From patchwork Wed Feb 18 19:57:14 2009 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brian Haley X-Patchwork-Id: 23351 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.176.167]) by ozlabs.org (Postfix) with ESMTP id 966EADDE0A for ; Thu, 19 Feb 2009 06:57:32 +1100 (EST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755528AbZBRT5V (ORCPT ); Wed, 18 Feb 2009 14:57:21 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1754379AbZBRT5V (ORCPT ); Wed, 18 Feb 2009 14:57:21 -0500 Received: from g1t0027.austin.hp.com ([15.216.28.34]:33157 "EHLO g1t0027.austin.hp.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754147AbZBRT5U (ORCPT ); Wed, 18 Feb 2009 14:57:20 -0500 Received: from g1t0038.austin.hp.com (g1t0038.austin.hp.com [16.236.32.44]) by g1t0027.austin.hp.com (Postfix) with ESMTP id B7699382CA; Wed, 18 Feb 2009 19:57:18 +0000 (UTC) Received: from [192.168.1.100] (squirrel.fc.hp.com [15.11.146.57]) by g1t0038.austin.hp.com (Postfix) with ESMTP id 7944930008; Wed, 18 Feb 2009 19:57:15 +0000 (UTC) Message-ID: <499C681A.6000008@hp.com> Date: Wed, 18 Feb 2009 14:57:14 -0500 From: Brian Haley Organization: Open Source and Linux Organization User-Agent: Thunderbird 2.0.0.19 (X11/20090105) MIME-Version: 1.0 To: David Miller , YOSHIFUJI Hideaki CC: Vlad Yasevich , Chuck Lever , Theodore Tso , Valdis.Kletnieks@vt.edu, arvidjaar@mail.ru, rjw@sisk.pl, netdev@vger.kernel.org, bonding-devel@lists.sourceforge.net, jamagallon@ono.com, linux-kernel@vger.kernel.org Subject: Re: 2.6.29 regression? Bonding tied to IPV6 in 29-rc5 References: <200902172001.41804.arvidjaar@mail.ru> <20090217.142946.232071526.davem@davemloft.net> <25143.1234932076@turing-police.cc.vt.edu> <20090217.212919.259912220.davem@davemloft.net> <20090218135537.GF3600@mini-me.lan> <06F54D7E-EE07-49C9-AD8F-B46BD6B02ABA@oracle.com> <499C5486.5020807@hp.com> In-Reply-To: <499C5486.5020807@hp.com> Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Vlad Yasevich wrote: > Having worked in other environments where ipv6 has to be explicitly > enabled per interface, I've thought that this level of control was > always missing from linux. Being able to configure only the interface > that users want seems like a good thing to have. > Would a module parameter that disables ipv6 or at least addrconf be > enough of a solution? There does seem to be a sysctl for it, just doesn't seem to work. Possible patch below. This actually brings up the issue that the "all" ipv6 sysctl, for example net.ipv6.conf.all.disable_ipv6, doesn't actually do anything (at least it didn't seem to for me). Maybe it's time to fix that too to be like IPv4, things like IN_DEV_RPFILTER() and friends aren't looking so bad... I tested this patch on lo and a few Ethernet devices and saw no IPv6 addresses. Don't know if EPERM is the right errno since we don't know if the user set this or DAD failed. The disable_ipv6 knob was meant to be used for the kernel to disable IPv6 on an interface when DAD failed for the link-local address based on the MAC, but we should also be able to administratively disable it on an interface, or the entire system. This patch fixes the per-interface problem. Signed-off-by: Brian Haley diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c index 03e2a1a..9bc761f 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c @@ -603,6 +603,11 @@ ipv6_add_addr(struct inet6_dev *idev, const struct in6_addr *addr, int pfxlen, goto out2; } + if (idev->cnf.disable_ipv6) { + err = -EPERM; + goto out2; + } + write_lock(&addrconf_hash_lock); /* Ignore adding duplicate addresses on an interface */