Message ID | 1421263039-96198-1-git-send-email-dsahern@gmail.com |
---|---|
State | RFC, archived |
Delegated to: | David Miller |
Headers | show |
On Mi, 2015-01-14 at 12:17 -0700, David Ahern wrote: > Currently, ipv6 addresses are flushed when the interface is configured down: > > [root@f20 ~]# ip -6 addr add dev eth1 2000:11:1:1::1/64 > [root@f20 ~]# ip addr show dev eth1 > 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000 > link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff > inet6 2000:11:1:1::1/64 scope global tentative > valid_lft forever preferred_lft forever > [root@f20 ~]# ip link set dev eth1 up > [root@f20 ~]# ip link set dev eth1 down > [root@f20 ~]# ip addr show dev eth1 > 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000 > link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff > > Add a new sysctl to make this behavior optional. Setting defaults to flush > addresses to maintain backwards compatibility. When reset flushing is bypassed: > > [root@f20 ~]# echo 0 > /proc/sys/net/ipv6/conf/eth1/flush_addr_on_down > [root@f20 ~]# ip -6 addr add dev eth1 2000:11:1:1::1/64 > [root@f20 ~]# ip addr show dev eth1 > 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000 > link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff > inet6 2000:11:1:1::1/64 scope global tentative > valid_lft forever preferred_lft forever > [root@f20 ~]# ip link set dev eth1 up > [root@f20 ~]# ip link set dev eth1 down > [root@f20 ~]# ip addr show dev eth1 > 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000 > link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff > inet6 2000:11:1:1::1/64 scope global > valid_lft forever preferred_lft forever > inet6 fe80::4:11ff:fe22:3301/64 scope link > valid_lft forever preferred_lft forever > > Suggested-by: Hannes Frederic Sowa <hannes@redhat.com> > Signed-off-by: David Ahern <dsahern@gmail.com> > Cc: Hannes Frederic Sowa <hannes@redhat.com> > --- > include/linux/ipv6.h | 1 + > include/uapi/linux/ipv6.h | 1 + > net/ipv6/addrconf.c | 15 +++++++++++++++ > 3 files changed, 17 insertions(+) > > diff --git a/include/linux/ipv6.h b/include/linux/ipv6.h > index c694e7baa621..1d726e39f09f 100644 > --- a/include/linux/ipv6.h > +++ b/include/linux/ipv6.h > @@ -52,6 +52,7 @@ struct ipv6_devconf { > __s32 force_tllao; > __s32 ndisc_notify; > __s32 suppress_frag_ndisc; > + __s32 flush_addr_on_down; > void *sysctl; > }; > > diff --git a/include/uapi/linux/ipv6.h b/include/uapi/linux/ipv6.h > index e863d088b9a5..c7cb79e0f0fe 100644 > --- a/include/uapi/linux/ipv6.h > +++ b/include/uapi/linux/ipv6.h > @@ -165,6 +165,7 @@ enum { > DEVCONF_SUPPRESS_FRAG_NDISC, > DEVCONF_ACCEPT_RA_FROM_LOCAL, > DEVCONF_USE_OPTIMISTIC, > + DEVCONF_FLUSH_ON_DOWN, > DEVCONF_MAX > }; > > diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c > index f7c8bbeb27b7..5c0d49073cb1 100644 > --- a/net/ipv6/addrconf.c > +++ b/net/ipv6/addrconf.c > @@ -201,6 +201,7 @@ static struct ipv6_devconf ipv6_devconf __read_mostly = { > .disable_ipv6 = 0, > .accept_dad = 1, > .suppress_frag_ndisc = 1, > + .flush_addr_on_down = 1, > }; > > static struct ipv6_devconf ipv6_devconf_dflt __read_mostly = { > @@ -238,6 +239,7 @@ static struct ipv6_devconf ipv6_devconf_dflt __read_mostly = { > .disable_ipv6 = 0, > .accept_dad = 1, > .suppress_frag_ndisc = 1, > + .flush_addr_on_down = 1, > }; > > /* Check if a valid qdisc is available */ > @@ -3083,6 +3085,9 @@ static int addrconf_ifdown(struct net_device *dev, int how) > if (how && del_timer(&idev->regen_timer)) > in6_dev_put(idev); > > + if (!how && !idev->cnf.flush_addr_on_down) > + goto unlock; I would still prefer that we flush automatically generated addresses and only keep the static and permanent ones. What do you think? Bye, Hannes -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
> I would still prefer that we flush automatically generated addresses and only > keep the static and permanent ones. > > What do you think? > > Bye, > Hannes If I may offer an opinion, I do feel that there are use cases where flushing the auto-generated addresses in ifdown would not be desirable. We have one such use case where information regarding the state of the network beyond the interface is managed through sideband signaling. We know that the auto-generated address would still be valid on ifup because the router information is unchanged. In this case, ifup/down is solely being used as a way for user space to enable/disable all traffic on a particular netdevice for temporary periods. That said, I'm not sure how useful this would be for the average user; I see no harm if it is configurable and the default behavior is unchanged. Thanks, Harout -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Mo, 2015-01-19 at 09:12 -0700, Harout Hedeshian wrote: > > I would still prefer that we flush automatically generated addresses and only > > keep the static and permanent ones. > > > > What do you think? > > > > Bye, > > Hannes > > If I may offer an opinion, I do feel that there are use cases where flushing the auto-generated addresses in ifdown would not be desirable. > > We have one such use case where information regarding the state of the network beyond the interface is managed through sideband signaling. We know that the auto-generated address would still be valid on ifup because the router information is unchanged. In this case, ifup/down is solely