaches up state. Perhaps my kernel is old and that could be reason for this beahvior. BTW I am using 2.6.21 with following cherry-picked disable_ipv6 patches: - ipv6: Add disable_ipv6 sysctl to disable IPv6 operaion on specific interface(commit:778d80be52699596bf70e0eb0761cf5e1e46088d) - ipv6: Plug sk_buff leak in ipv6_rcv (net/ipv6/ip6_input.c) (commit: 71f6f6dfdf7c7a67462386d9ea05c1095a89c555) - IPv6: Add 'autoconf' and 'disable_ipv6' module parameters (ONLY interface specific behavior) Thanks very much for your help. Mahesh On Tue, Jul 20, 2010 at 4:48 PM, David Miller <davem@davemloft.net> wrote: > From: Brian Haley <brian.haley@hp.com> > Date: Tue, 20 Jul 2010 16:34:30 -0400 > >> I believe the easiest way to fix this is the following patch, can >> you please test it? > ... >> If the interface has IPv6 disabled, don't add a multicast or >> link-local route since we won't be adding a link-local address. >> >> Reported-by: Mahesh Kelkar <maheshkelkar@gmail.com> >> Signed-off-by: Brian Haley <brian.haley@hp.com> > > This looks good to me, let me know when it has been tested. > ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: With disable_ipv6 set to 1 on an interface, ff00:/8 and fe80::/64 are still added on device UP 2010-07-20 20:34 ` With disable_ipv6 set to 1 on an interface, ff00:/8 and fe80::/64 are still added on device UP Brian Haley 2010-07-20 20:48 ` David Miller @ 2010-07-22 20:41 ` David Miller 1 sibling, 0 replies; 4+ messages in thread From: David Miller @ 2010-07-22 20:41 UTC (permalink / raw) To: brian.haley; +Cc: maheshkelkar, netdev From: Brian Haley <brian.haley@hp.com> Date: Tue, 20 Jul 2010 16:34:30 -0400 > If the interface has IPv6 disabled, don't add a multicast or > link-local route since we won't be adding a link-local address. > > Reported-by: Mahesh Kelkar <maheshkelkar@gmail.com> > Signed-off-by: Brian Haley <brian.haley@hp.com> Applied, thanks Brian. ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2010-07-22 20:41 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <AANLkTinHkaL49MS9agf525GRhWXSWIvVmn-Qz33Hcg6Y@mail.gmail.com>
2010-07-20 20:34 ` With disable_ipv6 set to 1 on an interface, ff00:/8 and fe80::/64 are still added on device UP Brian Haley
2010-07-20 20:48 ` David Miller
2010-07-22 14:03 ` Mahesh Kelkar
2010-07-22 20:41 ` David Miller
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).