2 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. Neither the name of the project nor the names of its contributors
14 * may be used to endorse or promote products derived from this software
15 * without specific prior written permission.
17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * $KAME: nd6.c,v 1.144 2001/05/24 07:44:00 itojun Exp $
32 #include <sys/cdefs.h>
33 __FBSDID("$FreeBSD$");
36 #include "opt_inet6.h"
38 #include <sys/param.h>
39 #include <sys/systm.h>
40 #include <sys/callout.h>
41 #include <sys/malloc.h>
43 #include <sys/socket.h>
44 #include <sys/sockio.h>
46 #include <sys/kernel.h>
47 #include <sys/protosw.h>
48 #include <sys/errno.h>
49 #include <sys/syslog.h>
51 #include <sys/rwlock.h>
52 #include <sys/queue.h>
54 #include <sys/sysctl.h>
57 #include <net/if_var.h>
58 #include <net/if_arc.h>
59 #include <net/if_dl.h>
60 #include <net/if_types.h>
61 #include <net/iso88025.h>
63 #include <net/route.h>
66 #include <netinet/in.h>
67 #include <netinet/in_kdtrace.h>
68 #include <net/if_llatbl.h>
69 #include <netinet/if_ether.h>
70 #include <netinet6/in6_var.h>
71 #include <netinet/ip6.h>
72 #include <netinet6/ip6_var.h>
73 #include <netinet6/scope6_var.h>
74 #include <netinet6/nd6.h>
75 #include <netinet6/in6_ifattach.h>
76 #include <netinet/icmp6.h>
77 #include <netinet6/send.h>
79 #include <sys/limits.h>
81 #include <security/mac/mac_framework.h>
83 #define ND6_SLOWTIMER_INTERVAL (60 * 60) /* 1 hour */
84 #define ND6_RECALC_REACHTM_INTERVAL (60 * 120) /* 2 hours */
86 #define SIN6(s) ((const struct sockaddr_in6 *)(s))
89 VNET_DEFINE(int, nd6_prune) = 1; /* walk list every 1 seconds */
90 VNET_DEFINE(int, nd6_delay) = 5; /* delay first probe time 5 second */
91 VNET_DEFINE(int, nd6_umaxtries) = 3; /* maximum unicast query */
92 VNET_DEFINE(int, nd6_mmaxtries) = 3; /* maximum multicast query */
93 VNET_DEFINE(int, nd6_useloopback) = 1; /* use loopback interface for
95 VNET_DEFINE(int, nd6_gctimer) = (60 * 60 * 24); /* 1 day: garbage
98 /* preventing too many loops in ND option parsing */
99 static VNET_DEFINE(int, nd6_maxndopt) = 10; /* max # of ND options allowed */
101 VNET_DEFINE(int, nd6_maxnudhint) = 0; /* max # of subsequent upper
103 static VNET_DEFINE(int, nd6_maxqueuelen) = 1; /* max pkts cached in unresolved
105 #define V_nd6_maxndopt VNET(nd6_maxndopt)
106 #define V_nd6_maxqueuelen VNET(nd6_maxqueuelen)
109 VNET_DEFINE(int, nd6_debug) = 1;
111 VNET_DEFINE(int, nd6_debug) = 0;
114 static eventhandler_tag lle_event_eh, iflladdr_event_eh;
116 VNET_DEFINE(struct nd_drhead, nd_defrouter);
117 VNET_DEFINE(struct nd_prhead, nd_prefix);
118 VNET_DEFINE(struct rwlock, nd6_lock);
120 VNET_DEFINE(int, nd6_recalc_reachtm_interval) = ND6_RECALC_REACHTM_INTERVAL;
121 #define V_nd6_recalc_reachtm_interval VNET(nd6_recalc_reachtm_interval)
123 int (*send_sendso_input_hook)(struct mbuf *, struct ifnet *, int, int);
125 static int nd6_is_new_addr_neighbor(const struct sockaddr_in6 *,
127 static void nd6_setmtu0(struct ifnet *, struct nd_ifinfo *);
128 static void nd6_slowtimo(void *);
129 static int regen_tmpaddr(struct in6_ifaddr *);
130 static void nd6_free(struct llentry **, int);
131 static void nd6_free_redirect(const struct llentry *);
132 static void nd6_llinfo_timer(void *);
133 static void nd6_llinfo_settimer_locked(struct llentry *, long);
134 static void clear_llinfo_pqueue(struct llentry *);
135 static void nd6_rtrequest(int, struct rtentry *, struct rt_addrinfo *);
136 static int nd6_resolve_slow(struct ifnet *, int, struct mbuf *,
137 const struct sockaddr_in6 *, u_char *, uint32_t *);
138 static int nd6_need_cache(struct ifnet *);
141 static VNET_DEFINE(struct callout, nd6_slowtimo_ch);
142 #define V_nd6_slowtimo_ch VNET(nd6_slowtimo_ch)
144 VNET_DEFINE(struct callout, nd6_timer_ch);
145 #define V_nd6_timer_ch VNET(nd6_timer_ch)
148 nd6_lle_event(void *arg __unused, struct llentry *lle, int evt)
150 struct rt_addrinfo rtinfo;
151 struct sockaddr_in6 dst;
152 struct sockaddr_dl gw;
156 LLE_WLOCK_ASSERT(lle);
158 if (lltable_get_af(lle->lle_tbl) != AF_INET6)
162 case LLENTRY_RESOLVED:
164 KASSERT(lle->la_flags & LLE_VALID,
165 ("%s: %p resolved but not valid?", __func__, lle));
167 case LLENTRY_EXPIRED:
174 ifp = lltable_get_ifp(lle->lle_tbl);
176 bzero(&dst, sizeof(dst));
177 bzero(&gw, sizeof(gw));
178 bzero(&rtinfo, sizeof(rtinfo));
179 lltable_fill_sa_entry(lle, (struct sockaddr *)&dst);
180 dst.sin6_scope_id = in6_getscopezone(ifp,
181 in6_addrscope(&dst.sin6_addr));
182 gw.sdl_len = sizeof(struct sockaddr_dl);
183 gw.sdl_family = AF_LINK;
184 gw.sdl_alen = ifp->if_addrlen;
185 gw.sdl_index = ifp->if_index;
186 gw.sdl_type = ifp->if_type;
187 if (evt == LLENTRY_RESOLVED)
188 bcopy(lle->ll_addr, gw.sdl_data, ifp->if_addrlen);
189 rtinfo.rti_info[RTAX_DST] = (struct sockaddr *)&dst;
190 rtinfo.rti_info[RTAX_GATEWAY] = (struct sockaddr *)&gw;
191 rtinfo.rti_addrs = RTA_DST | RTA_GATEWAY;
192 rt_missmsg_fib(type, &rtinfo, RTF_HOST | RTF_LLDATA | (
193 type == RTM_ADD ? RTF_UP: 0), 0, RT_DEFAULT_FIB);
197 * A handler for interface link layer address change event.
200 nd6_iflladdr(void *arg __unused, struct ifnet *ifp)
203 lltable_update_ifaddr(LLTABLE6(ifp));
210 rw_init(&V_nd6_lock, "nd6");
212 LIST_INIT(&V_nd_prefix);
214 /* initialization of the default router list */
215 TAILQ_INIT(&V_nd_defrouter);
218 callout_init(&V_nd6_slowtimo_ch, 0);
219 callout_reset(&V_nd6_slowtimo_ch, ND6_SLOWTIMER_INTERVAL * hz,
220 nd6_slowtimo, curvnet);
222 callout_init(&V_nd6_timer_ch, 0);
223 callout_reset(&V_nd6_timer_ch, hz, nd6_timer, curvnet);
226 if (IS_DEFAULT_VNET(curvnet)) {
227 lle_event_eh = EVENTHANDLER_REGISTER(lle_event, nd6_lle_event,
228 NULL, EVENTHANDLER_PRI_ANY);
229 iflladdr_event_eh = EVENTHANDLER_REGISTER(iflladdr_event,
230 nd6_iflladdr, NULL, EVENTHANDLER_PRI_ANY);
239 callout_drain(&V_nd6_slowtimo_ch);
240 callout_drain(&V_nd6_timer_ch);
241 if (IS_DEFAULT_VNET(curvnet)) {
242 EVENTHANDLER_DEREGISTER(lle_event, lle_event_eh);
243 EVENTHANDLER_DEREGISTER(iflladdr_event, iflladdr_event_eh);
245 rw_destroy(&V_nd6_lock);
250 nd6_ifattach(struct ifnet *ifp)
252 struct nd_ifinfo *nd;
254 nd = malloc(sizeof(*nd), M_IP6NDP, M_WAITOK | M_ZERO);
257 nd->chlim = IPV6_DEFHLIM;
258 nd->basereachable = REACHABLE_TIME;
259 nd->reachable = ND_COMPUTE_RTIME(nd->basereachable);
260 nd->retrans = RETRANS_TIMER;
262 nd->flags = ND6_IFF_PERFORMNUD;
264 /* A loopback interface always has ND6_IFF_AUTO_LINKLOCAL.
265 * XXXHRS: Clear ND6_IFF_AUTO_LINKLOCAL on an IFT_BRIDGE interface by
266 * default regardless of the V_ip6_auto_linklocal configuration to
267 * give a reasonable default behavior.
269 if ((V_ip6_auto_linklocal && ifp->if_type != IFT_BRIDGE) ||
270 (ifp->if_flags & IFF_LOOPBACK))
271 nd->flags |= ND6_IFF_AUTO_LINKLOCAL;
273 * A loopback interface does not need to accept RTADV.
274 * XXXHRS: Clear ND6_IFF_ACCEPT_RTADV on an IFT_BRIDGE interface by
275 * default regardless of the V_ip6_accept_rtadv configuration to
276 * prevent the interface from accepting RA messages arrived
277 * on one of the member interfaces with ND6_IFF_ACCEPT_RTADV.
