2 /* $KAME: rtadvd.c,v 1.50 2001/02/04 06:15:15 itojun Exp $ */
5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of the project nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 #include <sys/param.h>
34 #include <sys/socket.h>
37 #include <sys/queue.h>
40 #include <net/route.h>
41 #include <net/if_dl.h>
42 #include <netinet/in.h>
43 #include <netinet/ip6.h>
44 #include <netinet6/ip6_var.h>
45 #include <netinet/icmp6.h>
47 #include <arpa/inet.h>
66 struct msghdr rcvmhdr;
67 static u_char *rcvcmsgbuf;
68 static size_t rcvcmsgbuflen;
69 static u_char *sndcmsgbuf = NULL;
70 static size_t sndcmsgbuflen;
73 struct msghdr sndmhdr;
74 struct iovec rcviov[2];
75 struct iovec sndiov[2];
76 struct sockaddr_in6 from;
77 struct sockaddr_in6 sin6_allnodes = {sizeof(sin6_allnodes), AF_INET6};
78 struct in6_addr in6a_site_allrouters;
79 static char *dumpfilename = "/var/run/rtadvd.dump"; /* XXX: should be configurable */
80 static char *pidfilename = "/var/run/rtadvd.pid"; /* should be configurable */
88 int dflag = 0, sflag = 0;
90 u_char *conffile = NULL;
92 struct rainfo *ralist = NULL;
94 struct nd_optlist *next;
95 struct nd_opt_hdr *opt;
98 struct nd_opt_hdr *nd_opt_array[7];
100 struct nd_opt_hdr *zero;
101 struct nd_opt_hdr *src_lladdr;
102 struct nd_opt_hdr *tgt_lladdr;
103 struct nd_opt_prefix_info *pi;
104 struct nd_opt_rd_hdr *rh;
105 struct nd_opt_mtu *mtu;
106 struct nd_optlist *list;
109 #define nd_opts_src_lladdr nd_opt_each.src_lladdr
110 #define nd_opts_tgt_lladdr nd_opt_each.tgt_lladdr
111 #define nd_opts_pi nd_opt_each.pi
112 #define nd_opts_rh nd_opt_each.rh
113 #define nd_opts_mtu nd_opt_each.mtu
114 #define nd_opts_list nd_opt_each.list
116 #define NDOPT_FLAG_SRCLINKADDR 0x1
117 #define NDOPT_FLAG_TGTLINKADDR 0x2
118 #define NDOPT_FLAG_PREFIXINFO 0x4
119 #define NDOPT_FLAG_RDHDR 0x8
120 #define NDOPT_FLAG_MTU 0x10
122 u_int32_t ndopt_flags[] = {
123 0, NDOPT_FLAG_SRCLINKADDR, NDOPT_FLAG_TGTLINKADDR,
124 NDOPT_FLAG_PREFIXINFO, NDOPT_FLAG_RDHDR, NDOPT_FLAG_MTU
127 int main __P((int, char *[]));
128 static void set_die __P((int));
129 static void die __P((void));
130 static void sock_open __P((void));
131 static void rtsock_open __P((void));
132 static void rtadvd_input __P((void));
133 static void rs_input __P((int, struct nd_router_solicit *,
134 struct in6_pktinfo *, struct sockaddr_in6 *));
135 static void ra_input __P((int, struct nd_router_advert *,
136 struct in6_pktinfo *, struct sockaddr_in6 *));
137 static int prefix_check __P((struct nd_opt_prefix_info *, struct rainfo *,
138 struct sockaddr_in6 *));
139 static int nd6_options __P((struct nd_opt_hdr *, int,
140 union nd_opts *, u_int32_t));
141 static void free_ndopts __P((union nd_opts *));
142 static void ra_output __P((struct rainfo *));
143 static void rtmsg_input __P((void));
144 static void rtadvd_set_dump_file __P((void));
146 struct prefix *find_prefix __P((struct rainfo *, struct in6_addr *, int));
155 struct timeval *timeout;
161 openlog("rtadvd", LOG_NDELAY|LOG_PID, LOG_DAEMON);
163 /* get command line options and arguments */
165 #define OPTIONS "c:dDfM:mRs"
167 #define OPTIONS "c:dDfM:Rs"
169 while ((ch = getopt(argc, argv, OPTIONS)) != -1) {
193 fprintf(stderr, "rtadvd: "
194 "the -R option is currently ignored.\n");
208 "usage: rtadvd [-dDfMmRs] [-c conffile] "
210 "usage: rtadvd [-dDfMRs] [-c conffile] "
218 (void)setlogmask(LOG_UPTO(LOG_ERR));
220 (void)setlogmask(LOG_UPTO(LOG_INFO));
222 /* timer initialization */
225 /* random value initialization */
226 srandom((u_long)time(NULL));
228 /* get iflist block from kernel */
234 if (inet_pton(AF_INET6, ALLNODES, &sin6_allnodes.sin6_addr) != 1) {
235 fprintf(stderr, "fatal: inet_pton failed\n");
243 /* record the current PID */
245 if ((pidfp = fopen(pidfilename, "w")) == NULL)
