2 * SPDX-License-Identifier: BSD-3-Clause
4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the project nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * $KAME: nd6_nbr.c,v 1.86 2002/01/21 02:33:04 jinmei Exp $
34 #include <sys/cdefs.h>
35 __FBSDID("$FreeBSD$");
38 #include "opt_inet6.h"
39 #include "opt_ipsec.h"
41 #include <sys/param.h>
42 #include <sys/systm.h>
43 #include <sys/eventhandler.h>
44 #include <sys/malloc.h>
45 #include <sys/libkern.h>
47 #include <sys/rwlock.h>
49 #include <sys/socket.h>
50 #include <sys/sockio.h>
52 #include <sys/kernel.h>
53 #include <sys/errno.h>
54 #include <sys/sysctl.h>
55 #include <sys/syslog.h>
56 #include <sys/queue.h>
57 #include <sys/callout.h>
58 #include <sys/refcount.h>
61 #include <net/if_types.h>
62 #include <net/if_dl.h>
63 #include <net/if_var.h>
64 #include <net/if_private.h>
65 #include <net/route.h>
68 #include <netinet/in.h>
69 #include <netinet/in_var.h>
70 #include <net/if_llatbl.h>
71 #include <netinet6/in6_var.h>
72 #include <netinet6/in6_ifattach.h>
73 #include <netinet/ip6.h>
74 #include <netinet6/ip6_var.h>
75 #include <netinet6/scope6_var.h>
76 #include <netinet6/nd6.h>
77 #include <netinet/icmp6.h>
78 #include <netinet/ip_carp.h>
79 #include <netinet6/send.h>
81 #define SDL(s) ((struct sockaddr_dl *)s)
84 static struct dadq *nd6_dad_find(struct ifaddr *, struct nd_opt_nonce *);
85 static void nd6_dad_add(struct dadq *dp);
86 static void nd6_dad_del(struct dadq *dp);
87 static void nd6_dad_rele(struct dadq *);
88 static void nd6_dad_starttimer(struct dadq *, int);
89 static void nd6_dad_stoptimer(struct dadq *);
90 static void nd6_dad_timer(void *);
91 static void nd6_dad_duplicated(struct ifaddr *, struct dadq *);
92 static void nd6_dad_ns_output(struct dadq *);
93 static void nd6_dad_ns_input(struct ifaddr *, struct nd_opt_nonce *);
94 static void nd6_dad_na_input(struct ifaddr *);
95 static void nd6_na_output_fib(struct ifnet *, const struct in6_addr *,
96 const struct in6_addr *, u_long, int, struct sockaddr *, u_int);
97 static void nd6_ns_output_fib(struct ifnet *, const struct in6_addr *,
98 const struct in6_addr *, const struct in6_addr *, uint8_t *, u_int);
100 static struct ifaddr *nd6_proxy_fill_sdl(struct ifnet *,
101 const struct in6_addr *, struct sockaddr_dl *);
103 VNET_DEFINE_STATIC(int, dad_enhanced) = 1;
104 #define V_dad_enhanced VNET(dad_enhanced)
106 SYSCTL_DECL(_net_inet6_ip6);
107 SYSCTL_INT(_net_inet6_ip6, OID_AUTO, dad_enhanced, CTLFLAG_VNET | CTLFLAG_RW,
108 &VNET_NAME(dad_enhanced), 0,
109 "Enable Enhanced DAD, which adds a random nonce to NS messages for DAD.");
111 VNET_DEFINE_STATIC(int, dad_maxtry) = 15; /* max # of *tries* to
112 transmit DAD packet */
113 #define V_dad_maxtry VNET(dad_maxtry)
116 * Input a Neighbor Solicitation Message.
119 * Based on RFC 2462 (duplicate address detection)
122 nd6_ns_input(struct mbuf *m, int off, int icmp6len)
126 struct nd_neighbor_solicit *nd_ns;
127 struct in6_addr daddr6, myaddr6, saddr6, taddr6;
129 struct sockaddr_dl proxydl;
130 union nd_opts ndopts;
131 char ip6bufs[INET6_ADDRSTRLEN], ip6bufd[INET6_ADDRSTRLEN];
133 int anycast, lladdrlen, proxy, rflag, tentative, tlladdr;
137 /* RFC 6980: Nodes MUST silently ignore fragments */
138 if(m->m_flags & M_FRAGMENTED)
141 ifp = m->m_pkthdr.rcvif;
142 ip6 = mtod(m, struct ip6_hdr *);
143 if (__predict_false(ip6->ip6_hlim != 255)) {
144 ICMP6STAT_INC(icp6s_invlhlim);
146 "nd6_ns_input: invalid hlim (%d) from %s to %s on %s\n",
147 ip6->ip6_hlim, ip6_sprintf(ip6bufs, &ip6->ip6_src),
148 ip6_sprintf(ip6bufd, &ip6->ip6_dst), if_name(ifp)));
152 if (m->m_len < off + icmp6len) {
153 m = m_pullup(m, off + icmp6len);
155 IP6STAT_INC(ip6s_exthdrtoolong);
159 ip6 = mtod(m, struct ip6_hdr *);
160 nd_ns = (struct nd_neighbor_solicit *)((caddr_t)ip6 + off);
162 saddr6 = ip6->ip6_src;
163 daddr6 = ip6->ip6_dst;
164 taddr6 = nd_ns->nd_ns_target;
165 if (in6_setscope(&taddr6, ifp, NULL) != 0)
168 rflag = (V_ip6_forwarding) ? ND_NA_FLAG_ROUTER : 0;
169 if (ND_IFINFO(ifp)->flags & ND6_IFF_ACCEPT_RTADV && V_ip6_norbit_raif)
172 if (IN6_IS_ADDR_UNSPECIFIED(&saddr6)) {
173 /* dst has to be a solicited node multicast address. */
174 if (daddr6.s6_addr16[0] == IPV6_ADDR_INT16_MLL &&
175 /* don't check ifindex portion */
176 daddr6.s6_addr32[1] == 0 &&
177 daddr6.s6_addr32[2] == IPV6_ADDR_INT32_ONE &&
178 daddr6.s6_addr8[12] == 0xff) {
181 nd6log((LOG_INFO, "nd6_ns_input: bad DAD packet "
182 "(wrong ip6 dst)\n"));
185 } else if (!V_nd6_onlink_ns_rfc4861) {
186 struct sockaddr_in6 src_sa6;
189 * According to recent IETF discussions, it is not a good idea
190 * to accept a NS from an address which would not be deemed
191 * to be a neighbor otherwise. This point is expected to be
192 * clarified in future revisions of the specification.