being used as a way for user space to enable/disable all traffic on a particular netdevice for temporary periods. > > That said, I'm not sure how useful this would be for the average user; I see no harm if it is configurable and the default behavior is unchanged. Do you think it makes sense to combine the logic with the accept_ra sysctl? accept_ra && !flush_addr_on_down -> flush addresses generated by accept_ra logic !accept_ra && !flush_addr_on_down -> don't flush any addresses I am not sure about that, feels complicated. Would that suite your usecase? Bye, Hannes -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On 1/19/15 8:02 AM, Hannes Frederic Sowa wrote: > > I would still prefer that we flush automatically generated addresses and > only keep the static and permanent ones. > > What do you think? Fine with me. Static addresses were the motivation of the patch. David -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Wed, 14 Jan 2015 12:17:19 -0700 David Ahern <dsahern@gmail.com> wrote: > Currently, ipv6 addresses are flushed when the interface is configured down: > > [root@f20 ~]# ip -6 addr add dev eth1 2000:11:1:1::1/64 > [root@f20 ~]# ip addr show dev eth1 > 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000 > link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff > inet6 2000:11:1:1::1/64 scope global tentative > valid_lft forever preferred_lft forever > [root@f20 ~]# ip link set dev eth1 up > [root@f20 ~]# ip link set dev eth1 down > [root@f20 ~]# ip addr show dev eth1 > 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000 > link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff > > Add a new sysctl to make this behavior optional. Setting defaults to flush > addresses to maintain backwards compatibility. When reset flushing is bypassed: > > [root@f20 ~]# echo 0 > /proc/sys/net/ipv6/conf/eth1/flush_addr_on_down > [root@f20 ~]# ip -6 addr add dev eth1 2000:11:1:1::1/64 > [root@f20 ~]# ip addr show dev eth1 > 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000 > link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff > inet6 2000:11:1:1::1/64 scope global tentative > valid_lft forever preferred_lft forever > [root@f20 ~]# ip link set dev eth1 up > [root@f20 ~]# ip link set dev eth1 down > [root@f20 ~]# ip addr show dev eth1 > 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000 > link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff > inet6 2000:11:1:1::1/64 scope global > valid_lft forever preferred_lft forever > inet6 fe80::4:11ff:fe22:3301/64 scope link > valid_lft forever preferred_lft forever > > Suggested-by: Hannes Frederic Sowa <hannes@redhat.com> > Signed-off-by: David Ahern <dsahern@gmail.com> > Cc: Hannes Frederic Sowa <hannes@redhat.com> Would this break existing application expecting a particular semantic by listening to netlink? What happens to packets received with the static address when interface is down? With IPv4 Linux is mostly a weak host model, and IPv6 somewhere in between. For vendors that control the application stack or have limited number of services this would work fine, but what about RHEL? -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Do, 2015-01-22 at 22:40 -0800, Stephen Hemminger wrote: > On Wed, 14 Jan 2015 12:17:19 -0700 > David Ahern <dsahern@gmail.com> wrote: > > > Currently, ipv6 addresses are flushed when the interface is configured down: > > > > [root@f20 ~]# ip -6 addr add dev eth1 2000:11:1:1::1/64 > > [root@f20 ~]# ip addr show dev eth1 > > 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000 > > link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff > > inet6 2000:11:1:1::1/64 scope global tentative > > valid_lft forever preferred_lft forever > > [root@f20 ~]# ip link set dev eth1 up > > [root@f20 ~]# ip link set dev eth1 down > > [root@f20 ~]# ip addr show dev eth1 > > 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000 > > link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff > > > > Add a new sysctl to make this behavior optional. Setting defaults to flush > > addresses to maintain backwards compatibility. When reset flushing is bypassed: > > > > [root@f20 ~]# echo 0 > /proc/sys/net/ipv6/conf/eth1/flush_addr_on_down > > [root@f20 ~]# ip -6 addr add dev eth1 2000:11:1:1::1/64 > > [root@f20 ~]# ip addr show dev eth1 > > 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000 > > link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff > > inet6 2000:11:1:1::1/64 scope global tentative > > valid_lft forever preferred_lft forever > > [root@f20 ~]# ip link set dev eth1 up > > [root@f20 ~]# ip link set dev eth1 down > > [root@f20 ~]# ip addr show dev eth1 > > 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000 > > link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff > > inet6 2000:11:1:1::1/64 scope global > > valid_lft forever preferred_lft forever > > inet6 fe80::4:11ff:fe22:3301/64 scope link > > valid_lft forever preferred_lft forever > > > > Suggested-by: Hannes Frederic Sowa <hannes@redhat.com> > > Signed-off-by: David Ahern <dsahern@gmail.com> > > Cc: Hannes Frederic Sowa <hannes@redhat.com> > > Would this break existing application expecting a particular semantic > by listening to netlink? What happens to packets received with the static > address when interface is down? With IPv4 Linux is mostly a weak host > model, and IPv6 somewhere in between. IPv6 