Date: Tue, 31 May 2022 21:34:25 +0200 From: Kristof Provost <kp@FreeBSD.org> To: "Alexander V. Chernikov" <melifaro@FreeBSD.org> Cc: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: Re: git: d6cd20cc5c47 - main - netinet6: fix ndp proxying Message-ID: <9BB758A5-D0C4-476E-ACD4-A27C98276F7B@FreeBSD.org> In-Reply-To: <202205301054.24UAs4m6066923@gitrepo.freebsd.org> References: <202205301054.24UAs4m6066923@gitrepo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 30 May 2022, at 12:54, Alexander V. Chernikov wrote: > The branch main has been updated by melifaro: > > URL: https://cgit.FreeBSD.org/src/commit/?id=3Dd6cd20cc5c475e8bbf257ac1= 474ff490ae4dcab6 > > commit d6cd20cc5c475e8bbf257ac1474ff490ae4dcab6 > Author: KUROSAWA Takahiro <takahiro.kurosawa@gmail.com> > AuthorDate: 2022-05-30 07:51:15 +0000 > Commit: Alexander V. Chernikov <melifaro@FreeBSD.org> > CommitDate: 2022-05-30 10:53:33 +0000 > > netinet6: fix ndp proxying > > We could insert proxy NDP entries by the ndp command, but the host > with proxy ndp entries had not responded to Neighbor Solicitations.= > Change the following points for proxy NDP to work as expected: > * join solicited-node multicast addresses for proxy NDP entries > in order to receive Neighbor Solicitations. > * look up proxy NDP entries not on the routing table but on the > link-level address table when receiving Neighbor Solicitations. > > Reviewed By: melifaro > Differential Revision: https://reviews.freebsd.org/D35307 > MFC after: 2 weeks > --- > sys/net/if.c | 10 ++ > sys/net/if_llatbl.c | 48 +++++++++ > sys/net/if_llatbl.h | 12 ++- > sys/netinet6/in6.c | 111 ++++++++++++++++++-- > sys/netinet6/in6_var.h | 2 + > sys/netinet6/nd6_nbr.c | 57 ++++++----- > tests/sys/netinet6/Makefile | 3 +- > tests/sys/netinet6/proxy_ndp.sh | 222 ++++++++++++++++++++++++++++++++= ++++++++ > 8 files changed, 425 insertions(+), 40 deletions(-) > > diff --git a/sys/netinet6/in6.c b/sys/netinet6/in6.c > index a39f7734e0ba..857e05c0f112 100644 > --- a/sys/netinet6/in6.c > +++ b/sys/netinet6/in6.c > @@ -2621,3 +2643,72 @@ in6_sin_2_v4mapsin6_in_sock(struct sockaddr **na= m) > free(*nam, M_SONAME); > *nam =3D (struct sockaddr *)sin6_p; > } > + > +/* > + * Join/leave the solicited multicast groups for proxy NDP entries. > + */ > +static void > +in6_join_proxy_ndp_mc(struct ifnet *ifp, const struct in6_addr *dst) > +{ > + struct in6_multi *inm; > + struct in6_addr mltaddr; > + char ip6buf[INET6_ADDRSTRLEN]; > + int error; > + > + if (in6_solicited_node_maddr(&mltaddr, ifp, dst) !=3D 0) > + return; /* error logged in in6_solicited_node_maddr. */ > + > + error =3D in6_joingroup(ifp, &mltaddr, NULL, &inm, 0); > + if (error !=3D 0) { > + nd6log((LOG_WARNING, > + "%s: in6_joingroup failed for %s on %s (errno=3D%d)\n", > + __func__, ip6_sprintf(ip6buf, &mltaddr), if_name(ifp), > + error)); > + } > +} > + > +static void > +in6_leave_proxy_ndp_mc(struct ifnet *ifp, const struct in6_addr *dst) > +{ > + struct epoch_tracker et; > + struct in6_multi *inm; > + struct in6_addr mltaddr; > + char ip6buf[INET6_ADDRSTRLEN]; > + > + if (in6_solicited_node_maddr(&mltaddr, ifp, dst) !=3D 0) > + return; /* error logged in in6_solicited_node_maddr. */ > + > + NET_EPOCH_ENTER(et); > + inm =3D in6m_lookup(ifp, &mltaddr); > + NET_EPOCH_EXIT(et); > + if (inm !=3D NULL) > + in6_leavegroup(inm, NULL); > + else > + nd6log((LOG_WARNING, "%s: in6m_lookup failed for %s on %s\n", > + __func__, ip6_sprintf(ip6buf, &mltaddr), if_name(ifp))); > +} > + > +static bool > +in6_lle_match_pub(struct lltable *llt, struct llentry *lle, void *farg= ) > +{ > + return ((lle->la_flags & LLE_PUB) !=3D 0); > +} > + > +void > +in6_purge_proxy_ndp(struct ifnet *ifp) > +{ > + struct lltable *llt; > + bool need_purge; > + > + llt =3D LLTABLE6(ifp); This panics here when I kldunload pfsync. This fixes it for me: https://reviews.freebsd.org/D35374 Kristof
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9BB758A5-D0C4-476E-ACD4-A27C98276F7B>