Hello,
netdev apparently ate my reply, but let me do a recap:
On Fri, 16 Jan 2004, YOSHIFUJI Hideaki / [iso-2022-jp] µÈÆ£±ÑÌÀ wrote:
> So, all usage of pneigh_XXX() is not for rfc2461 but for proxy arp.
> 1) We need to consider how to implement rfc2461-proxy.
> 2) We need to revisit all usages in net/ipv6.
No, the pneigh_XXX() *is* the way to do RFC2461 proxying :)
I think Thaler's extended "proxy ARP" for IPv6 needs some other framework.
I still haven't had the time to check how proxy ARP really works in IPv4,
so I might have misunderstood this line in arp.c (line 763):
"(arp_fwd_proxy(in_dev, rt) || pneigh_lookup(&arp_tbl, &tip, dev, 0)))) {"
I think the first check is for proxy ARP, and the second for a router
acting as proxy.
In a similar case for IPv6, we would first need to check for the Thaler
IPv6 "proxy ARP", then for the RFC2461 router as a proxy case.
> > In the current implementation the proxying router captures the multicast
> > queries since it has joined the solicited-node multicast group, but it
> > doesn't capture the unicast queries.
>
> It is VERY strange to handle multicast / unicast in different way.
> I really hate such a hetero (or an inconsistent) implementation.
Well, we still need some way to have the router capture some packets (the
unicast NS messages) it would normally forward.>
> > This is what I want to fix.
>
> I understand the issue, but the fix is unappropriate.
How about this fix? I think it's cleaner than the one I proposed
earlier. The down side with it is that all nodes, no matter if they are
acting as proxies or not, will have to do some extra comparisons each time
they receive a packet.
Perhaps this is an acceptable trade off for the architectual cleannes
Regards,
Ville
# This is a BitKeeper generated patch for the following project:
# Project Name: Linux kernel tree
# This patch format is intended for GNU patch command version 2.5 or higher.
# This patch includes the following deltas:
# ChangeSet 1.1520 -> 1.1521
# net/ipv6/ip6_input.c 1.14 -> 1.15
#
# The following is the BitKeeper ChangeSet Log
# --------------------------------------------
# 04/01/27 vnuorval@xxxxxxxxxxxxxxxxxxxxxxxxxx 1.1521
# A proxy needs to capture and process Neighbor Solicitations on behalf of the
proxied node.
# Normal multicast NS messages are already handled by the existing neigbor
discovery code,
# but unicast NS messages used for Neighbor Unreachability Detection are not.
#
# To fix this, the proxy has to look through all packets sent to a proxied
address in order to
# filter out the NS messages for local processing.
# --------------------------------------------
#
diff -Nru a/net/ipv6/ip6_input.c b/net/ipv6/ip6_input.c
--- a/net/ipv6/ip6_input.c Tue Jan 27 22:07:00 2004
+++ b/net/ipv6/ip6_input.c Tue Jan 27 22:07:00 2004
@@ -46,13 +46,42 @@
#include <net/addrconf.h>
#include <net/xfrm.h>
+static inline int ip6_proxy_chk(struct sk_buff *skb)
+{
+ struct ipv6hdr *hdr = skb->nh.ipv6h;
+ if (ipv6_addr_type(&hdr->daddr)&IPV6_ADDR_UNICAST &&
+ pneigh_lookup(&nd_tbl, &hdr->daddr, skb->dev, 0)) {
+ u8 nexthdr = hdr->nexthdr;
+ int offset;
+ struct icmp6hdr msg;
+
+ if (ipv6_ext_hdr(nexthdr)) {
+ offset = ipv6_skip_exthdr(skb, sizeof(*hdr), &nexthdr,
+ skb->len - sizeof(*hdr));
+ if (offset < 0)
+ return 0;
+ } else
+ offset = sizeof(struct ipv6hdr);
+
+ /* capture unicast NUD probes on behalf of the proxied node */
+
+ if (nexthdr == IPPROTO_ICMPV6 &&
+ !skb_copy_bits(skb, offset, &msg, sizeof(msg)) &&
+ msg.icmp6_type == NDISC_NEIGHBOUR_SOLICITATION) {
+ return 1;
+ }
+ }
+ return 0;
+}
static inline int ip6_rcv_finish( struct sk_buff *skb)
{
- if (skb->dst == NULL)
+ if (skb->dst == NULL) {
+ if (ip6_proxy_chk(skb))
+ return ip6_input(skb);
ip6_route_input(skb);
-
+ }
return dst_input(skb);
}
--
Ville Nuorvala
Research Assistant, Institute of Digital Communications,
Helsinki University of Technology
email: vnuorval@xxxxxxxxxx, phone: +358 (0)9 451 5257
|