9front - general discussion about 9front
 help / color / mirror / Atom feed
From: Arne Meyer <meyer.arne83@netcologne.de>
To: "9front@9front.org" <9front@9front.org>
Subject: [9front] [patch] various fixes for ip/ipconfig ipv6.c
Date: Sat, 27 Jul 2024 14:46:33 +0200 (CEST)	[thread overview]
Message-ID: <1277896406.4358262.1722084393719@comcenter.netcologne.de> (raw)

[-- Attachment #1: Type: text/plain, Size: 289 bytes --]

I recently posted a diff with my changes for ipconfig ipv6 to irc.
One part of it already got committed, thanks cinap!
I put the rest of the changes in separate commits with some explanation.
A git/export of the commits is attached to this email for easier review/discussion.

Cheers,
Arne

[-- Attachment #2: ipconfig.diff --]
[-- Type: application/octet-stream, Size: 2333 bytes --]

From: Arne Meyer <meyer.arne83@netcologne.de>
Date: Fri, 26 Jul 2024 19:40:21 +0000
Subject: [PATCH 1/3] ip/ipconfig: only accept ras with medium default router preference


according to rfc4191 section 3 9front is a type a host, we do not know about
default router preferences. If there were more than one router that announce
the same prefix with different router preferences the default gateway would
flap with each ra from the different routers.
---
diff da46286598aad11695b2aa4b6ad9ed9ec0852c18 2101ee76fa44706c777154bd18b07a22dbec12ca
--- a/sys/src/cmd/ip/ipconfig/ipv6.c
+++ b/sys/src/cmd/ip/ipconfig/ipv6.c
@@ -694,6 +694,9 @@
 		if(prfo->len != 4)
 			continue;
 
+		if((prfo->lar>>3)&3)
+			continue;
+
 		if((prfo->lar & AFMASK) == 0)
 			continue;
 

From: Arne Meyer <meyer.arne83@netcologne.de>
Date: Fri, 26 Jul 2024 19:54:57 +0000
Subject: [PATCH 2/3] ip/ipconfig: stop sending router solicitations after getting an answer


rfc 4261 section 6.3.7 says we MUST stop sending solicitations after we
get a valid ra in response.
---
diff 2101ee76fa44706c777154bd18b07a22dbec12ca 355d76951f895fae77b321ea9d7d591d6c3237cf
--- a/sys/src/cmd/ip/ipconfig/ipv6.c
+++ b/sys/src/cmd/ip/ipconfig/ipv6.c
@@ -887,6 +887,8 @@
 
 		if(recvrahost(buf, n) < 0)
 			continue;
+		else
+			sendrscnt = 0;
 
 		/* got at least initial ra; no whining */
 		if(recvracnt == 0){

From: Arne Meyer <meyer.arne83@netcologne.de>
Date: Sat, 27 Jul 2024 12:25:52 +0000
Subject: [PATCH 3/3] ip/ipconfig: remove rate limiting for receiving ras


this code is meant to be a protection against someone flooding the network
with ras. Some cpe routers send a lot of ras when a renumbering event, like
a reconnect, happens. So sometimes we would miss the ra with the new prefix in
and be without a default ipv6 route until the next regular ra comes in.
So remove this for now until we find a better way to protect against flooding.
---
diff 355d76951f895fae77b321ea9d7d591d6c3237cf b72460c5eb31a6f8fb0c70835c2fd68bef3de9b9
--- a/sys/src/cmd/ip/ipconfig/ipv6.c
+++ b/sys/src/cmd/ip/ipconfig/ipv6.c
@@ -844,11 +844,7 @@
 	for (;;) {
 		alarm(sleepfor);
 		n = read(fd, buf, sizeof buf);
-		sleepfor = alarm(0);
-
-		/* wait for alarm to expire */
-		if(recvracnt >= Maxv6initras && sleepfor > 100)
-			continue;
+		alarm(0);
 
 		sleepfor = Maxv6radelay;
 

             reply	other threads:[~2024-07-27 12:50 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-07-27 12:46 Arne Meyer [this message]
2024-08-30 15:56 ` Arne Meyer
2024-08-31 18:46   ` cinap_lenrek

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1277896406.4358262.1722084393719@comcenter.netcologne.de \
    --to=meyer.arne83@netcologne.de \
    --cc=9front@9front.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).