send out IPv6 DAD packets when starting up clatd for the clat v6 address
Since we're telling the kernel this is an anycast ip
[via setsockopt(sock, SOL_IPV6, IPV6_JOIN_ANYCAST)],
it apparently doesn't perform DAD for us when adding the ip.
From the kernel's perspective this behaviour makes absolute
sense: an anycast'ed IP would normally be configured on
multiple machines - possibly on the same L2 network segment
- and thus DAD may well fail.
For the CLAT use case we want to add the IP, so that the kernel
handles IPv6 MLD and replies with NA to incoming NS, yet we don't
want the kernel to 'own' the IP itself, as that would cause it
to send out spurious TCP resets and icmp port unreachable messages.
(Not to mention applications could be confused by the IP being
configured on an interface: while it is *not* for direct application
use)
Basically we want something like 'proxy arp (nd)' for the clat ip...
We should probably do it manually... but that's hard...
As such this isn't a full DAD [duplicate address detection] implementation.
We don't actually perform DAD, just like we didn't before this patch...
We simply send the packets out to pretend we did.
The chance of collision is super low, since the bottom 64-bits
are picked randomly with 16 of them chosen to guarantee checksum
neutrality. ie. we should have around 48 bits of entropy.
That's a few hundred - few thousand in 2.8e14 chance of collision.
(depending on how many ips are used on the L2 segment)
I'm hoping this will be enough to resolve compatibility problems
with some Cisco networking gear based ipv6-only wifi networks,
where apparently the CLAT v6 address isn't ever neighbour
solicited for by the router. I'm guessing it's some security
feature: you didn't do DAD, so it's not your IP...
Sample generated packet:
b6:7a:01:a5:26:27 (oui Unknown) > 33:33:ff:54:ae:21 (oui Unknown), ethertype IPv6 (0x86dd), length 86: (hlim 255, next-header ICMPv6 (58) payload length: 32) :: > ff02::1:ff54:ae21: [icmp6 sum ok] ICMP6, neighbor solicitation, length 32, who has 2401:fa00:480:13d:2a65:4e6a:7554:ae21
unknown option (14), length 8 (1):
0x0000: 891b eaef 1263
0x0000: 6000 0000 0020 3aff 0000 0000 0000 0000 `.....:.........
0x0010: 0000 0000 0000 0000 ff02 0000 0000 0000 ................
0x0020: 0000 0001 ff54 ae21 8700 77b6 0000 0000 .....T.!..w.....
0x0030: 2401 fa00 0480 013d 2a65 4e6a 7554 ae21 $......=*eNjuT.!
0x0040: 0e01 891b 434c 4154 ....CLAT
Bug: 238387793
Test: TreeHugger, manually on bramble with ipv6-only wifi network
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I16141bc427467e935da55f4eac6943659d8a65ad
1 file changed
