From: Vlad Yasevich <vladislav.yasevich@hp.com>
To: Andreas Gruenbacher <agruen@suse.de>
Cc: Jiri Bohac <jbohac@suse.cz>,
netdev@vger.kernel.org, yoshfuji@linux-ipv6.org, kkeil@suse.de
Subject: Re: Why does a connect to IPv6 LLA address fail ?
Date: Thu, 08 Nov 2007 13:15:52 -0500 [thread overview]
Message-ID: <47335258.4000806@hp.com> (raw)
In-Reply-To: <200711081901.59334.agruen@suse.de>
Andreas Gruenbacher wrote:
> On Wednesday 07 November 2007 20:42, Vlad Yasevich wrote:
>> The reason is that 2 different hosts may have the same link-local
>> address as long as they are on different links. If the sender is
>> connected to both links then it may send the packet to the wrong
>> destination.
>
> Good point.
>
> What's confusing is that connect(2) fails even if the host itself has the
> specified address. This isn't necessary.
Yes and no. Since linux doesn't have the concept of default zone, we have
to fail, because from the perspective of the kernel, the address was not
fully specified. OTOH, since this is our address, we 'could' have all
the info.
The problem is that this verification happens before we hit the routing logic.
It's an explicit check the if the sin6_scope_id is not set and we are not bound
to an interface, it's an error.
>
> What's even more confusing is that the kernel doesn't seem to honor the
> interface in all cases: with
> fe80::20f:20ff:fe3b:e9c3 on eth0 and
> ::1 on lo,
> I get the following:
>
> ping6 fe80::20f:20ff:fe3b:e9c3 fails with EINVAL
> ping6 fe80::20f:20ff:fe3b:e9c3%eth0 succeeds
Yes, but if you run a capture, you'll see the packet on loopback. That's
because you have a route to this address.
> ping6 fe80::20f:20ff:fe3b:e9c3%lo succeeds
Yes, same thing. Routing code takes care of it.
>
> At least the last ping should fail, shouldn't it?
No, because both pings really go over loopback. You are on the same system
and have 'local' routes for those addresses:
ip -6 r l t local
>
>> A different and some might say 'better' alternative is to define a
>> default link. Thus when the zone id is not specified the default is used.
>> This will work fine for link-scoped addresses. A default zone would also
>> need to be defined for other scopes as well. That's just one idea.
>
> I think at least for host with only one link (in addition to loopback),
> selecting that link for non-local addresses would make sense.
>
Yes, you could do that. Or you can push the interface check to the routing code
and do some logic to see if you can "select" an interface.
-vlad
next prev parent reply other threads:[~2007-11-08 18:15 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-11-07 9:40 Why does a connect to IPv6 LLA address fail ? Karsten Keil
2007-11-07 11:28 ` Jiri Bohac
2007-11-07 19:42 ` Vlad Yasevich
2007-11-08 18:01 ` Andreas Gruenbacher
2007-11-08 18:15 ` Vlad Yasevich [this message]
2007-11-08 18:32 ` Karsten Keil
2007-11-08 20:50 ` Vlad Yasevich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=47335258.4000806@hp.com \
--to=vladislav.yasevich@hp.com \
--cc=agruen@suse.de \
--cc=jbohac@suse.cz \
--cc=kkeil@suse.de \
--cc=netdev@vger.kernel.org \
--cc=yoshfuji@linux-ipv6.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).