From: Sabrina Dubroca <sd@queasysnail.net>
To: David Ahern <dsahern@gmail.com>
Cc: netdev@vger.kernel.org, Jiri Pirko <jiri@resnulli.us>,
Felix Jia <felix.jia@alliedtelesis.co.nz>
Subject: Re: [PATCH net v2 4/5] net/ipv6: propagate net.ipv6.conf.all.addr_gen_mode to devices
Date: Tue, 10 Jul 2018 12:13:52 +0200 [thread overview]
Message-ID: <20180710101352.GA31570@bistromath.localdomain> (raw)
In-Reply-To: <9e3ad74a-2321-9893-dbcb-5dec1d7ef054@gmail.com>
2018-07-09, 11:24:49 -0600, David Ahern wrote:
> On 7/9/18 4:25 AM, Sabrina Dubroca wrote:
> > This aligns the addr_gen_mode sysctl with the expected behavior of the
> > "all" variant.
> >
> > Fixes: d35a00b8e33d ("net/ipv6: allow sysctl to change link-local address generation mode")
> > Suggested-by: David Ahern <dsahern@gmail.com>
> > Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
> > ---
> > net/ipv6/addrconf.c | 12 ++++++++++++
> > 1 file changed, 12 insertions(+)
> >
> > diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
> > index e89bca83e0e4..1659a6b3cf42 100644
> > --- a/net/ipv6/addrconf.c
> > +++ b/net/ipv6/addrconf.c
> > @@ -5926,6 +5926,18 @@ static int addrconf_sysctl_addr_gen_mode(struct ctl_table *ctl, int write,
> > idev->cnf.addr_gen_mode = new_val;
> > addrconf_dev_config(idev->dev);
> > }
> > + } else if (&net->ipv6.devconf_all->addr_gen_mode == ctl->data) {
> > + struct net_device *dev;
> > +
> > + net->ipv6.devconf_dflt->addr_gen_mode = new_val;
> > + for_each_netdev(net, dev) {
> > + idev = __in6_dev_get(dev);
> > + if (idev &&
> > + idev->cnf.addr_gen_mode != new_val) {
> > + idev->cnf.addr_gen_mode = new_val;
> > + addrconf_dev_config(idev->dev);
>
> This call is adding a new LL address without removing the previous one:
>
> # ip -6 addr sh dev eth2
> 4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
> inet6 2001:db8:2::4/64 scope global
> valid_lft forever preferred_lft forever
> inet6 fe80::e0:f9ff:fe45:6480/64 scope link
> valid_lft forever preferred_lft forever
>
> # sysctl -w net.ipv6.conf.eth2.addr_gen_mode=3
> net.ipv6.conf.eth2.addr_gen_mode = 3
>
> # ip -6 addr sh dev eth2
> 4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
> inet6 2001:db8:2::4/64 scope global
> valid_lft forever preferred_lft forever
> inet6 fe80::bc31:8009:270d:e019/64 scope link stable-privacy
> valid_lft forever preferred_lft forever
> inet6 fe80::e0:f9ff:fe45:6480/64 scope link
> valid_lft forever preferred_lft forever
Yes. That's also what will happen with global addresses, once the next
RA is received: a new address corresponding to the new generation mode
will be added, and the old one isn't removed.
I think that was the expected behavior of d35a00b8e33d, but since it
never actually worked... OTOH, the netlink attribute only sets
idev->cnf.addr_gen_mode and doesn't add the new LL address (not until
a DOWN/UP cycle), which I personally find surprising. If I set the
mode to random or stable_secret, I would expect the privacy address to
show up without having to take the device down and then up.
I think removing the previous address immediately would break things
(and the user wouldn't expect an address to disappear that way, since
they're not explicitly asking for it to be removed), but I guess we
could play games with the lifetimes (reduce the lifetime of the old
address from forever to some limit). That limit would need to be
configurable I think, and I would rather target that change for
net-next.
--
Sabrina
next prev parent reply other threads:[~2018-07-10 10:13 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-07-09 10:25 [PATCH net v2 0/5] net/ipv6: addr_gen_mode fixes Sabrina Dubroca
2018-07-09 10:25 ` [PATCH net v2 1/5] net/ipv6: fix addrconf_sysctl_addr_gen_mode Sabrina Dubroca
2018-07-09 17:20 ` David Ahern
2018-07-09 10:25 ` [PATCH net v2 2/5] net/ipv6: don't reinitialize ndev->cnf.addr_gen_mode on new inet6_dev Sabrina Dubroca
2018-07-09 10:25 ` [PATCH net v2 3/5] net/ipv6: reserve room for IFLA_INET6_ADDR_GEN_MODE Sabrina Dubroca
2018-07-09 10:25 ` [PATCH net v2 4/5] net/ipv6: propagate net.ipv6.conf.all.addr_gen_mode to devices Sabrina Dubroca
2018-07-09 17:24 ` David Ahern
2018-07-10 10:13 ` Sabrina Dubroca [this message]
2018-07-10 12:19 ` David Ahern
2018-07-09 10:25 ` [PATCH net v2 5/5] Documentation: ip-sysctl.txt: document addr_gen_mode Sabrina Dubroca
2018-07-09 17:25 ` David Ahern
2018-07-12 5:51 ` [PATCH net v2 0/5] net/ipv6: addr_gen_mode fixes David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180710101352.GA31570@bistromath.localdomain \
--to=sd@queasysnail.net \
--cc=dsahern@gmail.com \
--cc=felix.jia@alliedtelesis.co.nz \
--cc=jiri@resnulli.us \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).