2 /* $KAME: nd6.c,v 1.144 2001/05/24 07:44:00 itojun Exp $ */
5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of the project nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 #include "opt_inet6.h"
37 #include <sys/param.h>
38 #include <sys/systm.h>
39 #include <sys/callout.h>
41 #include <sys/malloc.h>
43 #include <sys/socket.h>
44 #include <sys/sockio.h>
46 #include <sys/kernel.h>
47 #include <sys/protosw.h>
48 #include <sys/errno.h>
49 #include <sys/syslog.h>
50 #include <sys/queue.h>
51 #include <sys/sysctl.h>
54 #include <net/if_arc.h>
55 #include <net/if_dl.h>
56 #include <net/if_types.h>
57 #include <net/iso88025.h>
59 #include <net/route.h>
61 #include <netinet/in.h>
62 #include <netinet/if_ether.h>
63 #include <netinet6/in6_var.h>
64 #include <netinet/ip6.h>
65 #include <netinet6/ip6_var.h>
66 #include <netinet6/scope6_var.h>
67 #include <netinet6/nd6.h>
68 #include <netinet/icmp6.h>
70 #include <net/net_osdep.h>
72 #define ND6_SLOWTIMER_INTERVAL (60 * 60) /* 1 hour */
73 #define ND6_RECALC_REACHTM_INTERVAL (60 * 120) /* 2 hours */
75 #define SIN6(s) ((struct sockaddr_in6 *)s)
76 #define SDL(s) ((struct sockaddr_dl *)s)
79 int nd6_prune = 1; /* walk list every 1 seconds */
80 int nd6_delay = 5; /* delay first probe time 5 second */
81 int nd6_umaxtries = 3; /* maximum unicast query */
82 int nd6_mmaxtries = 3; /* maximum multicast query */
83 int nd6_useloopback = 1; /* use loopback interface for local traffic */
84 int nd6_gctimer = (60 * 60 * 24); /* 1 day: garbage collection timer */
86 /* preventing too many loops in ND option parsing */
87 int nd6_maxndopt = 10; /* max # of ND options allowed */
89 int nd6_maxnudhint = 0; /* max # of subsequent upper layer hints */
98 static int nd6_inuse, nd6_allocated;
100 struct llinfo_nd6 llinfo_nd6 = {&llinfo_nd6, &llinfo_nd6};
101 struct nd_drhead nd_defrouter;
102 struct nd_prhead nd_prefix = { 0 };
104 int nd6_recalc_reachtm_interval = ND6_RECALC_REACHTM_INTERVAL;
105 static struct sockaddr_in6 all1_sa;
107 static int nd6_is_new_addr_neighbor __P((struct sockaddr_in6 *,
109 static void nd6_setmtu0 __P((struct ifnet *, struct nd_ifinfo *));
110 static void nd6_slowtimo __P((void *));
111 static int regen_tmpaddr __P((struct in6_ifaddr *));
113 struct callout nd6_slowtimo_ch;
114 struct callout nd6_timer_ch;
115 extern struct callout in6_tmpaddrtimer_ch;
120 static int nd6_init_done = 0;
124 log(LOG_NOTICE, "nd6_init called more than once(ignored)\n");
128 all1_sa.sin6_family = AF_INET6;
129 all1_sa.sin6_len = sizeof(struct sockaddr_in6);
130 for (i = 0; i < sizeof(all1_sa.sin6_addr); i++)
131 all1_sa.sin6_addr.s6_addr[i] = 0xff;
133 /* initialization of the default router list */
134 TAILQ_INIT(&nd_defrouter);
139 callout_init(&nd6_slowtimo_ch, 0);
140 callout_reset(&nd6_slowtimo_ch, ND6_SLOWTIMER_INTERVAL * hz,
148 struct nd_ifinfo *nd;
150 nd = (struct nd_ifinfo *)malloc(sizeof(*nd), M_IP6NDP, M_WAITOK);
151 bzero(nd, sizeof(*nd));
155 nd->chlim = IPV6_DEFHLIM;
156 nd->basereachable = REACHABLE_TIME;
157 nd->reachable = ND_COMPUTE_RTIME(nd->basereachable);
158 nd->retrans = RETRANS_TIMER;
160 * Note that the default value of ip6_accept_rtadv is 0, which means
161 * we won't accept RAs by default even if we set ND6_IFF_ACCEPT_RTADV
164 nd->flags = (ND6_IFF_PERFORMNUD | ND6_IFF_ACCEPT_RTADV);
166 /* XXX: we cannot call nd6_setmtu since ifp is not fully initialized */
167 nd6_setmtu0(ifp, nd);
174 struct nd_ifinfo *nd;
181 * Reset ND level link MTU. This function is called when the physical MTU
182 * changes, which means we might have to adjust the ND level MTU.
189 nd6_setmtu0(ifp, ND_IFINFO(ifp));
192 /* XXX todo: do not maintain copy of ifp->if_mtu in ndi->maxmtu */
194 nd6_setmtu0(ifp, ndi)
196 struct nd_ifinfo *ndi;
200 omaxmtu = ndi->maxmtu;
202 switch (ifp->if_type) {
204 ndi->maxmtu = MIN(ARC_PHDS_MAXMTU, ifp->if_mtu); /* RFC2497 */
207 ndi->maxmtu = MIN(FDDIIPMTU, ifp->if_mtu); /* RFC2467 */
210 ndi->maxmtu = MIN(ISO88025_MAX_MTU, ifp->if_mtu);
213 ndi->maxmtu = ifp->if_mtu;
218 * Decreasing the interface MTU under IPV6 minimum MTU may cause
219 * undesirable situation. We thus notify the operator of the change
220 * explicitly. The check for omaxmtu is necessary to restrict the
221 * log to the case of changing the MTU, not initializing it.
223 if (omaxmtu >= IPV6_MMTU && ndi->maxmtu < IPV6_MMTU) {
224 log(LOG_NOTICE, "nd6_setmtu0: "
225 "new link MTU on %s (%lu) is too small for IPv6\n",
226 if_name(ifp), (unsigned long)ndi->maxmtu);
229 if (ndi->maxmtu > in6_maxmtu)
230 in6_setmaxmtu(); /* check all interfaces just in case */
236 nd6_option_init(opt, icmp6len, ndopts)
239 union nd_opts *ndopts;
242 bzero(ndopts, sizeof(*ndopts));
243 ndopts->nd_opts_search = (struct nd_opt_hdr *)opt;
245 = (struct nd_opt_hdr *)(((u_char *)opt) + icmp6len);
248 ndopts->nd_opts_done = 1;
249 ndopts->nd_opts_search = NULL;
254 * Take one ND option.
258 union nd_opts *ndopts;
260 struct nd_opt_hdr *nd_opt;
264 panic("ndopts == NULL in nd6_option");
265 if (!ndopts->nd_opts_last)
266 panic("uninitialized ndopts in nd6_option");
267 if (!ndopts->nd_opts_search)
269 if (ndopts->nd_opts_done)
272 nd_opt = ndopts->nd_opts_search;
274 /* make sure nd_opt_len is inside the buffer */
275 if ((caddr_t)&nd_opt->nd_opt_len >= (caddr_t)ndopts->nd_opts_last) {
276 bzero(ndopts, sizeof(*ndopts));
280 olen = nd_opt->nd_opt_len << 3;
283 * Message validation requires that all included
284 * options have a length that is greater than zero.
286 bzero(ndopts, sizeof(*ndopts));
290 ndopts->nd_opts_search = (struct nd_opt_hdr *)((caddr_t)nd_opt + olen);
291 if (ndopts->nd_opts_search > ndopts->nd_opts_last) {
292 /* option overruns the end of buffer, invalid */
293 bzero(ndopts, sizeof(*ndopts));
295 } else if (ndopts->nd_opts_search == ndopts->nd_opts_last) {
296 /* reached the end of options chain */
297 ndopts->nd_opts_done = 1;
298 ndopts->nd_opts_search = NULL;
304 * Parse multiple ND options.