is mostly a weak end model, too, but IFA_LINK addresses are used much more. So yes, it is somewhere in between. Addresses bound to interfaces which are currently down will work with IPv6 (in contrast to IPv4). > For vendors that control the application stack or have limited number > of services this would work fine, but what about RHEL? The new model is only enabled if the sysctl is set. I don't expect a lot of vendors or distributions switching anytime soon. I wonder if we should try to come up with a way of IPV6_NEW_WORLD_ORDER we can make some changes to the stack which align much better with the RFCs, e.g. no default link local address generation, no default on-link routes etc. Bye, Hannes -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On 01/14/2015 02:17 PM, David Ahern wrote: > Currently, ipv6 addresses are flushed when the interface is configured down: > > [root@f20 ~]# ip -6 addr add dev eth1 2000:11:1:1::1/64 > [root@f20 ~]# ip addr show dev eth1 > 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000 > link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff > inet6 2000:11:1:1::1/64 scope global tentative > valid_lft forever preferred_lft forever > [root@f20 ~]# ip link set dev eth1 up > [root@f20 ~]# ip link set dev eth1 down > [root@f20 ~]# ip addr show dev eth1 > 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000 > link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff > > Add a new sysctl to make this behavior optional. Setting defaults to flush > addresses to maintain backwards compatibility. When reset flushing is bypassed: > > [root@f20 ~]# echo 0 > /proc/sys/net/ipv6/conf/eth1/flush_addr_on_down > [root@f20 ~]# ip -6 addr add dev eth1 2000:11:1:1::1/64 > [root@f20 ~]# ip addr show dev eth1 > 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000 > link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff > inet6 2000:11:1:1::1/64 scope global tentative > valid_lft forever preferred_lft forever > [root@f20 ~]# ip link set dev eth1 up > [root@f20 ~]# ip link set dev eth1 down > [root@f20 ~]# ip addr show dev eth1 > 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000 > link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff > inet6 2000:11:1:1::1/64 scope global > valid_lft forever preferred_lft forever > inet6 fe80::4:11ff:fe22:3301/64 scope link > valid_lft forever preferred_lft forever I think this was brought up in a previous thread on this, but don't you have to do DAD on these addresses once the interface comes back up? Some other system could have come along, done DAD, succeeded, and is now using it. Or does the use of this flag assume the user is Ok without doing DAD, and will deal with the fallout? -Brian -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On 1/23/15 9:09 AM, Brian Haley wrote: > On 01/14/2015 02:17 PM, David Ahern wrote: >> Currently, ipv6 addresses are flushed when the interface is configured down: >> >> [root@f20 ~]# ip -6 addr add dev eth1 2000:11:1:1::1/64 >> [root@f20 ~]# ip addr show dev eth1 >> 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000 >> link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff >> inet6 2000:11:1:1::1/64 scope global tentative >> valid_lft forever preferred_lft forever >> [root@f20 ~]# ip link set dev eth1 up >> [root@f20 ~]# ip link set dev eth1 down >> [root@f20 ~]# ip addr show dev eth1 >> 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000 >> link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff >> >> Add a new sysctl to make this behavior optional. Setting defaults to flush >> addresses to maintain backwards compatibility. When reset flushing is bypassed: >> >> [root@f20 ~]# echo 0 > /proc/sys/net/ipv6/conf/eth1/flush_addr_on_down >> [root@f20 ~]# ip -6 addr add dev eth1 2000:11:1:1::1/64 >> [root@f20 ~]# ip addr show dev eth1 >> 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000 >> link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff >> inet6 2000:11:1:1::1/64 scope global tentative >> valid_lft forever preferred_lft forever >> [root@f20 ~]# ip link set dev eth1 up >> [root@f20 ~]# ip link set dev eth1 down >> [root@f20 ~]# ip addr show dev eth1 >> 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000 >> link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff >> inet6 2000:11:1:1::1/64 scope global >> valid_lft forever preferred_lft forever >> inet6 fe80::4:11ff:fe22:3301/64 scope link >> valid_lft forever preferred_lft forever > > I think this was brought up in a previous thread on this, but don't you have to > do DAD on these addresses once the interface comes back up? Some other system > could have come along, done DAD, succeeded, and is now using it. Or does the > use of this flag assume the user is Ok without doing DAD, and will deal with the > fallout? You have the same problem today, don't you? Current code allows an IPv6 address to be configured on interface in the down state. The intent of this sysctl is to allow that address to stay on an up-down cycle. I don't have a strong IPv6 background so the first email thread and this RFC patch are both asking first and foremost if there is any harm in this behavior. None has been raised - so far. To maintain backwards compatibility this is a new option which when reset allows the addresses to be retained (not flushed). David -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On 