From: Pierre Ossman <pierre-list@ossman.eu>
To: netdev@vger.kernel.org
Cc: "David S. Miller" <davem@davemloft.net>,
Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>,
"Pekka Savola (ipv6)" <pekkas@netcore.fi>,
James Morris <jmorris@namei.org>,
Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>,
Patrick McHardy <kaber@trash.net>
Subject: Re: [RFC][PATCH] Export DNSSL RA option to userspace
Date: Sun, 12 Dec 2010 15:07:01 +0100 [thread overview]
Message-ID: <20101212150701.20d4fd6d@mjolnir.ossman.eu> (raw)
In-Reply-To: <20101212144300.68e0fb16@mjolnir.ossman.eu>
[-- Attachment #1: Type: text/plain, Size: 1382 bytes --]
I've also noticed a problem in the nduseropt code that I'm not sure how
to solve (given that this is now a stable userspace interface). Both
RFC5006 and RFC6106 state the following:
Note: An RDNSS address or a DNSSL domain name MUST be used only as
long as both the RA router Lifetime (advertised by a Router
Advertisement message [RFC4861]) and the corresponding option
Lifetime have not expired.
But the RA router lifetime is not included in the information sent.
Normally this is probably not an issue as the RDNSS and DNSSL lifetime
will be shorter than the router lifetime. One exception is when the
router is disabled at which point it will send a RA with router
lifetime to 0 (RFC4861 section 6.2.5). That means userspace will not be
informed that the DNS information should be removed immediately*.
Is there any way we can safely extend the interface with this
information? I'm not familiar enough with it myself yet to determine if
it's possible...
* Unless the router has a workaround for this client bug and also sets
RDNSS and DNSSL lifetimes to 0 as part of the final message.
Rgds
--
-- Pierre Ossman
WARNING: This correspondence is being monitored by FRA, a
Swedish intelligence agency. Make sure your server uses
encryption for SMTP traffic and consider using PGP for
end-to-end encryption.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 230 bytes --]
next prev parent reply other threads:[~2010-12-12 14:07 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-12-12 13:43 [RFC][PATCH] Export DNSSL RA option to userspace Pierre Ossman
2010-12-12 13:47 ` [RFC][PATCH] Export all RA options that we don't handle " Pierre Ossman
2011-01-20 8:15 ` Pierre Ossman
2011-11-20 14:00 ` Pierre Ossman
2011-11-20 16:29 ` David Miller
2011-03-03 1:30 ` Pierre Ynard
2010-12-12 14:07 ` Pierre Ossman [this message]
2011-03-03 1:36 ` [RFC][PATCH] Export DNSSL RA option " Pierre Ynard
2010-12-14 13:10 ` David Woodhouse
2010-12-14 13:43 ` Pierre Ossman
2010-12-16 1:18 ` Dan Williams
2011-03-03 1:27 ` Pierre Ynard
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20101212150701.20d4fd6d@mjolnir.ossman.eu \
--to=pierre-list@ossman.eu \
--cc=davem@davemloft.net \
--cc=jmorris@namei.org \
--cc=kaber@trash.net \
--cc=kuznet@ms2.inr.ac.ru \
--cc=netdev@vger.kernel.org \
--cc=pekkas@netcore.fi \
--cc=yoshfuji@linux-ipv6.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).