194 bzero(&src_sa6, sizeof(src_sa6));
195 src_sa6.sin6_family = AF_INET6;
196 src_sa6.sin6_len = sizeof(src_sa6);
197 src_sa6.sin6_addr = saddr6;
198 if (nd6_is_addr_neighbor(&src_sa6, ifp) == 0) {
199 nd6log((LOG_INFO, "nd6_ns_input: "
200 "NS packet from non-neighbor\n"));
205 if (IN6_IS_ADDR_MULTICAST(&taddr6)) {
206 nd6log((LOG_INFO, "nd6_ns_input: bad NS target (multicast)\n"));
210 icmp6len -= sizeof(*nd_ns);
211 nd6_option_init(nd_ns + 1, icmp6len, &ndopts);
212 if (nd6_options(&ndopts) < 0) {
214 "nd6_ns_input: invalid ND option, ignored\n"));
215 /* nd6_options have incremented stats */
221 if (ndopts.nd_opts_src_lladdr) {
222 lladdr = (char *)(ndopts.nd_opts_src_lladdr + 1);
223 lladdrlen = ndopts.nd_opts_src_lladdr->nd_opt_len << 3;
226 if (IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_src) && lladdr) {
227 nd6log((LOG_INFO, "nd6_ns_input: bad DAD packet "
228 "(link-layer address option)\n"));
233 * Attaching target link-layer address to the NA?
236 * NS IP dst is unicast/anycast MUST NOT add
237 * NS IP dst is solicited-node multicast MUST add
239 * In implementation, we add target link-layer address by default.
240 * We do not add one in MUST NOT cases.
242 if (!IN6_IS_ADDR_MULTICAST(&daddr6))
248 * Target address (taddr6) must be either:
249 * (1) Valid unicast/anycast address for my receiving interface,
250 * (2) Unicast address for which I'm offering proxy service, or
251 * (3) "tentative" address on which DAD is being performed.
253 /* (1) and (3) check. */
255 ifa = (*carp_iamatch6_p)(ifp, &taddr6);
257 ifa = (struct ifaddr *)in6ifa_ifpwithaddr(ifp, &taddr6);
262 if ((ifa = nd6_proxy_fill_sdl(ifp, &taddr6, &proxydl)) != NULL)
267 * We've got an NS packet, and we don't have that adddress
268 * assigned for us. We MUST silently ignore it.
273 myaddr6 = *IFA_IN6(ifa);
274 anycast = ((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST;
275 tentative = ((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_TENTATIVE;
276 if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DUPLICATED)
279 if (lladdr && ((ifp->if_addrlen + 2 + 7) & ~7) != lladdrlen) {
280 nd6log((LOG_INFO, "nd6_ns_input: lladdrlen mismatch for %s "
281 "(if %d, NS packet %d)\n",
282 ip6_sprintf(ip6bufs, &taddr6),
283 ifp->if_addrlen, lladdrlen - 2));
287 if (IN6_ARE_ADDR_EQUAL(&myaddr6, &saddr6)) {
288 nd6log((LOG_INFO, "nd6_ns_input: duplicate IP6 address %s\n",
289 ip6_sprintf(ip6bufs, &saddr6)));
294 * We have neighbor solicitation packet, with target address equals to
295 * one of my tentative address.
297 * src addr how to process?
299 * multicast of course, invalid (rejected in ip6_input)
300 * unicast somebody is doing address resolution -> ignore
301 * unspec dup address detection
303 * The processing is defined in RFC 2462.
307 * If source address is unspecified address, it is for
308 * duplicate address detection.
310 * If not, the packet is for addess resolution;
311 * silently ignore it.
313 if (IN6_IS_ADDR_UNSPECIFIED(&saddr6))
314 nd6_dad_ns_input(ifa, ndopts.nd_opts_nonce);
320 * If the source address is unspecified address, entries must not
321 * be created or updated.
322 * It looks that sender is performing DAD. Output NA toward
323 * all-node multicast address, to tell the sender that I'm using
325 * S bit ("solicited") must be zero.
327 if (IN6_IS_ADDR_UNSPECIFIED(&saddr6)) {
328 struct in6_addr in6_all;
330 in6_all = in6addr_linklocal_allnodes;
331 if (in6_setscope(&in6_all, ifp, NULL) != 0)
333 nd6_na_output_fib(ifp, &in6_all, &taddr6,
334 ((anycast || proxy || !tlladdr) ? 0 : ND_NA_FLAG_OVERRIDE) |
335 rflag, tlladdr, proxy ? (struct sockaddr *)&proxydl : NULL,
340 nd6_cache_lladdr(ifp, &saddr6, lladdr, lladdrlen,
341 ND_NEIGHBOR_SOLICIT, 0);
343 nd6_na_output_fib(ifp, &saddr6, &taddr6,
344 ((anycast || proxy || !tlladdr) ? 0 : ND_NA_FLAG_OVERRIDE) |
345 rflag | ND_NA_FLAG_SOLICITED, tlladdr,
346 proxy ? (struct sockaddr *)&proxydl : NULL, M_GETFIB(m));
354 nd6log((LOG_ERR, "nd6_ns_input: src=%s\n",
355 ip6_sprintf(ip6bufs, &saddr6)));
356 nd6log((LOG_ERR, "nd6_ns_input: dst=%s\n",
357 ip6_sprintf(ip6bufs, &daddr6)));
358 nd6log((LOG_ERR, "nd6_ns_input: tgt=%s\n",
359 ip6_sprintf(ip6bufs, &taddr6)));
361 ICMP6STAT_INC(icp6s_badns);
367 static struct ifaddr *
368 nd6_proxy_fill_sdl(struct ifnet *ifp, const struct in6_addr *taddr6,
369 struct sockaddr_dl *sdl)
375 ln = nd6_lookup(taddr6, LLE_SF(AF_INET6, 0), ifp);
378 if ((ln->la_flags & (LLE_PUB | LLE_VALID)) == (LLE_PUB | LLE_VALID)) {
379 link_init_sdl(ifp, (struct sockaddr *)sdl, ifp->if_type);
380 sdl->sdl_alen = ifp->if_addrlen;
381 bcopy(ln->ll_addr, &sdl->sdl_data, ifp->if_addrlen);
383 ifa = (struct ifaddr *)in6ifa_ifpforlinklocal(ifp,
384 IN6_IFF_NOTREADY|IN6_IFF_ANYCAST);
392 * Output a Neighbor Solicitation Message. Caller specifies:
393 * - ICMP6 header source IP6 address
394 * - ND6 header target IP6 address
395 * - ND6 header source datalink address
398 * Based on RFC 2462 (duplicate address detection)
400 * ln - for source address determination
401 * nonce - If non-NULL, NS is used for duplicate address detection and
402 * the value (length is ND_OPT_NONCE_LEN) is used as a random nonce.