305 * This function is much easier to use, for ND routines that do not need
306 * multiple options of the same type.
310 union nd_opts *ndopts;
312 struct nd_opt_hdr *nd_opt;
316 panic("ndopts == NULL in nd6_options");
317 if (!ndopts->nd_opts_last)
318 panic("uninitialized ndopts in nd6_options");
319 if (!ndopts->nd_opts_search)
323 nd_opt = nd6_option(ndopts);
324 if (!nd_opt && !ndopts->nd_opts_last) {
326 * Message validation requires that all included
327 * options have a length that is greater than zero.
329 icmp6stat.icp6s_nd_badopt++;
330 bzero(ndopts, sizeof(*ndopts));
337 switch (nd_opt->nd_opt_type) {
338 case ND_OPT_SOURCE_LINKADDR:
339 case ND_OPT_TARGET_LINKADDR:
341 case ND_OPT_REDIRECTED_HEADER:
342 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
344 "duplicated ND6 option found (type=%d)\n",
345 nd_opt->nd_opt_type));
348 ndopts->nd_opt_array[nd_opt->nd_opt_type]
352 case ND_OPT_PREFIX_INFORMATION:
353 if (ndopts->nd_opt_array[nd_opt->nd_opt_type] == 0) {
354 ndopts->nd_opt_array[nd_opt->nd_opt_type]
357 ndopts->nd_opts_pi_end =
358 (struct nd_opt_prefix_info *)nd_opt;
362 * Unknown options must be silently ignored,
363 * to accomodate future extension to the protocol.
366 "nd6_options: unsupported option %d - "
367 "option ignored\n", nd_opt->nd_opt_type));
372 if (i > nd6_maxndopt) {
373 icmp6stat.icp6s_nd_toomanyopt++;
374 nd6log((LOG_INFO, "too many loop in nd opt\n"));
378 if (ndopts->nd_opts_done)
386 * ND6 timer routine to expire default route list and prefix list
389 nd6_timer(ignored_arg)
393 struct llinfo_nd6 *ln;
394 struct nd_defrouter *dr;
395 struct nd_prefix *pr;
397 struct in6_ifaddr *ia6, *nia6;
398 struct in6_addrlifetime *lt6;
401 callout_reset(&nd6_timer_ch, nd6_prune * hz,
404 ln = llinfo_nd6.ln_next;
405 while (ln && ln != &llinfo_nd6) {
407 struct sockaddr_in6 *dst;
408 struct llinfo_nd6 *next = ln->ln_next;
409 /* XXX: used for the DELAY case only: */
410 struct nd_ifinfo *ndi = NULL;
412 if ((rt = ln->ln_rt) == NULL) {
416 if ((ifp = rt->rt_ifp) == NULL) {
420 ndi = ND_IFINFO(ifp);
421 dst = (struct sockaddr_in6 *)rt_key(rt);
423 if (ln->ln_expire > time_second) {
430 panic("rt=0 in nd6_timer(ln=%p)", ln);
431 if (rt->rt_llinfo && (struct llinfo_nd6 *)rt->rt_llinfo != ln)
432 panic("rt_llinfo(%p) is not equal to ln(%p)",
435 panic("dst=0 in nd6_timer(ln=%p)", ln);
437 switch (ln->ln_state) {
438 case ND6_LLINFO_INCOMPLETE:
439 if (ln->ln_asked < nd6_mmaxtries) {
441 ln->ln_expire = time_second +
442 ND_IFINFO(ifp)->retrans / 1000;
443 nd6_ns_output(ifp, NULL, &dst->sin6_addr,
446 struct mbuf *m = ln->ln_hold;
449 * assuming every packet in ln_hold has
453 icmp6_error2(m, ICMP6_DST_UNREACH,
454 ICMP6_DST_UNREACH_ADDR, 0,
460 case ND6_LLINFO_REACHABLE:
462 ln->ln_state = ND6_LLINFO_STALE;
463 ln->ln_expire = time_second + nd6_gctimer;
467 case ND6_LLINFO_STALE:
468 /* Garbage Collection(RFC 2461 5.3) */
473 case ND6_LLINFO_DELAY:
474 if (ndi && (ndi->flags & ND6_IFF_PERFORMNUD) != 0) {
477 ln->ln_state = ND6_LLINFO_PROBE;
478 ln->ln_expire = time_second +
480 nd6_ns_output(ifp, &dst->sin6_addr,
484 ln->ln_state = ND6_LLINFO_STALE; /* XXX */
485 ln->ln_expire = time_second + nd6_gctimer;
488 case ND6_LLINFO_PROBE:
489 if (ln->ln_asked < nd6_umaxtries) {
491 ln->ln_expire = time_second +
492 ND_IFINFO(ifp)->retrans / 1000;
493 nd6_ns_output(ifp, &dst->sin6_addr,
494 &dst->sin6_addr, ln, 0);
503 /* expire default router list */
504 dr = TAILQ_FIRST(&nd_defrouter);
506 if (dr->expire && dr->expire < time_second) {
507 struct nd_defrouter *t;
508 t = TAILQ_NEXT(dr, dr_entry);
512 dr = TAILQ_NEXT(dr, dr_entry);
517 * expire interface addresses.
518 * in the past the loop was inside prefix expiry processing.
519 * However, from a stricter speci-confrmance standpoint, we should
520 * rather separate address lifetimes and prefix lifetimes.
523 for (ia6 = in6_ifaddr; ia6; ia6 = nia6) {
525 /* check address lifetime */
526 lt6 = &ia6->ia6_lifetime;
527 if (IFA6_IS_INVALID(ia6)) {
531 * If the expiring address is temporary, try
532 * regenerating a new one. This would be useful when
533 * we suspended a laptop PC, then turned it on after a
534 * period that could invalidate all temporary
535 * addresses. Although we may have to restart the
536 * loop (see below), it must be after purging the
537 * address. Otherwise, we'd see an infinite loop of
540 if (ip6_use_tempaddr &&
541 (ia6->ia6_flags & IN6_IFF_TEMPORARY) != 0) {
542 if (regen_tmpaddr(ia6) == 0)
546 in6_purgeaddr(&ia6->ia_ifa);
549 goto addrloop; /* XXX: see below */
551 if (IFA6_IS_DEPRECATED(ia6)) {
552 int oldflags = ia6->ia6_flags;
554 ia6->ia6_flags |= IN6_IFF_DEPRECATED;
557 * If a temporary address has just become deprecated,
558 * regenerate a new one if possible.
560 if (ip6_use_tempaddr &&
561 (ia6->ia6_flags & IN6_IFF_TEMPORARY) != 0 &&
562 (oldflags & IN6_IFF_DEPRECATED) == 0) {
564 if (regen_tmpaddr(ia6) == 0) {
566 * A new temporary address is
568 * XXX: this means the address chain
569 * has changed while we are still in
570 * the loop. Although the change
571 * would not cause disaster (because
572 * it's not a deletion, but an
573 * addition,) we'd rather restart the
574 * loop just for safety. Or does this
575 * significantly reduce performance??
582 * A new RA might have made a deprecated address
585 ia6->ia6_flags &= ~IN6_IFF_DEPRECATED;
589 /* expire prefix list */
590 pr = nd_prefix.lh_first;
593 * check prefix lifetime.
594 * since pltime is just for autoconf, pltime processing for
595 * prefix is not necessary.
597 if (pr->ndpr_expire && pr->ndpr_expire < time_second) {
602 * address expiration and prefix expiration are
603 * separate. NEVER perform in6_purgeaddr here.
