From patchwork Fri Mar 17 00:53:45 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Christian Marangi X-Patchwork-Id: 1758033 X-Patchwork-Delegate: ansuelsmth@gmail.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=keip7T1I; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=ak/CNF9i; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4Pd5M74kBmz2473 for ; Fri, 17 Mar 2023 11:57:23 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=d12qGDpnOnFdmRgspJ/eAoYjREThHX/UXrblpuMIHF4=; b=keip7T1ImRR7is rUMaz/4eO/oAONw8FUcd3Xa1YTPeZ+52b19lclrL/BgQpXvMjRTQ1CChrdPWwriKWWmOT3P8+YNkT G3yLzR/E+JXsEO7ULoSXvb03qeirGW9vEo2XhjH3TeFIceGCRO5kXBymMXBTXPw63afm3KiTDfBkR xh516Euk1RrF20WWarbDEnPpqnQyaBbqyzgCyf5SbhRARX5ZQGuOsHV0LuIFQJGBHZh67c44oAzQb d1woVLSPbnCNG1e43IaueCkTBKauFSasgVFT94S2NxSx2LFsGuYMrkOOrhuKDHcS8UrfRCl+OXpyV OS6DPSdg3BMeTMabRB+A==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1pcyMN-000UWQ-0b; Fri, 17 Mar 2023 00:54:19 +0000 Received: from mail-wr1-x42e.google.com ([2a00:1450:4864:20::42e]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1pcyMG-000UTl-0M for openwrt-devel@lists.openwrt.org; Fri, 17 Mar 2023 00:54:13 +0000 Received: by mail-wr1-x42e.google.com with SMTP id i9so3073559wrp.3 for ; Thu, 16 Mar 2023 17:54:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; t=1679014449; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=26yKBjnRFK/3J492YKe+m1sXLhHoaoN9Wj/XyI/88rk=; b=ak/CNF9isxz4zI14kg5rphEzbX7Nq64e0IQwNO21UluS+MH31vLD0tDSu0tTgoMRJZ vu6fj8SuYHli/vq9IqdPfB21nKx0iZn0yUw0O5GRy3dxhwSlrTkMIObsLSh8YIQ47MAS OuU13N9YxKNVaKauWpdiz655KSOzjIxBYnX17lr8JttWG8HnpuYtgga+Cm9TX0xJA9LK wZBrfI/gwtLvqF9VTzaw8AbQSlCYm9o6JTg+WyoCIXGqYjf8jIeaOgffWAqK/kY675YA a5pkd+tHMqgaKwJnm6+35lRByXH/l1RHxXuKU0bERT2+RjVakfe1rwseINhOKNfHyLPa 76Uw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1679014449; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=26yKBjnRFK/3J492YKe+m1sXLhHoaoN9Wj/XyI/88rk=; b=awk7+HSHpxhGWH3gN1Smcov4R4ckLuFA5L9T83TShDgJVnSgqSmCGmdd44BPM6P5rq /5tz1hSc1a0+bSQ0wSE8Cw6/iWLpY8IOA0x9jFS9yLbWNF8RMUNJ0+HgzYWamsbaSXsF 1OaSh0ZH1XRceaPP+ridQOvcr+zhCpoX3GS+akULoQLGq8+wqyTJF3jIjpKjmkMWb+Ic 1R0SUqo4AfAyYWUbh7utd0aE8Lplor8bSud4YfOesPf93F03UuewvJa53bzMP+WjakPH T5EsYWWolW1NHKymiNO4u5TCo7lTHhtOpgCUl9Qecnyx6DlUKgAdVvjtqBGjXV5fr7Rv CnGw== X-Gm-Message-State: AO0yUKW7jqhHplsDFTCWxtKWsi3dpQ0DuLU00BEztinlmDdbgHXwvt1n mndZEEtiN0u4xRNa6cqAI5xmOVECpsY= X-Google-Smtp-Source: AK7set/SqSAf28jWj4Gic4ub+LRlQiNXqMFcHuEocZhGDnoae7PWofQz0kO4vk12iTjPkiMG6+xCJw== X-Received: by 2002:a5d:5349:0:b0:2ce:9f35:59b9 with SMTP id t9-20020a5d5349000000b002ce9f3559b9mr5576517wrv.17.1679014448543; Thu, 16 Mar 2023 17:54:08 -0700 (PDT) Received: from localhost.localdomain (93-34-89-197.ip49.fastwebnet.it. [93.34.89.197]) by smtp.googlemail.com with ESMTPSA id m23-20020a056000181700b002c5694aef92sm668059wrh.21.2023.03.16.17.54.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 16 Mar 2023 17:54:08 -0700 (PDT) From: Christian Marangi To: Jo-Philipp Wich , Stijn Tintel , OpenWrt Development List Cc: Christian Marangi Subject: [odhcpd PATCH 2/2] router: skip RA and wait for LINK-LOCAL to be assigned Date: Fri, 17 Mar 2023 01:53:45 +0100 Message-Id: <20230317005345.29092-2-ansuelsmth@gmail.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230317005345.29092-1-ansuelsmth@gmail.com> References: <20230317005345.29092-1-ansuelsmth@gmail.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230316_175412_177252_86A3CE8C X-CRM114-Status: GOOD ( 22.02 ) X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: This fix a specific and corner case when the following error and similar is printed in the log: Failed to send to ff02::1%br-lan (Address not available) The cause for this was tracked down to the lack of the interface of a configured LINK-LOCAL IPV6 address resulting in odhcpd_send() always failing. Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:42e listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [ansuelsmth[at]gmail.com] -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: OpenWrt Development List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org This fix a specific and corner case when the following error and similar is printed in the log: Failed to send to ff02::1%br-lan (Address not available) The cause for this was tracked down to the lack of the interface of a configured LINK-LOCAL IPV6 address resulting in odhcpd_send() always failing. A LINK-LOCAL IPV6 address is assigned only after the interface has carrier and is set to IFF_RUNNING and require some time for the address to be assigned due to DAD logic. In the case where an interface was just UP, odhcpd RA may fail since the LINK-LOCAL IPV6 address still needs to be assigned as it still need to be "trained". From the kernel view this is flagged in the IPV6 interface address with the flag IFA_F_TENTATIVE, that means the address still needs to be checked and follow DAD process. This is only a transient problem and the DAD process is required only once till the interface is not set DOWN. To handle this, add some check to verify if the address has to be checked and add an additional bool to flag if the interface have a LINK-LOCAL assigned. Skip sending RA if the interface still doesn't have finished the DAD process and retry at the next RA. A notice log is added to track this special case to track problematic case and even more corner case. Logic to check if interface have LINK-LOCAL are: - When interface is setup, on scanning for the interface ipv6 address check if at least one address is NOT in IFA_F_TENTATIVE state. - With interface already up but with still no LINK-LOCAL react on the RTM_NEWADDR event and set LINK-LOCAL if the addrs added by the event is a LINK-LOCAL reflecting that the interface finally ended the DAD process and have a correct address. Signed-off-by: Christian Marangi --- src/config.c | 9 +++++++++ src/netlink.c | 11 ++++++++++- src/odhcpd.h | 2 ++ src/router.c | 6 ++++++ 4 files changed, 27 insertions(+), 1 deletion(-) diff --git a/src/config.c b/src/config.c index 30da879..ee7219f 100644 --- a/src/config.c +++ b/src/config.c @@ -594,6 +594,15 @@ int config_parse_interface(void *data, size_t len, const char *name, bool overwr if (len > 0) iface->addr6_len = len; + for (size_t i = 0; i < iface->addr6_len; i++) { + struct odhcpd_ipaddr *addr = &iface->addr6[i]; + + if (!addr->tentative) { + iface->have_link_local = true; + break; + } + } + len = netlink_get_interface_addrs(iface->ifindex, false, &iface->addr4); if (len > 0) diff --git a/src/netlink.c b/src/netlink.c index 4a352a6..0a2da03 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -386,7 +386,7 @@ static int handle_rtm_addr(struct nlmsghdr *hdr, bool add) nla_memcpy(&event_info.addr, nla[IFA_ADDRESS], sizeof(event_info.addr)); - if (IN6_IS_ADDR_LINKLOCAL(&event_info.addr) || IN6_IS_ADDR_MULTICAST(&event_info.addr)) + if (IN6_IS_ADDR_MULTICAST(&event_info.addr)) return NL_SKIP; inet_ntop(AF_INET6, &event_info.addr, buf, sizeof(buf)); @@ -395,6 +395,11 @@ static int handle_rtm_addr(struct nlmsghdr *hdr, bool add) if (iface->ifindex != (int)ifa->ifa_index) continue; + if (add && IN6_IS_ADDR_LINKLOCAL(&event_info.addr)) { + iface->have_link_local = true; + return NL_SKIP; + } + syslog(LOG_DEBUG, "Netlink %s %s on %s", add ? "newaddr" : "deladdr", buf, iface->name); @@ -625,6 +630,10 @@ static int cb_addr_valid(struct nl_msg *msg, void *arg) if (ifa->ifa_flags & IFA_F_DEPRECATED) addrs[ctxt->ret].preferred = 0; + if (ifa->ifa_family == AF_INET6 && + ifa->ifa_flags & IFA_F_TENTATIVE) + addrs[ctxt->ret].tentative = true; + ctxt->ret++; *(ctxt->addrs) = addrs; diff --git a/src/odhcpd.h b/src/odhcpd.h index d829033..0550bc2 100644 --- a/src/odhcpd.h +++ b/src/odhcpd.h @@ -131,6 +131,7 @@ struct odhcpd_ipaddr { struct { uint8_t dprefix; uint8_t invalid_advertisements; + bool tentative; }; /* ipv4 only */ @@ -300,6 +301,7 @@ struct interface { bool ra_useleasetime; bool ra_dns; bool no_dynamic_dhcp; + bool have_link_local; uint8_t pio_filter_length; struct in6_addr pio_filter_addr; int default_router; diff --git a/src/router.c b/src/router.c index 7e66e3c..5c518b1 100644 --- a/src/router.c +++ b/src/router.c @@ -621,6 +621,11 @@ static int send_router_advert(struct interface *iface, const struct in6_addr *fr msecs = calc_adv_interval(iface, minvalid, &maxival); lifetime = calc_ra_lifetime(iface, maxival); + if (!iface->have_link_local) { + syslog(LOG_NOTICE, "Skip sending a RA on %s as still not ready", iface->name); + goto out; + } + if (default_route && valid_prefix) { adv.h.nd_ra_router_lifetime = htons(lifetime < UINT16_MAX ? lifetime : UINT16_MAX); } else { @@ -782,6 +787,7 @@ static int send_router_advert(struct interface *iface, const struct in6_addr *fr if (odhcpd_send(iface->router_event.uloop.fd, &dest, iov, ARRAY_SIZE(iov), iface) > 0) iface->ra_sent++; +out: free(pfxs); free(routes);