279 if (V_ip6_accept_rtadv &&
280 !(ifp->if_flags & IFF_LOOPBACK) &&
281 (ifp->if_type != IFT_BRIDGE))
282 nd->flags |= ND6_IFF_ACCEPT_RTADV;
283 if (V_ip6_no_radr && !(ifp->if_flags & IFF_LOOPBACK))
284 nd->flags |= ND6_IFF_NO_RADR;
286 /* XXX: we cannot call nd6_setmtu since ifp is not fully initialized */
287 nd6_setmtu0(ifp, nd);
293 nd6_ifdetach(struct nd_ifinfo *nd)
300 * Reset ND level link MTU. This function is called when the physical MTU
301 * changes, which means we might have to adjust the ND level MTU.
304 nd6_setmtu(struct ifnet *ifp)
306 if (ifp->if_afdata[AF_INET6] == NULL)
309 nd6_setmtu0(ifp, ND_IFINFO(ifp));
312 /* XXX todo: do not maintain copy of ifp->if_mtu in ndi->maxmtu */
314 nd6_setmtu0(struct ifnet *ifp, struct nd_ifinfo *ndi)
318 omaxmtu = ndi->maxmtu;
320 switch (ifp->if_type) {
322 ndi->maxmtu = MIN(ARC_PHDS_MAXMTU, ifp->if_mtu); /* RFC2497 */
325 ndi->maxmtu = MIN(FDDIIPMTU, ifp->if_mtu); /* RFC2467 */
328 ndi->maxmtu = MIN(ISO88025_MAX_MTU, ifp->if_mtu);
331 ndi->maxmtu = ifp->if_mtu;
336 * Decreasing the interface MTU under IPV6 minimum MTU may cause
337 * undesirable situation. We thus notify the operator of the change
338 * explicitly. The check for omaxmtu is necessary to restrict the
339 * log to the case of changing the MTU, not initializing it.
341 if (omaxmtu >= IPV6_MMTU && ndi->maxmtu < IPV6_MMTU) {
342 log(LOG_NOTICE, "nd6_setmtu0: "
343 "new link MTU on %s (%lu) is too small for IPv6\n",
344 if_name(ifp), (unsigned long)ndi->maxmtu);
347 if (ndi->maxmtu > V_in6_maxmtu)
348 in6_setmaxmtu(); /* check all interfaces just in case */
353 nd6_option_init(void *opt, int icmp6len, union nd_opts *ndopts)
356 bzero(ndopts, sizeof(*ndopts));
357 ndopts->nd_opts_search = (struct nd_opt_hdr *)opt;
359 = (struct nd_opt_hdr *)(((u_char *)opt) + icmp6len);
362 ndopts->nd_opts_done = 1;
363 ndopts->nd_opts_search = NULL;
368 * Take one ND option.
371 nd6_option(union nd_opts *ndopts)
373 struct nd_opt_hdr *nd_opt;
376 KASSERT(ndopts != NULL, ("%s: ndopts == NULL", __func__));
377 KASSERT(ndopts->nd_opts_last != NULL, ("%s: uninitialized ndopts",
379 if (ndopts->nd_opts_search == NULL)
381 if (ndopts->nd_opts_done)
384 nd_opt = ndopts->nd_opts_search;
386 /* make sure nd_opt_len is inside the buffer */
387 if ((caddr_t)&nd_opt->nd_opt_len >= (caddr_t)ndopts->nd_opts_last) {
388 bzero(ndopts, sizeof(*ndopts));
392 olen = nd_opt->nd_opt_len << 3;
395 * Message validation requires that all included
396 * options have a length that is greater than zero.
398 bzero(ndopts, sizeof(*ndopts));
402 ndopts->nd_opts_search = (struct nd_opt_hdr *)((caddr_t)nd_opt + olen);
403 if (ndopts->nd_opts_search > ndopts->nd_opts_last) {
404 /* option overruns the end of buffer, invalid */
405 bzero(ndopts, sizeof(*ndopts));
407 } else if (ndopts->nd_opts_search == ndopts->nd_opts_last) {
408 /* reached the end of options chain */
409 ndopts->nd_opts_done = 1;
410 ndopts->nd_opts_search = NULL;
416 * Parse multiple ND options.
417 * This function is much easier to use, for ND routines that do not need
418 * multiple options of the same type.
421 nd6_options(union nd_opts *ndopts)
423 struct nd_opt_hdr *nd_opt;
426 KASSERT(ndopts != NULL, ("%s: ndopts == NULL", __func__));
427 KASSERT(ndopts->nd_opts_last != NULL, ("%s: uninitialized ndopts",
429 if (ndopts->nd_opts_search == NULL)
433 nd_opt = nd6_option(ndopts);
434 if (nd_opt == NULL && ndopts->nd_opts_last == NULL) {
436 * Message validation requires that all included
437 * options have a length that is greater than zero.
439 ICMP6STAT_INC(icp6s_nd_badopt);
440 bzero(ndopts, sizeof(*ndopts));
447 switch (nd_opt->nd_opt_type) {
448 case ND_OPT_SOURCE_LINKADDR:
449 case ND_OPT_TARGET_LINKADDR:
451 case ND_OPT_REDIRECTED_HEADER:
453 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
455 "duplicated ND6 option found (type=%d)\n",
456 nd_opt->nd_opt_type));
459 ndopts->nd_opt_array[nd_opt->nd_opt_type]
463 case ND_OPT_PREFIX_INFORMATION:
464 if (ndopts->nd_opt_array[nd_opt->nd_opt_type] == 0) {
465 ndopts->nd_opt_array[nd_opt->nd_opt_type]
468 ndopts->nd_opts_pi_end =
469 (struct nd_opt_prefix_info *)nd_opt;
471 /* What about ND_OPT_ROUTE_INFO? RFC 4191 */
472 case ND_OPT_RDNSS: /* RFC 6106 */
473 case ND_OPT_DNSSL: /* RFC 6106 */
475 * Silently ignore options we know and do not care about
481 * Unknown options must be silently ignored,
482 * to accomodate future extension to the protocol.
485 "nd6_options: unsupported option %d - "
486 "option ignored\n", nd_opt->nd_opt_type));
491 if (i > V_nd6_maxndopt) {
492 ICMP6STAT_INC(icp6s_nd_toomanyopt);
493 nd6log((LOG_INFO, "too many loop in nd opt\n"));
497 if (ndopts->nd_opts_done)
505 * ND6 timer routine to handle ND6 entries
508 nd6_llinfo_settimer_locked(struct llentry *ln, long tick)
512 LLE_WLOCK_ASSERT(ln);
517 canceled = callout_stop(&ln->lle_timer);
519 ln->la_expire = time_uptime + tick / hz;
521 if (tick > INT_MAX) {
522 ln->ln_ntick = tick - INT_MAX;
523 canceled = callout_reset(&ln->lle_timer, INT_MAX,
524 nd6_llinfo_timer, ln);
527 canceled = callout_reset(&ln->lle_timer, tick,
528 nd6_llinfo_timer, ln);
536 * Gets source address of the first packet in hold queue
537 * and stores it in @src.
538 * Returns pointer to @src (if hold queue is not empty) or NULL.
540 * Set noinline to be dtrace-friendly
542 static __noinline struct in6_addr *
543 nd6_llinfo_get_holdsrc(struct llentry *ln, struct in6_addr *src)
548 if (ln->la_hold == NULL)
552 * assume every packet in la_hold has the same IP header
555 if (sizeof(hdr) > m->m_len)
558 m_copydata(m, 0, sizeof(hdr), (caddr_t)&hdr);
565 * Checks if we need to switch from STALE state.
567 * RFC 4861 requires switching from STALE to DELAY state
568 * on first packet matching entry, waiting V_nd6_delay and
569 * transition to PROBE state (if upper layer confirmation was
572 * This code performs a bit differently:
573 * On packet hit we don't change state (but desired state
574 * can be guessed by control plane). However, after V_nd6_delay
575 * seconds code will transition to PROBE state (so DELAY state
576 * is kinda skipped in most situations).
578 * Typically, V_nd6_gctimer is bigger than V_nd6_delay, so
579 * we perform the following upon entering STALE state:
581 * 1) Arm timer to run each V_nd6_delay seconds to make sure that
582 * if packet was transmitted at the start of given interval, we
583 * would be able to switch to PROBE state in V_nd6_delay seconds
586 * 2) Reschedule timer until original V_nd6_gctimer expires keeping
587 * lle in STALE state (remaining timer value stored in lle_remtime).
589 * 3) Reschedule timer if packet was transmitted less that V_nd6_delay
592 * Returns non-zero value if the entry is still STALE (storing
593 * the next timer interval in @pdelay).
595 * Returns zero value if original timer expired or we need to switch to
596 * PROBE (store that in @do_switch variable).
599 nd6_is_stale(struct llentry *lle, long *pdelay, int *do_switch)
601 int nd_delay, nd_gctimer, r_skip_req;
606 nd_gctimer = V_nd6_gctimer;
607 nd_delay = V_nd6_delay;
610 r_skip_req = lle->r_skip_req;
611 lle_hittime = lle->lle_hittime;
614 if (r_skip_req > 0) {
617 * Nonzero r_skip_req value was set upon entering
618 * STALE state. Since value was not changed, no
619 * packets were passed using this lle. Ask for
620 * timer reschedule and keep STALE state.
622 delay = (long)(MIN(nd_gctimer, nd_delay));
624 if (lle->lle_remtime > delay)
625 lle->lle_remtime -= delay;
627 delay = lle->lle_remtime;
628 lle->lle_remtime = 0;
634 * The original ng6_gctime timeout ended,
635 * no more rescheduling.
645 * Packet received. Verify timestamp
647 delay = (long)(time_uptime - lle_hittime);
648 if (delay < nd_delay) {
651 * V_nd6_delay still not passed since the first
652 * hit in STALE state.