616 struct in6_ifaddr *ia6; /* deprecated/invalidated temporary address */
620 struct in6_ifaddr *public_ifa6 = NULL;
622 ifp = ia6->ia_ifa.ifa_ifp;
623 for (ifa = ifp->if_addrlist.tqh_first; ifa;
624 ifa = ifa->ifa_list.tqe_next) {
625 struct in6_ifaddr *it6;
627 if (ifa->ifa_addr->sa_family != AF_INET6)
630 it6 = (struct in6_ifaddr *)ifa;
632 /* ignore no autoconf addresses. */
633 if ((it6->ia6_flags & IN6_IFF_AUTOCONF) == 0)
636 /* ignore autoconf addresses with different prefixes. */
637 if (it6->ia6_ndpr == NULL || it6->ia6_ndpr != ia6->ia6_ndpr)
641 * Now we are looking at an autoconf address with the same
642 * prefix as ours. If the address is temporary and is still
643 * preferred, do not create another one. It would be rare, but
644 * could happen, for example, when we resume a laptop PC after
647 if ((it6->ia6_flags & IN6_IFF_TEMPORARY) != 0 &&
648 !IFA6_IS_DEPRECATED(it6)) {
654 * This is a public autoconf address that has the same prefix
655 * as ours. If it is preferred, keep it. We can't break the
656 * loop here, because there may be a still-preferred temporary
657 * address with the prefix.
659 if (!IFA6_IS_DEPRECATED(it6))
663 if (public_ifa6 != NULL) {
666 if ((e = in6_tmpifadd(public_ifa6, 0)) != 0) {
667 log(LOG_NOTICE, "regen_tmpaddr: failed to create a new"
668 " tmp addr,errno=%d\n", e);
678 * Nuke neighbor cache/prefix/default router management table, right before
685 struct llinfo_nd6 *ln, *nln;
686 struct nd_defrouter *dr, *ndr, drany;
687 struct nd_prefix *pr, *npr;
689 /* Nuke default router list entries toward ifp */
690 if ((dr = TAILQ_FIRST(&nd_defrouter)) != NULL) {
692 * The first entry of the list may be stored in
693 * the routing table, so we'll delete it later.
695 for (dr = TAILQ_NEXT(dr, dr_entry); dr; dr = ndr) {
696 ndr = TAILQ_NEXT(dr, dr_entry);
700 dr = TAILQ_FIRST(&nd_defrouter);
705 /* Nuke prefix list entries toward ifp */
706 for (pr = nd_prefix.lh_first; pr; pr = npr) {
708 if (pr->ndpr_ifp == ifp) {
710 * Previously, pr->ndpr_addr is removed as well,
711 * but I strongly believe we don't have to do it.
712 * nd6_purge() is only called from in6_ifdetach(),
713 * which removes all the associated interface addresses
715 * (jinmei@kame.net 20010129)
721 /* cancel default outgoing interface setting */
722 if (nd6_defifindex == ifp->if_index)
723 nd6_setdefaultiface(0);
725 if (!ip6_forwarding && ip6_accept_rtadv) { /* XXX: too restrictive? */
726 /* refresh default router list */
727 bzero(&drany, sizeof(drany));
728 defrouter_delreq(&drany, 0);
733 * Nuke neighbor cache entries for the ifp.
734 * Note that rt->rt_ifp may not be the same as ifp,
735 * due to KAME goto ours hack. See RTM_RESOLVE case in
736 * nd6_rtrequest(), and ip6_input().
738 ln = llinfo_nd6.ln_next;
739 while (ln && ln != &llinfo_nd6) {
741 struct sockaddr_dl *sdl;
745 if (rt && rt->rt_gateway &&
746 rt->rt_gateway->sa_family == AF_LINK) {
747 sdl = (struct sockaddr_dl *)rt->rt_gateway;
748 if (sdl->sdl_index == ifp->if_index)
756 nd6_lookup(addr6, create, ifp)
757 struct in6_addr *addr6;
762 struct sockaddr_in6 sin6;
764 bzero(&sin6, sizeof(sin6));
765 sin6.sin6_len = sizeof(struct sockaddr_in6);
766 sin6.sin6_family = AF_INET6;
767 sin6.sin6_addr = *addr6;
768 rt = rtalloc1((struct sockaddr *)&sin6, create, 0UL);
770 if ((rt->rt_flags & RTF_LLINFO) == 0 && create) {
772 * This is the case for the default route.
773 * If we want to create a neighbor cache for the
774 * address, we should free the route for the
775 * destination and allocate an interface route.
786 * If no route is available and create is set,
787 * we allocate a host route for the destination
788 * and treat it like an interface route.
789 * This hack is necessary for a neighbor which can't
790 * be covered by our own prefix.
793 ifaof_ifpforaddr((struct sockaddr *)&sin6, ifp);
798 * Create a new route. RTF_LLINFO is necessary
799 * to create a Neighbor Cache entry for the
800 * destination in nd6_rtrequest which will be
801 * called in rtrequest via ifa->ifa_rtrequest.
803 if ((e = rtrequest(RTM_ADD, (struct sockaddr *)&sin6,
804 ifa->ifa_addr, (struct sockaddr *)&all1_sa,
805 (ifa->ifa_flags | RTF_HOST | RTF_LLINFO) &
806 ~RTF_CLONING, &rt)) != 0) {
808 "nd6_lookup: failed to add route for a "
809 "neighbor(%s), errno=%d\n",
810 ip6_sprintf(addr6), e);
816 struct llinfo_nd6 *ln =
817 (struct llinfo_nd6 *)rt->rt_llinfo;
818 ln->ln_state = ND6_LLINFO_NOSTATE;
826 * Validation for the entry.
827 * Note that the check for rt_llinfo is necessary because a cloned
828 * route from a parent route that has the L flag (e.g. the default
829 * route to a p2p interface) may have the flag, too, while the
830 * destination is not actually a neighbor.
831 * XXX: we can't use rt->rt_ifp to check for the interface, since
832 * it might be the loopback interface if the entry is for our
833 * own address on a non-loopback interface. Instead, we should
834 * use rt->rt_ifa->ifa_ifp, which would specify the REAL
837 if ((rt->rt_flags & RTF_GATEWAY) || (rt->rt_flags & RTF_LLINFO) == 0 ||
838 rt->rt_gateway->sa_family != AF_LINK || rt->rt_llinfo == NULL ||
839 (ifp && rt->rt_ifa->ifa_ifp != ifp)) {
842 "nd6_lookup: failed to lookup %s (if = %s)\n",
844 ifp ? if_name(ifp) : "unspec");
845 /* xxx more logs... kazu */
850 RT_UNLOCK(rt); /* XXX not ready to return rt locked */
855 * Test whether a given IPv6 address is a neighbor or not, ignoring
856 * the actual neighbor cache. The neighbor cache is ignored in order
857 * to not reenter the routing code from within itself.
860 nd6_is_new_addr_neighbor(addr, ifp)
861 struct sockaddr_in6 *addr;
864 struct nd_prefix *pr;
867 * A link-local address is always a neighbor.
868 * XXX: a link does not necessarily specify a single interface.
870 if (IN6_IS_ADDR_LINKLOCAL(&addr->sin6_addr)) {
871 struct sockaddr_in6 sin6_copy;
875 * We need sin6_copy since sa6_recoverscope() may modify the
879 if (sa6_recoverscope(&sin6_copy))
880 return (0); /* XXX: should be impossible */
881 if (in6_setscope(&sin6_copy.sin6_addr, ifp, &zone))
883 if (sin6_copy.sin6_scope_id == zone)
890 * If the address matches one of our addresses,
891 * it should be a neighbor.
892 * If the address matches one of our on-link prefixes, it should be a
895 for (pr = nd_prefix.lh_first; pr; pr = pr->ndpr_next) {
896 if (pr->ndpr_ifp != ifp)
899 if (!(pr->ndpr_stateflags & NDPRF_ONLINK))
902 if (IN6_ARE_MASKED_ADDR_EQUAL(&pr->ndpr_prefix.sin6_addr,
903 &addr->sin6_addr, &pr->ndpr_mask))
908 * If the default router list is empty, all addresses are regarded
909 * as on-link, and thus, as a neighbor.
