From mboxrd@z Thu Jan 1 00:00:00 1970 From: David Miller Subject: Re: [PATCH v2 net] net/ipv6: Do not allow device only routes via the multipath API Date: Mon, 16 Jul 2018 14:09:01 -0700 (PDT) Message-ID: <20180716.140901.431992949954567398.davem@davemloft.net> References: <20180715163519.12917-1-dsahern@kernel.org> Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Cc: netdev@vger.kernel.org, eric.dumazet@gmail.com, dsahern@gmail.com To: dsahern@kernel.org Return-path: Received: from shards.monkeyblade.net ([23.128.96.9]:60250 "EHLO shards.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728300AbeGPViN (ORCPT ); Mon, 16 Jul 2018 17:38:13 -0400 In-Reply-To: <20180715163519.12917-1-dsahern@kernel.org> Sender: netdev-owner@vger.kernel.org List-ID: From: dsahern@kernel.org Date: Sun, 15 Jul 2018 09:35:19 -0700 > From: David Ahern > > Eric reported that reverting the patch that fixed and simplified IPv6 > multipath routes means reverting back to invalid userspace notifications. > eg., > $ ip -6 route add 2001:db8:1::/64 nexthop dev eth0 nexthop dev eth1 > > only generates a single notification: > 2001:db8:1::/64 dev eth0 metric 1024 pref medium > > While working on a fix for this problem I found another case that is just > broken completely - a multipath route with a gateway followed by device > followed by gateway: > $ ip -6 ro add 2001:db8:103::/64 > nexthop via 2001:db8:1::64 > nexthop dev dummy2 > nexthop via 2001:db8:3::64 > > In this case the device only route is dropped completely - no notification > to userpsace but no addition to the FIB either: > > $ ip -6 ro ls > 2001:db8:1::/64 dev dummy1 proto kernel metric 256 pref medium > 2001:db8:2::/64 dev dummy2 proto kernel metric 256 pref medium > 2001:db8:3::/64 dev dummy3 proto kernel metric 256 pref medium > 2001:db8:103::/64 metric 1024 > nexthop via 2001:db8:1::64 dev dummy1 weight 1 > nexthop via 2001:db8:3::64 dev dummy3 weight 1 pref medium > fe80::/64 dev dummy1 proto kernel metric 256 pref medium > fe80::/64 dev dummy2 proto kernel metric 256 pref medium > fe80::/64 dev dummy3 proto kernel metric 256 pref medium > > Really, IPv6 multipath is just FUBAR'ed beyond repair when it comes to > device only routes, so do not allow it all. > > This change will break any scripts relying on the mpath api for insert, > but I don't see any other way to handle the permutations. Besides, since > the routes are added to the FIB as standalone (non-multipath) routes the > kernel is not doing what the user requested, so it might as well tell the > user that. > > Reported-by: Eric Dumazet > Signed-off-by: David Ahern Applied, thanks David. Is this a -stable candidate?