247 "<%s> failed to open a log file(%s), run anyway.",
248 __FUNCTION__, pidfilename);
250 fprintf(pidfp, "%d\n", pid);
255 FD_SET(sock, &fdset);
259 FD_SET(rtsock, &fdset);
265 signal(SIGTERM, (void *)set_die);
266 signal(SIGUSR1, (void *)rtadvd_set_dump_file);
269 struct fd_set select_fd = fdset; /* reinitialize */
271 if (do_dump) { /* SIGUSR1 */
273 rtadvd_dump_file(dumpfilename);
281 /* timer expiration check and reset the timer */
282 timeout = rtadvd_check_timer();
284 if (timeout != NULL) {
286 "<%s> set timer to %ld:%ld. waiting for "
289 (long int)timeout->tv_sec,
290 (long int)timeout->tv_usec);
293 "<%s> there's no timer. waiting for inputs",
297 if ((i = select(maxfd + 1, &select_fd,
298 NULL, NULL, timeout)) < 0) {
299 /* EINTR would occur upon SIGUSR1 for status dump */
301 syslog(LOG_ERR, "<%s> select: %s",
302 __FUNCTION__, strerror(errno));
305 if (i == 0) /* timeout */
307 if (rtsock != -1 && FD_ISSET(rtsock, &select_fd))
309 if (FD_ISSET(sock, &select_fd))
312 exit(0); /* NOTREACHED */
316 rtadvd_set_dump_file()
333 const int retrans = MAX_FINAL_RTR_ADVERTISEMENTS;
336 syslog(LOG_DEBUG, "<%s> cease to be an advertising router\n",
340 for (ra = ralist; ra; ra = ra->next) {
344 for (i = 0; i < retrans; i++) {
345 for (ra = ralist; ra; ra = ra->next)
347 sleep(MIN_DELAY_BETWEEN_RAS);
356 int n, type, ifindex = 0, plen;
358 char msg[2048], *next, *lim;
359 u_char ifname[IF_NAMESIZE];
360 struct prefix *prefix;
362 struct in6_addr *addr;
363 char addrbuf[INET6_ADDRSTRLEN];
365 n = read(rtsock, msg, sizeof(msg));
368 "<%s> received a routing message "
369 "(type = %d, len = %d)",
373 if (n > rtmsg_len(msg)) {
375 * This usually won't happen for messages received on
380 "<%s> received data length is larger than"
381 "1st routing message len. multiple messages?"
382 " read %d bytes, but 1st msg len = %d",
383 __FUNCTION__, n, rtmsg_len(msg));
391 for (next = msg; next < lim; next += len) {
394 next = get_next_msg(next, lim, 0, &len,
395 RTADV_TYPE2BITMASK(RTM_ADD) |
396 RTADV_TYPE2BITMASK(RTM_DELETE) |
397 RTADV_TYPE2BITMASK(RTM_NEWADDR) |
398 RTADV_TYPE2BITMASK(RTM_DELADDR) |
399 RTADV_TYPE2BITMASK(RTM_IFINFO));
402 type = rtmsg_type(next);
406 ifindex = get_rtm_ifindex(next);
410 ifindex = get_ifam_ifindex(next);
413 ifindex = get_ifm_ifindex(next);
416 /* should not reach here */
419 "<%s:%d> unknown rtmsg %d on %s",
420 __FUNCTION__, __LINE__, type,
421 if_indextoname(ifindex, ifname));
426 if ((rai = if_indextorainfo(ifindex)) == NULL) {
429 "<%s> route changed on "
430 "non advertising interface(%s)",
432 if_indextoname(ifindex, ifname));
436 oldifflags = iflist[ifindex]->ifm_flags;
440 /* init ifflags because it may have changed */
441 iflist[ifindex]->ifm_flags =
443 iflist[ifindex]->ifm_flags);
446 break; /* we aren't interested in prefixes */
448 addr = get_addr(msg);
449 plen = get_prefixlen(msg);
450 /* sanity check for plen */
451 if (plen < 4 /* as RFC2373, prefixlen is at least 4 */
453 syslog(LOG_INFO, "<%s> new interface route's"
454 "plen %d is invalid for a prefix",
458 prefix = find_prefix(rai, addr, plen);
462 "<%s> new prefix(%s/%d) "
464 "but it was already in list",
467 addr, (char *)addrbuf,
474 make_prefix(rai, ifindex, addr, plen);
477 /* init ifflags because it may have changed */
478 iflist[ifindex]->ifm_flags =
480 iflist[ifindex]->ifm_flags);
485 addr = get_addr(msg);
486 plen = get_prefixlen(msg);
487 /* sanity check for plen */
488 if (plen < 4 /* as RFC2373, prefixlen is at least 4 */
490 syslog(LOG_INFO, "<%s> deleted interface"
492 "plen %d is invalid for a prefix",
496 prefix = find_prefix(rai, addr, plen);
497 if (prefix == NULL) {
500 "<%s> prefix(%s/%d) was "
502 "but it was not in list",
505 addr, (char *)addrbuf,