653 * Reshedule timer and return.
655 *pdelay = (long)(nd_delay - delay) * hz;
659 /* Request switching to probe */
666 * Switch @lle state to new state optionally arming timers.
668 * Set noinline to be dtrace-friendly
671 nd6_llinfo_setstate(struct llentry *lle, int newstate)
674 int nd_gctimer, nd_delay;
681 case ND6_LLINFO_INCOMPLETE:
682 ifp = lle->lle_tbl->llt_ifp;
683 delay = (long)ND_IFINFO(ifp)->retrans * hz / 1000;
685 case ND6_LLINFO_REACHABLE:
686 if (!ND6_LLINFO_PERMANENT(lle)) {
687 ifp = lle->lle_tbl->llt_ifp;
688 delay = (long)ND_IFINFO(ifp)->reachable * hz;
691 case ND6_LLINFO_STALE:
694 * Notify fast path that we want to know if any packet
695 * is transmitted by setting r_skip_req.
700 nd_delay = V_nd6_delay;
701 nd_gctimer = V_nd6_gctimer;
703 delay = (long)(MIN(nd_gctimer, nd_delay)) * hz;
704 remtime = (long)nd_gctimer * hz - delay;
706 case ND6_LLINFO_DELAY:
708 delay = (long)V_nd6_delay * hz;
713 nd6_llinfo_settimer_locked(lle, delay);
715 lle->lle_remtime = remtime;
716 lle->ln_state = newstate;
720 * Timer-dependent part of nd state machine.
722 * Set noinline to be dtrace-friendly
724 static __noinline void
725 nd6_llinfo_timer(void *arg)
728 struct in6_addr *dst, *pdst, *psrc, src;
730 struct nd_ifinfo *ndi;
731 int do_switch, send_ns;
734 KASSERT(arg != NULL, ("%s: arg NULL", __func__));
735 ln = (struct llentry *)arg;
736 ifp = lltable_get_ifp(ln->lle_tbl);
737 CURVNET_SET(ifp->if_vnet);
741 if (callout_pending(&ln->lle_timer)) {
743 * Here we are a bit odd here in the treatment of
744 * active/pending. If the pending bit is set, it got
745 * rescheduled before I ran. The active
746 * bit we ignore, since if it was stopped
747 * in ll_tablefree() and was currently running
748 * it would have return 0 so the code would
749 * not have deleted it since the callout could
750 * not be stopped so we want to go through
751 * with the delete here now. If the callout
752 * was restarted, the pending bit will be back on and
753 * we just want to bail since the callout_reset would
754 * return 1 and our reference would have been removed
755 * by nd6_llinfo_settimer_locked above since canceled
763 ndi = ND_IFINFO(ifp);
765 dst = &ln->r_l3addr.addr6;
768 if (ln->ln_ntick > 0) {
769 if (ln->ln_ntick > INT_MAX) {
770 ln->ln_ntick -= INT_MAX;
771 nd6_llinfo_settimer_locked(ln, INT_MAX);
774 nd6_llinfo_settimer_locked(ln, ln->ln_ntick);
779 if (ln->la_flags & LLE_STATIC) {
783 if (ln->la_flags & LLE_DELETED) {
788 switch (ln->ln_state) {
789 case ND6_LLINFO_INCOMPLETE:
790 if (ln->la_asked < V_nd6_mmaxtries) {
793 /* Send NS to multicast address */
796 struct mbuf *m = ln->la_hold;
801 * assuming every packet in la_hold has the
802 * same IP header. Send error after unlock.
807 clear_llinfo_pqueue(ln);
811 icmp6_error2(m, ICMP6_DST_UNREACH,
812 ICMP6_DST_UNREACH_ADDR, 0, ifp);
815 case ND6_LLINFO_REACHABLE:
816 if (!ND6_LLINFO_PERMANENT(ln))
817 nd6_llinfo_setstate(ln, ND6_LLINFO_STALE);
820 case ND6_LLINFO_STALE:
821 if (nd6_is_stale(ln, &delay, &do_switch) != 0) {
824 * No packet has used this entry and GC timeout
825 * has not been passed. Reshedule timer and
828 nd6_llinfo_settimer_locked(ln, delay);
832 if (do_switch == 0) {
835 * GC timer has ended and entry hasn't been used.
836 * Run Garbage collector (RFC 4861, 5.3)
838 if (!ND6_LLINFO_PERMANENT(ln))
843 /* Entry has been used AND delay timer has ended. */
847 case ND6_LLINFO_DELAY:
848 if (ndi && (ndi->flags & ND6_IFF_PERFORMNUD) != 0) {
851 nd6_llinfo_setstate(ln, ND6_LLINFO_PROBE);
854 nd6_llinfo_setstate(ln, ND6_LLINFO_STALE); /* XXX */
856 case ND6_LLINFO_PROBE:
857 if (ln->la_asked < V_nd6_umaxtries) {
865 panic("%s: paths in a dark night can be confusing: %d",
866 __func__, ln->ln_state);
872 nd6_llinfo_settimer_locked(ln, (long)ndi->retrans * hz / 1000);
873 psrc = nd6_llinfo_get_holdsrc(ln, &src);
876 nd6_ns_output(ifp, psrc, pdst, dst, NULL);
886 * ND6 timer routine to expire default route list and prefix list
891 CURVNET_SET((struct vnet *) arg);
892 struct nd_drhead drq;
893 struct nd_defrouter *dr, *ndr;
894 struct nd_prefix *pr, *npr;
895 struct in6_ifaddr *ia6, *nia6;
897 callout_reset(&V_nd6_timer_ch, V_nd6_prune * hz,
902 /* expire default router list */
904 TAILQ_FOREACH_SAFE(dr, &V_nd_defrouter, dr_entry, ndr)
905 if (dr->expire && dr->expire < time_uptime)
906 defrouter_unlink(dr, &drq);
909 while ((dr = TAILQ_FIRST(&drq)) != NULL) {
910 TAILQ_REMOVE(&drq, dr, dr_entry);
915 * expire interface addresses.
916 * in the past the loop was inside prefix expiry processing.
917 * However, from a stricter speci-confrmance standpoint, we should
918 * rather separate address lifetimes and prefix lifetimes.
920 * XXXRW: in6_ifaddrhead locking.
923 TAILQ_FOREACH_SAFE(ia6, &V_in6_ifaddrhead, ia_link, nia6) {
924 /* check address lifetime */
925 if (IFA6_IS_INVALID(ia6)) {
929 * If the expiring address is temporary, try
930 * regenerating a new one. This would be useful when
931 * we suspended a laptop PC, then turned it on after a
932 * period that could invalidate all temporary
933 * addresses. Although we may have to restart the
934 * loop (see below), it must be after purging the
935 * address. Otherwise, we'd see an infinite loop of
938 if (V_ip6_use_tempaddr &&
939 (ia6->ia6_flags & IN6_IFF_TEMPORARY) != 0) {
940 if (regen_tmpaddr(ia6) == 0)
944 in6_purgeaddr(&ia6->ia_ifa);
947 goto addrloop; /* XXX: see below */
948 } else if (IFA6_IS_DEPRECATED(ia6)) {
949 int oldflags = ia6->ia6_flags;
951 ia6->ia6_flags |= IN6_IFF_DEPRECATED;
954 * If a temporary address has just become deprecated,
955 * regenerate a new one if possible.
957 if (V_ip6_use_tempaddr &&
958 (ia6->ia6_flags & IN6_IFF_TEMPORARY) != 0 &&
959 (oldflags & IN6_IFF_DEPRECATED) == 0) {
961 if (regen_tmpaddr(ia6) == 0) {
963 * A new temporary address is
965 * XXX: this means the address chain
966 * has changed while we are still in
967 * the loop. Although the change
968 * would not cause disaster (because
969 * it's not a deletion, but an
970 * addition,) we'd rather restart the
971 * loop just for safety. Or does this
972 * significantly reduce performance??
977 } else if ((ia6->ia6_flags & IN6_IFF_TENTATIVE) != 0) {
979 * Schedule DAD for a tentative address. This happens
980 * if the interface was down or not running
981 * when the address was configured.
985 delay = arc4random() %
986 (MAX_RTR_SOLICITATION_DELAY * hz);
987 nd6_dad_start((struct ifaddr *)ia6, delay);
990 * Check status of the interface. If it is down,
991 * mark the address as tentative for future DAD.
993 if ((ia6->ia_ifp->if_flags & IFF_UP) == 0 ||
994 (ia6->ia_ifp->if_drv_flags & IFF_DRV_RUNNING)
996 (ND_IFINFO(ia6->ia_ifp)->flags &
997 ND6_IFF_IFDISABLED) != 0) {
998 ia6->ia6_flags &= ~IN6_IFF_DUPLICATED;
999 ia6->ia6_flags |= IN6_IFF_TENTATIVE;
1002 * A new RA might have made a deprecated address
1005 ia6->ia6_flags &= ~IN6_IFF_DEPRECATED;
1009 /* expire prefix list */
1010 LIST_FOREACH_SAFE(pr, &V_nd_prefix, ndpr_entry, npr) {
1012 * check prefix lifetime.
1013 * since pltime is just for autoconf, pltime processing for
1014 * prefix is not necessary.
1016 if (pr->ndpr_vltime != ND6_INFINITE_LIFETIME &&
1017 time_uptime - pr->ndpr_lastupdate > pr->ndpr_vltime) {
1020 * address expiration and prefix expiration are
1021 * separate. NEVER perform in6_purgeaddr here.
