From owner-freebsd-net@freebsd.org Sun Jul 1 10:56:33 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2ECF6FF2AC3 for ; Sun, 1 Jul 2018 10:56:33 +0000 (UTC) (envelope-from bu7cher@yandex.ru) Received: from forward105p.mail.yandex.net (forward105p.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:108]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "forwards.mail.yandex.net", Issuer "Yandex CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A1A208B15A; Sun, 1 Jul 2018 10:56:32 +0000 (UTC) (envelope-from bu7cher@yandex.ru) Received: from mxback9g.mail.yandex.net (mxback9g.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:170]) by forward105p.mail.yandex.net (Yandex) with ESMTP id EA61D40845AB; Sun, 1 Jul 2018 13:56:21 +0300 (MSK) Received: from smtp2o.mail.yandex.net (smtp2o.mail.yandex.net [2a02:6b8:0:1a2d::26]) by mxback9g.mail.yandex.net (nwsmtp/Yandex) with ESMTP id q2cY4sSbnZ-uL6OBV8h; Sun, 01 Jul 2018 13:56:21 +0300 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1530442581; bh=4qfjcjqptAtDsi/apXiVVpCt+2sZXwa5zvjH1MUJxFM=; h=Subject:To:References:From:Message-ID:Date:In-Reply-To; b=SJW0yfhUVOwtWYHxr3StQ+ab0CrHCEi5jVRurndC+mzGWCr+BDmjN8d0iJP0gzy/b Nh8hsNkE6+PaISk9D7g9BKqWwhkTDM+zfd4MTGGbuJkPLu9yw7a5afx6PBy1+314jA vHHbxCI1F56rlT96UyHj7t5K5A9eWfm9Uw2zPgng= Received: by smtp2o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id vEZ4c9kt6J-uK5WvrQE; Sun, 01 Jul 2018 13:56:20 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client certificate not present) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1530442580; bh=4qfjcjqptAtDsi/apXiVVpCt+2sZXwa5zvjH1MUJxFM=; h=Subject:To:References:From:Message-ID:Date:In-Reply-To; b=VnKmiv8CwlU72qV8hdbmBAHTzzAXvaC0g0h0rYGdQcytPmsNLJc/9NWo460uJJbDz +EtpRryf2HMYNA/uo3dcsaZoVf2Drf65w5KCpc83Qs175m0EH0a5YK/JRI0ugZniKm EKh3+ONzWr/e/zN4Z1nPCj/10CTFpGQw/jLJxjAs= Authentication-Results: smtp2o.mail.yandex.net; dkim=pass header.i=@yandex.ru Subject: Re: IPv6 scope handling, was Re: svn commit: r335806 - projects/pnfs-planb-server/usr.sbin/nfsd To: Rick Macklem , Rick Macklem , FreeBSD Net References: <201806292207.w5TM7QX9052770@repo.freebsd.org> <0c85d229-3b8f-3b4c-ba3c-34ec06728455@yandex.ru> <048d1b79-f263-506c-210e-21d9e4437c3e@yandex.ru> From: "Andrey V. Elsukov" Openpgp: id=E6591E1B41DA1516F0C9BC0001C5EA0410C8A17A Autocrypt: addr=bu7cher@yandex.ru; prefer-encrypt=mutual; keydata= xsBNBEwBF1kBCADB9sXFhBEUy8qQ4X63Y8eBatYMHGEFWN9ypS5lI3RE6qQW2EYbxNk7qUC5 21YIIS1mMFVBEfvR7J9uc7yaYgFCEb6Sce1RSO4ULN2mRKGHP3/Sl0ijZEjWHV91hY1YTHEF ZW/0GYinDf56sYpDDehaBF5wkWIo1+QK5nmj3vl0DIDCMNd7QEiWpyLVwECgLX2eOAXByT8B bCqVhJGcG6iFP7/B9Ll6uX5gb8thM9LM+ibwErDBVDGiOgvfxqidab7fdkh893IBCXa82H9N CNwnEtcgzh+BSKK5BgvPohFMgRwjti37TSxwLu63QejRGbZWSz3OK3jMOoF63tCgn7FvABEB