Re: special case mpe(4) in in6_ifattach()

Thu, 10 Nov 2022 05:03:57 -0800 


> On 10 Nov 2022, at 10:56 pm, Claudio Jeker <cje...@diehard.n-r-g.com> wrote:
> 
> On Fri, Nov 04, 2022 at 03:40:04PM +0100, Claudio Jeker wrote:
>> So mpe(4) is a special device. It is a point-to-multipoint interface that
>> does not do multicast. So setting IFF_MULTICAST on the interface is not
>> correct but IPv6 depends on it because neighbor discovery.
>> 
>> Now there is no neighbor discovery on mpe(4) the neighbors are handled via
>> BGP. So lets adjust in6_ifattach() to succeed for mpe(4) interfaces and
>> with that BGP IPv6 L3VPN should work.
>> 
>> It may be an idea to move the IFF_MULTCAST check down into the
>> ifp->if_type switch but right now this is good enough. I wonder if we have
>> other interfaces that need similar treatment (e.g. mgre).
> 
> I think this is a better diff.
> Only require the IFF_MULTCAST bit if nd6_need_cache() returns true.
> In other words full ND is running on the interface.
> Such tunnel interfaces will not get a link-local address automatically
> assigned anymore but such an address can still be set up by hand.

this makes sense to me. ok.

> 
> -- 
> :wq Claudio
> 
> Index: netinet6/in6_ifattach.c
> ===================================================================
> RCS file: /cvs/src/sys/netinet6/in6_ifattach.c,v
> retrieving revision 1.119
> diff -u -p -r1.119 in6_ifattach.c
> --- netinet6/in6_ifattach.c 8 Sep 2022 10:22:07 -0000 1.119
> +++ netinet6/in6_ifattach.c 10 Nov 2022 12:18:09 -0000
> @@ -373,7 +373,7 @@ in6_ifattach(struct ifnet *ifp)
> if (ifp->if_mtu < IPV6_MMTU)
> return (EINVAL);
> 
> - if ((ifp->if_flags & IFF_MULTICAST) == 0)
> + if (nd6_need_cache(ifp) && (ifp->if_flags & IFF_MULTICAST) == 0)
> return (EINVAL);
> 
> /*
> @@ -389,12 +389,12 @@ in6_ifattach(struct ifnet *ifp)
> return (error);
> }
> 
> - /* Interfaces that rely on strong a priori cryptographic binding of
> - * IP addresses are incompatible with automatically assigned llv6. */
> - switch (ifp->if_type) {
> - case IFT_WIREGUARD:
> + /*
> + * Only interfaces that need the ND cache should automatically
> + * assign a link local address.
> + */
> + if (!nd6_need_cache(ifp))
> return (0);
> - }
> 
> /* Assign a link-local address, if there's none. */
> if (in6ifa_ifpforlinklocal(ifp, 0) == NULL) {
> 























					Reply via email to