910 * XXX: we restrict the condition to hosts, because routers usually do
911 * not have the "default router list".
913 if (!ip6_forwarding && TAILQ_FIRST(&nd_defrouter) == NULL &&
914 nd6_defifindex == ifp->if_index) {
923 * Detect if a given IPv6 address identifies a neighbor on a given link.
924 * XXX: should take care of the destination of a p2p link?
927 nd6_is_addr_neighbor(addr, ifp)
928 struct sockaddr_in6 *addr;
932 if (nd6_is_new_addr_neighbor(addr, ifp))
936 * Even if the address matches none of our addresses, it might be
937 * in the neighbor cache.
939 if (nd6_lookup(&addr->sin6_addr, 0, ifp) != NULL)
946 * Free an nd6 llinfo entry.
952 struct llinfo_nd6 *ln = (struct llinfo_nd6 *)rt->rt_llinfo, *next;
953 struct in6_addr in6 = ((struct sockaddr_in6 *)rt_key(rt))->sin6_addr;
954 struct nd_defrouter *dr;
957 * we used to have pfctlinput(PRC_HOSTDEAD) here.
958 * even though it is not harmful, it was not really necessary.
961 if (!ip6_forwarding && ip6_accept_rtadv) { /* XXX: too restrictive? */
964 dr = defrouter_lookup(&((struct sockaddr_in6 *)rt_key(rt))->sin6_addr,
967 if (ln->ln_router || dr) {
969 * rt6_flush must be called whether or not the neighbor
970 * is in the Default Router List.
971 * See a corresponding comment in nd6_na_input().
973 rt6_flush(&in6, rt->rt_ifp);
978 * Unreachablity of a router might affect the default
979 * router selection and on-link detection of advertised
984 * Temporarily fake the state to choose a new default
985 * router and to perform on-link determination of
986 * prefixes correctly.
987 * Below the state will be set correctly,
988 * or the entry itself will be deleted.
990 ln->ln_state = ND6_LLINFO_INCOMPLETE;
993 * Since defrouter_select() does not affect the
994 * on-link determination and MIP6 needs the check
995 * before the default router selection, we perform
998 pfxlist_onlink_check();
1000 if (dr == TAILQ_FIRST(&nd_defrouter)) {
1002 * It is used as the current default router,
1003 * so we have to move it to the end of the
1004 * list and choose a new one.
1005 * XXX: it is not very efficient if this is
1008 TAILQ_REMOVE(&nd_defrouter, dr, dr_entry);
1009 TAILQ_INSERT_TAIL(&nd_defrouter, dr, dr_entry);
1018 * Before deleting the entry, remember the next entry as the
1019 * return value. We need this because pfxlist_onlink_check() above
1020 * might have freed other entries (particularly the old next entry) as
1021 * a side effect (XXX).
1026 * Detach the route from the routing tree and the list of neighbor
1027 * caches, and disable the route entry not to be used in already
1030 rtrequest(RTM_DELETE, rt_key(rt), (struct sockaddr *)0,
1031 rt_mask(rt), 0, (struct rtentry **)0);
1037 * Upper-layer reachability hint for Neighbor Unreachability Detection.
1039 * XXX cost-effective methods?
1042 nd6_nud_hint(rt, dst6, force)
1044 struct in6_addr *dst6;
1047 struct llinfo_nd6 *ln;
1050 * If the caller specified "rt", use that. Otherwise, resolve the
1051 * routing table by supplied "dst6".
1056 if (!(rt = nd6_lookup(dst6, 0, NULL)))
1060 if ((rt->rt_flags & RTF_GATEWAY) != 0 ||
1061 (rt->rt_flags & RTF_LLINFO) == 0 ||
1062 !rt->rt_llinfo || !rt->rt_gateway ||
1063 rt->rt_gateway->sa_family != AF_LINK) {
1064 /* This is not a host route. */
1068 ln = (struct llinfo_nd6 *)rt->rt_llinfo;
1069 if (ln->ln_state < ND6_LLINFO_REACHABLE)
1073 * if we get upper-layer reachability confirmation many times,
1074 * it is possible we have false information.
1078 if (ln->ln_byhint > nd6_maxnudhint)
1082 ln->ln_state = ND6_LLINFO_REACHABLE;
1084 ln->ln_expire = time_second +
1085 ND_IFINFO(rt->rt_ifp)->reachable;
1089 nd6_rtrequest(req, rt, info)
1092 struct rt_addrinfo *info; /* xxx unused */
1094 struct sockaddr *gate = rt->rt_gateway;
1095 struct llinfo_nd6 *ln = (struct llinfo_nd6 *)rt->rt_llinfo;
1096 static struct sockaddr_dl null_sdl = {sizeof(null_sdl), AF_LINK};
1097 struct ifnet *ifp = rt->rt_ifp;
1102 if ((rt->rt_flags & RTF_GATEWAY) != 0)
1105 if (nd6_need_cache(ifp) == 0 && (rt->rt_flags & RTF_HOST) == 0) {
1107 * This is probably an interface direct route for a link
1108 * which does not need neighbor caches (e.g. fe80::%lo0/64).
1109 * We do not need special treatment below for such a route.
1110 * Moreover, the RTF_LLINFO flag which would be set below
1111 * would annoy the ndp(8) command.
1116 if (req == RTM_RESOLVE &&
1117 (nd6_need_cache(ifp) == 0 || /* stf case */
1118 !nd6_is_new_addr_neighbor((struct sockaddr_in6 *)rt_key(rt),
1121 * FreeBSD and BSD/OS often make a cloned host route based
1122 * on a less-specific route (e.g. the default route).
1123 * If the less specific route does not have a "gateway"
1124 * (this is the case when the route just goes to a p2p or an
1125 * stf interface), we'll mistakenly make a neighbor cache for
1126 * the host route, and will see strange neighbor solicitation
1127 * for the corresponding destination. In order to avoid the
1128 * confusion, we check if the destination of the route is
1129 * a neighbor in terms of neighbor discovery, and stop the
1130 * process if not. Additionally, we remove the LLINFO flag
1131 * so that ndp(8) will not try to get the neighbor information
1132 * of the destination.
1134 rt->rt_flags &= ~RTF_LLINFO;
1141 * There is no backward compatibility :)
1143 * if ((rt->rt_flags & RTF_HOST) == 0 &&
1144 * SIN(rt_mask(rt))->sin_addr.s_addr != 0xffffffff)
1145 * rt->rt_flags |= RTF_CLONING;
1147 if (rt->rt_flags & (RTF_CLONING | RTF_LLINFO)) {
1149 * Case 1: This route should come from
1150 * a route to interface. RTF_LLINFO flag is set
1151 * for a host route whose destination should be
1152 * treated as on-link.
1154 rt_setgate(rt, rt_key(rt),
1155 (struct sockaddr *)&null_sdl);
1156 gate = rt->rt_gateway;
1157 SDL(gate)->sdl_type = ifp->if_type;
1158 SDL(gate)->sdl_index = ifp->if_index;
1160 ln->ln_expire = time_second;
1161 if (ln && ln->ln_expire == 0) {
1162 /* kludge for desktops */
1165 if ((rt->rt_flags & RTF_CLONING) != 0)
1169 * In IPv4 code, we try to annonuce new RTF_ANNOUNCE entry here.
1170 * We don't do that here since llinfo is not ready yet.
1172 * There are also couple of other things to be discussed:
1173 * - unsolicited NA code needs improvement beforehand
1174 * - RFC2461 says we MAY send multicast unsolicited NA
1175 * (7.2.6 paragraph 4), however, it also says that we
1176 * SHOULD provide a mechanism to prevent multicast NA storm.
