From mboxrd@z Thu Jan 1 00:00:00 1970 From: Ka-Cheong Poon Subject: Re: [PATCH net-next 2/3] rds: Enable RDS IPv6 support Date: Tue, 26 Jun 2018 21:02:43 +0800 Message-ID: References: <7f4f460079d3d78a18f7d759488048798e99c4db.1529922794.git.ka-cheong.poon@oracle.com> <20180625170317.GA28578@oracle.com> <25e1afda-7497-7f08-815a-286cf775bc09@oracle.com> <20180625175006.GI14823@oracle.com> <43b790c2-8da6-9f18-ae23-ca55388e8b26@oracle.com> <20180626101657.GA20575@oracle.com> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Cc: netdev@vger.kernel.org, santosh.shilimkar@oracle.com, davem@davemloft.net, rds-devel@oss.oracle.com To: Sowmini Varadhan Return-path: Received: from userp2130.oracle.com ([156.151.31.86]:41464 "EHLO userp2130.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S965052AbeFZNDA (ORCPT ); Tue, 26 Jun 2018 09:03:00 -0400 In-Reply-To: <20180626101657.GA20575@oracle.com> Content-Language: en-US Sender: netdev-owner@vger.kernel.org List-ID: On 06/26/2018 06:16 PM, Sowmini Varadhan wrote: > On (06/26/18 13:30), Ka-Cheong Poon wrote: >> >> My answer to this is that if a socket is not bound to a link >> local address (meaning it is bound to a non-link local address) >> and it is used to send to a link local peer, I think it should >> fail. > > Hmm, I'm not sure I agree. I dont think this is forbidden > by RFC 6724 - yes, such a packet cannot be forwarded, but > if everything is on the same link, and the dest only has > a link-local, you should not need to (create and) bind > another socket to a link-local to talk to this destination.. In this case, RFC 6724 prefers link local address as source. While using non-link local address (say ULA) is not forbidden, doing this can easily cause inter-operability issues (does the app really know that the non-link local source and the link local destination addresses are really on the same link?). I think it is prudent to disallow this in RDS unless there is a very clear and important reason to do so. BTW, if it is really needed, it can be added in future. >> This is consistent with the scope_id check I mentioned in >> the previous mail. If the socket is not bound to a link local >> address, the bound_scope_id is 0. So if the socket is used to >> send to a link local address (which has a non-zero scope_id), the >> check will catch it and fail the call. A new conn should not >> be created in this case. > -- K. Poon ka-cheong.poon@oracle.com