Date: Fri, 01 May 2009 19:00:48 -0700 From: JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= <Jinmei_Tatuya@isc.org> To: Bruce Simpson <bms@incunabulum.net> Cc: freebsd-net <freebsd-net@freebsd.org> Subject: Re: Request feedback on IPv6 multicast listen on :: Message-ID: <m21vr8z2jz.wl%Jinmei_Tatuya@isc.org> In-Reply-To: <49FB327E.3010504@incunabulum.net> References: <49FB327E.3010504@incunabulum.net>
next in thread | previous in thread | raw e-mail | index | archive | help
At Fri, 01 May 2009 18:33:50 +0100, Bruce Simpson <bms@incunabulum.net> wrote: > During the MLDv2 refactoring, I removed some old KAME code which=20 > supports the ability to listen to *all* multicast groups. > It isn't clear to me whether this code was still in use, and I couldn't=20 > find information about it in the normative RFCs (2292, 3542) for IPv6=20 > stack implementation. >=20 > This call needed super-user privileges to use, and I'm not sure if=20 > anything is actually using it. Can anyone out there with possible=20 > exposure to it clarify? I believe you can safely remove it. The KAME repository version of that code was already deprecated long time ago. See the change for rev.1.433 at: http://orange.kame.net/dev/cvsweb2.cgi/kame/kame/sys/netinet6/ip6_output.c I also noted this strange behavior in a book about the KAME implementation: 3684: mreq =3D mtod(m, struct ipv6_mreq *); 3685: if (IN6_IS_ADDR_UNSPECIFIED(&mreq->ipv6mr_multiaddr= )) { 3686: /* 3687: * We use the unspecified address to specif= y to accept 3688: * all multicast addresses. Only super user= is allowed 3689: * to do this. 3690: */ 3692: if (suser(p)) 3696: { 3697: error =3D EACCES; 3698: break; 3699: } 3684=E2=80=933699 ipv6mr_multiaddr =EF=AC=81eld must hold a valid IPv6 multicast address. The KAME implementation allows a privileged application to specify the IPv6 unspeci=EF=AC=81ed address. While the intention may be = to allow the socket to accept packets from any multicast address, the system does not actually behave that way. First, the IN6_LOOKUP_MULTI() macro does not have a special matching rule for the unspeci=EF=AC=81ed address. Secondly, in order to accept any multicast addresses on an interface, it is necessary to specify the promiscuous mode for the interface=E2=80=99s multicast =EF=AC=81lter, which will not = actually be done in this case. Later versions of the KAME implementation removed this code and similar code that exists for IPV6_LEAVE_GROUP. Hope this helps, --- JINMEI, Tatuya Internet Systems Consortium, Inc.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?m21vr8z2jz.wl%Jinmei_Tatuya>