Author: hrs
Date: Tue Sep 13 00:06:11 2011
New Revision: 225521
URL: http://svn.freebsd.org/changeset/base/225521
Log:
Add $ipv6_cpe_wanif to enable functionality required for IPv6 CPE
(r225485). When setting an interface name to it, the following
configurations will be enabled:
1. "no_radr" is set to all IPv6 interfaces automatically.
2. "-no_radr accept_rtadv" will be set only for $ipv6_cpe_wanif. This is
done just before evaluating $ifconfig_IF_ipv6 in the rc.d scripts (this
means you can manually supersede this configuration if necessary).
3. The node will add RA-sending routers to the default router list
even if net.inet6.ip6.forwarding=1.
This mode is added to conform to RFC 6204 (a router which connects
the end-user network to a service provider network). To enable
packet forwarding, you still need to set ipv6_gateway_enable=YES.
Note that accepting router entries into the default router list when
packet forwarding capability and a routing daemon are enabled can
result in messing up the routing table. To minimize such unexpected
behaviors, "no_radr" is set on all interfaces but $ipv6_cpe_wanif.
Approved by: re (bz)
Modified:
head/etc/defaults/rc.conf
head/etc/network.subr
head/etc/rc.d/netoptions
head/sys/netinet6/in6.h
head/sys/netinet6/in6_proto.c
head/sys/netinet6/ip6_var.h
head/sys/netinet6/nd6_rtr.c
Modified: head/etc/defaults/rc.conf
==============================================================================
--- head/etc/defaults/rc.conf Mon Sep 12 23:55:23 2011 (r225520)
+++ head/etc/defaults/rc.conf Tue Sep 13 00:06:11 2011 (r225521)
@@ -468,6 +468,9 @@ ipv6_static_routes="" # Set to static r
# route toward loopback interface.
#ipv6_route_xxx="fec0:0000:0000:0006:: -prefixlen 64 ::1"
ipv6_gateway_enable="NO" # Set to YES if this host will be a gateway.
+ipv6_cpe_wanif="NO" # Set to the upstram interface name if this
+ # node will work as a router to forward IPv6
+ # packets not explicitly addressed to itself.
ipv6_privacy="NO" # Use privacy address on RA-receiving IFs
# (RFC 4193)
Modified: head/etc/network.subr
==============================================================================
--- head/etc/network.subr Mon Sep 12 23:55:23 2011 (r225520)
+++ head/etc/network.subr Tue Sep 13 00:06:11 2011 (r225521)
@@ -113,6 +113,12 @@ ifconfig_up()
;;
esac
+ case $ipv6_cpe_wanif in
+ $1)
+ _ipv6_opts="${_ipv6_opts} -no_radr accept_rtadv"
+ ;;
+ esac
+
if [ -n "${_ipv6_opts}" ]; then
ifconfig $1 inet6 ${_ipv6_opts}
fi
Modified: head/etc/rc.d/netoptions
==============================================================================
--- head/etc/rc.d/netoptions Mon Sep 12 23:55:23 2011 (r225520)
+++ head/etc/rc.d/netoptions Tue Sep 13 00:06:11 2011 (r225521)
@@ -106,6 +106,19 @@ netoptions_inet6()
${SYSCTL} net.inet6.ip6.use_tempaddr=1 >/dev/null
${SYSCTL} net.inet6.ip6.prefer_tempaddr=1 >/dev/null
fi
+
+ case $ipv6_cpe_wanif in
+ ""|[Nn][Oo]|[Nn][Oo][Nn][Ee]|[Ff][Aa][Ll][Ss][Ee]|[Oo][Ff][Ff]|0)
+ ${SYSCTL} net.inet6.ip6.no_radr=0 >/dev/null
+ ${SYSCTL} net.inet6.ip6.rfc6204w3=0 >/dev/null
+ ;;
+ *)
+ netoptions_init
+ echo -n " IPv6 CPE WANIF=${ipv6_cpe_wanif}"
+ ${SYSCTL} net.inet6.ip6.no_radr=1 >/dev/null
+ ${SYSCTL} net.inet6.ip6.rfc6204w3=1 >/dev/null
+ ;;
+ esac
}
load_rc_config $name
Modified: head/sys/netinet6/in6.h
==============================================================================
--- head/sys/netinet6/in6.h Mon Sep 12 23:55:23 2011 (r225520)
+++ head/sys/netinet6/in6.h Tue Sep 13 00:06:11 2011 (r225521)
@@ -614,7 +614,9 @@ struct ip6_mtuinfo {
#define IPV6CTL_NO_RADR 48 /* No defroute from RA */