1/22/15 11:40 PM, Stephen Hemminger wrote: > Would this break existing application expecting a particular semantic > by listening to netlink? What happens to packets received with the static > address when interface is down? With IPv4 Linux is mostly a weak host > model, and IPv6 somewhere in between. > > For vendors that control the application stack or have limited number > of services this would work fine, but what about RHEL? > > The intent of making it a sysctl option is to maintain backwards compatibility and allow users to take the new functionality if desired - which includes accepting changes in behavior. David -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On 01/23/2015 01:23 PM, David Ahern wrote: >>> Add a new sysctl to make this behavior optional. Setting defaults to flush >>> addresses to maintain backwards compatibility. When reset flushing is bypassed: >>> >>> [root@f20 ~]# echo 0 > /proc/sys/net/ipv6/conf/eth1/flush_addr_on_down >>> [root@f20 ~]# ip -6 addr add dev eth1 2000:11:1:1::1/64 >>> [root@f20 ~]# ip addr show dev eth1 >>> 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group >>> default qlen 1000 >>> link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff >>> inet6 2000:11:1:1::1/64 scope global tentative >>> valid_lft forever preferred_lft forever >>> [root@f20 ~]# ip link set dev eth1 up >>> [root@f20 ~]# ip link set dev eth1 down >>> [root@f20 ~]# ip addr show dev eth1 >>> 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group >>> default qlen 1000 >>> link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff >>> inet6 2000:11:1:1::1/64 scope global >>> valid_lft forever preferred_lft forever >>> inet6 fe80::4:11ff:fe22:3301/64 scope link >>> valid_lft forever preferred_lft forever >> >> I think this was brought up in a previous thread on this, but don't you have to >> do DAD on these addresses once the interface comes back up? Some other system >> could have come along, done DAD, succeeded, and is now using it. Or does the >> use of this flag assume the user is Ok without doing DAD, and will deal with the >> fallout? > > You have the same problem today, don't you? Current code allows an IPv6 address > to be configured on interface in the down state. The intent of this sysctl is to > allow that address to stay on an up-down cycle. Yes, looks like ndisc_send_skb() never returns any lower-level error back up to the caller, so it's assumed the Neighbour Advertisement is always sent. Although the address will be marked "tentative" until IFF_UP is set. > I don't have a strong IPv6 background so the first email thread and this RFC > patch are both asking first and foremost if there is any harm in this behavior. > None has been raised - so far. To maintain backwards compatibility this is a new > option which when reset allows the addresses to be retained (not flushed). Seems as though you're in an RFC grey area then. Personally, I'd do DAD, even though the possibility of a collision is always very small. But that's just my opinion. -Brian -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Fr, 2015-01-23 at 16:17 -0500, Brian Haley wrote: > On 01/23/2015 01:23 PM, David Ahern wrote: > > >>> Add a new sysctl to make this behavior optional. Setting defaults to flush > >>> addresses to maintain backwards compatibility. When reset flushing is bypassed: > >>> > >>> [root@f20 ~]# echo 0 > /proc/sys/net/ipv6/conf/eth1/flush_addr_on_down > >>> [root@f20 ~]# ip -6 addr add dev eth1 2000:11:1:1::1/64 > >>> [root@f20 ~]# ip addr show dev eth1 > >>> 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group > >>> default qlen 1000 > >>> link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff > >>> inet6 2000:11:1:1::1/64 scope global tentative > >>> valid_lft forever preferred_lft forever > >>> [root@f20 ~]# ip link set dev eth1 up > >>> [root@f20 ~]# ip link set dev eth1 down > >>> [root@f20 ~]# ip addr show dev eth1 > >>> 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group > >>> default qlen 1000 > >>> link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff > >>> inet6 2000:11:1:1::1/64 scope global > >>> valid_lft forever preferred_lft forever > >>> inet6 fe80::4:11ff:fe22:3301/64 scope link > >>> valid_lft forever preferred_lft forever > >> > >> I think this was brought up in a previous thread on this, but don't you have to > >> do DAD on these addresses once the interface comes back up? Some other system > >> could have come along, done DAD, succeeded, and is now using it. Or does the > >> use of this flag assume the user is Ok without doing DAD, and will deal with the > >> fallout? > > > > You have the same problem today, don't you? Current code allows an IPv6 address > > to be configured on interface in the down state. The intent of this sysctl is to > > allow that address to stay on an up-down cycle. > > Yes, looks like ndisc_send_skb() never returns any lower-level error back up to > the caller, so it's assumed the Neighbour Advertisement is always sent. > Although the address will be marked "tentative" until IFF_UP is set. > > > I don't have a strong IPv6 background so the first email thread and this RFC > > patch are both asking first and foremost if there is any harm in this behavior. > > None has been raised - so far. To maintain backwards compatibility this is a new > > option which when reset allows the addresses to be