AAHNIkFuZHJleSBWLiBFbHN1a292IDxhZUBmcmVlYnNkLm9yZz7CwHsEEwECACUCGwMGCwkI BwMCBhUIAgkKCwQWAgMBAh4BAheABQJMB/ruAhkBAAoJEAHF6gQQyKF6MLwH/3Ri/TZl9uo0 SepYWXOnxL6EaDVXDA+dLb1eLKC4PRBBjX29ttQ0KaWapiE6y5/AfzOPmRtHLrHYHjd/aiHX GMLHcYRXD+5GvdkK8iMALrZ28X0JXyuuZa8rAxWIWmCbYHNSBy2unqWgTI04Erodk90IALgM 9JeHN9sFqTM6zalrMnTzlcmel4kcjT3lyYw3vOKgoYLtsLhKZSbJoVVVlvRlGBpHFJI5AoYJ SyfXoN0rcX6k9X7Isp2K50YjqxV4v78xluh1puhwZyC0p8IShPrmrp9Oy9JkMX90o6UAXdGU KfdExJuGJfUZOFBTtNIMNIAKfMTjhpRhxONIr0emxxDOwE0ETAEXWQEIAJ2p6l9LBoqdH/0J PEFDY2t2gTvAuzz+8zs3R03dFuHcNbOwjvWCG0aOmVpAzkRa8egn5JB4sZaFUtKPYJEQ1Iu+ LUBwgvtXf4vWpzC67zs2dDuiW4LamH5p6xkTD61aHR7mCB3bg2TUjrDWn2Jt44cvoYxj3dz4 S49U1rc9ZPgD5axCNv45j72tggWlZvpefThP7xT1OlNTUqye2gAwQravXpZkl5JG4eOqJVIU X316iE3qso0iXRUtO7OseBf0PiVmk+wCahdreHOeOxK5jMhYkPKVn7z1sZiB7W2H2TojbmcK HZC22sz7Z/H36Lhg1+/RCnGzdEcjGc8oFHXHCxUAEQEAAcLAXwQYAQIACQUCTAEXWQIbDAAK CRABxeoEEMihegkYCAC3ivGYNe2taNm/4Nx5GPdzuaAJGKWksV+w9mo7dQvU+NmI2az5w8vw 98OmX7G0OV9snxMW+6cyNqBrVFTu33VVNzz9pnqNCHxGvj5dL5ltP160JV2zw2bUwJBYsgYQ WfyJJIM7l3gv5ZS3DGqaGIm9gOK1ANxfrR5PgPzvI9VxDhlr2juEVMZYAqPLEJe+SSxbwLoz BcFCNdDAyXcaAzXsx/E02YWm1hIWNRxanAe7Vlg7OL+gvLpdtrYCMg28PNqKNyrQ87LQ49O9 50IIZDOtNFeR0FGucjcLPdS9PiEqCoH7/waJxWp6ydJ+g4OYRBYNM0EmMgy1N85JJrV1mi5i Message-ID: <1e62847a-fe06-9190-ac98-ce120e96f325@yandex.ru> Date: Sun, 1 Jul 2018 13:53:03 +0300 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101 Thunderbird/52.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="JxV3f7m17jRishiJFAFgxsVGGlVdDE3zT" X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 01 Jul 2018 10:56:33 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --JxV3f7m17jRishiJFAFgxsVGGlVdDE3zT Content-Type: multipart/mixed; boundary="J8Cl7koHUPE8iNBRMH1a347jE5qicCoJS"; protected-headers="v1" From: "Andrey V. Elsukov" To: Rick Macklem , Rick Macklem , FreeBSD Net Message-ID: <1e62847a-fe06-9190-ac98-ce120e96f325@yandex.ru> Subject: Re: IPv6 scope handling, was Re: svn commit: r335806 - projects/pnfs-planb-server/usr.sbin/nfsd References: <201806292207.w5TM7QX9052770@repo.freebsd.org> <0c85d229-3b8f-3b4c-ba3c-34ec06728455@yandex.ru> <048d1b79-f263-506c-210e-21d9e4437c3e@yandex.ru> In-Reply-To: --J8Cl7koHUPE8iNBRMH1a347jE5qicCoJS Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable On 01.07.2018 03:30, Rick Macklem via freebsd-net wrote: >> [neighbor1 fe80::100]<-->[fe80::1%igb0 | fe80::1%igb1]<-->[fe80::100 >> neighbor2] >> >> neighbor1 can not reach neighbor2, since these addresses belongs to >> different scope zones. On the host with two interfaces you as user can= >> use link-local addresses and can specify such addresses in application= =2E >> To disambiguate them you must specify scope zone identifier, "%igb0" o= r >> "%igb1". E.g. if you want to connect with neighbor1, you can use "teln= et >> fe80::100%igb0 