Linux Kernel https://git.stealer.net/cgit.cgi/user/sven/linux.git/atom?h=v4.4.10 2015-08-14T04:27:19Z 2015-08-14T04:27:19Z Andy Gospodarek gospo@cumulusnetworks.com 2015-08-13T14:39:01Z urn:sha1:35103d11173b8fea874183f8aa508ae71234d299 Like the ipv4 patch with a similar title, this adds a sysctl to allow the user to change routing behavior based on whether or not the interface associated with the nexthop was an up or down link. The default setting preserves the current behavior, but anyone that enables it will notice that nexthops on down interfaces will no longer be selected: net.ipv6.conf.all.ignore_routes_with_linkdown = 0 net.ipv6.conf.default.ignore_routes_with_linkdown = 0 net.ipv6.conf.lo.ignore_routes_with_linkdown = 0 ... When the above sysctls are set, not only will link status be reported to userspace, but an indication that a nexthop is dead and will not be used is also reported. 1000::/8 via 7000::2 dev p7p1 metric 1024 dead linkdown pref medium 1000::/8 via 8000::2 dev p8p1 metric 1024 pref medium 7000::/8 dev p7p1 proto kernel metric 256 dead linkdown pref medium 8000::/8 dev p8p1 proto kernel metric 256 pref medium 9000::/8 via 8000::2 dev p8p1 metric 2048 pref medium 9000::/8 via 7000::2 dev p7p1 metric 1024 dead linkdown pref medium fe80::/64 dev p7p1 proto kernel metric 256 dead linkdown pref medium fe80::/64 dev p8p1 proto kernel metric 256 pref medium This also adds devconf support and notification when sysctl values change. v2: drop use of rt6i_nhflags since it is not needed right now Signed-off-by: Andy Gospodarek <gospo@cumulusnetworks.com> Signed-off-by: Dinesh Dutt <ddutt@cumulusnetworks.com> Signed-off-by: David S. Miller <davem@davemloft.net> 2015-07-30T22:56:40Z Hangbin Liu liuhangbin@gmail.com 2015-07-30T06:28:42Z urn:sha1:8013d1d7eafb0589ca766db6b74026f76b7f5cb4 Commit 6fd99094de2b ("ipv6: Don't reduce hop limit for an interface") disabled accept hop limit from RA if it is smaller than the current hop limit for security stuff. But this behavior kind of break the RFC definition. RFC 4861, 6.3.4. Processing Received Router Advertisements A Router Advertisement field (e.g., Cur Hop Limit, Reachable Time, and Retrans Timer) may contain a value denoting that it is unspecified. In such cases, the parameter should be ignored and the host should continue using whatever value it is already using. If the received Cur Hop Limit value is non-zero, the host SHOULD set its CurHopLimit variable to the received value. So add sysctl option accept_ra_min_hop_limit to let user choose the minimum hop limit value they can accept from RA. And set default to 1 to meet RFC standards. Signed-off-by: Hangbin Liu <liuhangbin@gmail.com> Acked-by: YOSHIFUJI Hideaki <hideaki.yoshifuji@miraclelinux.com> Signed-off-by: David S. Miller <davem@davemloft.net> 2015-07-22T17:54:11Z Erik Kline ek@google.com 2015-07-22T07:38:25Z urn:sha1:3985e8a3611a93bb36789f65db862e5700aab65e Per RFC 6724, section 4, "Candidate Source Addresses": It is RECOMMENDED that the candidate source addresses be the set of unicast addresses assigned to the interface that will be used to send to the destination (the "outgoing" interface). Add a sysctl to enable this behaviour. Signed-off-by: Erik Kline <ek@google.com> Signed-off-by: David S. Miller <davem@davemloft.net> 2015-03-24T02:12:08Z Hannes Frederic Sowa hannes@stressinduktion.org 2015-03-23T22:36:00Z urn:sha1:3d1bec99320d4e96897805440f8cf4f68eff226b This patch implements the procfs logic for the stable_address knob: The secret is formatted as an ipv6 address and will be stored per interface and per namespace. We track initialized flag and return EIO errors until the secret is set. We don't inherit the secret to newly created namespaces. Cc: Erik Kline <ek@google.com> Cc: Fernando Gont <fgont@si6networks.com> Cc: Lorenzo Colitti <lorenzo@google.com> Cc: YOSHIFUJI Hideaki/吉藤英明 <hideaki.yoshifuji@miraclelinux.com> Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org> Signed-off-by: David S. Miller <davem@davemloft.net> 2015-01-25T22:54:41Z Harout Hedeshian harouth@codeaurora.org 2015-01-20T17:06:05Z urn:sha1:c2943f14534bdc4230f4da6dcd4ea03c5d8c8162 The kernel forcefully applies MTU values received in router advertisements provided the new MTU is less than the current. This behavior is undesirable when the user space is managing the MTU. Instead a sysctl flag 'accept_ra_mtu' is introduced such that the user space can control whether or not RA provided MTU updates should be applied. The default behavior is unchanged; user space must explicitly set this flag to 0 for RA MTUs to be ignored. Signed-off-by: Harout Hedeshian <harouth@codeaurora.org> Signed-off-by: David S. Miller <davem@davemloft.net> 