Page MenuHomeFreeBSD
Files F153502731

D55015.id170895.diff
No OneTemporary
Actions

D55015.id170895.diff
View Options

diff --git a/share/man/man4/inet6.4 b/share/man/man4/inet6.4
--- a/share/man/man4/inet6.4
+++ b/share/man/man4/inet6.4
@@ -27,7 +27,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.Dd February 22, 2023
+.Dd January 31, 2026
.Dt INET6 4
.Os
.Sh NAME
@@ -295,6 +295,17 @@
The packets will be generated when
.Tn IPv6
interface addresses are configured.
+.It Dv IPV6CTL_GRAND_COUNT
+.Pq ip6.grand_count
+Integer: default number of
+.Tn IPv6
+GRAND
+.Pq gratuitous neighbor discovery
+unsolicited NA packets.
+The packets will be generated when
+.Tn IPv6
+interface addresses are configured or when there are changes to
+link-layer interface addresses.
.It Dv IPV6CTL_AUTO_FLOWLABEL
.Pq ip6.auto_flowlabel
Boolean: enable/disable automatic filling of
diff --git a/sys/netinet6/in6.h b/sys/netinet6/in6.h
--- a/sys/netinet6/in6.h
+++ b/sys/netinet6/in6.h
@@ -643,7 +643,8 @@
* queue */
#define IPV6CTL_MAXFRAGSPERPACKET 53 /* Max fragments per packet */
#define IPV6CTL_MAXFRAGBUCKETSIZE 54 /* Max reassembly queues per bucket */
-#define IPV6CTL_MAXID 55
+#define IPV6CTL_GRAND_COUNT 55
+#define IPV6CTL_MAXID 56
#endif /* __BSD_VISIBLE */
/*
diff --git a/sys/netinet6/in6_proto.c b/sys/netinet6/in6_proto.c
--- a/sys/netinet6/in6_proto.c
+++ b/sys/netinet6/in6_proto.c
@@ -156,6 +156,7 @@
VNET_DEFINE(int, ip6_hdrnestlimit) = 15;/* How many header options will we
* process? */
VNET_DEFINE(int, ip6_dad_count) = 1; /* DupAddrDetectionTransmits */
+VNET_DEFINE(int, ip6_grand_count) = MAX_NEIGHBOR_ADVERTISEMENT;
VNET_DEFINE(int, ip6_auto_flowlabel) = 1;
VNET_DEFINE(int, ip6_use_deprecated) = 1;/* allow deprecated addr
* (RFC2462 5.5.4) */
@@ -291,6 +292,9 @@
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_DAD_COUNT, dad_count,
CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_dad_count), 0,
"Number of ICMPv6 NS messages sent during duplicate address detection");
+SYSCTL_INT(_net_inet6_ip6, IPV6CTL_GRAND_COUNT, grand_count,
+ CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_grand_count), 0,
+ "Number of ICMPv6 NA messages sent by gratuitous ND per interface");
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_AUTO_FLOWLABEL, auto_flowlabel,
CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_auto_flowlabel), 0,
"Provide an IPv6 flowlabel in outbound packets");
diff --git a/sys/netinet6/ip6_var.h b/sys/netinet6/ip6_var.h
--- a/sys/netinet6/ip6_var.h
+++ b/sys/netinet6/ip6_var.h
@@ -320,6 +320,7 @@
VNET_DECLARE(int, ip6_hdrnestlimit); /* upper limit of # of extension
* headers */
VNET_DECLARE(int, ip6_dad_count); /* DupAddrDetectionTransmits */
+VNET_DECLARE(int, ip6_grand_count); /* Gratuitous ND Transmits */
#define V_ip6_mrouter VNET(ip6_mrouter)
#define V_ip6_sendredirects VNET(ip6_sendredirects)
#define V_ip6_accept_rtadv VNET(ip6_accept_rtadv)
@@ -328,6 +329,7 @@
#define V_ip6_rfc6204w3 VNET(ip6_rfc6204w3)
#define V_ip6_hdrnestlimit VNET(ip6_hdrnestlimit)
#define V_ip6_dad_count VNET(ip6_dad_count)
+#define V_ip6_grand_count VNET(ip6_grand_count)
VNET_DECLARE(int, ip6_auto_flowlabel);
VNET_DECLARE(int, ip6_auto_linklocal);
diff --git a/sys/netinet6/nd6.h b/sys/netinet6/nd6.h