405 nd6_ns_output_fib(struct ifnet *ifp, const struct in6_addr *saddr6,
406 const struct in6_addr *daddr6, const struct in6_addr *taddr6,
407 uint8_t *nonce, u_int fibnum)
412 struct nd_neighbor_solicit *nd_ns;
413 struct ip6_moptions im6o;
419 if (IN6_IS_ADDR_MULTICAST(taddr6))
422 /* estimate the size of message */
423 maxlen = sizeof(*ip6) + sizeof(*nd_ns);
424 maxlen += (sizeof(struct nd_opt_hdr) + ifp->if_addrlen + 7) & ~7;
425 KASSERT(max_linkhdr + maxlen <= MCLBYTES, (
426 "%s: max_linkhdr + maxlen > MCLBYTES (%d + %d > %d)",
427 __func__, max_linkhdr, maxlen, MCLBYTES));
429 if (max_linkhdr + maxlen > MHLEN)
430 m = m_getcl(M_NOWAIT, MT_DATA, M_PKTHDR);
432 m = m_gethdr(M_NOWAIT, MT_DATA);
437 if (daddr6 == NULL || IN6_IS_ADDR_MULTICAST(daddr6)) {
438 m->m_flags |= M_MCAST;
439 im6o.im6o_multicast_ifp = ifp;
440 im6o.im6o_multicast_hlim = 255;
441 im6o.im6o_multicast_loop = 0;
444 icmp6len = sizeof(*nd_ns);
445 m->m_pkthdr.len = m->m_len = sizeof(*ip6) + icmp6len;
446 m->m_data += max_linkhdr; /* or M_ALIGN() equivalent? */
448 /* fill neighbor solicitation packet */
449 ip6 = mtod(m, struct ip6_hdr *);
451 ip6->ip6_vfc &= ~IPV6_VERSION_MASK;
452 ip6->ip6_vfc |= IPV6_VERSION;
453 /* ip6->ip6_plen will be set later */
454 ip6->ip6_nxt = IPPROTO_ICMPV6;
457 ip6->ip6_dst = *daddr6;
459 ip6->ip6_dst.s6_addr16[0] = IPV6_ADDR_INT16_MLL;
460 ip6->ip6_dst.s6_addr16[1] = 0;
461 ip6->ip6_dst.s6_addr32[1] = 0;
462 ip6->ip6_dst.s6_addr32[2] = IPV6_ADDR_INT32_ONE;
463 ip6->ip6_dst.s6_addr32[3] = taddr6->s6_addr32[3];
464 ip6->ip6_dst.s6_addr8[12] = 0xff;
465 if (in6_setscope(&ip6->ip6_dst, ifp, NULL) != 0)
469 char ip6buf[INET6_ADDRSTRLEN];
470 struct ifaddr *ifa = NULL;
474 * "If the source address of the packet prompting the
475 * solicitation is the same as one of the addresses assigned
476 * to the outgoing interface, that address SHOULD be placed
477 * in the IP Source Address of the outgoing solicitation.
478 * Otherwise, any one of the addresses assigned to the
479 * interface should be used."
481 * We use the source address for the prompting packet
482 * (saddr6), if saddr6 belongs to the outgoing interface.
483 * Otherwise, we perform the source address selection as usual.
486 ifa = (struct ifaddr *)in6ifa_ifpwithaddr(ifp, saddr6);
489 struct in6_addr dst6, src6;
492 in6_splitscope(&ip6->ip6_dst, &dst6, &scopeid);
493 error = in6_selectsrc_addr(fibnum, &dst6,
494 scopeid, ifp, &src6, NULL);
496 nd6log((LOG_DEBUG, "%s: source can't be "
497 "determined: dst=%s, error=%d\n", __func__,
498 ip6_sprintf(ip6buf, &dst6),
504 ip6->ip6_src = *saddr6;
506 if (ifp->if_carp != NULL) {
508 * Check that selected source address belongs to
512 ifa = (struct ifaddr *)in6ifa_ifpwithaddr(ifp,
515 * Do not send NS for CARP address if we are not
518 if (ifa != NULL && ifa->ifa_carp != NULL &&
519 !(*carp_master_p)(ifa)) {
521 "nd6_ns_output: NS from BACKUP CARP address %s\n",
522 ip6_sprintf(ip6buf, &ip6->ip6_src));
531 * Source address for DAD packet must always be IPv6
532 * unspecified address. (0::0)
533 * We actually don't have to 0-clear the address (we did it
534 * above), but we do so here explicitly to make the intention
537 bzero(&ip6->ip6_src, sizeof(ip6->ip6_src));
539 nd_ns = (struct nd_neighbor_solicit *)(ip6 + 1);
540 nd_ns->nd_ns_type = ND_NEIGHBOR_SOLICIT;
541 nd_ns->nd_ns_code = 0;
542 nd_ns->nd_ns_reserved = 0;
543 nd_ns->nd_ns_target = *taddr6;
544 in6_clearscope(&nd_ns->nd_ns_target); /* XXX */
547 * Add source link-layer address option.
549 * spec implementation
551 * DAD packet MUST NOT do not add the option
552 * there's no link layer address:
553 * impossible do not add the option
554 * there's link layer address:
555 * Multicast NS MUST add one add the option
556 * Unicast NS SHOULD add one add the option
559 struct nd_opt_hdr *nd_opt;
565 mac = (*carp_macmatch6_p)(ifp, m, &ip6->ip6_src);
567 mac = nd6_ifptomac(ifp);
570 nd_opt = (struct nd_opt_hdr *)(nd_ns + 1);
571 optlen = sizeof(struct nd_opt_hdr) + ifp->if_addrlen;
572 /* 8 byte alignments... */
573 optlen = (optlen + 7) & ~7;
574 m->m_pkthdr.len += optlen;
577 bzero(nd_opt, optlen);
578 nd_opt->nd_opt_type = ND_OPT_SOURCE_LINKADDR;
579 nd_opt->nd_opt_len = optlen >> 3;
580 bcopy(mac, nd_opt + 1, ifp->if_addrlen);
584 * Add a Nonce option (RFC 3971) to detect looped back NS messages.
585 * This behavior is documented as Enhanced Duplicate Address
586 * Detection in RFC 7527.
587 * net.inet6.ip6.dad_enhanced=0 disables this.