1030 * ia6 - deprecated/invalidated temporary address
1033 regen_tmpaddr(struct in6_ifaddr *ia6)
1037 struct in6_ifaddr *public_ifa6 = NULL;
1039 ifp = ia6->ia_ifa.ifa_ifp;
1041 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1042 struct in6_ifaddr *it6;
1044 if (ifa->ifa_addr->sa_family != AF_INET6)
1047 it6 = (struct in6_ifaddr *)ifa;
1049 /* ignore no autoconf addresses. */
1050 if ((it6->ia6_flags & IN6_IFF_AUTOCONF) == 0)
1053 /* ignore autoconf addresses with different prefixes. */
1054 if (it6->ia6_ndpr == NULL || it6->ia6_ndpr != ia6->ia6_ndpr)
1058 * Now we are looking at an autoconf address with the same
1059 * prefix as ours. If the address is temporary and is still
1060 * preferred, do not create another one. It would be rare, but
1061 * could happen, for example, when we resume a laptop PC after
1064 if ((it6->ia6_flags & IN6_IFF_TEMPORARY) != 0 &&
1065 !IFA6_IS_DEPRECATED(it6)) {
1071 * This is a public autoconf address that has the same prefix
1072 * as ours. If it is preferred, keep it. We can't break the
1073 * loop here, because there may be a still-preferred temporary
1074 * address with the prefix.
1076 if (!IFA6_IS_DEPRECATED(it6))
1079 if (public_ifa6 != NULL)
1080 ifa_ref(&public_ifa6->ia_ifa);
1081 IF_ADDR_RUNLOCK(ifp);
1083 if (public_ifa6 != NULL) {
1086 if ((e = in6_tmpifadd(public_ifa6, 0, 0)) != 0) {
1087 ifa_free(&public_ifa6->ia_ifa);
1088 log(LOG_NOTICE, "regen_tmpaddr: failed to create a new"
1089 " tmp addr,errno=%d\n", e);
1092 ifa_free(&public_ifa6->ia_ifa);
1100 * Nuke neighbor cache/prefix/default router management table, right before
1104 nd6_purge(struct ifnet *ifp)
1106 struct nd_drhead drq;
1107 struct nd_defrouter *dr, *ndr;
1108 struct nd_prefix *pr, *npr;
1113 * Nuke default router list entries toward ifp.
1114 * We defer removal of default router list entries that is installed
1115 * in the routing table, in order to keep additional side effects as
1116 * small as possible.
1119 TAILQ_FOREACH_SAFE(dr, &V_nd_defrouter, dr_entry, ndr) {
1123 defrouter_unlink(dr, &drq);
1126 TAILQ_FOREACH_SAFE(dr, &V_nd_defrouter, dr_entry, ndr) {
1130 defrouter_unlink(dr, &drq);
1134 while ((dr = TAILQ_FIRST(&drq)) != NULL) {
1135 TAILQ_REMOVE(&drq, dr, dr_entry);
1139 /* Nuke prefix list entries toward ifp */
1140 LIST_FOREACH_SAFE(pr, &V_nd_prefix, ndpr_entry, npr) {
1141 if (pr->ndpr_ifp == ifp) {
1143 * Because if_detach() does *not* release prefixes
1144 * while purging addresses the reference count will
1145 * still be above zero. We therefore reset it to
1146 * make sure that the prefix really gets purged.
1148 pr->ndpr_refcnt = 0;
1151 * Previously, pr->ndpr_addr is removed as well,
1152 * but I strongly believe we don't have to do it.
1153 * nd6_purge() is only called from in6_ifdetach(),
1154 * which removes all the associated interface addresses
1156 * (jinmei@kame.net 20010129)
1162 /* cancel default outgoing interface setting */
1163 if (V_nd6_defifindex == ifp->if_index)
1164 nd6_setdefaultiface(0);
1166 if (ND_IFINFO(ifp)->flags & ND6_IFF_ACCEPT_RTADV) {
1167 /* Refresh default router list. */
1172 * We do not nuke the neighbor cache entries here any more
1173 * because the neighbor cache is kept in if_afdata[AF_INET6].
1174 * nd6_purge() is invoked by in6_ifdetach() which is called
1175 * from if_detach() where everything gets purged. So let
1176 * in6_domifdetach() do the actual L2 table purging work.
1181 * the caller acquires and releases the lock on the lltbls
1182 * Returns the llentry locked
1185 nd6_lookup(const struct in6_addr *addr6, int flags, struct ifnet *ifp)
1187 struct sockaddr_in6 sin6;
1190 bzero(&sin6, sizeof(sin6));
1191 sin6.sin6_len = sizeof(struct sockaddr_in6);
1192 sin6.sin6_family = AF_INET6;
1193 sin6.sin6_addr = *addr6;
1195 IF_AFDATA_LOCK_ASSERT(ifp);
1197 ln = lla_lookup(LLTABLE6(ifp), flags, (struct sockaddr *)&sin6);
1203 nd6_alloc(const struct in6_addr *addr6, int flags, struct ifnet *ifp)
1205 struct sockaddr_in6 sin6;
1208 bzero(&sin6, sizeof(sin6));
1209 sin6.sin6_len = sizeof(struct sockaddr_in6);
1210 sin6.sin6_family = AF_INET6;
1211 sin6.sin6_addr = *addr6;
1213 ln = lltable_alloc_entry(LLTABLE6(ifp), 0, (struct sockaddr *)&sin6);
1215 ln->ln_state = ND6_LLINFO_NOSTATE;
1221 * Test whether a given IPv6 address is a neighbor or not, ignoring
1222 * the actual neighbor cache. The neighbor cache is ignored in order
1223 * to not reenter the routing code from within itself.
1226 nd6_is_new_addr_neighbor(const struct sockaddr_in6 *addr, struct ifnet *ifp)
1228 struct nd_prefix *pr;
1229 struct ifaddr *dstaddr;
1230 struct rt_addrinfo info;
1231 struct sockaddr_in6 rt_key;
1232 struct sockaddr *dst6;
1236 * A link-local address is always a neighbor.
1237 * XXX: a link does not necessarily specify a single interface.
1239 if (IN6_IS_ADDR_LINKLOCAL(&addr->sin6_addr)) {
1240 struct sockaddr_in6 sin6_copy;
1244 * We need sin6_copy since sa6_recoverscope() may modify the
1248 if (sa6_recoverscope(&sin6_copy))
1249 return (0); /* XXX: should be impossible */
1250 if (in6_setscope(&sin6_copy.sin6_addr, ifp, &zone))
1252 if (sin6_copy.sin6_scope_id == zone)
1258 bzero(&rt_key, sizeof(rt_key));
1259 bzero(&info, sizeof(info));
1260 info.rti_info[RTAX_DST] = (struct sockaddr *)&rt_key;
1262 /* Always use the default FIB here. XXME - why? */
1263 fibnum = RT_DEFAULT_FIB;
1266 * If the address matches one of our addresses,
1267 * it should be a neighbor.
1268 * If the address matches one of our on-link prefixes, it should be a
1271 LIST_FOREACH(pr, &V_nd_prefix, ndpr_entry) {
1272 if (pr->ndpr_ifp != ifp)
1275 if (!(pr->ndpr_stateflags & NDPRF_ONLINK)) {
1277 /* Always use the default FIB here. */
1278 dst6 = (struct sockaddr *)&pr->ndpr_prefix;
1280 /* Restore length field before retrying lookup */
1281 rt_key.sin6_len = sizeof(rt_key);
1282 if (rib_lookup_info(fibnum, dst6, 0, 0, &info) != 0)
1285 * This is the case where multiple interfaces
1286 * have the same prefix, but only one is installed
1287 * into the routing table and that prefix entry
1288 * is not the one being examined here. In the case
1289 * where RADIX_MPATH is enabled, multiple route
1290 * entries (of the same rt_key value) will be
1291 * installed because the interface addresses all
1294 if (!IN6_ARE_ADDR_EQUAL(&pr->ndpr_prefix.sin6_addr,
1299 if (IN6_ARE_MASKED_ADDR_EQUAL(&pr->ndpr_prefix.sin6_addr,
1300 &addr->sin6_addr, &pr->ndpr_mask))
1305 * If the address is assigned on the node of the other side of
1306 * a p2p interface, the address should be a neighbor.
1308 dstaddr = ifa_ifwithdstaddr((const struct sockaddr *)addr, RT_ALL_FIBS);
1309 if (dstaddr != NULL) {
1310 if (dstaddr->ifa_ifp == ifp) {
1318 * If the default router list is empty, all addresses are regarded
1319 * as on-link, and thus, as a neighbor.
1321 if (ND_IFINFO(ifp)->flags & ND6_IFF_ACCEPT_RTADV &&
1322 TAILQ_EMPTY(&V_nd_defrouter) &&
1323 V_nd6_defifindex == ifp->if_index) {
1332 * Detect if a given IPv6 address identifies a neighbor on a given link.
1333 * XXX: should take care of the destination of a p2p link?
1336 nd6_is_addr_neighbor(const struct sockaddr_in6 *addr, struct ifnet *ifp)
1338 struct llentry *lle;
1341 IF_AFDATA_UNLOCK_ASSERT(ifp);
1342 if (nd6_is_new_addr_neighbor(addr, ifp))
1346 * Even if the address matches none of our addresses, it might be
1347 * in the neighbor cache.
1349 IF_AFDATA_RLOCK(ifp);
1350 if ((lle = nd6_lookup(&addr->sin6_addr, 0, ifp)) != NULL) {
1354 IF_AFDATA_RUNLOCK(ifp);
1359 * Free an nd6 llinfo entry.
1360 * Since the function would cause significant changes in the kernel, DO NOT
1361 * make it global, unless you have a strong reason for the change, and are sure
1362 * that the change is safe.