2015-01-13T21:32:49Z Willem de Bruijn willemb@google.com 2015-01-12T19:29:34Z urn:sha1:c66ad9ca3f4f55886829a61bd24fc5612d0c05c1 Patch 3b50d9029809 ("ipv6: fix redefinition of in6_pktinfo ...") fixed a libc compatibility issue in ipv6 structure definitions as described in include/uapi/linux/libc-compat.h. It relies on including linux/in6.h to include libc-compat.h itself. Include that file directly to clearly communicate the dependency (libc-compat.h: "This include must be as early as possible"). Signed-off-by: Willem de Bruijn <willemb@google.com> ---- As discussed in http://patchwork.ozlabs.org/patch/427384/ Acked-by: Cong Wang <xiyou.wangcong@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net> 2015-01-09T03:29:11Z WANG Cong xiyou.wangcong@gmail.com 2015-01-06T23:45:31Z urn:sha1:3b50d9029809b60a5081d90c282aa04d438d3ea1 Both netinet/in.h and linux/ipv6.h define these two structs, if we include both of them, we got: /usr/include/linux/ipv6.h:19:8: error: redefinition of ‘struct in6_pktinfo’ struct in6_pktinfo { ^ In file included from /usr/include/arpa/inet.h:22:0, from txtimestamp.c:33: /usr/include/netinet/in.h:524:8: note: originally defined here struct in6_pktinfo ^ In file included from txtimestamp.c:40:0: /usr/include/linux/ipv6.h:24:8: error: redefinition of ‘struct ip6_mtuinfo’ struct ip6_mtuinfo { ^ In file included from /usr/include/arpa/inet.h:22:0, from txtimestamp.c:33: /usr/include/netinet/in.h:531:8: note: originally defined here struct ip6_mtuinfo ^ So similarly to what we did for in6_addr, we need to sync with libc header on their definitions. Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net> 2014-10-29T19:11:36Z Erik Kline ek@google.com 2014-10-28T09:11:14Z urn:sha1:7fd2561e4ebdd070ebba6d3326c4c5b13942323f Add a sysctl that causes an interface's optimistic addresses to be considered equivalent to other non-deprecated addresses for source address selection purposes. Preferred addresses will still take precedence over optimistic addresses, subject to other ranking in the source address selection algorithm. This is useful where different interfaces are connected to different networks from different ISPs (e.g., a cell network and a home wifi network). The current behaviour complies with RFC 3484/6724, and it makes sense if the host has only one interface, or has multiple interfaces on the same network (same or cooperating administrative domain(s), but not in the multiple distinct networks case. For example, if a mobile device has an IPv6 address on an LTE network and then connects to IPv6-enabled wifi, while the wifi IPv6 address is undergoing DAD, IPv6 connections will try use the wifi default route with the LTE IPv6 address, and will get stuck until they time out. Also, because optimistic nodes can receive frames, issue an RTM_NEWADDR as soon as DAD starts (with the IFA_F_OPTIMSTIC flag appropriately set). A second RTM_NEWADDR is sent if DAD completes (the address flags have changed), otherwise an RTM_DELADDR is sent. Also: add an entry in ip-sysctl.txt for optimistic_dad. Signed-off-by: Erik Kline <ek@google.com> Acked-by: Lorenzo Colitti <lorenzo@google.com> Acked-by: Hannes Frederic Sowa <hannes@stressinduktion.org> Signed-off-by: David S. Miller <davem@davemloft.net> 2014-07-01T19:16:24Z Ben Greear greearb@candelatech.com 2014-06-25T21:44:53Z urn:sha1:d93331965729850303f6111381c1a4a9e9b8ae5a This can be used in virtual networking applications, and may have other uses as well. The option is disabled by default. A specific use case is setting up virtual routers, bridges, and hosts on a single OS without the use of network namespaces or virtual machines. With proper use of ip rules, routing tables, veth interface pairs and/or other virtual interfaces, and applications that can bind to interfaces and/or IP addresses, it is possibly to create one or more virtual routers with multiple hosts attached. The host interfaces can act as IPv6 systems, with radvd running on the ports in the virtual routers. With the option provided in this patch enabled, those hosts can now properly obtain IPv6 addresses from the radvd. Signed-off-by: Ben Greear <greearb@candelatech.com> Signed-off-by: David S. Miller <davem@davemloft.net> 2013-08-29T19:32:08Z Hannes Frederic Sowa hannes@stressinduktion.org 2013-08-26T23:36:51Z urn:sha1:b800c3b966bcf004bd8592293a49ed5cb7ea67a9 This patch implements RFC6980: Drop fragmented ndisc packets by default. If a fragmented ndisc packet is received the user is informed that it is possible to disable the check. Cc: Fernando Gont <fernando@gont.com.ar> Cc: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org> Signed-off-by: David S. Miller <davem@davemloft.net>