netdev
[Top] [All Lists]

Re: [PATCH|RFC] IPv6: have a proxy discard link-local traffic

To: davem@xxxxxxxxxx, yoshfuji@xxxxxxxxxxxxxx
Subject: Re: [PATCH|RFC] IPv6: have a proxy discard link-local traffic
From: Ville Nuorvala <vnuorval@xxxxxxxxxx>
Date: Tue, 27 Jan 2004 23:11:20 +0200 (EET)
Cc: Pekka Savola <pekkas@xxxxxxxxxx>, usagi-core@xxxxxxxxxxxxxx, netdev@xxxxxxxxxxx
In-reply-to: <Pine.LNX.4.44.0401170906160.9907-100000@xxxxxxxxxx>
References: <Pine.LNX.4.44.0401170906160.9907-100000@xxxxxxxxxx>
Sender: netdev-bounce@xxxxxxxxxxx
On Sat, 17 Jan 2004, Pekka Savola wrote:

> > Since the Thaler proxy clearly needs some other forwarding function than
> > ip6_forward(), my proposed patch doesn't affect its behavior in any way.
>
> Ok, if your modification is in ip6_forward() (I didn't check), I guess
> it would OK, with a sufficient comment to bring up that a future
> implementation might treat link-local proxying differently.

Dave, since even Pekka is now convinced this patch doesn't break anything,
would you consider applying it? :)

Slightly (cleaned up version of) patch below.

Thanks,
Ville

# This is a BitKeeper generated patch for the following project:
# Project Name: Linux kernel tree
# This patch format is intended for GNU patch command version 2.5 or higher.
# This patch includes the following deltas:
#                  ChangeSet    1.1521  -> 1.1522
#       net/ipv6/ip6_output.c   1.49    -> 1.50
#
# The following is the BitKeeper ChangeSet Log
# --------------------------------------------
# 04/01/27      vnuorval@xxxxxxxxxxxxxxxxxxxxxxxxxx     1.1522
# The MIPv6 specification requires we send an ICMPv6 Destination Unreachable,
# Address Unreachable, message in response to traffic to a proxied link-local 
address
# --------------------------------------------
#
diff -Nru a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c
--- a/net/ipv6/ip6_output.c     Tue Jan 27 22:05:56 2004
+++ b/net/ipv6/ip6_output.c     Tue Jan 27 22:05:56 2004
@@ -385,6 +385,15 @@
        if (!xfrm6_route_forward(skb))
                goto drop;

+       /* The proxying router can't forward traffic sent to a link-local
+          address, so signal the sender and discard the packet. This
+          behavior is required by the MIPv6 specification. */
+
+       if (ipv6_addr_type(&hdr->daddr) & IPV6_ADDR_LINKLOCAL &&
+           skb->dev && pneigh_lookup(&nd_tbl, &hdr->daddr, skb->dev, 0)) {
+               dst_link_failure(skb);
+               goto drop;
+       }
        /* IPv6 specs say nothing about it, but it is clear that we cannot
           send redirects to source routed frames.
         */
--
Ville Nuorvala
Research Assistant, Institute of Digital Communications,
Helsinki University of Technology
email: vnuorval@xxxxxxxxxx, phone: +358 (0)9 451 5257

<Prev in Thread] Current Thread [Next in Thread>