1177 * we don't have anything like it right now.
1178 * note that the mechanism needs a mutual agreement
1179 * between proxies, which means that we need to implement
1180 * a new protocol, or a new kludge.
1181 * - from RFC2461 6.2.4, host MUST NOT send an unsolicited NA.
1182 * we need to check ip6forwarding before sending it.
1183 * (or should we allow proxy ND configuration only for
1184 * routers? there's no mention about proxy ND from hosts)
1187 /* XXX it does not work */
1188 if (rt->rt_flags & RTF_ANNOUNCE)
1190 &SIN6(rt_key(rt))->sin6_addr,
1191 &SIN6(rt_key(rt))->sin6_addr,
1192 ip6_forwarding ? ND_NA_FLAG_ROUTER : 0,
1197 if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) == 0) {
1199 * Address resolution isn't necessary for a point to
1200 * point link, so we can skip this test for a p2p link.
1202 if (gate->sa_family != AF_LINK ||
1203 gate->sa_len < sizeof(null_sdl)) {
1205 "nd6_rtrequest: bad gateway value: %s\n",
1209 SDL(gate)->sdl_type = ifp->if_type;
1210 SDL(gate)->sdl_index = ifp->if_index;
1213 break; /* This happens on a route change */
1215 * Case 2: This route may come from cloning, or a manual route
1216 * add with a LL address.
1218 R_Malloc(ln, struct llinfo_nd6 *, sizeof(*ln));
1219 rt->rt_llinfo = (caddr_t)ln;
1221 log(LOG_DEBUG, "nd6_rtrequest: malloc failed\n");
1226 bzero(ln, sizeof(*ln));
1228 /* this is required for "ndp" command. - shin */
1229 if (req == RTM_ADD) {
1231 * gate should have some valid AF_LINK entry,
1232 * and ln->ln_expire should have some lifetime
1233 * which is specified by ndp command.
1235 ln->ln_state = ND6_LLINFO_REACHABLE;
1239 * When req == RTM_RESOLVE, rt is created and
1240 * initialized in rtrequest(), so rt_expire is 0.
1242 ln->ln_state = ND6_LLINFO_NOSTATE;
1243 ln->ln_expire = time_second;
1245 rt->rt_flags |= RTF_LLINFO;
1246 ln->ln_next = llinfo_nd6.ln_next;
1247 llinfo_nd6.ln_next = ln;
1248 ln->ln_prev = &llinfo_nd6;
1249 ln->ln_next->ln_prev = ln;
1252 * check if rt_key(rt) is one of my address assigned
1255 ifa = (struct ifaddr *)in6ifa_ifpwithaddr(rt->rt_ifp,
1256 &SIN6(rt_key(rt))->sin6_addr);
1258 caddr_t macp = nd6_ifptomac(ifp);
1260 ln->ln_state = ND6_LLINFO_REACHABLE;
1263 bcopy(macp, LLADDR(SDL(gate)), ifp->if_addrlen);
1264 SDL(gate)->sdl_alen = ifp->if_addrlen;
1266 if (nd6_useloopback) {
1267 rt->rt_ifp = &loif[0]; /* XXX */
1269 * Make sure rt_ifa be equal to the ifaddr
1270 * corresponding to the address.
1271 * We need this because when we refer
1272 * rt_ifa->ia6_flags in ip6_input, we assume
1273 * that the rt_ifa points to the address instead
1274 * of the loopback address.
1276 if (ifa != rt->rt_ifa) {
1277 IFAFREE(rt->rt_ifa);
1282 } else if (rt->rt_flags & RTF_ANNOUNCE) {
1284 ln->ln_state = ND6_LLINFO_REACHABLE;
1287 /* join solicited node multicast for proxy ND */
1288 if (ifp->if_flags & IFF_MULTICAST) {
1289 struct in6_addr llsol;
1292 llsol = SIN6(rt_key(rt))->sin6_addr;
1293 llsol.s6_addr16[0] = htons(0xff02);
1294 llsol.s6_addr32[1] = 0;
1295 llsol.s6_addr32[2] = htonl(1);
1296 llsol.s6_addr8[12] = 0xff;
1297 if (in6_setscope(&llsol, ifp, NULL))
1299 if (!in6_addmulti(&llsol, ifp, &error)) {
1300 nd6log((LOG_ERR, "%s: failed to join "
1301 "%s (errno=%d)\n", if_name(ifp),
1302 ip6_sprintf(&llsol), error));
1311 /* leave from solicited node multicast for proxy ND */
1312 if ((rt->rt_flags & RTF_ANNOUNCE) != 0 &&
1313 (ifp->if_flags & IFF_MULTICAST) != 0) {
1314 struct in6_addr llsol;
1315 struct in6_multi *in6m;
1317 llsol = SIN6(rt_key(rt))->sin6_addr;
1318 llsol.s6_addr16[0] = htons(0xff02);
1319 llsol.s6_addr32[1] = 0;
1320 llsol.s6_addr32[2] = htonl(1);
1321 llsol.s6_addr8[12] = 0xff;
1322 if (in6_setscope(&llsol, ifp, NULL) == 0) {
1323 IN6_LOOKUP_MULTI(llsol, ifp, in6m);
1327 ; /* XXX: should not happen. bark here? */
1330 ln->ln_next->ln_prev = ln->ln_prev;
1331 ln->ln_prev->ln_next = ln->ln_next;
1334 rt->rt_flags &= ~RTF_LLINFO;
1336 m_freem(ln->ln_hold);
1342 nd6_ioctl(cmd, data, ifp)
1347 struct in6_drlist *drl = (struct in6_drlist *)data;
1348 struct in6_oprlist *oprl = (struct in6_oprlist *)data;
1349 struct in6_ndireq *ndi = (struct in6_ndireq *)data;
1350 struct in6_nbrinfo *nbi = (struct in6_nbrinfo *)data;
1351 struct in6_ndifreq *ndif = (struct in6_ndifreq *)data;
1352 struct nd_defrouter *dr, any;
1353 struct nd_prefix *pr;
1355 int i = 0, error = 0;
1359 case SIOCGDRLST_IN6:
1361 * obsolete API, use sysctl under net.inet6.icmp6
1363 bzero(drl, sizeof(*drl));
1365 dr = TAILQ_FIRST(&nd_defrouter);
1366 while (dr && i < DRLSTSIZ) {
1367 drl->defrouter[i].rtaddr = dr->rtaddr;
1368 in6_clearscope(&drl->defrouter[i].rtaddr);
1370 drl->defrouter[i].flags = dr->flags;
1371 drl->defrouter[i].rtlifetime = dr->rtlifetime;
1372 drl->defrouter[i].expire = dr->expire;
1373 drl->defrouter[i].if_index = dr->ifp->if_index;
1375 dr = TAILQ_NEXT(dr, dr_entry);
1379 case SIOCGPRLST_IN6:
1381 * obsolete API, use sysctl under net.inet6.icmp6
1383 * XXX the structure in6_prlist was changed in backward-
1384 * incompatible manner. in6_oprlist is used for SIOCGPRLST_IN6,
1385 * in6_prlist is used for nd6_sysctl() - fill_prlist().
1388 * XXX meaning of fields, especialy "raflags", is very
1389 * differnet between RA prefix list and RR/static prefix list.
1390 * how about separating ioctls into two?