someport" and the kernel will initiate connection with >> neighbor1 through igb0. inet_ntop() call doesn't support this. > Ok, I think I follow that. I didn't explain what this case is... >=20 > The code for this patch runs on HostA. > If looks up an address for HostB, but not so it can connect to HostB. > It sends the address to HostC, so that HostC can connect to HostB. > (So the address needed is the address that HostC would use to connect t= o > HostB.) > > I think what you are saying above is that a Link-local address won't wo= rk > and that the address must be a global one? > Should the code check for "fe8" at the start and skip over those ones? It is possible that all hosts are in the same scope zone, e.g. they are connected in the one broadcast domain through the switch. In this case it is possible to use link-local addresses and they all will be reachable. > The "on-the-wire" address sent to HostC is specified in standard string= form > (can't remember the RFC#, but it is referenced by RFC5661), so I can't = send > any more than that to HostC. So if I understand correctly, after formatting you are sending this address string to the some foreign host? The scope zone id specifier is only does matter for the host where it is used. I.e. there is no sense to send "%ifname" to the foreign host, because it can have different ifname for the link and that address specification won't work. I think for now we can leave the code as is (put some XXX with comment here), and then in the future, if it will be needed, add better handling for that :) >> In the kernel when you operate with IPv6 link-local addresses you need= >> to properly prepare them in the IPv6 header, i.e. embed scope zone >> identifier. Otherwise the kernel will fail to send such packets. > How would HostA know what HostC should use? > (I don't think it can know?) > [stuff snipped] The possible solution can be: * for the sending host use scope zone id to determine proper interface to send through; * for the receiving host track the receiving interface and if given address is link-local, recover the scope zone id from the receiving interface. --=20 WBR, Andrey V. Elsukov --J8Cl7koHUPE8iNBRMH1a347jE5qicCoJS-- --JxV3f7m17jRishiJFAFgxsVGGlVdDE3zT Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEzBAEBCAAdFiEE5lkeG0HaFRbwybwAAcXqBBDIoXoFAls4so8ACgkQAcXqBBDI oXr9awf/eLEaWZKak08CTr2VCrUeDUVYlGu6SVuYtH+Je0EeJoA+tnaBfjfbVcAd QbzuPTWUaPImeHLMrX8LCE2kxg5lsxHaP5y+bxJxCbO8AjagRjiIpBI77YxrGhkY vn9p+X/zhLXxjyALJ7v0Kv53f1wGC6kp0cFbmBe7KR8EnTpLr+iK9Q0mmIWnIbB1 1ZonBcLpnSMrXLPFb3x7hgAsKy9dzAvDRGQ3zEgLioLbaf+AV/t4Qu3FDcxzgHau 2O0NDRkY6b/9poL4kqQvXlYlUj6r3/fYpPmbRzqlf9ieW4zBulLEUc5lnuCqj0X4 EHFbLftCMqBvZAOwAIbfdfSHvrdMJA== =zmfq -----END PGP SIGNATURE----- --JxV3f7m17jRishiJFAFgxsVGGlVdDE3zT--