589 if (V_dad_enhanced != 0 && nonce != NULL) {
590 int optlen = sizeof(struct nd_opt_hdr) + ND_OPT_NONCE_LEN;
591 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)(nd_ns + 1);
592 /* 8-byte alignment is required. */
593 optlen = (optlen + 7) & ~7;
595 m->m_pkthdr.len += optlen;
598 bzero((caddr_t)nd_opt, optlen);
599 nd_opt->nd_opt_type = ND_OPT_NONCE;
600 nd_opt->nd_opt_len = optlen >> 3;
601 bcopy(nonce, (caddr_t)(nd_opt + 1), ND_OPT_NONCE_LEN);
603 ip6->ip6_plen = htons((u_short)icmp6len);
604 nd_ns->nd_ns_cksum = 0;
606 in6_cksum(m, IPPROTO_ICMPV6, sizeof(*ip6), icmp6len);
608 if (send_sendso_input_hook != NULL) {
609 mtag = m_tag_get(PACKET_TAG_ND_OUTGOING,
610 sizeof(unsigned short), M_NOWAIT);
613 *(unsigned short *)(mtag + 1) = nd_ns->nd_ns_type;
614 m_tag_prepend(m, mtag);
617 ip6_output(m, NULL, NULL, (nonce != NULL) ? IPV6_UNSPECSRC : 0,
619 icmp6_ifstat_inc(ifp, ifs6_out_msg);
620 icmp6_ifstat_inc(ifp, ifs6_out_neighborsolicit);
621 ICMP6STAT_INC(icp6s_outhist[ND_NEIGHBOR_SOLICIT]);
631 nd6_ns_output(struct ifnet *ifp, const struct in6_addr *saddr6,
632 const struct in6_addr *daddr6, const struct in6_addr *taddr6,uint8_t *nonce)
635 nd6_ns_output_fib(ifp, saddr6, daddr6, taddr6, nonce, RT_DEFAULT_FIB);
639 * Neighbor advertisement input handling.
642 * Based on RFC 2462 (duplicate address detection)
644 * the following items are not implemented yet:
645 * - proxy advertisement delay rule (RFC2461 7.2.8, last paragraph, SHOULD)
646 * - anycast advertisement delay rule (RFC2461 7.2.7, SHOULD)
649 nd6_na_input(struct mbuf *m, int off, int icmp6len)
656 struct nd_neighbor_advert *nd_na;
657 struct in6_addr daddr6, taddr6;
658 union nd_opts ndopts;
659 u_char linkhdr[LLE_MAX_LINKHDR];
660 char ip6bufs[INET6_ADDRSTRLEN], ip6bufd[INET6_ADDRSTRLEN];
663 int flags, is_override, is_router, is_solicited;
664 int lladdr_off, lladdrlen, checklink;
665 bool flush_holdchain = false;
673 /* RFC 6980: Nodes MUST silently ignore fragments */
674 if(m->m_flags & M_FRAGMENTED)
677 ifp = m->m_pkthdr.rcvif;
678 ip6 = mtod(m, struct ip6_hdr *);
679 if (__predict_false(ip6->ip6_hlim != 255)) {
680 ICMP6STAT_INC(icp6s_invlhlim);
682 "nd6_na_input: invalid hlim (%d) from %s to %s on %s\n",
683 ip6->ip6_hlim, ip6_sprintf(ip6bufs, &ip6->ip6_src),
684 ip6_sprintf(ip6bufd, &ip6->ip6_dst), if_name(ifp)));
688 if (m->m_len < off + icmp6len) {
689 m = m_pullup(m, off + icmp6len);
691 IP6STAT_INC(ip6s_exthdrtoolong);
695 ip6 = mtod(m, struct ip6_hdr *);
696 nd_na = (struct nd_neighbor_advert *)((caddr_t)ip6 + off);
698 flags = nd_na->nd_na_flags_reserved;
699 is_router = ((flags & ND_NA_FLAG_ROUTER) != 0);
700 is_solicited = ((flags & ND_NA_FLAG_SOLICITED) != 0);
701 is_override = ((flags & ND_NA_FLAG_OVERRIDE) != 0);
703 taddr6 = nd_na->nd_na_target;
704 if (in6_setscope(&taddr6, ifp, NULL))
705 goto bad; /* XXX: impossible */
707 if (IN6_IS_ADDR_MULTICAST(&taddr6)) {
709 "nd6_na_input: invalid target address %s\n",
710 ip6_sprintf(ip6bufs, &taddr6)));
714 daddr6 = ip6->ip6_dst;
715 if (IN6_IS_ADDR_MULTICAST(&daddr6))
718 "nd6_na_input: a solicited adv is multicasted\n"));
722 icmp6len -= sizeof(*nd_na);
723 nd6_option_init(nd_na + 1, icmp6len, &ndopts);
724 if (nd6_options(&ndopts) < 0) {
726 "nd6_na_input: invalid ND option, ignored\n"));
727 /* nd6_options have incremented stats */
733 if (ndopts.nd_opts_tgt_lladdr) {
734 lladdr = (char *)(ndopts.nd_opts_tgt_lladdr + 1);
735 lladdrlen = ndopts.nd_opts_tgt_lladdr->nd_opt_len << 3;
738 ifa = (struct ifaddr *)in6ifa_ifpwithaddr(ifp, &taddr6);
739 if (ifa != NULL && ifa->ifa_carp != NULL) {
741 * Silently ignore NAs for CARP addresses if we are not
744 if (!(*carp_master_p)(ifa)) {
746 "nd6_na_input: NA for BACKUP CARP address %s\n",
747 ip6_sprintf(ip6bufs, &taddr6));
753 * Target address matches one of my interface address.
755 * If my address is tentative, this means that there's somebody
756 * already using the same address as mine. This indicates DAD failure.
757 * This is defined in RFC 2462.
759 * Otherwise, process as defined in RFC 2461.
762 && (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_TENTATIVE)) {
763 nd6_dad_na_input(ifa);
768 /* Just for safety, maybe unnecessary. */
772 "nd6_na_input: duplicate IP6 address %s\n",
773 ip6_sprintf(ip6bufs, &taddr6));
777 if (lladdr && ((ifp->if_addrlen + 2 + 7) & ~7) != lladdrlen) {
778 nd6log((LOG_INFO, "nd6_na_input: lladdrlen mismatch for %s "
779 "(if %d, NA packet %d)\n", ip6_sprintf(ip6bufs, &taddr6),
780 ifp->if_addrlen, lladdrlen - 2));
785 * If no neighbor cache entry is found, NA SHOULD silently be
788 ln = nd6_lookup(&taddr6, LLE_SF(AF_INET6, LLE_EXCLUSIVE), ifp);
794 * Do not try to override static entry.
796 if (ln->la_flags & LLE_STATIC)
799 if (ln->ln_state == ND6_LLINFO_INCOMPLETE) {
801 * If the link-layer has address, and no lladdr option came,
802 * discard the packet.
804 if (ifp->if_addrlen && lladdr == NULL) {
809 * Record link-layer address, and update the state.