1364 * Set noinline to be dtrace-friendly
1366 static __noinline void
1367 nd6_free(struct llentry **lnp, int gc)
1371 struct nd_defrouter *dr;
1376 LLE_WLOCK_ASSERT(ln);
1379 ifp = lltable_get_ifp(ln->lle_tbl);
1380 if ((ND_IFINFO(ifp)->flags & ND6_IFF_ACCEPT_RTADV) != 0)
1381 dr = defrouter_lookup_locked(&ln->r_l3addr.addr6, ifp);
1386 if ((ln->la_flags & LLE_DELETED) == 0)
1387 EVENTHANDLER_INVOKE(lle_event, ln, LLENTRY_EXPIRED);
1390 * we used to have pfctlinput(PRC_HOSTDEAD) here.
1391 * even though it is not harmful, it was not really necessary.
1395 nd6_llinfo_settimer_locked(ln, -1);
1397 if (ND_IFINFO(ifp)->flags & ND6_IFF_ACCEPT_RTADV) {
1398 if (dr != NULL && dr->expire &&
1399 ln->ln_state == ND6_LLINFO_STALE && gc) {
1401 * If the reason for the deletion is just garbage
1402 * collection, and the neighbor is an active default
1403 * router, do not delete it. Instead, reset the GC
1404 * timer using the router's lifetime.
1405 * Simply deleting the entry would affect default
1406 * router selection, which is not necessarily a good
1407 * thing, especially when we're using router preference
1409 * XXX: the check for ln_state would be redundant,
1410 * but we intentionally keep it just in case.
1412 if (dr->expire > time_uptime)
1413 nd6_llinfo_settimer_locked(ln,
1414 (dr->expire - time_uptime) * hz);
1416 nd6_llinfo_settimer_locked(ln,
1417 (long)V_nd6_gctimer * hz);
1427 * Unreachablity of a router might affect the default
1428 * router selection and on-link detection of advertised
1433 * Temporarily fake the state to choose a new default
1434 * router and to perform on-link determination of
1435 * prefixes correctly.
1436 * Below the state will be set correctly,
1437 * or the entry itself will be deleted.
1439 ln->ln_state = ND6_LLINFO_INCOMPLETE;
1442 if (ln->ln_router || dr) {
1445 * We need to unlock to avoid a LOR with rt6_flush() with the
1446 * rnh and for the calls to pfxlist_onlink_check() and
1447 * defrouter_select() in the block further down for calls
1448 * into nd6_lookup(). We still hold a ref.
1453 * rt6_flush must be called whether or not the neighbor
1454 * is in the Default Router List.
1455 * See a corresponding comment in nd6_na_input().
1457 rt6_flush(&ln->r_l3addr.addr6, ifp);
1462 * Since defrouter_select() does not affect the
1463 * on-link determination and MIP6 needs the check
1464 * before the default router selection, we perform
1467 pfxlist_onlink_check();
1470 * Refresh default router list.
1476 * If this entry was added by an on-link redirect, remove the
1477 * corresponding host route.
1479 if (ln->la_flags & LLE_REDIRECT)
1480 nd6_free_redirect(ln);
1482 if (ln->ln_router || dr)
1487 * Save to unlock. We still hold an extra reference and will not
1488 * free(9) in llentry_free() if someone else holds one as well.
1491 IF_AFDATA_LOCK(ifp);
1493 /* Guard against race with other llentry_free(). */
1494 if (ln->la_flags & LLE_LINKED) {
1495 /* Remove callout reference */
1497 lltable_unlink_entry(ln->lle_tbl, ln);
1499 IF_AFDATA_UNLOCK(ifp);
1507 nd6_isdynrte(const struct rtentry *rt, void *xap)
1510 if (rt->rt_flags == (RTF_UP | RTF_HOST | RTF_DYNAMIC))
1516 * Remove the rtentry for the given llentry,
1517 * both of which were installed by a redirect.
1520 nd6_free_redirect(const struct llentry *ln)
1523 struct sockaddr_in6 sin6;
1524 struct rt_addrinfo info;
1526 lltable_fill_sa_entry(ln, (struct sockaddr *)&sin6);
1527 memset(&info, 0, sizeof(info));
1528 info.rti_info[RTAX_DST] = (struct sockaddr *)&sin6;
1529 info.rti_filter = nd6_isdynrte;
1531 for (fibnum = 0; fibnum < rt_numfibs; fibnum++)
1532 rtrequest1_fib(RTM_DELETE, &info, NULL, fibnum);
1536 * Rejuvenate this function for routing operations related
1540 nd6_rtrequest(int req, struct rtentry *rt, struct rt_addrinfo *info)
1542 struct sockaddr_in6 *gateway;
1543 struct nd_defrouter *dr;
1546 gateway = (struct sockaddr_in6 *)rt->rt_gateway;
1557 * Only indirect routes are interesting.
1559 if ((rt->rt_flags & RTF_GATEWAY) == 0)
1562 * check for default route
1564 if (IN6_ARE_ADDR_EQUAL(&in6addr_any,
1565 &SIN6(rt_key(rt))->sin6_addr)) {
1566 dr = defrouter_lookup(&gateway->sin6_addr, ifp);
1578 nd6_ioctl(u_long cmd, caddr_t data, struct ifnet *ifp)
1580 struct in6_ndireq *ndi = (struct in6_ndireq *)data;
1581 struct in6_nbrinfo *nbi = (struct in6_nbrinfo *)data;
1582 struct in6_ndifreq *ndif = (struct in6_ndifreq *)data;
1585 if (ifp->if_afdata[AF_INET6] == NULL)
1586 return (EPFNOSUPPORT);
1588 case OSIOCGIFINFO_IN6:
1590 /* XXX: old ndp(8) assumes a positive value for linkmtu. */
1591 bzero(&ND, sizeof(ND));
1592 ND.linkmtu = IN6_LINKMTU(ifp);
1593 ND.maxmtu = ND_IFINFO(ifp)->maxmtu;
1594 ND.basereachable = ND_IFINFO(ifp)->basereachable;
1595 ND.reachable = ND_IFINFO(ifp)->reachable;
1596 ND.retrans = ND_IFINFO(ifp)->retrans;
1597 ND.flags = ND_IFINFO(ifp)->flags;
1598 ND.recalctm = ND_IFINFO(ifp)->recalctm;
1599 ND.chlim = ND_IFINFO(ifp)->chlim;
1601 case SIOCGIFINFO_IN6:
1602 ND = *ND_IFINFO(ifp);
1604 case SIOCSIFINFO_IN6:
1606 * used to change host variables from userland.
1607 * intented for a use on router to reflect RA configurations.
1609 /* 0 means 'unspecified' */
1610 if (ND.linkmtu != 0) {
1611 if (ND.linkmtu < IPV6_MMTU ||
1612 ND.linkmtu > IN6_LINKMTU(ifp)) {
1616 ND_IFINFO(ifp)->linkmtu = ND.linkmtu;
1619 if (ND.basereachable != 0) {
1620 int obasereachable = ND_IFINFO(ifp)->basereachable;
1622 ND_IFINFO(ifp)->basereachable = ND.basereachable;
1623 if (ND.basereachable != obasereachable)
1624 ND_IFINFO(ifp)->reachable =
1625 ND_COMPUTE_RTIME(ND.basereachable);
1627 if (ND.retrans != 0)
1628 ND_IFINFO(ifp)->retrans = ND.retrans;
1630 ND_IFINFO(ifp)->chlim = ND.chlim;
1632 case SIOCSIFINFO_FLAGS:
1635 struct in6_ifaddr *ia;
1637 if ((ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED) &&
1638 !(ND.flags & ND6_IFF_IFDISABLED)) {
1639 /* ifdisabled 1->0 transision */
1642 * If the interface is marked as ND6_IFF_IFDISABLED and
1643 * has an link-local address with IN6_IFF_DUPLICATED,
1644 * do not clear ND6_IFF_IFDISABLED.
1645 * See RFC 4862, Section 5.4.5.