1392 bzero(oprl, sizeof(*oprl));
1394 pr = nd_prefix.lh_first;
1395 while (pr && i < PRLSTSIZ) {
1396 struct nd_pfxrouter *pfr;
1399 oprl->prefix[i].prefix = pr->ndpr_prefix.sin6_addr;
1400 oprl->prefix[i].raflags = pr->ndpr_raf;
1401 oprl->prefix[i].prefixlen = pr->ndpr_plen;
1402 oprl->prefix[i].vltime = pr->ndpr_vltime;
1403 oprl->prefix[i].pltime = pr->ndpr_pltime;
1404 oprl->prefix[i].if_index = pr->ndpr_ifp->if_index;
1405 oprl->prefix[i].expire = pr->ndpr_expire;
1407 pfr = pr->ndpr_advrtrs.lh_first;
1411 #define RTRADDR oprl->prefix[i].advrtr[j]
1412 RTRADDR = pfr->router->rtaddr;
1413 in6_clearscope(&RTRADDR);
1417 pfr = pfr->pfr_next;
1419 oprl->prefix[i].advrtrs = j;
1420 oprl->prefix[i].origin = PR_ORIG_RA;
1428 case OSIOCGIFINFO_IN6:
1429 /* XXX: old ndp(8) assumes a positive value for linkmtu. */
1430 bzero(&ndi->ndi, sizeof(ndi->ndi));
1431 ndi->ndi.linkmtu = IN6_LINKMTU(ifp);
1432 ndi->ndi.maxmtu = ND_IFINFO(ifp)->maxmtu;
1433 ndi->ndi.basereachable = ND_IFINFO(ifp)->basereachable;
1434 ndi->ndi.reachable = ND_IFINFO(ifp)->reachable;
1435 ndi->ndi.retrans = ND_IFINFO(ifp)->retrans;
1436 ndi->ndi.flags = ND_IFINFO(ifp)->flags;
1437 ndi->ndi.recalctm = ND_IFINFO(ifp)->recalctm;
1438 ndi->ndi.chlim = ND_IFINFO(ifp)->chlim;
1440 case SIOCGIFINFO_IN6:
1441 ndi->ndi = *ND_IFINFO(ifp);
1442 ndi->ndi.linkmtu = IN6_LINKMTU(ifp);
1444 case SIOCSIFINFO_FLAGS:
1445 ND_IFINFO(ifp)->flags = ndi->ndi.flags;
1447 case SIOCSNDFLUSH_IN6: /* XXX: the ioctl name is confusing... */
1448 /* flush default router list */
1450 * xxx sumikawa: should not delete route if default
1451 * route equals to the top of default router list
1453 bzero(&any, sizeof(any));
1454 defrouter_delreq(&any, 0);
1456 /* xxx sumikawa: flush prefix list */
1458 case SIOCSPFXFLUSH_IN6:
1460 /* flush all the prefix advertised by routers */
1461 struct nd_prefix *pr, *next;
1464 for (pr = nd_prefix.lh_first; pr; pr = next) {
1465 struct in6_ifaddr *ia, *ia_next;
1467 next = pr->ndpr_next;
1469 if (IN6_IS_ADDR_LINKLOCAL(&pr->ndpr_prefix.sin6_addr))
1472 /* do we really have to remove addresses as well? */
1473 for (ia = in6_ifaddr; ia; ia = ia_next) {
1474 /* ia might be removed. keep the next ptr. */
1475 ia_next = ia->ia_next;
1477 if ((ia->ia6_flags & IN6_IFF_AUTOCONF) == 0)
1480 if (ia->ia6_ndpr == pr)
1481 in6_purgeaddr(&ia->ia_ifa);
1488 case SIOCSRTRFLUSH_IN6:
1490 /* flush all the default routers */
1491 struct nd_defrouter *dr, *next;
1494 if ((dr = TAILQ_FIRST(&nd_defrouter)) != NULL) {
1496 * The first entry of the list may be stored in
1497 * the routing table, so we'll delete it later.
1499 for (dr = TAILQ_NEXT(dr, dr_entry); dr; dr = next) {
1500 next = TAILQ_NEXT(dr, dr_entry);
1503 defrtrlist_del(TAILQ_FIRST(&nd_defrouter));
1508 case SIOCGNBRINFO_IN6:
1510 struct llinfo_nd6 *ln;
1511 struct in6_addr nb_addr = nbi->addr; /* make local for safety */
1513 if ((error = in6_setscope(&nb_addr, ifp, NULL)) != 0)
1517 if ((rt = nd6_lookup(&nb_addr, 0, ifp)) == NULL) {
1522 ln = (struct llinfo_nd6 *)rt->rt_llinfo;
1523 nbi->state = ln->ln_state;
1524 nbi->asked = ln->ln_asked;
1525 nbi->isrouter = ln->ln_router;
1526 nbi->expire = ln->ln_expire;
1531 case SIOCGDEFIFACE_IN6: /* XXX: should be implemented as a sysctl? */
1532 ndif->ifindex = nd6_defifindex;
1534 case SIOCSDEFIFACE_IN6: /* XXX: should be implemented as a sysctl? */
1535 return (nd6_setdefaultiface(ndif->ifindex));
1541 * Create neighbor cache entry and cache link-layer address,
1542 * on reception of inbound ND6 packets. (RS/RA/NS/redirect)
1545 nd6_cache_lladdr(ifp, from, lladdr, lladdrlen, type, code)
1547 struct in6_addr *from;
1550 int type; /* ICMP6 type */
1551 int code; /* type dependent information */
1553 struct rtentry *rt = NULL;
1554 struct llinfo_nd6 *ln = NULL;
1556 struct sockaddr_dl *sdl = NULL;
1563 panic("ifp == NULL in nd6_cache_lladdr");
1565 panic("from == NULL in nd6_cache_lladdr");
1567 /* nothing must be updated for unspecified address */
1568 if (IN6_IS_ADDR_UNSPECIFIED(from))
1572 * Validation about ifp->if_addrlen and lladdrlen must be done in
1575 * XXX If the link does not have link-layer adderss, what should
1576 * we do? (ifp->if_addrlen == 0)
1577 * Spec says nothing in sections for RA, RS and NA. There's small
1578 * description on it in NS section (RFC 2461 7.2.3).
1581 rt = nd6_lookup(from, 0, ifp);
1584 /* nothing must be done if there's no lladdr */
1585 if (!lladdr || !lladdrlen)
1589 rt = nd6_lookup(from, 1, ifp);
1592 /* do nothing if static ndp is set */
1593 if (rt->rt_flags & RTF_STATIC)
1600 if ((rt->rt_flags & (RTF_GATEWAY | RTF_LLINFO)) != RTF_LLINFO) {
1605 ln = (struct llinfo_nd6 *)rt->rt_llinfo;
1608 if (!rt->rt_gateway)
1610 if (rt->rt_gateway->sa_family != AF_LINK)
1612 sdl = SDL(rt->rt_gateway);
1614 olladdr = (sdl->sdl_alen) ? 1 : 0;
1615 if (olladdr && lladdr) {
1616 if (bcmp(lladdr, LLADDR(sdl), ifp->if_addrlen))
1624 * newentry olladdr lladdr llchange (*=record)
1627 * 0 n y -- (3) * STALE
1629 * 0 y y y (5) * STALE
1630 * 1 -- n -- (6) NOSTATE(= PASSIVE)
1631 * 1 -- y -- (7) * STALE
1634 if (lladdr) { /* (3-5) and (7) */
1636 * Record source link-layer address
1637 * XXX is it dependent to ifp->if_type?
1639 sdl->sdl_alen = ifp->if_addrlen;
1640 bcopy(lladdr, LLADDR(sdl), ifp->if_addrlen);
1644 if ((!olladdr && lladdr) || /* (3) */
1645 (olladdr && lladdr && llchange)) { /* (5) */
1647 newstate = ND6_LLINFO_STALE;
1648 } else /* (1-2,4) */
1652 if (!lladdr) /* (6) */
1653 newstate = ND6_LLINFO_NOSTATE;
1655 newstate = ND6_LLINFO_STALE;
1660 * Update the state of the neighbor cache.