811 if (!nd6_try_set_entry_addr(ifp, ln, lladdr))
814 flush_holdchain = true;
816 nd6_llinfo_setstate(ln, ND6_LLINFO_REACHABLE);
818 nd6_llinfo_setstate(ln, ND6_LLINFO_STALE);
819 EVENTHANDLER_INVOKE(lle_event, ln, LLENTRY_RESOLVED);
820 if ((ln->ln_router = is_router) != 0) {
822 * This means a router's state has changed from
823 * non-reachable to probably reachable, and might
824 * affect the status of associated prefixes..
832 * Check if the link-layer address has changed or not.
837 if (ln->la_flags & LLE_VALID) {
838 if (bcmp(lladdr, ln->ll_addr, ifp->if_addrlen))
847 * This is VERY complex. Look at it with care.
849 * override solicit lladdr llchange action
854 * 0 0 y y (1) REACHABLE->STALE
855 * 0 1 n -- (2c) *->REACHABLE
856 * 0 1 y n (2b) L *->REACHABLE
857 * 0 1 y y (1) REACHABLE->STALE
860 * 1 0 y y (2a) L *->STALE
861 * 1 1 n -- (2a) *->REACHABLE
862 * 1 1 y n (2a) L *->REACHABLE
863 * 1 1 y y (2a) L *->REACHABLE
865 if (!is_override && (lladdr != NULL && llchange)) { /* (1) */
867 * If state is REACHABLE, make it STALE.
868 * no other updates should be done.
870 if (ln->ln_state == ND6_LLINFO_REACHABLE)
871 nd6_llinfo_setstate(ln, ND6_LLINFO_STALE);
873 } else if (is_override /* (2a) */
874 || (!is_override && (lladdr != NULL && !llchange)) /* (2b) */
875 || lladdr == NULL) { /* (2c) */
877 * Update link-local address, if any.
879 if (lladdr != NULL) {
880 linkhdrsize = sizeof(linkhdr);
881 if (lltable_calc_llheader(ifp, AF_INET6, lladdr,
882 linkhdr, &linkhdrsize, &lladdr_off) != 0)
884 if (lltable_try_set_entry_addr(ifp, ln, linkhdr,
885 linkhdrsize, lladdr_off) == 0)
887 EVENTHANDLER_INVOKE(lle_event, ln,
892 * If solicited, make the state REACHABLE.
893 * If not solicited and the link-layer address was
894 * changed, make it STALE.
897 nd6_llinfo_setstate(ln, ND6_LLINFO_REACHABLE);
899 if (lladdr != NULL && llchange)
900 nd6_llinfo_setstate(ln, ND6_LLINFO_STALE);
904 if (ln->ln_router && !is_router) {
906 * The peer dropped the router flag.
907 * Remove the sender from the Default Router List and
908 * update the Destination Cache entries.
910 struct ifnet *nd6_ifp;
912 nd6_ifp = lltable_get_ifp(ln->lle_tbl);
913 if (!defrouter_remove(&ln->r_l3addr.addr6, nd6_ifp) &&
914 (ND_IFINFO(nd6_ifp)->flags &
915 ND6_IFF_ACCEPT_RTADV) != 0)
917 * Even if the neighbor is not in the default
918 * router list, the neighbor may be used as a
919 * next hop for some destinations (e.g. redirect
920 * case). So we must call rt6_flush explicitly.
922 rt6_flush(&ip6->ip6_src, ifp);
924 ln->ln_router = is_router;
928 * rt->rt_flags &= ~RTF_REJECT;
931 if (ln->la_hold != NULL)
932 chain = nd6_grab_holdchain(ln);
938 nd6_flush_holdchain(ifp, ln, chain);
940 nd6_flush_children_holdchain(ifp, ln);
943 pfxlist_onlink_check();
952 ICMP6STAT_INC(icp6s_badna);
957 * Neighbor advertisement output handling.
961 * the following items are not implemented yet:
962 * - proxy advertisement delay rule (RFC2461 7.2.8, last paragraph, SHOULD)
963 * - anycast advertisement delay rule (RFC2461 7.2.7, SHOULD)
965 * tlladdr - 1 if include target link-layer address
966 * sdl0 - sockaddr_dl (= proxy NA) or NULL
969 nd6_na_output_fib(struct ifnet *ifp, const struct in6_addr *daddr6_0,
970 const struct in6_addr *taddr6, u_long flags, int tlladdr,
971 struct sockaddr *sdl0, u_int fibnum)
976 struct nd_neighbor_advert *nd_na;
977 struct ip6_moptions im6o;
978 struct in6_addr daddr6, dst6, src6;
983 int icmp6len, maxlen, error;
986 daddr6 = *daddr6_0; /* make a local copy for modification */
988 /* estimate the size of message */
989 maxlen = sizeof(*ip6) + sizeof(*nd_na);
990 maxlen += (sizeof(struct nd_opt_hdr) + ifp->if_addrlen + 7) & ~7;
991 KASSERT(max_linkhdr + maxlen <= MCLBYTES, (
992 "%s: max_linkhdr + maxlen > MCLBYTES (%d + %d > %d)",
993 __func__, max_linkhdr, maxlen, MCLBYTES));
995 if (max_linkhdr + maxlen > MHLEN)
996 m = m_getcl(M_NOWAIT, MT_DATA, M_PKTHDR);
998 m = m_gethdr(M_NOWAIT, MT_DATA);
1001 M_SETFIB(m, fibnum);
1003 if (IN6_IS_ADDR_MULTICAST(&daddr6)) {
1004 m->m_flags |= M_MCAST;
1005 im6o.im6o_multicast_ifp = ifp;
1006 im6o.im6o_multicast_hlim = 255;
1007 im6o.im6o_multicast_loop = 0;
1010 icmp6len = sizeof(*nd_na);
1011 m->m_pkthdr.len = m->m_len = sizeof(struct ip6_hdr) + icmp6len;
1012 m->m_data += max_linkhdr; /* or M_ALIGN() equivalent? */
1014 /* fill neighbor advertisement packet */
1015 ip6 = mtod(m, struct ip6_hdr *);
1017 ip6->ip6_vfc &= ~IPV6_VERSION_MASK;
1018 ip6->ip6_vfc |= IPV6_VERSION;
1019 ip6->ip6_nxt = IPPROTO_ICMPV6;
1020 ip6->ip6_hlim = 255;
1021 if (IN6_IS_ADDR_UNSPECIFIED(&daddr6)) {
1023 daddr6.s6_addr16[0] = IPV6_ADDR_INT16_MLL;
1024 daddr6.s6_addr16[1] = 0;
1025 daddr6.s6_addr32[1] = 0;
1026 daddr6.s6_addr32[2] = 0;
1027 daddr6.s6_addr32[3] = IPV6_ADDR_INT32_ONE;
1028 if (in6_setscope(&daddr6, ifp, NULL))
1031 flags &= ~ND_NA_FLAG_SOLICITED;
1033 ip6->ip6_dst = daddr6;
1036 * Select a source whose scope is the same as that of the dest.