1648 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1649 if (ifa->ifa_addr->sa_family != AF_INET6)
1651 ia = (struct in6_ifaddr *)ifa;
1652 if ((ia->ia6_flags & IN6_IFF_DUPLICATED) &&
1653 IN6_IS_ADDR_LINKLOCAL(IA6_IN6(ia)))
1656 IF_ADDR_RUNLOCK(ifp);
1659 /* LLA is duplicated. */
1660 ND.flags |= ND6_IFF_IFDISABLED;
1661 log(LOG_ERR, "Cannot enable an interface"
1662 " with a link-local address marked"
1665 ND_IFINFO(ifp)->flags &= ~ND6_IFF_IFDISABLED;
1666 if (ifp->if_flags & IFF_UP)
1669 } else if (!(ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED) &&
1670 (ND.flags & ND6_IFF_IFDISABLED)) {
1671 /* ifdisabled 0->1 transision */
1672 /* Mark all IPv6 address as tentative. */
1674 ND_IFINFO(ifp)->flags |= ND6_IFF_IFDISABLED;
1675 if (V_ip6_dad_count > 0 &&
1676 (ND_IFINFO(ifp)->flags & ND6_IFF_NO_DAD) == 0) {
1678 TAILQ_FOREACH(ifa, &ifp->if_addrhead,
1680 if (ifa->ifa_addr->sa_family !=
1683 ia = (struct in6_ifaddr *)ifa;
1684 ia->ia6_flags |= IN6_IFF_TENTATIVE;
1686 IF_ADDR_RUNLOCK(ifp);
1690 if (ND.flags & ND6_IFF_AUTO_LINKLOCAL) {
1691 if (!(ND_IFINFO(ifp)->flags & ND6_IFF_AUTO_LINKLOCAL)) {
1692 /* auto_linklocal 0->1 transision */
1694 /* If no link-local address on ifp, configure */
1695 ND_IFINFO(ifp)->flags |= ND6_IFF_AUTO_LINKLOCAL;
1696 in6_ifattach(ifp, NULL);
1697 } else if (!(ND.flags & ND6_IFF_IFDISABLED) &&
1698 ifp->if_flags & IFF_UP) {
1700 * When the IF already has
1701 * ND6_IFF_AUTO_LINKLOCAL, no link-local
1702 * address is assigned, and IFF_UP, try to
1706 TAILQ_FOREACH(ifa, &ifp->if_addrhead,
1708 if (ifa->ifa_addr->sa_family !=
1711 ia = (struct in6_ifaddr *)ifa;
1712 if (IN6_IS_ADDR_LINKLOCAL(IA6_IN6(ia)))
1715 IF_ADDR_RUNLOCK(ifp);
1717 /* No LLA is configured. */
1718 in6_ifattach(ifp, NULL);
1722 ND_IFINFO(ifp)->flags = ND.flags;
1725 case SIOCSNDFLUSH_IN6: /* XXX: the ioctl name is confusing... */
1726 /* sync kernel routing table with the default router list */
1730 case SIOCSPFXFLUSH_IN6:
1732 /* flush all the prefix advertised by routers */
1733 struct nd_prefix *pr, *next;
1735 LIST_FOREACH_SAFE(pr, &V_nd_prefix, ndpr_entry, next) {
1736 struct in6_ifaddr *ia, *ia_next;
1738 if (IN6_IS_ADDR_LINKLOCAL(&pr->ndpr_prefix.sin6_addr))
1741 /* do we really have to remove addresses as well? */
1742 /* XXXRW: in6_ifaddrhead locking. */
1743 TAILQ_FOREACH_SAFE(ia, &V_in6_ifaddrhead, ia_link,
1745 if ((ia->ia6_flags & IN6_IFF_AUTOCONF) == 0)
1748 if (ia->ia6_ndpr == pr)
1749 in6_purgeaddr(&ia->ia_ifa);
1755 case SIOCSRTRFLUSH_IN6:
1757 /* flush all the default routers */
1758 struct nd_drhead drq;
1759 struct nd_defrouter *dr;
1766 while ((dr = TAILQ_FIRST(&V_nd_defrouter)) != NULL)
1767 defrouter_unlink(dr, &drq);
1769 while ((dr = TAILQ_FIRST(&drq)) != NULL) {
1770 TAILQ_REMOVE(&drq, dr, dr_entry);
1777 case SIOCGNBRINFO_IN6:
1780 struct in6_addr nb_addr = nbi->addr; /* make local for safety */
1782 if ((error = in6_setscope(&nb_addr, ifp, NULL)) != 0)
1785 IF_AFDATA_RLOCK(ifp);
1786 ln = nd6_lookup(&nb_addr, 0, ifp);
1787 IF_AFDATA_RUNLOCK(ifp);
1793 nbi->state = ln->ln_state;
1794 nbi->asked = ln->la_asked;
1795 nbi->isrouter = ln->ln_router;
1796 if (ln->la_expire == 0)
1799 nbi->expire = ln->la_expire + ln->lle_remtime / hz +
1800 (time_second - time_uptime);
1804 case SIOCGDEFIFACE_IN6: /* XXX: should be implemented as a sysctl? */
1805 ndif->ifindex = V_nd6_defifindex;
1807 case SIOCSDEFIFACE_IN6: /* XXX: should be implemented as a sysctl? */
1808 return (nd6_setdefaultiface(ndif->ifindex));
1814 * Calculates new isRouter value based on provided parameters and
1818 nd6_is_router(int type, int code, int is_new, int old_addr, int new_addr,
1823 * ICMP6 type dependent behavior.
1825 * NS: clear IsRouter if new entry
1826 * RS: clear IsRouter
1827 * RA: set IsRouter if there's lladdr
1828 * redir: clear IsRouter if new entry
1831 * The spec says that we must set IsRouter in the following cases:
1832 * - If lladdr exist, set IsRouter. This means (1-5).
1833 * - If it is old entry (!newentry), set IsRouter. This means (7).
1834 * So, based on the spec, in (1-5) and (7) cases we must set IsRouter.
1835 * A quetion arises for (1) case. (1) case has no lladdr in the
1836 * neighbor cache, this is similar to (6).
1837 * This case is rare but we figured that we MUST NOT set IsRouter.
1839 * is_new old_addr new_addr NS RS RA redir
1846 * 1 -- n (6) c c c s
1847 * 1 -- y (7) c c s c s
1851 switch (type & 0xff) {
1852 case ND_NEIGHBOR_SOLICIT:
1854 * New entry must have is_router flag cleared.
1856 if (is_new) /* (6-7) */
1861 * If the icmp is a redirect to a better router, always set the
1862 * is_router flag. Otherwise, if the entry is newly created,
1863 * clear the flag. [RFC 2461, sec 8.3]
1865 if (code == ND_REDIRECT_ROUTER)
1868 if (is_new) /* (6-7) */
1872 case ND_ROUTER_SOLICIT:
1874 * is_router flag must always be cleared.
1878 case ND_ROUTER_ADVERT:
1880 * Mark an entry with lladdr as a router.
1882 if ((!is_new && (old_addr || new_addr)) || /* (2-5) */
1883 (is_new && new_addr)) { /* (7) */
1893 * Create neighbor cache entry and cache link-layer address,
1894 * on reception of inbound ND6 packets. (RS/RA/NS/redirect)
1897 * code - type dependent information
1901 nd6_cache_lladdr(struct ifnet *ifp, struct in6_addr *from, char *lladdr,
1902 int lladdrlen, int type, int code)
1904 struct llentry *ln = NULL, *ln_tmp;
1910 uint16_t router = 0;
1911 struct sockaddr_in6 sin6;
1912 struct mbuf *chain = NULL;
1913 u_char linkhdr[LLE_MAX_LINKHDR];
1917 IF_AFDATA_UNLOCK_ASSERT(ifp);
1919 KASSERT(ifp != NULL, ("%s: ifp == NULL", __func__));
1920 KASSERT(from != NULL, ("%s: from == NULL", __func__));
1922 /* nothing must be updated for unspecified address */
1923 if (IN6_IS_ADDR_UNSPECIFIED(from))
1927 * Validation about ifp->if_addrlen and lladdrlen must be done in
1930 * XXX If the link does not have link-layer adderss, what should
1931 * we do? (ifp->if_addrlen == 0)
1932 * Spec says nothing in sections for RA, RS and NA. There's small
1933 * description on it in NS section (RFC 2461 7.2.3).
1935 flags = lladdr ? LLE_EXCLUSIVE : 0;
1936 IF_AFDATA_RLOCK(ifp);
1937 ln = nd6_lookup(from, flags, ifp);
1938 IF_AFDATA_RUNLOCK(ifp);
1941 flags |= LLE_EXCLUSIVE;
1942 ln = nd6_alloc(from, 0, ifp);
1947 * Since we already know all the data for the new entry,
1948 * fill it before insertion.
1950 if (lladdr != NULL) {
1951 linkhdrsize = sizeof(linkhdr);
1952 if (lltable_calc_llheader(ifp, AF_INET6, lladdr,
1953 linkhdr, &linkhdrsize, &lladdr_off) != 0)
1955 lltable_set_entry_addr(ifp, ln, linkhdr, linkhdrsize,
1959 IF_AFDATA_WLOCK(ifp);
1961 /* Prefer any existing lle over newly-created one */
1962 ln_tmp = nd6_lookup(from, LLE_EXCLUSIVE, ifp);
1964 lltable_link_entry(LLTABLE6(ifp), ln);
1965 IF_AFDATA_WUNLOCK(ifp);
1966 if (ln_tmp == NULL) {
1967 /* No existing lle, mark as new entry (6,7) */
1969 nd6_llinfo_setstate(ln, ND6_LLINFO_STALE);
1970 if (lladdr != NULL) /* (7) */
1971 EVENTHANDLER_INVOKE(lle_event, ln,
1974 lltable_free_entry(LLTABLE6(ifp), ln);
1979 /* do nothing if static ndp is set */
1980 if ((ln->la_flags & LLE_STATIC)) {
1981 if (flags & LLE_EXCLUSIVE)
1988 olladdr = (ln->la_flags & LLE_VALID) ? 1 : 0;
1989 if (olladdr && lladdr) {
1990 llchange = bcmp(lladdr, ln->ll_addr,
1992 } else if (!olladdr && lladdr)
1998 * newentry olladdr lladdr llchange (*=record)
2001 * 0 n y y (3) * STALE
2003 * 0 y y y (5) * STALE
2004 * 1 -- n -- (6) NOSTATE(= PASSIVE)
2005 * 1 -- y -- (7) * STALE
2009 if (is_newentry == 0 && llchange != 0) {
2010 do_update = 1; /* (3,5) */
2013 * Record source link-layer address
2014 * XXX is it dependent to ifp->if_type?
2016 linkhdrsize = sizeof(linkhdr);
2017 if (lltable_calc_llheader(ifp, AF_INET6, lladdr,
2018 linkhdr, &linkhdrsize, &lladdr_off) != 0)
2021 if (lltable_try_set_entry_addr(ifp, ln, linkhdr, linkhdrsize,
2023 /* Entry was deleted */
2027 nd6_llinfo_setstate(ln, ND6_LLINFO_STALE);
2029 EVENTHANDLER_INVOKE(lle_event, ln, LLENTRY_RESOLVED);
2031 if (ln->la_hold != NULL)
2032 nd6_grab_holdchain(ln, &chain, &sin6);
2035 /* Calculates new router status */
2036 router = nd6_is_router(type, code, is_newentry, olladdr,
2037 lladdr != NULL ? 1 : 0, ln->ln_router);
2039 ln->ln_router = router;
2040 /* Mark non-router redirects with special flag */
2041 if ((type & 0xFF) == ND_REDIRECT && code != ND_REDIRECT_ROUTER)
2042 ln->la_flags |= LLE_REDIRECT;
2044 if (flags & LLE_EXCLUSIVE)
2050 nd6_flush_holdchain(ifp, ifp, chain, &sin6);
2053 * When the link-layer address of a router changes, select the
2054 * best router again. In particular, when the neighbor entry is newly
2055 * created, it might affect the selection policy.