#define IPV6CTL_NORBIT_RAIF 49 /* Disable R-bit in NA on RA
* receiving IF. */
-#define IPV6CTL_MAXID 50
+#define IPV6CTL_RFC6204W3 50 /* Accept defroute even when
forwarding
+ enabled */
+#define IPV6CTL_MAXID 51
#endif /* __BSD_VISIBLE */
/*
Modified: head/sys/netinet6/in6_proto.c
==============================================================================
--- head/sys/netinet6/in6_proto.c Mon Sep 12 23:55:23 2011
(r225520)
+++ head/sys/netinet6/in6_proto.c Tue Sep 13 00:06:11 2011
(r225521)
@@ -399,6 +399,7 @@ VNET_DEFINE(int, ip6_defmcasthlim) = IPV
VNET_DEFINE(int, ip6_accept_rtadv) = 0;
VNET_DEFINE(int, ip6_no_radr) = 0;
VNET_DEFINE(int, ip6_norbit_raif) = 0;
+VNET_DEFINE(int, ip6_rfc6204w3) = 0;
VNET_DEFINE(int, ip6_maxfragpackets); /* initialized in frag6.c:frag6_init()
*/
VNET_DEFINE(int, ip6_maxfrags); /* initialized in
frag6.c:frag6_init() */
VNET_DEFINE(int, ip6_log_interval) = 5;
@@ -536,6 +537,10 @@ SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_
&VNET_NAME(ip6_norbit_raif), 0,
"Always set 0 to R flag in ICMPv6 NA messages when accepting RA"
" on the interface.");
+SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_RFC6204W3, rfc6204w3,
+ CTLFLAG_RW, &VNET_NAME(ip6_rfc6204w3), 0,
+ "Accept the default router list from ICMPv6 RA messages even "
+ "when packet forwarding enabled.");
SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_KEEPFAITH, keepfaith, CTLFLAG_RW,
&VNET_NAME(ip6_keepfaith), 0, "");
SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_LOG_INTERVAL, log_interval,
Modified: head/sys/netinet6/ip6_var.h
==============================================================================
--- head/sys/netinet6/ip6_var.h Mon Sep 12 23:55:23 2011 (r225520)
+++ head/sys/netinet6/ip6_var.h Tue Sep 13 00:06:11 2011 (r225521)
@@ -319,6 +319,8 @@ VNET_DECLARE(int, ip6_accept_rtadv); /*
VNET_DECLARE(int, ip6_no_radr); /* No defroute from RA */
VNET_DECLARE(int, ip6_norbit_raif); /* Disable R-bit in NA on RA
* receiving IF. */
+VNET_DECLARE(int, ip6_rfc6204w3); /* Accept defroute from RA even when
+ forwarding enabled */
VNET_DECLARE(int, ip6_keepfaith); /* Firewall Aided Internet Translator */
VNET_DECLARE(int, ip6_log_interval);
VNET_DECLARE(time_t, ip6_log_time);
@@ -332,6 +334,7 @@ VNET_DECLARE(int, ip6_dad_count); /* Dup
#define V_ip6_accept_rtadv VNET(ip6_accept_rtadv)
#define V_ip6_no_radr VNET(ip6_no_radr)
#define V_ip6_norbit_raif VNET(ip6_norbit_raif)
+#define V_ip6_rfc6204w3 VNET(ip6_rfc6204w3)
#define V_ip6_keepfaith VNET(ip6_keepfaith)
#define V_ip6_log_interval VNET(ip6_log_interval)
#define V_ip6_log_time VNET(ip6_log_time)
Modified: head/sys/netinet6/nd6_rtr.c
==============================================================================
--- head/sys/netinet6/nd6_rtr.c Mon Sep 12 23:55:23 2011 (r225520)
+++ head/sys/netinet6/nd6_rtr.c Tue Sep 13 00:06:11 2011 (r225521)
@@ -269,11 +269,13 @@ nd6_ra_input(struct mbuf *m, int off, in
dr0.rtaddr = saddr6;
dr0.flags = nd_ra->nd_ra_flags_reserved;
/*
- * Effectively-disable the route in the RA packet
- * when ND6_IFF_NO_RADR on the receiving interface or
- * ip6.forwarding=1.
+ * Effectively-disable routes from RA messages when
+ * ND6_IFF_NO_RADR enabled on the receiving interface or
+ * (ip6.forwarding == 1 && ip6.rfc6204w3 != 1).
*/
- if (ndi->flags & ND6_IFF_NO_RADR || V_ip6_forwarding)
+ if (ndi->flags & ND6_IFF_NO_RADR)
+ dr0.rtlifetime = 0;
+ else if (V_ip6_forwarding && !V_ip6_rfc6204w3)
dr0.rtlifetime = 0;
else
dr0.rtlifetime = ntohs(nd_ra->nd_ra_router_lifetime);
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