retained (not flushed). > > Seems as though you're in an RFC grey area then. Personally, I'd do DAD, even > though the possibility of a collision is always very small. But that's just my > opinion. I agree. If the interface is in a state where it doesn't listen for other hosts doing DAD, we must initiate DAD for that address during bringing the interface up. I am even not so sure if this is a grey area. Anyway, the current behavior is not best and we should change that if the kernel does not do DAD on addresses added during ifdown. Hopefully people don't use this trick. :) Bye, Hannes -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Fri, Jan 23, 2015 at 01:22:17PM +0100, Hannes Frederic Sowa wrote: > On Do, 2015-01-22 at 22:40 -0800, Stephen Hemminger wrote: > > On Wed, 14 Jan 2015 12:17:19 -0700 > > David Ahern <dsahern@gmail.com> wrote: > > > > > Currently, ipv6 addresses are flushed when the interface is configured down: > > > > > > [root@f20 ~]# ip -6 addr add dev eth1 2000:11:1:1::1/64 > > > [root@f20 ~]# ip addr show dev eth1 > > > 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000 > > > link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff > > > inet6 2000:11:1:1::1/64 scope global tentative > > > valid_lft forever preferred_lft forever > > > [root@f20 ~]# ip link set dev eth1 up > > > [root@f20 ~]# ip link set dev eth1 down > > > [root@f20 ~]# ip addr show dev eth1 > > > 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000 > > > link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff > > > > > > Add a new sysctl to make this behavior optional. Setting defaults to flush > > > addresses to maintain backwards compatibility. When reset flushing is bypassed: > > > > > > [root@f20 ~]# echo 0 > /proc/sys/net/ipv6/conf/eth1/flush_addr_on_down > > > [root@f20 ~]# ip -6 addr add dev eth1 2000:11:1:1::1/64 > > > [root@f20 ~]# ip addr show dev eth1 > > > 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000 > > > link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff > > > inet6 2000:11:1:1::1/64 scope global tentative > > > valid_lft forever preferred_lft forever > > > [root@f20 ~]# ip link set dev eth1 up > > > [root@f20 ~]# ip link set dev eth1 down > > > [root@f20 ~]# ip addr show dev eth1 > > > 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000 > > > link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff > > > inet6 2000:11:1:1::1/64 scope global > > > valid_lft forever preferred_lft forever > > > inet6 fe80::4:11ff:fe22:3301/64 scope link > > > valid_lft forever preferred_lft forever > > > > > > Suggested-by: Hannes Frederic Sowa <hannes@redhat.com> > > > Signed-off-by: David Ahern <dsahern@gmail.com> > > > Cc: Hannes Frederic Sowa <hannes@redhat.com> > > > > Would this break existing application expecting a particular semantic > > by listening to netlink? What happens to packets received with the static > > address when interface is down? With IPv4 Linux is mostly a weak host > > model, and IPv6 somewhere in between. > > IPv6 is mostly a weak end model, too, but IFA_LINK addresses are used > much more. So yes, it is somewhere in between. > > Addresses bound to interfaces which are currently down will work with > IPv6 (in contrast to IPv4). > > > For vendors that control the application stack or have limited number > > of services this would work fine, but what about RHEL? > > The new model is only enabled if the sysctl is set. I don't expect a lot > of vendors or distributions switching anytime soon. You are probably correct that many will not switch, but this sysctl gives those who want to switch a nice option without having to carry extra kernel patches. I like it. I have been pondering a few different changes to interface address and route behavior on both interface and link (gasp!) down and would like to use sysctls to make those options available to those who are interested without changing the current model. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Hi, On Mo, 2015-01-26 at 23:56 -0500, Andy Gospodarek wrote: > On Fri, Jan 23, 2015 at 01:22:17PM +0100, Hannes Frederic Sowa wrote: > > On Do, 2015-01-22 at 22:40 -0800, Stephen Hemminger wrote: > > > On Wed, 14 Jan 2015 12:17:19 -0700 > > > David Ahern <dsahern@gmail.com> wrote: > > > > > > > Currently, ipv6 addresses are flushed when the interface is configured down: > > > > > > > > [root@f20 ~]# ip -6 addr add dev eth1 2000:11:1:1::1/64 > > > > [root@f20 ~]# ip addr show dev eth1 > > > > 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000 > > > > link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff > > > > inet6 2000:11:1:1::1/64 scope global tentative > > > > valid_lft forever preferred_lft forever > > > > [root@f20 ~]# ip link set dev eth1 up > > > > [root@f20 ~]# ip link set dev eth1 down > > > > [root@f20 ~]# ip addr show dev eth1 > > > > 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000 > > > > link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff > > > > > > > > Add a new sysctl to make this behavior optional. Setting defaults to flush > > > > addresses to maintain backwards compatibility. When reset flushing is bypassed: > > > > > > > > [root@f20 ~]# echo 0 > /proc/sys/net/ipv6/conf/eth1/flush_addr_on_down > > > > [root@f20 ~]# ip -6 addr add dev eth1 2000:11:1:1::1/64 > > > > [root@f20 ~]# ip addr show dev eth1 > > > > 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000 > > > > link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff > > > > inet6 2000:11:1:1::1/64 scope global tentative > > > > valid_lft forever preferred_lft forever > > > > [root@f20 ~]# ip link set dev eth1 up > > > > [root@f20 ~]# ip link set dev eth1 down > > > > [root@f20 ~]# ip addr show dev eth1 > > > > 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000 > > > > link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff > > > > inet6 2000:11:1:1::1/64 scope global > > > > valid_lft forever preferred_lft forever > > > > inet6 fe80::4:11ff:fe22:3301/64 scope link > > > > valid_lft forever preferred_lft forever > > > > > > > > Suggested-by: Hannes Frederic Sowa <hannes@redhat.com> > > > > Signed-off-by: David Ahern <dsahern@gmail.com> > > > > Cc: Hannes Frederic Sowa <hannes@redhat.com> > > > > > > Would this break existing application expecting a particular semantic > > > by listening to netlink? What happens to packets received with the static > > > address when interface is down? With IPv4 Linux is mostly a weak host > > > model, and IPv6 somewhere in between. > > > > IPv6 is mostly a weak end model, too, but IFA_LINK addresses are used > > much more. So yes, it is somewhere in between. > > > > Addresses bound to interfaces which are currently down will work with > > IPv6 (in contrast to IPv4). > > > > > For vendors that control the application stack or have limited number > > > of services this would work fine, but what about RHEL? > > > > The new model is only enabled if the sysctl is set. I don't expect a lot > > of vendors or distributions switching anytime soon. > > You are probably correct that many will not switch, but this sysctl > gives those who want to switch a nice option without having to carry > extra kernel patches. I like it. I don't see any problem with the patch in general but DAD should definitely happen on reenabling interfaces. Current behavior does not seem fine to me. It's ok if this patch doesn't change this behavior now but a follow-up one will be needed then. David, will you look after the DAD logic and do you plan a follow-up patch? > I have been pondering a few different changes to interface address and > route behavior on both interface and link (gasp!) down and would like to > use sysctls to make those options available to those who are interested > without changing the current model. Can you be more specific? In the last year we added some per interface flags to e.g. handle the creation of on-link routes in case of an address gets added to the interface. Maybe this is the better approach, because quite a lot of stuff happens interface local in IPv6. Thanks, Hannes -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On 1/27/15 2:44 AM, Hannes Frederic Sowa wrote: >> You are probably correct that many will not switch, but this sysctl >> gives those who want to switch a nice option without having to carry >> extra kernel patches. I like it. > > I don't see any problem with the patch in general but DAD should > definitely happen on reenabling interfaces. Current behavior does not > seem fine to me. It's ok if this patch doesn't change this behavior now > but a follow-up one will be needed then. > > David, will you look after the DAD logic and do you plan a follow-up > patch? Yes, I do plan a follow-up patch for this change. Will work on that this week. From the discussion a second patch is needed to make sure DAD is done on a link up if there is an address configured. David -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Di, 2015-01-27 at 07:55 -0700, David Ahern wrote: > On 1/27/15 2:44 AM, Hannes Frederic Sowa wrote: > >> You are probably correct that many will not switch, but this sysctl > >> gives those who want to switch a nice option without having to carry > >> extra kernel patches. I like it. > > > > I don't see any problem with the patch in general but DAD should > > definitely happen on reenabling interfaces. Current behavior does not > > seem fine to me. It's ok if this patch doesn't change this behavior now > > but a follow-up one will be needed then. > > > > David, will you look after the DAD logic and do you plan a follow-up > > patch? > > Yes, I do plan a follow-up patch for this change. Will work on that this > week. > > From the discussion a second patch is needed to make sure DAD is done > on a link up if there is an address configured. Thank you! Let's see if the DAD patch isn't complex, maybe it is a candidate for stable? -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Tue, Jan 27, 2015 at 10:44:21AM +0100, Hannes Frederic Sowa wrote: > Hi, > > On Mo, 2015-01-26 at 23:56 -0500, Andy Gospodarek wrote: > > On Fri, Jan 23, 2015 at 01:22:17PM +0100, Hannes Frederic Sowa wrote: > > > On Do, 2015-01-22 at 22:40 -0800, Stephen Hemminger wrote: > > > > On Wed, 14 Jan 2015 12:17:19 -0700 > > > > David Ahern <dsahern@gmail.com> wrote: > > > > > > > > > Currently, ipv6 addresses are flushed when the interface is configured down: > > > > > > > > > > [root@f20 ~]# ip -6 addr add dev eth1 2000:11:1:1::1/64 > > > > > [root@f20 ~]# ip addr show dev eth1 > > > > > 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000 > > > > > link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff > > > > > inet6 2000:11:1:1::1/64 scope global tentative > > > > > valid_lft forever preferred_lft forever > > > > > [root@f20 ~]# ip link set dev eth1 up > > > > > [root@f20 ~]# ip link set dev eth1 down > > > > > [root@f20 ~]# ip addr show dev eth1 > > > > > 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000 > > > > > link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff > > > > > > > > > > Add a new sysctl to make this behavior optional. Setting defaults to flush > > > > > addresses to maintain backwards compatibility. When reset flushing is bypassed: > > > > > > > > > > [root@f20 ~]# echo 0 > /proc/sys/net/ipv6/conf/eth1/flush_addr_on_down > > > > > [root@f20 ~]# ip -6 addr add dev eth1 2000:11:1:1::1/64 > > > > > [root@f20 ~]# ip addr show dev eth1 > > > > > 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000 > > > > > link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff > > > > > inet6 2000:11:1:1::1/64 scope global tentative > > > > > valid_lft forever preferred_lft forever > > > > > [root@f20 ~]# ip link set dev eth1 up > > > > > [root@f20 ~]# ip link set dev eth1 down > > > > > [root@f20 ~]# ip addr show dev eth1 > > > > > 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000 > > > > > link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff > > > > > inet6 2000:11:1:1::1/64 scope global > > > > > valid_lft forever preferred_lft forever > > > > > inet6 fe80::4:11ff:fe22:3301/64 scope link > > > > > valid_lft forever preferred_lft forever > > > > > > > > > > Suggested-by: Hannes Frederic Sowa <hannes@redhat.com> > > > > > Signed-off-by: David Ahern <dsahern@gmail.com> > > > > > Cc: Hannes Frederic Sowa <hannes@redhat.com> > > > > > > > > Would this break existing application expecting a particular semantic > > > > by listening to netlink? What happens to packets received with the static > > > > address when interface is down? With IPv4 Linux is mostly a weak host > > > > model, and IPv6 somewhere in between. > > > > > > IPv6 is mostly a weak end model, too, but IFA_LINK addresses are used > > > much more. So yes, it is somewhere in between. > > > > > > Addresses bound to interfaces which are currently down will work with > > > IPv6 (in contrast to IPv4). > > > > > > > For vendors that control the application stack or have limited number > > > > of services this would work fine, but what about RHEL? > > > > > > The new model is only enabled if the sysctl is set. I don't expect a lot > > > of vendors or distributions switching anytime soon. > > > > You are probably correct that many will not switch, but this sysctl > > gives those who want to switch a nice option without having to carry > > extra kernel patches. I like it. > > I don't see any problem with the patch in general but DAD should > definitely happen on reenabling interfaces. Current behavior does not > seem fine to me. It's ok if this patch doesn't change this behavior now > but a follow-up one will be needed then. > > David, will you look after the DAD logic and do you plan a follow-up > patch? > > > I have been pondering a few different changes to interface address and > > route behavior on both interface and link (gasp!) down and would like to > > use sysctls to make those options available to those who are interested > > without changing the current model. > > Can you be more specific? In the last year we added some per interface > flags to e.g. handle the creation of on-link routes in case of an > address gets added to the interface. Maybe this is the better approach, > because quite a lot of stuff happens interface local in IPv6. Unfortunately some of the work I've been doing is on a 3.2 long-term kernel, but I've also been testing some of my hacks^Wpatches on the latest tree as well to make control/mark FIB entries based on link-status (carrier not I would call 'admin state' set via 'ip link set'). Overloading the use of the onlink could be a good option -- I'll review your patches and the functionality a bit more closely to see if I can merge my changes with those and clean everything up. I know that NM, netplugd, ifplugd, networkd, etc. could be used to handle issue like this, but an in-kernel solution has a much better chance of being reliable when you are dealing with ~100 network interfaces and do not want to black-hole traffic when link is down to a router in your datacenter and there is another possible route to get to the network that was previously directly connected. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On 01/27/2015 08:28 AM, Hannes Frederic Sowa wrote: >> From the discussion a second patch is needed to make sure DAD is done >> on a link up if there is an address configured. > > Thank you! > > Let's see if the DAD patch isn't complex, maybe it is a candidate for > stable? Actually, DAD is done on a link up; you can see the notifications go out when the link is brought up: 18:46:28.519907 IP6 :: > ff02::1:ff00:10: ICMP6, neighbor solicitation, who has 2001:1::10, length 24 18:46:28.607650 IP6 :: > ff02::1:ff03:402: ICMP6, neighbor solicitation, who has fe80::1:2ff:fe03:402, length 24 So current top of tree works fine wrt DAD on addresses added when a link is down and then the link is brought up. But, my previous patch does not re-send notifications on the up in a down-up cycle. I believe it is because the IFA_F_TENTATIVE flag is not set for the global address configured. I will address that in the revised patch. David -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Di, 