1662 ln->ln_state = newstate;
1664 if (ln->ln_state == ND6_LLINFO_STALE) {
1666 * XXX: since nd6_output() below will cause
1667 * state tansition to DELAY and reset the timer,
1668 * we must set the timer now, although it is actually
1671 ln->ln_expire = time_second + nd6_gctimer;
1675 * we assume ifp is not a p2p here, so just
1676 * set the 2nd argument as the 1st one.
1678 nd6_output(ifp, ifp, ln->ln_hold,
1679 (struct sockaddr_in6 *)rt_key(rt), rt);
1682 } else if (ln->ln_state == ND6_LLINFO_INCOMPLETE) {
1683 /* probe right away */
1684 ln->ln_expire = time_second;
1689 * ICMP6 type dependent behavior.
1691 * NS: clear IsRouter if new entry
1692 * RS: clear IsRouter
1693 * RA: set IsRouter if there's lladdr
1694 * redir: clear IsRouter if new entry
1697 * The spec says that we must set IsRouter in the following cases:
1698 * - If lladdr exist, set IsRouter. This means (1-5).
1699 * - If it is old entry (!newentry), set IsRouter. This means (7).
1700 * So, based on the spec, in (1-5) and (7) cases we must set IsRouter.
1701 * A quetion arises for (1) case. (1) case has no lladdr in the
1702 * neighbor cache, this is similar to (6).
1703 * This case is rare but we figured that we MUST NOT set IsRouter.
1705 * newentry olladdr lladdr llchange NS RS RA redir
1707 * 0 n n -- (1) c ? s
1708 * 0 y n -- (2) c s s
1709 * 0 n y -- (3) c s s
1712 * 1 -- n -- (6) c c c s
1713 * 1 -- y -- (7) c c s c s
1717 switch (type & 0xff) {
1718 case ND_NEIGHBOR_SOLICIT:
1720 * New entry must have is_router flag cleared.
1722 if (is_newentry) /* (6-7) */
1727 * If the icmp is a redirect to a better router, always set the
1728 * is_router flag. Otherwise, if the entry is newly created,
1729 * clear the flag. [RFC 2461, sec 8.3]
1731 if (code == ND_REDIRECT_ROUTER)
1733 else if (is_newentry) /* (6-7) */
1736 case ND_ROUTER_SOLICIT:
1738 * is_router flag must always be cleared.
1742 case ND_ROUTER_ADVERT:
1744 * Mark an entry with lladdr as a router.
1746 if ((!is_newentry && (olladdr || lladdr)) || /* (2-5) */
1747 (is_newentry && lladdr)) { /* (7) */
1754 * When the link-layer address of a router changes, select the
1755 * best router again. In particular, when the neighbor entry is newly
1756 * created, it might affect the selection policy.
1757 * Question: can we restrict the first condition to the "is_newentry"
1759 * XXX: when we hear an RA from a new router with the link-layer
1760 * address option, defrouter_select() is called twice, since
1761 * defrtrlist_update called the function as well. However, I believe
1762 * we can compromise the overhead, since it only happens the first
1764 * XXX: although defrouter_select() should not have a bad effect
1765 * for those are not autoconfigured hosts, we explicitly avoid such
1768 if (do_update && ln->ln_router && !ip6_forwarding && ip6_accept_rtadv)
1775 nd6_slowtimo(ignored_arg)
1779 struct nd_ifinfo *nd6if;
1782 callout_reset(&nd6_slowtimo_ch, ND6_SLOWTIMER_INTERVAL * hz,
1783 nd6_slowtimo, NULL);
1785 for (ifp = TAILQ_FIRST(&ifnet); ifp; ifp = TAILQ_NEXT(ifp, if_list)) {
1786 nd6if = ND_IFINFO(ifp);
1787 if (nd6if->basereachable && /* already initialized */
1788 (nd6if->recalctm -= ND6_SLOWTIMER_INTERVAL) <= 0) {
1790 * Since reachable time rarely changes by router
1791 * advertisements, we SHOULD insure that a new random
1792 * value gets recomputed at least once every few hours.
1795 nd6if->recalctm = nd6_recalc_reachtm_interval;
1796 nd6if->reachable = ND_COMPUTE_RTIME(nd6if->basereachable);
1803 #define senderr(e) { error = (e); goto bad;}
1805 nd6_output(ifp, origifp, m0, dst, rt0)
1807 struct ifnet *origifp;
1809 struct sockaddr_in6 *dst;
1810 struct rtentry *rt0;
1812 struct mbuf *m = m0;
1813 struct rtentry *rt = rt0;
1814 struct sockaddr_in6 *gw6 = NULL;
1815 struct llinfo_nd6 *ln = NULL;
1818 if (IN6_IS_ADDR_MULTICAST(&dst->sin6_addr))
1821 if (nd6_need_cache(ifp) == 0)
1825 * next hop determination. This routine is derived from ether_output.
1829 if ((rt->rt_flags & RTF_UP) == 0) {
1830 rt0 = rt = rtalloc1((struct sockaddr *)dst, 1, 0UL);
1834 if (rt->rt_ifp != ifp)
1836 * XXX maybe we should update ifp too,
1837 * but the original code didn't and I
1838 * don't know what is correct here.
1842 senderr(EHOSTUNREACH);
1845 if (rt->rt_flags & RTF_GATEWAY) {
1846 gw6 = (struct sockaddr_in6 *)rt->rt_gateway;
1849 * We skip link-layer address resolution and NUD
1850 * if the gateway is not a neighbor from ND point
1851 * of view, regardless of the value of nd_ifinfo.flags.
1852 * The second condition is a bit tricky; we skip
1853 * if the gateway is our own address, which is
1854 * sometimes used to install a route to a p2p link.
1856 if (!nd6_is_addr_neighbor(gw6, ifp) ||
1857 in6ifa_ifpwithaddr(ifp, &gw6->sin6_addr)) {
1859 * We allow this kind of tricky route only
1860 * when the outgoing interface is p2p.
1861 * XXX: we may need a more generic rule here.
1863 if ((ifp->if_flags & IFF_POINTOPOINT) == 0)
1864 senderr(EHOSTUNREACH);
1869 if (rt->rt_gwroute == 0)
1871 if (((rt = rt->rt_gwroute)->rt_flags & RTF_UP) == 0) {
1873 rtfree(rt); rt = rt0;
1875 rt->rt_gwroute = rtalloc1(rt->rt_gateway, 1, 0UL);
1876 if ((rt = rt->rt_gwroute) == 0)
1877 senderr(EHOSTUNREACH);
1884 * Address resolution or Neighbor Unreachability Detection
1886 * At this point, the destination of the packet must be a unicast
1887 * or an anycast address(i.e. not a multicast).
1890 /* Look up the neighbor cache for the nexthop */
1891 if (rt && (rt->rt_flags & RTF_LLINFO) != 0)
1892 ln = (struct llinfo_nd6 *)rt->rt_llinfo;
1895 * Since nd6_is_addr_neighbor() internally calls nd6_lookup(),
1896 * the condition below is not very efficient. But we believe
1897 * it is tolerable, because this should be a rare case.
1899 if (nd6_is_addr_neighbor(dst, ifp) &&
1900 (rt = nd6_lookup(&dst->sin6_addr, 1, ifp)) != NULL)
1901 ln = (struct llinfo_nd6 *)rt->rt_llinfo;
1904 if ((ifp->if_flags & IFF_POINTOPOINT) == 0 &&
1905 !(ND_IFINFO(ifp)->flags & ND6_IFF_PERFORMNUD)) {
1907 "nd6_output: can't allocate llinfo for %s "
1909 ip6_sprintf(&dst->sin6_addr), ln, rt);
1910 senderr(EIO); /* XXX: good error? */
1913 goto sendpkt; /* send anyway */
1916 /* We don't have to do link-layer address resolution on a p2p link. */
1917 if ((ifp->if_flags & IFF_POINTOPOINT) != 0 &&
1918 ln->ln_state < ND6_LLINFO_REACHABLE) {
1919 ln->ln_state = ND6_LLINFO_STALE;
1920 ln->ln_expire = time_second + nd6_gctimer;
1924 * The first time we send a packet to a neighbor whose entry is
1925 * STALE, we have to change the state to DELAY and a sets a timer to
1926 * expire in DELAY_FIRST_PROBE_TIME seconds to ensure do
1927 * neighbor unreachability detection on expiration.