2056 * Question: can we restrict the first condition to the "is_newentry"
2058 * XXX: when we hear an RA from a new router with the link-layer
2059 * address option, defrouter_select() is called twice, since
2060 * defrtrlist_update called the function as well. However, I believe
2061 * we can compromise the overhead, since it only happens the first
2063 * XXX: although defrouter_select() should not have a bad effect
2064 * for those are not autoconfigured hosts, we explicitly avoid such
2067 if ((do_update || is_newentry) && router &&
2068 ND_IFINFO(ifp)->flags & ND6_IFF_ACCEPT_RTADV) {
2070 * guaranteed recursion
2077 nd6_slowtimo(void *arg)
2079 CURVNET_SET((struct vnet *) arg);
2080 struct nd_ifinfo *nd6if;
2083 callout_reset(&V_nd6_slowtimo_ch, ND6_SLOWTIMER_INTERVAL * hz,
2084 nd6_slowtimo, curvnet);
2085 IFNET_RLOCK_NOSLEEP();
2086 TAILQ_FOREACH(ifp, &V_ifnet, if_link) {
2087 if (ifp->if_afdata[AF_INET6] == NULL)
2089 nd6if = ND_IFINFO(ifp);
2090 if (nd6if->basereachable && /* already initialized */
2091 (nd6if->recalctm -= ND6_SLOWTIMER_INTERVAL) <= 0) {
2093 * Since reachable time rarely changes by router
2094 * advertisements, we SHOULD insure that a new random
2095 * value gets recomputed at least once every few hours.
2098 nd6if->recalctm = V_nd6_recalc_reachtm_interval;
2099 nd6if->reachable = ND_COMPUTE_RTIME(nd6if->basereachable);
2102 IFNET_RUNLOCK_NOSLEEP();
2107 nd6_grab_holdchain(struct llentry *ln, struct mbuf **chain,
2108 struct sockaddr_in6 *sin6)
2111 LLE_WLOCK_ASSERT(ln);
2113 *chain = ln->la_hold;
2115 lltable_fill_sa_entry(ln, (struct sockaddr *)sin6);
2117 if (ln->ln_state == ND6_LLINFO_STALE) {
2120 * The first time we send a packet to a
2121 * neighbor whose entry is STALE, we have
2122 * to change the state to DELAY and a sets
2123 * a timer to expire in DELAY_FIRST_PROBE_TIME
2124 * seconds to ensure do neighbor unreachability
2125 * detection on expiration.
2128 nd6_llinfo_setstate(ln, ND6_LLINFO_DELAY);
2133 nd6_output_ifp(struct ifnet *ifp, struct ifnet *origifp, struct mbuf *m,
2134 struct sockaddr_in6 *dst, struct route *ro)
2138 struct ip6_hdr *ip6;
2142 mac_netinet6_nd6_send(ifp, m);
2146 * If called from nd6_ns_output() (NS), nd6_na_output() (NA),
2147 * icmp6_redirect_output() (REDIRECT) or from rip6_output() (RS, RA
2148 * as handled by rtsol and rtadvd), mbufs will be tagged for SeND
2149 * to be diverted to user space. When re-injected into the kernel,
2150 * send_output() will directly dispatch them to the outgoing interface.
2152 if (send_sendso_input_hook != NULL) {
2153 mtag = m_tag_find(m, PACKET_TAG_ND_OUTGOING, NULL);
2155 ip6 = mtod(m, struct ip6_hdr *);
2156 ip6len = sizeof(struct ip6_hdr) + ntohs(ip6->ip6_plen);
2157 /* Use the SEND socket */
2158 error = send_sendso_input_hook(m, ifp, SND_OUT,
2160 /* -1 == no app on SEND socket */
2161 if (error == 0 || error != -1)
2166 m_clrprotoflags(m); /* Avoid confusing lower layers. */
2167 IP_PROBE(send, NULL, NULL, mtod(m, struct ip6_hdr *), ifp, NULL,
2168 mtod(m, struct ip6_hdr *));
2170 if ((ifp->if_flags & IFF_LOOPBACK) == 0)
2173 error = (*ifp->if_output)(origifp, m, (struct sockaddr *)dst, ro);
2178 * Lookup link headerfor @sa_dst address. Stores found
2179 * data in @desten buffer. Copy of lle ln_flags can be also
2180 * saved in @pflags if @pflags is non-NULL.
2182 * If destination LLE does not exists or lle state modification
2183 * is required, call "slow" version.
2186 * - 0 on success (address copied to buffer).
2187 * - EWOULDBLOCK (no local error, but address is still unresolved)
2188 * - other errors (alloc failure, etc)
2191 nd6_resolve(struct ifnet *ifp, int is_gw, struct mbuf *m,
2192 const struct sockaddr *sa_dst, u_char *desten, uint32_t *pflags)
2194 struct llentry *ln = NULL;
2195 const struct sockaddr_in6 *dst6;
2200 dst6 = (const struct sockaddr_in6 *)sa_dst;
2202 /* discard the packet if IPv6 operation is disabled on the interface */
2203 if ((ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED)) {
2205 return (ENETDOWN); /* better error? */
2208 if (m != NULL && m->m_flags & M_MCAST) {
2209 switch (ifp->if_type) {
2216 ETHER_MAP_IPV6_MULTICAST(&dst6->sin6_addr,
2221 return (EAFNOSUPPORT);
2225 IF_AFDATA_RLOCK(ifp);
2226 ln = nd6_lookup(&dst6->sin6_addr, LLE_UNLOCKED, ifp);
2227 if (ln != NULL && (ln->r_flags & RLLE_VALID) != 0) {
2228 /* Entry found, let's copy lle info */
2229 bcopy(ln->r_linkdata, desten, ln->r_hdrlen);
2231 *pflags = LLE_VALID | (ln->r_flags & RLLE_IFADDR);
2232 /* Check if we have feedback request from nd6 timer */
2233 if (ln->r_skip_req != 0) {
2235 ln->r_skip_req = 0; /* Notify that entry was used */
2236 ln->lle_hittime = time_uptime;
2239 IF_AFDATA_RUNLOCK(ifp);
2242 IF_AFDATA_RUNLOCK(ifp);
2244 return (nd6_resolve_slow(ifp, 0, m, dst6, desten, pflags));
2249 * Do L2 address resolution for @sa_dst address. Stores found
2250 * address in @desten buffer. Copy of lle ln_flags can be also
2251 * saved in @pflags if @pflags is non-NULL.
2254 * Function assume that destination LLE does not exist,
2255 * is invalid or stale, so LLE_EXCLUSIVE lock needs to be acquired.
2257 * Set noinline to be dtrace-friendly
2259 static __noinline int
2260 nd6_resolve_slow(struct ifnet *ifp, int flags, struct mbuf *m,
2261 const struct sockaddr_in6 *dst, u_char *desten, uint32_t *pflags)
2263 struct llentry *lle = NULL, *lle_tmp;
2264 struct in6_addr *psrc, src;
2265 int send_ns, ll_len;
2269 * Address resolution or Neighbor Unreachability Detection
2271 * At this point, the destination of the packet must be a unicast
2272 * or an anycast address(i.e. not a multicast).
2275 IF_AFDATA_RLOCK(ifp);
2276 lle = nd6_lookup(&dst->sin6_addr, LLE_EXCLUSIVE, ifp);
2277 IF_AFDATA_RUNLOCK(ifp);
2278 if ((lle == NULL) && nd6_is_addr_neighbor(dst, ifp)) {
2280 * Since nd6_is_addr_neighbor() internally calls nd6_lookup(),
2281 * the condition below is not very efficient. But we believe
2282 * it is tolerable, because this should be a rare case.
2284 lle = nd6_alloc(&dst->sin6_addr, 0, ifp);
2286 char ip6buf[INET6_ADDRSTRLEN];
2288 "nd6_output: can't allocate llinfo for %s "
2290 ip6_sprintf(ip6buf, &dst->sin6_addr), lle);
2295 IF_AFDATA_WLOCK(ifp);
2297 /* Prefer any existing entry over newly-created one */
2298 lle_tmp = nd6_lookup(&dst->sin6_addr, LLE_EXCLUSIVE, ifp);
2299 if (lle_tmp == NULL)
2300 lltable_link_entry(LLTABLE6(ifp), lle);
2301 IF_AFDATA_WUNLOCK(ifp);
2302 if (lle_tmp != NULL) {
2303 lltable_free_entry(LLTABLE6(ifp), lle);
2310 if (!(ND_IFINFO(ifp)->flags & ND6_IFF_PERFORMNUD)) {
2320 LLE_WLOCK_ASSERT(lle);
2323 * The first time we send a packet to a neighbor whose entry is
2324 * STALE, we have to change the state to DELAY and a sets a timer to
2325 * expire in DELAY_FIRST_PROBE_TIME seconds to ensure do
2326 * neighbor unreachability detection on expiration.
2329 if (lle->ln_state == ND6_LLINFO_STALE)
2330 nd6_llinfo_setstate(lle, ND6_LLINFO_DELAY);
2333 * If the neighbor cache entry has a state other than INCOMPLETE
2334 * (i.e. its link-layer address is already resolved), just
2337 if (lle->ln_state > ND6_LLINFO_INCOMPLETE) {
2338 if (flags & LLE_ADDRONLY) {
2339 lladdr = lle->ll_addr;
2340 ll_len = ifp->if_addrlen;
2342 lladdr = lle->r_linkdata;
2343 ll_len = lle->r_hdrlen;
2345 bcopy(lladdr, desten, ll_len);
2347 *pflags = lle->la_flags;
2353 * There is a neighbor cache entry, but no ethernet address
2354 * response yet. Append this latest packet to the end of the
2355 * packet queue in the mbuf, unless the number of the packet
2356 * does not exceed nd6_maxqueuelen. When it exceeds nd6_maxqueuelen,
2357 * the oldest packet in the queue will be removed.