--- a/sys/netinet6/nd6.h
+++ b/sys/netinet6/nd6.h
@@ -152,6 +152,10 @@
#define ND6_NA_OPT_LLA 0x01
#define ND6_NA_CARP_MASTER 0x02
+/* ND6 GRAND flags */
+#define ND6_GRAND_FLAG_NEWGUA 0x01 /* new global unicast address event */
+#define ND6_GRAND_FLAG_LLADDR 0x02 /* link-layer address change event */
+
/* protocol constants */
#define MAX_RTR_SOLICITATION_DELAY 1 /* 1sec */
#define RTR_SOLICITATION_INTERVAL 4 /* 4sec */
@@ -173,6 +177,7 @@
#define ND_COMPUTE_RTIME(x) \
(((MIN_RANDOM_FACTOR * (x >> 10)) + (arc4random() & \
((MAX_RANDOM_FACTOR - MIN_RANDOM_FACTOR) * (x >> 10)))) /1000)
+#define MAX_NEIGHBOR_ADVERTISEMENT 3 /* RFC4891 Section 10 */
struct nd_defrouter {
TAILQ_ENTRY(nd_defrouter) dr_entry;
@@ -366,6 +371,9 @@
void nd6_dad_init(void);
void nd6_dad_start(struct ifaddr *, int);
void nd6_dad_stop(struct ifaddr *);
+void nd6_grand_init(void);
+void nd6_grand_start(struct ifaddr *, uint32_t);
+void nd6_grand_stop(struct ifaddr *);
/* nd6_rtr.c */
void nd6_rs_input(struct mbuf *, int, int);
diff --git a/sys/netinet6/nd6.c b/sys/netinet6/nd6.c
--- a/sys/netinet6/nd6.c
+++ b/sys/netinet6/nd6.c
@@ -215,6 +215,21 @@
type == RTM_ADD ? RTF_UP: 0), 0, fibnum);
}
+/*
+ * Sends gratuitous NAs for each ifaddr to notify other
+ * nodes about the address change.
+ */
+static __noinline void
+nd6_handle_ifllchange(struct ifnet *ifp)
+{
+ struct ifaddr *ifa;
+
+ CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
+ if (ifa->ifa_addr->sa_family == AF_INET6)
+ nd6_grand_start(ifa, ND6_GRAND_FLAG_LLADDR);
+ }
+}
+
/*
* A handler for interface link layer address change event.
*/
@@ -226,6 +241,9 @@
return;
lltable_update_ifaddr(LLTABLE6(ifp));
+
+ if ((ifp->if_flags & IFF_UP) != 0)
+ nd6_handle_ifllchange(ifp);
}
void
@@ -247,6 +265,7 @@
callout_reset(&V_nd6_timer_ch, hz, nd6_timer, curvnet);
nd6_dad_init();
+ nd6_grand_init();
if (IS_DEFAULT_VNET(curvnet)) {
lle_event_eh = EVENTHANDLER_REGISTER(lle_event, nd6_lle_event,
NULL, EVENTHANDLER_PRI_ANY);
@@ -334,6 +353,9 @@
if (ifa->ifa_addr->sa_family != AF_INET6)
continue;
+ /* make sure there are no GRAND processing */
+ nd6_grand_stop(ifa);
+
/* stop DAD processing */
nd6_dad_stop(ifa);
}
diff --git a/sys/netinet6/nd6_nbr.c b/sys/netinet6/nd6_nbr.c
--- a/sys/netinet6/nd6_nbr.c
+++ b/sys/netinet6/nd6_nbr.c
@@ -121,6 +121,30 @@
&VNET_NAME(nd6_onlink_ns_rfc4861), 0,
"Accept 'on-link' ICMPv6 NS messages in compliance with RFC 4861");
+struct grandq {
+ TAILQ_ENTRY(grandq) grand_list;
+ struct ifaddr *grand_ifa;
+ uint32_t grand_flags;
+ uint32_t grand_refcnt;
+ struct callout grand_callout;
+ struct vnet *grand_vnet;
+};
+
+VNET_DEFINE_STATIC(TAILQ_HEAD(, grandq), grandq);
+VNET_DEFINE_STATIC(struct rwlock, grand_rwlock);
+#define V_grandq VNET(grandq)
+#define V_grand_rwlock VNET(grand_rwlock)
+
+#define GRANDQ_RLOCK() rw_rlock(&V_grand_rwlock)
+#define GRANDQ_RUNLOCK() rw_runlock(&V_grand_rwlock)
+#define GRANDQ_WLOCK() rw_wlock(&V_grand_rwlock)
+#define GRANDQ_WUNLOCK() rw_wunlock(&V_grand_rwlock)
+
+#define GRANDQ_LOCK_ASSERT() rw_assert(&V_grand_rwlock, RA_LOCKED);
+#define GRANDQ_RLOCK_ASSERT() rw_assert(&V_grand_rwlock, RA_RLOCKED);
+#define GRANDQ_WLOCK_ASSERT() rw_assert(&V_grand_rwlock, RA_WLOCKED);
+
+
/*
* Input a Neighbor Solicitation Message.