1930 if (ln->ln_state == ND6_LLINFO_STALE) {
1932 ln->ln_state = ND6_LLINFO_DELAY;
1933 ln->ln_expire = time_second + nd6_delay;
1937 * If the neighbor cache entry has a state other than INCOMPLETE
1938 * (i.e. its link-layer address is already resolved), just
1941 if (ln->ln_state > ND6_LLINFO_INCOMPLETE)
1945 * There is a neighbor cache entry, but no ethernet address
1946 * response yet. Replace the held mbuf (if any) with this
1949 * This code conforms to the rate-limiting rule described in Section
1950 * 7.2.2 of RFC 2461, because the timer is set correctly after sending
1953 if (ln->ln_state == ND6_LLINFO_NOSTATE)
1954 ln->ln_state = ND6_LLINFO_INCOMPLETE;
1956 m_freem(ln->ln_hold);
1958 if (ln->ln_expire) {
1959 if (ln->ln_asked < nd6_mmaxtries &&
1960 ln->ln_expire < time_second) {
1962 ln->ln_expire = time_second +
1963 ND_IFINFO(ifp)->retrans / 1000;
1964 nd6_ns_output(ifp, NULL, &dst->sin6_addr, ln, 0);
1971 /* clean ipsec history once it goes out of the node */
1976 mac_create_mbuf_linklayer(ifp, m);
1978 if ((ifp->if_flags & IFF_LOOPBACK) != 0) {
1979 return ((*ifp->if_output)(origifp, m, (struct sockaddr *)dst,
1982 return ((*ifp->if_output)(ifp, m, (struct sockaddr *)dst, rt));
1996 * XXX: we currently do not make neighbor cache on any interface
1997 * other than ARCnet, Ethernet, FDDI and GIF.
2000 * - unidirectional tunnels needs no ND
2002 switch (ifp->if_type) {
2010 #ifdef IFT_IEEE80211
2016 case IFT_GIF: /* XXX need more cases? */
2025 nd6_storelladdr(ifp, rt0, m, dst, desten)
2027 struct rtentry *rt0;
2029 struct sockaddr *dst;
2032 struct sockaddr_dl *sdl;
2036 if (m->m_flags & M_MCAST) {
2039 switch (ifp->if_type) {
2045 #ifdef IFT_IEEE80211
2050 ETHER_MAP_IPV6_MULTICAST(&SIN6(dst)->sin6_addr,
2055 * netbsd can use if_broadcastaddr, but we don't do so
2056 * to reduce # of ifdef.
2058 for (i = 0; i < ifp->if_addrlen; i++)
2066 return (EAFNOSUPPORT);
2071 /* this could happen, if we could not allocate memory */
2076 error = rt_check(&rt, &rt0, dst);
2083 if (rt->rt_gateway->sa_family != AF_LINK) {
2084 printf("nd6_storelladdr: something odd happens\n");
2088 sdl = SDL(rt->rt_gateway);
2089 if (sdl->sdl_alen == 0) {
2090 /* this should be impossible, but we bark here for debugging */
2091 printf("nd6_storelladdr: sdl_alen == 0\n");
2096 bcopy(LLADDR(sdl), desten, sdl->sdl_alen);
2100 static int nd6_sysctl_drlist(SYSCTL_HANDLER_ARGS);
2101 static int nd6_sysctl_prlist(SYSCTL_HANDLER_ARGS);
2103 SYSCTL_DECL(_net_inet6_icmp6);
2105 SYSCTL_NODE(_net_inet6_icmp6, ICMPV6CTL_ND6_DRLIST, nd6_drlist,
2106 CTLFLAG_RD, nd6_sysctl_drlist, "");
2107 SYSCTL_NODE(_net_inet6_icmp6, ICMPV6CTL_ND6_PRLIST, nd6_prlist,
2108 CTLFLAG_RD, nd6_sysctl_prlist, "");
2111 nd6_sysctl_drlist(SYSCTL_HANDLER_ARGS)
2115 struct in6_defrouter *d, *de;
2116 struct nd_defrouter *dr;
2122 for (dr = TAILQ_FIRST(&nd_defrouter); dr;
2123 dr = TAILQ_NEXT(dr, dr_entry)) {
2124 d = (struct in6_defrouter *)buf;
2125 de = (struct in6_defrouter *)(buf + sizeof(buf));
2128 bzero(d, sizeof(*d));
2129 d->rtaddr.sin6_family = AF_INET6;
2130 d->rtaddr.sin6_len = sizeof(d->rtaddr);
2131 d->rtaddr.sin6_addr = dr->rtaddr;
2132 if (sa6_recoverscope(&d->rtaddr)) {
2134 "scope error in router list (%s)\n",
2135 ip6_sprintf(&d->rtaddr.sin6_addr));
2136 /* XXX: press on... */
2138 d->flags = dr->flags;
2139 d->rtlifetime = dr->rtlifetime;
2140 d->expire = dr->expire;
2141 d->if_index = dr->ifp->if_index;
2143 panic("buffer too short");
2145 error = SYSCTL_OUT(req, buf, sizeof(*d));
2154 nd6_sysctl_prlist(SYSCTL_HANDLER_ARGS)
2158 struct in6_prefix *p, *pe;
2159 struct nd_prefix *pr;
2165 for (pr = nd_prefix.lh_first; pr; pr = pr->ndpr_next) {
2168 struct sockaddr_in6 *sin6, *s6;
2169 struct nd_pfxrouter *pfr;
2171 p = (struct in6_prefix *)buf;
2172 pe = (struct in6_prefix *)(buf + sizeof(buf));
2175 bzero(p, sizeof(*p));
2176 sin6 = (struct sockaddr_in6 *)(p + 1);
2178 p->prefix = pr->ndpr_prefix;
2179 if (sa6_recoverscope(&p->prefix)) {
2181 "scope error in prefix list (%s)\n",
2182 ip6_sprintf(&p->prefix.sin6_addr));
2183 /* XXX: press on... */
2185 p->raflags = pr->ndpr_raf;
2186 p->prefixlen = pr->ndpr_plen;
2187 p->vltime = pr->ndpr_vltime;
2188 p->pltime = pr->ndpr_pltime;
2189 p->if_index = pr->ndpr_ifp->if_index;
2190 p->expire = pr->ndpr_expire;
2191 p->refcnt = pr->ndpr_refcnt;
2192 p->flags = pr->ndpr_stateflags;
2193 p->origin = PR_ORIG_RA;
2195 for (pfr = pr->ndpr_advrtrs.lh_first; pfr;
2196 pfr = pfr->pfr_next) {
2197 if ((void *)&sin6[advrtrs + 1] > (void *)pe) {
2201 s6 = &sin6[advrtrs];
2202 bzero(s6, sizeof(*s6));
2203 s6->sin6_family = AF_INET6;
2204 s6->sin6_len = sizeof(*sin6);
2205 s6->sin6_addr = pfr->router->rtaddr;
2206 if (sa6_recoverscope(s6)) {
2209 "prefix list (%s)\n",
2210 ip6_sprintf(&pfr->router->rtaddr));
2214 p->advrtrs = advrtrs;
2216 panic("buffer too short");
2218 advance = sizeof(*p) + sizeof(*sin6) * advrtrs;
2219 error = SYSCTL_OUT(req, buf, advance);
projects / FreeBSD / FreeBSD.git / blob