1038 in6_splitscope(&daddr6, &dst6, &scopeid);
1039 error = in6_selectsrc_addr(fibnum, &dst6,
1040 scopeid, ifp, &src6, NULL);
1042 char ip6buf[INET6_ADDRSTRLEN];
1043 nd6log((LOG_DEBUG, "nd6_na_output: source can't be "
1044 "determined: dst=%s, error=%d\n",
1045 ip6_sprintf(ip6buf, &daddr6), error));
1048 ip6->ip6_src = src6;
1049 nd_na = (struct nd_neighbor_advert *)(ip6 + 1);
1050 nd_na->nd_na_type = ND_NEIGHBOR_ADVERT;
1051 nd_na->nd_na_code = 0;
1052 nd_na->nd_na_target = *taddr6;
1053 in6_clearscope(&nd_na->nd_na_target); /* XXX */
1056 * "tlladdr" indicates NS's condition for adding tlladdr or not.
1057 * see nd6_ns_input() for details.
1058 * Basically, if NS packet is sent to unicast/anycast addr,
1059 * target lladdr option SHOULD NOT be included.
1063 * sdl0 != NULL indicates proxy NA. If we do proxy, use
1064 * lladdr in sdl0. If we are not proxying (sending NA for
1065 * my address) use lladdr configured for the interface.
1069 mac = (*carp_macmatch6_p)(ifp, m, taddr6);
1071 mac = nd6_ifptomac(ifp);
1072 } else if (sdl0->sa_family == AF_LINK) {
1073 struct sockaddr_dl *sdl;
1074 sdl = (struct sockaddr_dl *)sdl0;
1075 if (sdl->sdl_alen == ifp->if_addrlen)
1079 if (tlladdr && mac) {
1080 int optlen = sizeof(struct nd_opt_hdr) + ifp->if_addrlen;
1081 struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)(nd_na + 1);
1083 /* roundup to 8 bytes alignment! */
1084 optlen = (optlen + 7) & ~7;
1086 m->m_pkthdr.len += optlen;
1089 bzero((caddr_t)nd_opt, optlen);
1090 nd_opt->nd_opt_type = ND_OPT_TARGET_LINKADDR;
1091 nd_opt->nd_opt_len = optlen >> 3;
1092 bcopy(mac, (caddr_t)(nd_opt + 1), ifp->if_addrlen);
1094 flags &= ~ND_NA_FLAG_OVERRIDE;
1096 ip6->ip6_plen = htons((u_short)icmp6len);
1097 nd_na->nd_na_flags_reserved = flags;
1098 nd_na->nd_na_cksum = 0;
1099 nd_na->nd_na_cksum =
1100 in6_cksum(m, IPPROTO_ICMPV6, sizeof(struct ip6_hdr), icmp6len);
1102 if (send_sendso_input_hook != NULL) {
1103 mtag = m_tag_get(PACKET_TAG_ND_OUTGOING,
1104 sizeof(unsigned short), M_NOWAIT);
1107 *(unsigned short *)(mtag + 1) = nd_na->nd_na_type;
1108 m_tag_prepend(m, mtag);
1111 ip6_output(m, NULL, NULL, 0, &im6o, NULL, NULL);
1112 icmp6_ifstat_inc(ifp, ifs6_out_msg);
1113 icmp6_ifstat_inc(ifp, ifs6_out_neighboradvert);
1114 ICMP6STAT_INC(icp6s_outhist[ND_NEIGHBOR_ADVERT]);
1122 #ifndef BURN_BRIDGES
1124 nd6_na_output(struct ifnet *ifp, const struct in6_addr *daddr6_0,
1125 const struct in6_addr *taddr6, u_long flags, int tlladdr,
1126 struct sockaddr *sdl0)
1129 nd6_na_output_fib(ifp, daddr6_0, taddr6, flags, tlladdr, sdl0,
1135 nd6_ifptomac(struct ifnet *ifp)
1137 switch (ifp->if_type) {
1141 case IFT_INFINIBAND:
1143 return IF_LLADDR(ifp);
1150 TAILQ_ENTRY(dadq) dad_list;
1151 struct ifaddr *dad_ifa;
1152 int dad_count; /* max NS to send */
1153 int dad_ns_tcount; /* # of trials to send NS */
1154 int dad_ns_ocount; /* NS sent so far */
1157 int dad_ns_lcount; /* looped back NS */
1158 int dad_loopbackprobe; /* probing state for loopback detection */
1159 struct callout dad_timer_ch;
1160 struct vnet *dad_vnet;
1162 #define ND_OPT_NONCE_LEN32 \
1163 ((ND_OPT_NONCE_LEN + sizeof(uint32_t) - 1)/sizeof(uint32_t))
1164 uint32_t dad_nonce[ND_OPT_NONCE_LEN32];
1165 bool dad_ondadq; /* on dadq? Protected by DADQ_WLOCK. */
1168 VNET_DEFINE_STATIC(TAILQ_HEAD(, dadq), dadq);
1169 VNET_DEFINE_STATIC(struct rwlock, dad_rwlock);
1170 #define V_dadq VNET(dadq)
1171 #define V_dad_rwlock VNET(dad_rwlock)
1173 #define DADQ_LOCKPTR() (&V_dad_rwlock)
1174 #define DADQ_LOCK_INIT() rw_init(DADQ_LOCKPTR(), "nd6 DAD queue")
1175 #define DADQ_RLOCK() rw_rlock(DADQ_LOCKPTR())
1176 #define DADQ_RUNLOCK() rw_runlock(DADQ_LOCKPTR())
1177 #define DADQ_WLOCK() rw_wlock(DADQ_LOCKPTR())
1178 #define DADQ_WUNLOCK() rw_wunlock(DADQ_LOCKPTR())
1180 #define DADQ_LOCK_ASSERT() rw_assert(DADQ_LOCKPTR(), RA_LOCKED);
1181 #define DADQ_RLOCK_ASSERT() rw_assert(DADQ_LOCKPTR(), RA_RLOCKED);
1182 #define DADQ_WLOCK_ASSERT() rw_assert(DADQ_LOCKPTR(), RA_WLOCKED);
1185 nd6_dad_add(struct dadq *dp)
1187 DADQ_WLOCK_ASSERT();
1189 TAILQ_INSERT_TAIL(&V_dadq, dp, dad_list);
1190 dp->dad_ondadq = true;
1194 nd6_dad_del(struct dadq *dp)
1196 DADQ_WLOCK_ASSERT();
1198 if (dp->dad_ondadq) {
1200 * Remove dp from the dadq and release the dadq's
1203 TAILQ_REMOVE(&V_dadq, dp, dad_list);
1204 dp->dad_ondadq = false;
1209 static struct dadq *
1210 nd6_dad_find(struct ifaddr *ifa, struct nd_opt_nonce *n)
1216 TAILQ_FOREACH(dp, &V_dadq, dad_list) {
1217 if (dp->dad_ifa != ifa)
1221 * Skip if the nonce matches the received one.
