netdev
[Top] [All Lists]

Re: [PATCH|RFC] IPv6: have a proxy discard link-local traffic

To: Ville Nuorvala <vnuorval@xxxxxxxxxx>
Subject: Re: [PATCH|RFC] IPv6: have a proxy discard link-local traffic
From: Pekka Savola <pekkas@xxxxxxxxxx>
Date: Wed, 14 Jan 2004 12:59:32 +0200 (EET)
Cc: davem@xxxxxxxxxx, <usagi-core@xxxxxxxxxxxxxx>, <netdev@xxxxxxxxxxx>
In-reply-to: <Pine.LNX.4.58.0401141108530.24125@xxxxxxxxxxxxxxx>
Sender: netdev-bounce@xxxxxxxxxxx
On Wed, 14 Jan 2004, Ville Nuorvala wrote:
> the patch below causes a router proxying a link-local address to discard
> traffic sent to it, also sending an ICMPv6 Destination Unreachable, Code 3
> message to the source. This behavior is required by the Mobile IPv6
> specification (the only user of proxy ND I'm aware of).
> 
> This seems like reasonable behavior in any case, since the router won't be
> able to forward the link-local traffic to the proxied node anyway.

Please check out draft-thaler-ipv6-ndproxy-xx.txt -- it used ND 
proxying (similar to proxy ARP).

I fear this change might break that..

> --- 1.48/net/ipv6/ip6_output.c        Thu Jan  1 22:25:30 2004
> +++ 1.50/net/ipv6/ip6_output.c        Wed Jan 14 12:08:51 2004
> @@ -385,6 +385,15 @@
>       if (!xfrm6_route_forward(skb))
>               goto drop;
> 
> +     /* The proxy can't forward traffic sent to a link-local address,
> +        so signal the sender and discard the packet */
> +
> +     if (ipv6_addr_type(&hdr->daddr) & IPV6_ADDR_LINKLOCAL &&
> +         skb->dev && pneigh_lookup(&nd_tbl, &hdr->daddr, skb->dev, 0)) {
> +             icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_ADDR_UNREACH,
> +                         0, skb->dev);
> +             goto drop;
> +     }
>       /* IPv6 specs say nothing about it, but it is clear that we cannot
>          send redirects to source routed frames.
>        */
> --
> Ville Nuorvala
> Research Assistant, Institute of Digital Communications,
> Helsinki University of Technology
> email: vnuorval@xxxxxxxxxx, phone: +358 (0)9 451 5257
> 

-- 
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings


<Prev in Thread] Current Thread [Next in Thread>