2015-01-27 at 20:21 -0700, David Ahern wrote: > On 01/27/2015 08:28 AM, Hannes Frederic Sowa wrote: > >> From the discussion a second patch is needed to make sure DAD is done > >> on a link up if there is an address configured. > > > > Thank you! > > > > Let's see if the DAD patch isn't complex, maybe it is a candidate for > > stable? > > Actually, DAD is done on a link up; you can see the notifications go out > when the link is brought up: Oh, cool, sorry I did not check and misunderstood you in the other mail. > 18:46:28.519907 IP6 :: > ff02::1:ff00:10: ICMP6, neighbor solicitation, > who has 2001:1::10, length 24 > 18:46:28.607650 IP6 :: > ff02::1:ff03:402: ICMP6, neighbor solicitation, > who has fe80::1:2ff:fe03:402, length 24 > > So current top of tree works fine wrt DAD on addresses added when a link > is down and then the link is brought up. > > But, my previous patch does not re-send notifications on the up in a > down-up cycle. I believe it is because the IFA_F_TENTATIVE flag is not > set for the global address configured. I will address that in the > revised patch. Sounds good, I don't see any more problems with this patch then. Thanks! -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/include/linux/ipv6.h b/include/linux/ipv6.h index c694e7baa621..1d726e39f09f 100644 --- a/include/linux/ipv6.h +++ b/include/linux/ipv6.h @@ -52,6 +52,7 @@ struct ipv6_devconf { __s32 force_tllao; __s32 ndisc_notify; __s32 suppress_frag_ndisc; + __s32 flush_addr_on_down; void *sysctl; }; diff --git a/include/uapi/linux/ipv6.h b/include/uapi/linux/ipv6.h index e863d088b9a5..c7cb79e0f0fe 100644 --- a/include/uapi/linux/ipv6.h +++ b/include/uapi/linux/ipv6.h @@ -165,6 +165,7 @@ enum { DEVCONF_SUPPRESS_FRAG_NDISC, DEVCONF_ACCEPT_RA_FROM_LOCAL, DEVCONF_USE_OPTIMISTIC, + DEVCONF_FLUSH_ON_DOWN, DEVCONF_MAX }; diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c index f7c8bbeb27b7..5c0d49073cb1 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c @@ -201,6 +201,7 @@ static struct ipv6_devconf ipv6_devconf __read_mostly = { .disable_ipv6 = 0, .accept_dad = 1, .suppress_frag_ndisc = 1, + .flush_addr_on_down = 1, }; static struct ipv6_devconf ipv6_devconf_dflt __read_mostly = { @@ -238,6 +239,7 @@ static struct ipv6_devconf ipv6_devconf_dflt __read_mostly = { .disable_ipv6 = 0, .accept_dad = 1, .suppress_frag_ndisc = 1, + .flush_addr_on_down = 1, }; /* Check if a valid qdisc is available */ @@ -3083,6 +3085,9 @@ static int addrconf_ifdown(struct net_device *dev, int how) if (how && del_timer(&idev->regen_timer)) in6_dev_put(idev); + if (!how && !idev->cnf.flush_addr_on_down) + goto unlock; + /* Step 3: clear tempaddr list */ while (!list_empty(&idev->tempaddr_list)) { ifa = list_first_entry(&idev->tempaddr_list, @@ -3123,6 +3128,7 @@ static int addrconf_ifdown(struct net_device *dev, int how) write_lock_bh(&idev->lock); } +unlock: write_unlock_bh(&idev->lock); /* Step 5: Discard anycast and multicast list */ @@ -4376,6 +4382,7 @@ static inline void ipv6_store_devconf(struct ipv6_devconf *cnf, array[DEVCONF_NDISC_NOTIFY] = cnf->ndisc_notify; array[DEVCONF_SUPPRESS_FRAG_NDISC] = cnf->suppress_frag_ndisc; array[DEVCONF_ACCEPT_RA_FROM_LOCAL] = cnf->accept_ra_from_local; + array[DEVCONF_FLUSH_ON_DOWN] = cnf->flush_addr_on_down; } static inline size_t inet6_ifla6_size(void) @@ -5253,6 +5260,14 @@ static struct addrconf_sysctl_table .proc_handler = proc_dointvec, }, { + .procname = "flush_addr_on_down", + .data = &ipv6_devconf.flush_addr_on_down, + .maxlen = sizeof(int), + .mode = 0644, + .proc_handler = proc_dointvec, + + }, + { /* sentinel */ } },
Currently, ipv6 addresses are flushed when the interface is configured down: [root@f20 ~]# ip -6 addr add dev eth1 2000:11:1:1::1/64 [root@f20 ~]# ip addr show dev eth1 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000 link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff inet6 2000:11:1:1::1/64 scope global tentative valid_lft forever preferred_lft forever [root@f20 ~]# ip link set dev eth1 up [root@f20 ~]# ip link set dev eth1 down [root@f20 ~]# ip addr show dev eth1 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000 link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff Add a new sysctl to make this behavior optional. Setting defaults to flush addresses to maintain backwards compatibility. When reset flushing is bypassed: [root@f20 ~]# echo 0 > /proc/sys/net/ipv6/conf/eth1/flush_addr_on_down [root@f20 ~]# ip -6 addr add dev eth1 2000:11:1:1::1/64 [root@f20 ~]# ip addr show dev eth1 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000 link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff inet6 2000:11:1:1::1/64 scope global tentative valid_lft forever preferred_lft forever [root@f20 ~]# ip link set dev eth1 up [root@f20 ~]# ip link set dev eth1 down [root@f20 ~]# ip addr show dev eth1 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000 link/ether 02:04:11:22:33:01 brd ff:ff:ff:ff:ff:ff inet6 2000:11:1:1::1/64 scope global valid_lft forever preferred_lft forever inet6 fe80::4:11ff:fe22:3301/64 scope link valid_lft forever preferred_lft forever Suggested-by: Hannes Frederic Sowa <hannes@redhat.com> Signed-off-by: David Ahern <dsahern@gmail.com> Cc: Hannes Frederic Sowa <hannes@redhat.com> --- include/linux/ipv6.h | 1 + include/uapi/linux/ipv6.h | 1 + net/ipv6/addrconf.c | 15 +++++++++++++++ 3 files changed, 17 insertions(+)