1222 * +2 in the length is required because of type and
1223 * length fields are included in a header.
1226 n->nd_opt_nonce_len == (ND_OPT_NONCE_LEN + 2) / 8 &&
1227 memcmp(&n->nd_opt_nonce[0], &dp->dad_nonce[0],
1228 ND_OPT_NONCE_LEN) == 0) {
1229 dp->dad_ns_lcount++;
1239 nd6_dad_starttimer(struct dadq *dp, int ticks)
1241 DADQ_WLOCK_ASSERT();
1243 callout_reset(&dp->dad_timer_ch, ticks, nd6_dad_timer, dp);
1247 nd6_dad_stoptimer(struct dadq *dp)
1249 callout_drain(&dp->dad_timer_ch);
1253 nd6_dad_rele(struct dadq *dp)
1255 if (refcount_release(&dp->dad_refcnt)) {
1256 KASSERT(!dp->dad_ondadq, ("dp %p still on DAD queue", dp));
1257 ifa_free(dp->dad_ifa);
1266 TAILQ_INIT(&V_dadq);
1270 * Start Duplicate Address Detection (DAD) for specified interface address.
1273 nd6_dad_start(struct ifaddr *ifa, int delay)
1275 struct in6_ifaddr *ia = (struct in6_ifaddr *)ifa;
1277 char ip6buf[INET6_ADDRSTRLEN];
1279 KASSERT((ia->ia6_flags & IN6_IFF_TENTATIVE) != 0,
1280 ("starting DAD on non-tentative address %p", ifa));
1283 * If we don't need DAD, don't do it.
1284 * There are several cases:
1285 * - DAD is disabled globally or on the interface
1286 * - the interface address is anycast
1288 if ((ia->ia6_flags & IN6_IFF_ANYCAST) != 0 ||
1289 V_ip6_dad_count == 0 ||
1290 (ND_IFINFO(ifa->ifa_ifp)->flags & ND6_IFF_NO_DAD) != 0) {
1291 ia->ia6_flags &= ~IN6_IFF_TENTATIVE;
1294 if ((ifa->ifa_ifp->if_flags & IFF_UP) == 0 ||
1295 (ifa->ifa_ifp->if_drv_flags & IFF_DRV_RUNNING) == 0 ||
1296 (ND_IFINFO(ifa->ifa_ifp)->flags & ND6_IFF_IFDISABLED) != 0)
1300 if ((dp = nd6_dad_find(ifa, NULL)) != NULL) {
1302 * DAD is already in progress. Let the existing entry
1309 dp = malloc(sizeof(*dp), M_IP6NDP, M_NOWAIT | M_ZERO);
1311 log(LOG_ERR, "nd6_dad_start: memory allocation failed for "
1313 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr),
1314 ifa->ifa_ifp ? if_name(ifa->ifa_ifp) : "???");
1317 callout_init_rw(&dp->dad_timer_ch, DADQ_LOCKPTR(),
1318 CALLOUT_RETURNUNLOCKED);
1320 dp->dad_vnet = curvnet;
1322 nd6log((LOG_DEBUG, "%s: starting DAD for %s\n", if_name(ifa->ifa_ifp),
1323 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr)));
1326 * Send NS packet for DAD, ip6_dad_count times.
1327 * Note that we must delay the first transmission, if this is the
1328 * first packet to be sent from the interface after interface
1329 * (re)initialization.
1332 ifa_ref(dp->dad_ifa);
1333 dp->dad_count = V_ip6_dad_count;
1334 dp->dad_ns_icount = dp->dad_na_icount = 0;
1335 dp->dad_ns_ocount = dp->dad_ns_tcount = 0;
1336 dp->dad_ns_lcount = dp->dad_loopbackprobe = 0;
1338 /* Add this to the dadq and add a reference for the dadq. */
1339 refcount_init(&dp->dad_refcnt, 1);
1341 nd6_dad_starttimer(dp, delay);
1346 * terminate DAD unconditionally. used for address removals.
1349 nd6_dad_stop(struct ifaddr *ifa)
1354 dp = nd6_dad_find(ifa, NULL);
1357 /* DAD wasn't started yet */
1362 * Acquire a temporary reference so that we can safely stop the callout.
1364 (void)refcount_acquire(&dp->dad_refcnt);
1368 nd6_dad_stoptimer(dp);
1373 nd6_dad_timer(void *arg)
1375 struct dadq *dp = arg;
1376 struct ifaddr *ifa = dp->dad_ifa;
1377 struct ifnet *ifp = dp->dad_ifa->ifa_ifp;
1378 struct in6_ifaddr *ia = (struct in6_ifaddr *)ifa;
1379 char ip6buf[INET6_ADDRSTRLEN];
1380 struct epoch_tracker et;
1382 CURVNET_SET(dp->dad_vnet);
1383 KASSERT(ia != NULL, ("DAD entry %p with no address", dp));
1385 NET_EPOCH_ENTER(et);
1386 if (ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED) {
1387 /* Do not need DAD for ifdisabled interface. */
1388 log(LOG_ERR, "nd6_dad_timer: cancel DAD on %s because of "
1389 "ND6_IFF_IFDISABLED.\n", ifp->if_xname);
1392 if (ia->ia6_flags & IN6_IFF_DUPLICATED) {
1393 log(LOG_ERR, "nd6_dad_timer: called with duplicated address "
1395 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr),
1396 ifa->ifa_ifp ? if_name(ifa->ifa_ifp) : "???");
1399 if ((ia->ia6_flags & IN6_IFF_TENTATIVE) == 0) {
1400 log(LOG_ERR, "nd6_dad_timer: called with non-tentative address "
1402 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr),
1403 ifa->ifa_ifp ? if_name(ifa->ifa_ifp) : "???");
1407 /* Stop DAD if the interface is down even after dad_maxtry attempts. */
1408 if ((dp->dad_ns_tcount > V_dad_maxtry) &&
1409 (((ifp->if_flags & IFF_UP) == 0) ||
1410 ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0))) {
1411 nd6log((LOG_INFO, "%s: could not run DAD "
1412 "because the interface was down or not running.\n",
1413 if_name(ifa->ifa_ifp)));
1417 /* Need more checks? */
1418 if (dp->dad_ns_ocount < dp->dad_count) {
1420 * We have more NS to go. Send NS packet for DAD.