*
@@ -1464,6 +1488,12 @@
ia->ia6_flags &= ~IN6_IFF_TENTATIVE;
if ((ifp->if_inet6->nd_flags & ND6_IFF_STABLEADDR) && !(ia->ia6_flags & IN6_IFF_TEMPORARY))
atomic_store_int(&DAD_FAILURES(ifp), 0);
+ /*
+ * RFC 9131 Section 6.1.2: The first advertisement
+ * SHOULD be sent as soon as an address changes the
+ * state from tentative to preferred.
+ */
+ nd6_grand_start(ifa, ND6_GRAND_FLAG_NEWGUA);
}
nd6log((LOG_DEBUG,
@@ -1632,3 +1662,203 @@
dp->dad_na_icount++;
DADQ_RUNLOCK();
}
+
+void
+nd6_grand_init(void)
+{
+
+ rw_init(&V_grand_rwlock, "nd6 GRAND queue");
+ TAILQ_INIT(&V_grandq);
+}
+
+static struct grandq *
+nd6_grand_find(struct ifaddr *ifa)
+{
+ struct grandq *gq;
+
+ GRANDQ_RLOCK();
+ TAILQ_FOREACH(gq, &V_grandq, grand_list) {
+ if (gq->grand_ifa == ifa)
+ break;
+ }
+ GRANDQ_RUNLOCK();
+
+ return (gq);
+}
+
+static void
+nd6_grand_rel(void *arg)
+{
+ struct grandq *gq = arg;
+
+ CURVNET_SET(gq->grand_vnet);
+ GRANDQ_WLOCK_ASSERT();
+ /*
+ * Remove gq from the grandq and release the grandq's
+ * reference.
+ */
+ TAILQ_REMOVE(&V_grandq, gq, grand_list);
+ if (refcount_release(&gq->grand_refcnt)) {
+ ifa_free(gq->grand_ifa);
+ free(gq, M_IP6NDP);
+ }
+ GRANDQ_WUNLOCK();
+ CURVNET_RESTORE();
+}
+
+static void
+nd6_grand_timer(void *arg)
+{
+ struct grandq *gq = arg;
+ struct ifaddr *ifa = gq->grand_ifa;
+ struct ifnet *ifp = gq->grand_ifa->ifa_ifp;
+ struct in6_addr taddr6 = IN6ADDR_ANY_INIT;
+ struct epoch_tracker et;
+ int delay, tlladdr;
+ u_long flags;
+
+ CURVNET_SET(gq->grand_vnet);
+ KASSERT(ifa != NULL, ("GRAND entry %p with no address", gq));
+
+ NET_EPOCH_ENTER(et);
+
+ tlladdr = ND6_NA_OPT_LLA;
+ flags = (V_ip6_forwarding) ? ND_NA_FLAG_ROUTER : 0;
+ if ((ifp->if_inet6->nd_flags & ND6_IFF_ACCEPT_RTADV) != 0 && V_ip6_norbit_raif)
+ flags &= ~ND_NA_FLAG_ROUTER;
+
+ /*
+ * RFC 9131 Section 6.1.2: if new global address added,
+ * use the all-routers multicast address.
+ * If the address is preferred, then the Override flag SHOULD NOT be set.
+ */
+ if ((gq->grand_flags & ND6_GRAND_FLAG_NEWGUA) != 0) {
+ taddr6 = in6addr_linklocal_allrouters;
+ /*
+ * XXX: If the address is in the Optimistic state,
+ * then the Override flag MUST NOT be set.
+ * We don't support RFC 4429 yet.
+ */
+ if ((ifp->if_inet6->nd_flags & ND6_IFF_PREFER_SOURCE) == 0)
+ flags |= ND_NA_FLAG_OVERRIDE;
+ }
+ /*
+ * RFC 4891 Section 7.2.6: if link-layer address changed,
+ * use the all-nodes multicast address.
+ * The Override flag MAY be set to either zero or one.