2360 if (lle->la_hold != NULL) {
2361 struct mbuf *m_hold;
2365 for (m_hold = lle->la_hold; m_hold; m_hold = m_hold->m_nextpkt){
2367 if (m_hold->m_nextpkt == NULL) {
2368 m_hold->m_nextpkt = m;
2372 while (i >= V_nd6_maxqueuelen) {
2373 m_hold = lle->la_hold;
2374 lle->la_hold = lle->la_hold->m_nextpkt;
2383 * If there has been no NS for the neighbor after entering the
2384 * INCOMPLETE state, send the first solicitation.
2385 * Note that for newly-created lle la_asked will be 0,
2386 * so we will transition from ND6_LLINFO_NOSTATE to
2387 * ND6_LLINFO_INCOMPLETE state here.
2391 if (lle->la_asked == 0) {
2394 psrc = nd6_llinfo_get_holdsrc(lle, &src);
2396 nd6_llinfo_setstate(lle, ND6_LLINFO_INCOMPLETE);
2400 nd6_ns_output(ifp, psrc, NULL, &dst->sin6_addr, NULL);
2402 return (EWOULDBLOCK);
2406 * Do L2 address resolution for @sa_dst address. Stores found
2407 * address in @desten buffer. Copy of lle ln_flags can be also
2408 * saved in @pflags if @pflags is non-NULL.
2411 * - 0 on success (address copied to buffer).
2412 * - EWOULDBLOCK (no local error, but address is still unresolved)
2413 * - other errors (alloc failure, etc)
2416 nd6_resolve_addr(struct ifnet *ifp, int flags, const struct sockaddr *dst,
2417 char *desten, uint32_t *pflags)
2421 flags |= LLE_ADDRONLY;
2422 error = nd6_resolve_slow(ifp, flags, NULL,
2423 (const struct sockaddr_in6 *)dst, desten, pflags);
2428 nd6_flush_holdchain(struct ifnet *ifp, struct ifnet *origifp, struct mbuf *chain,
2429 struct sockaddr_in6 *dst)
2431 struct mbuf *m, *m_head;
2432 struct ifnet *outifp;
2436 if ((ifp->if_flags & IFF_LOOPBACK) != 0)
2443 m_head = m_head->m_nextpkt;
2444 error = nd6_output_ifp(ifp, origifp, m, dst, NULL);
2449 * note that intermediate errors are blindly ignored
2455 nd6_need_cache(struct ifnet *ifp)
2458 * XXX: we currently do not make neighbor cache on any interface
2459 * other than ARCnet, Ethernet, FDDI and GIF.
2462 * - unidirectional tunnels needs no ND
2464 switch (ifp->if_type) {
2471 case IFT_INFINIBAND:
2473 case IFT_PROPVIRTUAL:
2481 * Add pernament ND6 link-layer record for given
2482 * interface address.
2484 * Very similar to IPv4 arp_ifinit(), but:
2485 * 1) IPv6 DAD is performed in different place
2486 * 2) It is called by IPv6 protocol stack in contrast to
2487 * arp_ifinit() which is typically called in SIOCSIFADDR
2488 * driver ioctl handler.
2492 nd6_add_ifa_lle(struct in6_ifaddr *ia)
2495 struct llentry *ln, *ln_tmp;
2496 struct sockaddr *dst;
2498 ifp = ia->ia_ifa.ifa_ifp;
2499 if (nd6_need_cache(ifp) == 0)
2502 ia->ia_ifa.ifa_rtrequest = nd6_rtrequest;
2503 dst = (struct sockaddr *)&ia->ia_addr;
2504 ln = lltable_alloc_entry(LLTABLE6(ifp), LLE_IFADDR, dst);
2508 IF_AFDATA_WLOCK(ifp);
2510 /* Unlink any entry if exists */
2511 ln_tmp = lla_lookup(LLTABLE6(ifp), LLE_EXCLUSIVE, dst);
2513 lltable_unlink_entry(LLTABLE6(ifp), ln_tmp);
2514 lltable_link_entry(LLTABLE6(ifp), ln);
2515 IF_AFDATA_WUNLOCK(ifp);
2518 EVENTHANDLER_INVOKE(lle_event, ln_tmp, LLENTRY_EXPIRED);
2519 EVENTHANDLER_INVOKE(lle_event, ln, LLENTRY_RESOLVED);
2523 llentry_free(ln_tmp);
2529 * Removes either all lle entries for given @ia, or lle
2530 * corresponding to @ia address.
2533 nd6_rem_ifa_lle(struct in6_ifaddr *ia, int all)
2535 struct sockaddr_in6 mask, addr;
2536 struct sockaddr *saddr, *smask;
2539 ifp = ia->ia_ifa.ifa_ifp;
2540 memcpy(&addr, &ia->ia_addr, sizeof(ia->ia_addr));
2541 memcpy(&mask, &ia->ia_prefixmask, sizeof(ia->ia_prefixmask));
2542 saddr = (struct sockaddr *)&addr;
2543 smask = (struct sockaddr *)&mask;
2546 lltable_prefix_free(AF_INET6, saddr, smask, LLE_STATIC);
2548 lltable_delete_addr(LLTABLE6(ifp), LLE_IFADDR, saddr);
2552 clear_llinfo_pqueue(struct llentry *ln)
2554 struct mbuf *m_hold, *m_hold_next;
2556 for (m_hold = ln->la_hold; m_hold; m_hold = m_hold_next) {
2557 m_hold_next = m_hold->m_nextpkt;
2564 static int nd6_sysctl_drlist(SYSCTL_HANDLER_ARGS);
2565 static int nd6_sysctl_prlist(SYSCTL_HANDLER_ARGS);
2567 SYSCTL_DECL(_net_inet6_icmp6);
2569 SYSCTL_NODE(_net_inet6_icmp6, ICMPV6CTL_ND6_DRLIST, nd6_drlist,
2570 CTLFLAG_RD, nd6_sysctl_drlist, "");
2571 SYSCTL_NODE(_net_inet6_icmp6, ICMPV6CTL_ND6_PRLIST, nd6_prlist,
2572 CTLFLAG_RD, nd6_sysctl_prlist, "");
2573 SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_MAXQLEN, nd6_maxqueuelen,
2574 CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(nd6_maxqueuelen), 1, "");
2575 SYSCTL_INT(_net_inet6_icmp6, OID_AUTO, nd6_gctimer,
2576 CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(nd6_gctimer), (60 * 60 * 24), "");
2579 nd6_sysctl_drlist(SYSCTL_HANDLER_ARGS)
2581 struct in6_defrouter d;
2582 struct nd_defrouter *dr;
2585 if (req->newptr != NULL)
2588 error = sysctl_wire_old_buffer(req, 0);
2592 bzero(&d, sizeof(d));
2593 d.rtaddr.sin6_family = AF_INET6;
2594 d.rtaddr.sin6_len = sizeof(d.rtaddr);
2597 TAILQ_FOREACH(dr, &V_nd_defrouter, dr_entry) {
2598 d.rtaddr.sin6_addr = dr->rtaddr;
2599 error = sa6_recoverscope(&d.rtaddr);
2602 d.flags = dr->raflags;
2603 d.rtlifetime = dr->rtlifetime;
2604 d.expire = dr->expire + (time_second - time_uptime);
2605 d.if_index = dr->ifp->if_index;
2606 error = SYSCTL_OUT(req, &d, sizeof(d));
2615 nd6_sysctl_prlist(SYSCTL_HANDLER_ARGS)
2617 struct in6_prefix p;
2618 struct sockaddr_in6 s6;
2619 struct nd_prefix *pr;
2620 struct nd_pfxrouter *pfr;
2623 char ip6buf[INET6_ADDRSTRLEN];
2628 bzero(&p, sizeof(p));
2629 p.origin = PR_ORIG_RA;
2630 bzero(&s6, sizeof(s6));
2631 s6.sin6_family = AF_INET6;
2632 s6.sin6_len = sizeof(s6);
2637 LIST_FOREACH(pr, &V_nd_prefix, ndpr_entry) {
2638 p.prefix = pr->ndpr_prefix;
2639 if (sa6_recoverscope(&p.prefix)) {
2640 log(LOG_ERR, "scope error in prefix list (%s)\n",
2641 ip6_sprintf(ip6buf, &p.prefix.sin6_addr));
2642 /* XXX: press on... */
2644 p.raflags = pr->ndpr_raf;
2645 p.prefixlen = pr->ndpr_plen;
2646 p.vltime = pr->ndpr_vltime;
2647 p.pltime = pr->ndpr_pltime;
2648 p.if_index = pr->ndpr_ifp->if_index;
2649 if (pr->ndpr_vltime == ND6_INFINITE_LIFETIME)
2652 /* XXX: we assume time_t is signed. */
2654 ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1));
2655 if (pr->ndpr_vltime < maxexpire - pr->ndpr_lastupdate)
2656 p.expire = pr->ndpr_lastupdate +
2658 (time_second - time_uptime);
2660 p.expire = maxexpire;
2662 p.refcnt = pr->ndpr_refcnt;
2663 p.flags = pr->ndpr_stateflags;
2665 LIST_FOREACH(pfr, &pr->ndpr_advrtrs, pfr_entry)
2667 error = SYSCTL_OUT(req, &p, sizeof(p));
2670 LIST_FOREACH(pfr, &pr->ndpr_advrtrs, pfr_entry) {
2671 s6.sin6_addr = pfr->router->rtaddr;
2672 if (sa6_recoverscope(&s6))
2674 "scope error in prefix list (%s)\n",
2675 ip6_sprintf(ip6buf, &pfr->router->rtaddr));
2676 error = SYSCTL_OUT(req, &s6, sizeof(s6));