1422 nd6_dad_starttimer(dp,
1423 (long)ND_IFINFO(ifa->ifa_ifp)->retrans * hz / 1000);
1424 nd6_dad_ns_output(dp);
1428 * We have transmitted sufficient number of DAD packets.
1429 * See what we've got.
1431 if (dp->dad_ns_icount > 0 || dp->dad_na_icount > 0) {
1432 /* We've seen NS or NA, means DAD has failed. */
1433 nd6_dad_duplicated(ifa, dp);
1434 } else if (V_dad_enhanced != 0 &&
1435 dp->dad_ns_lcount > 0 &&
1436 dp->dad_ns_lcount > dp->dad_loopbackprobe) {
1438 * Sec. 4.1 in RFC 7527 requires transmission of
1439 * additional probes until the loopback condition
1440 * becomes clear when a looped back probe is detected.
1442 log(LOG_ERR, "%s: a looped back NS message is "
1443 "detected during DAD for %s. "
1444 "Another DAD probes are being sent.\n",
1445 if_name(ifa->ifa_ifp),
1446 ip6_sprintf(ip6buf, IFA_IN6(ifa)));
1447 dp->dad_loopbackprobe = dp->dad_ns_lcount;
1449 * Send an NS immediately and increase dad_count by
1450 * V_nd6_mmaxtries - 1.
1453 dp->dad_ns_ocount + V_nd6_mmaxtries - 1;
1454 nd6_dad_starttimer(dp,
1455 (long)ND_IFINFO(ifa->ifa_ifp)->retrans * hz / 1000);
1456 nd6_dad_ns_output(dp);
1460 * We are done with DAD. No NA came, no NS came.
1461 * No duplicate address found. Check IFDISABLED flag
1462 * again in case that it is changed between the
1463 * beginning of this function and here.
1465 if ((ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED) == 0)
1466 ia->ia6_flags &= ~IN6_IFF_TENTATIVE;
1469 "%s: DAD complete for %s - no duplicates found\n",
1470 if_name(ifa->ifa_ifp),
1471 ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr)));
1472 if (dp->dad_ns_lcount > 0)
1473 log(LOG_ERR, "%s: DAD completed while "
1474 "a looped back NS message is detected "
1475 "during DAD for %s.\n",
1476 if_name(ifa->ifa_ifp),
1477 ip6_sprintf(ip6buf, IFA_IN6(ifa)));
1489 nd6_dad_duplicated(struct ifaddr *ifa, struct dadq *dp)
1491 struct in6_ifaddr *ia = (struct in6_ifaddr *)ifa;
1493 char ip6buf[INET6_ADDRSTRLEN];
1495 log(LOG_ERR, "%s: DAD detected duplicate IPv6 address %s: "
1496 "NS in/out/loopback=%d/%d/%d, NA in=%d\n",
1497 if_name(ifa->ifa_ifp), ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr),
1498 dp->dad_ns_icount, dp->dad_ns_ocount, dp->dad_ns_lcount,
1501 ia->ia6_flags &= ~IN6_IFF_TENTATIVE;
1502 ia->ia6_flags |= IN6_IFF_DUPLICATED;
1505 log(LOG_ERR, "%s: DAD complete for %s - duplicate found\n",
1506 if_name(ifp), ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr));
1507 log(LOG_ERR, "%s: manual intervention required\n",
1511 * If the address is a link-local address formed from an interface
1512 * identifier based on the hardware address which is supposed to be
1513 * uniquely assigned (e.g., EUI-64 for an Ethernet interface), IP
1514 * operation on the interface SHOULD be disabled.
1515 * [RFC 4862, Section 5.4.5]
1517 if (IN6_IS_ADDR_LINKLOCAL(&ia->ia_addr.sin6_addr)) {
1518 struct in6_addr in6;
1521 * To avoid over-reaction, we only apply this logic when we are
1522 * very sure that hardware addresses are supposed to be unique.
1524 switch (ifp->if_type) {
1528 case IFT_INFINIBAND:
1529 in6 = ia->ia_addr.sin6_addr;
1530 if (in6_get_hw_ifid(ifp, &in6) == 0 &&
1531 IN6_ARE_ADDR_EQUAL(&ia->ia_addr.sin6_addr, &in6)) {
1532 ND_IFINFO(ifp)->flags |= ND6_IFF_IFDISABLED;
1533 log(LOG_ERR, "%s: possible hardware address "
1534 "duplication detected, disable IPv6\n",
1543 * Transmit a neighbour solicitation for the purpose of DAD. Returns with the
1544 * DAD queue unlocked.
1547 nd6_dad_ns_output(struct dadq *dp)
1549 struct in6_ifaddr *ia = (struct in6_ifaddr *)dp->dad_ifa;
1550 struct ifnet *ifp = dp->dad_ifa->ifa_ifp;
1553 DADQ_WLOCK_ASSERT();
1555 dp->dad_ns_tcount++;
1556 if ((ifp->if_flags & IFF_UP) == 0) {
1560 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0) {
1565 dp->dad_ns_ocount++;
1566 if (V_dad_enhanced != 0) {
1567 for (i = 0; i < ND_OPT_NONCE_LEN32; i++)
1568 dp->dad_nonce[i] = arc4random();
1570 * XXXHRS: Note that in the case that
1571 * DupAddrDetectTransmits > 1, multiple NS messages with
1572 * different nonces can be looped back in an unexpected
1573 * order. The current implementation recognizes only
1574 * the latest nonce on the sender side. Practically it
1575 * should work well in almost all cases.
1579 nd6_ns_output(ifp, NULL, NULL, &ia->ia_addr.sin6_addr,
1580 (uint8_t *)&dp->dad_nonce[0]);
1584 nd6_dad_ns_input(struct ifaddr *ifa, struct nd_opt_nonce *ndopt_nonce)
1589 panic("ifa == NULL in nd6_dad_ns_input");
1591 /* Ignore Nonce option when Enhanced DAD is disabled. */
1592 if (V_dad_enhanced == 0)
1595 dp = nd6_dad_find(ifa, ndopt_nonce);
1597 dp->dad_ns_icount++;
1602 nd6_dad_na_input(struct ifaddr *ifa)
1607 panic("ifa == NULL in nd6_dad_na_input");
1610 dp = nd6_dad_find(ifa, NULL);
1612 dp->dad_na_icount++;
projects / FreeBSD / FreeBSD.git / blob