+ */
+ if ((gq->grand_flags & ND6_GRAND_FLAG_LLADDR) != 0) {
+ taddr6 = in6addr_linklocal_allnodes;
+ flags |= ND_NA_FLAG_OVERRIDE;
+ }
+
+ /* Wait at least a RetransTimer before removing from queue */
+ delay = ifp->if_inet6->nd_retrans * hz / 1000;
+ callout_reset(&gq->grand_callout, delay, nd6_grand_rel, gq);
+ GRANDQ_WUNLOCK();
+
+ if (in6_setscope(&taddr6, ifp, NULL) != 0)
+ goto bad;
+
+ nd6_na_output_fib(ifp, &taddr6, IFA_IN6(ifa), flags, tlladdr, NULL, ifp->if_fib);
+
+bad:
+ NET_EPOCH_EXIT(et);
+ CURVNET_RESTORE();
+}
+
+static void
+nd6_grand_add(struct ifaddr *ifa, int delay, uint32_t flags)
+{
+ struct grandq *gq;
+ struct in6_ifaddr *ia = (struct in6_ifaddr *)ifa;
+ char ip6buf[INET6_ADDRSTRLEN];
+
+ GRANDQ_WLOCK_ASSERT();
+
+ gq = malloc(sizeof(*gq), M_IP6NDP, M_NOWAIT | M_ZERO);
+ if (gq == NULL) {
+ log(LOG_ERR, "nd6_grand_start: memory allocation failed for "
+ "%s(%s)\n",
+ ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr),
+ ifa->ifa_ifp ? if_name(ifa->ifa_ifp) : "???");
+ return;
+ }
+ callout_init_rw(&gq->grand_callout, &V_grand_rwlock, CALLOUT_RETURNUNLOCKED);
+#ifdef VIMAGE
+ gq->grand_vnet = curvnet;
+#endif
+ nd6log((LOG_DEBUG, "%s: send GRAND for %s\n", if_name(ifa->ifa_ifp),
+ ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr)));
+
+ gq->grand_ifa = ifa;
+ ifa_ref(gq->grand_ifa);
+ gq->grand_flags = flags;
+
+ refcount_init(&gq->grand_refcnt, 1);
+ TAILQ_INSERT_TAIL(&V_grandq, gq, grand_list);
+ /* Send unsolicited NA packet for GRAND */
+ callout_reset(&gq->grand_callout, delay, nd6_grand_timer, gq);
+}
+
+/*
+ * Start Gratuitous Neighbor Discovery (GRAND) for specified address.
+ * Called after DAD completes and by interface link layer change event.
+ */
+void
+nd6_grand_start(struct ifaddr *ifa, uint32_t flags)
+{
+ struct grandq *gq;
+ int delay, count = 0;
+
+ /* If we don't need GRAND, don't do it. */
+ if (V_ip6_grand_count == 0 ||
+ ifa->ifa_carp != NULL)
+ return;
+
+ /* Check if new address is global */
+ if ((flags & ND6_GRAND_FLAG_NEWGUA) != 0 &&
+ in6_addrscope(IFA_IN6(ifa)) != IPV6_ADDR_SCOPE_GLOBAL)
+ return;
+
+ CURVNET_SET(ifa->ifa_ifp->if_vnet);
+ GRANDQ_WLOCK();
+ /*
+ * RFC 9131 Section 6.1.2: These advertisements MUST be
+ * separated by at least RetransTimer seconds.
+ */
+ TAILQ_FOREACH(gq, &V_grandq, grand_list) {
+ if (gq->grand_ifa->ifa_ifp != ifa->ifa_ifp)
+ continue;
+ /*
+ * RFC 9131 Section 6.1.2: a node SHOULD send
+ * up to MAX_NEIGHBOR_ADVERTISEMENT Neighbor Advertisement messages.
+ * Make sure we don't queue GRAND more than V_ip6_grand_count
+ * per interface.
+ */
+ if (count >= V_ip6_grand_count)
+ goto ret;
+ count++;
+ }
+
+ delay = ifa->ifa_ifp->if_inet6->nd_retrans * hz / 1000;
+ nd6_grand_add(ifa, count * delay, flags);
+ret:
+ GRANDQ_WUNLOCK();
+ CURVNET_RESTORE();
+}
+
+/*
+ * drain GRAND queue. used for address removals.
+ */
+void
+nd6_grand_stop(struct ifaddr *ifa)
+{
+ struct grandq *gq;
+
+ gq = nd6_grand_find(ifa);
+ if (gq == NULL)
+ return;
+
+ callout_drain(&gq->grand_callout);
+}

File Metadata

Mime Type
text/plain
Expires
Wed, Apr 22, 12:11 PM (8 h, 46 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
31977981
Default Alt Text
D55015.id170895.diff (11 KB)

Event Timeline