512 delete_prefix(rai, prefix);
516 /* init ifflags because it may have changed */
517 iflist[ifindex]->ifm_flags =
519 iflist[ifindex]->ifm_flags);
522 iflist[ifindex]->ifm_flags = get_ifm_flags(next);
525 /* should not reach here */
528 "<%s:%d> unknown rtmsg %d on %s",
529 __FUNCTION__, __LINE__, type,
530 if_indextoname(ifindex, ifname));
535 /* check if an interface flag is changed */
536 if ((oldifflags & IFF_UP) != 0 && /* UP to DOWN */
537 (iflist[ifindex]->ifm_flags & IFF_UP) == 0) {
539 "<%s> interface %s becomes down. stop timer.",
540 __FUNCTION__, rai->ifname);
541 rtadvd_remove_timer(&rai->timer);
543 else if ((oldifflags & IFF_UP) == 0 && /* DOWN to UP */
544 (iflist[ifindex]->ifm_flags & IFF_UP) != 0) {
546 "<%s> interface %s becomes up. restart timer.",
547 __FUNCTION__, rai->ifname);
549 rai->initcounter = 0; /* reset the counter */
550 rai->waiting = 0; /* XXX */
551 rai->timer = rtadvd_add_timer(ra_timeout,
554 ra_timer_update((void *)rai, &rai->timer->tm);
555 rtadvd_set_timer(&rai->timer->tm, rai->timer);
570 struct icmp6_hdr *icp;
573 struct in6_pktinfo *pi = NULL;
574 u_char ntopbuf[INET6_ADDRSTRLEN], ifnamebuf[IFNAMSIZ];
575 struct in6_addr dst = in6addr_any;
578 * Get message. We reset msg_controllen since the field could
579 * be modified if we had received a message before setting
582 rcvmhdr.msg_controllen = rcvcmsgbuflen;
583 if ((i = recvmsg(sock, &rcvmhdr, 0)) < 0)
586 /* extract optional information via Advanced API */
587 for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(&rcvmhdr);
589 cm = (struct cmsghdr *)CMSG_NXTHDR(&rcvmhdr, cm)) {
590 if (cm->cmsg_level == IPPROTO_IPV6 &&
591 cm->cmsg_type == IPV6_PKTINFO &&
592 cm->cmsg_len == CMSG_LEN(sizeof(struct in6_pktinfo))) {
593 pi = (struct in6_pktinfo *)(CMSG_DATA(cm));
594 ifindex = pi->ipi6_ifindex;
597 if (cm->cmsg_level == IPPROTO_IPV6 &&
598 cm->cmsg_type == IPV6_HOPLIMIT &&
599 cm->cmsg_len == CMSG_LEN(sizeof(int)))
600 hlimp = (int *)CMSG_DATA(cm);
604 "<%s> failed to get receiving interface",
610 "<%s> failed to get receiving hop limit",
616 * If we happen to receive data on an interface which is now down,
617 * just discard the data.
619 if ((iflist[pi->ipi6_ifindex]->ifm_flags & IFF_UP) == 0) {
621 "<%s> received data on a disabled interface (%s)",
623 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
628 if (i < sizeof(struct ip6_hdr) + sizeof(struct icmp6_hdr)) {
630 "<%s> packet size(%d) is too short",
635 ip = (struct ip6_hdr *)rcvmhdr.msg_iov[0].iov_base;
636 icp = (struct icmp6_hdr *)(ip + 1); /* XXX: ext. hdr? */
638 if (i < sizeof(struct icmp6_hdr)) {
640 "<%s> packet size(%d) is too short",
645 icp = (struct icmp6_hdr *)rcvmhdr.msg_iov[0].iov_base;
648 switch(icp->icmp6_type) {
649 case ND_ROUTER_SOLICIT:
651 * Message verification - RFC-2461 6.1.1
652 * XXX: these checks must be done in the kernel as well,
653 * but we can't completely rely on them.
657 "<%s> RS with invalid hop limit(%d) "
658 "received from %s on %s",
659 __FUNCTION__, *hlimp,
660 inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf,
662 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
665 if (icp->icmp6_code) {
667 "<%s> RS with invalid ICMP6 code(%d) "
668 "received from %s on %s",
669 __FUNCTION__, icp->icmp6_code,
670 inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf,
672 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
675 if (i < sizeof(struct nd_router_solicit)) {
677 "<%s> RS from %s on %s does not have enough "
680 inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf,
682 if_indextoname(pi->ipi6_ifindex, ifnamebuf), i);
685 rs_input(i, (struct nd_router_solicit *)icp, pi, &from);
687 case ND_ROUTER_ADVERT:
689 * Message verification - RFC-2461 6.1.2
690 * XXX: there's a same dilemma as above...
694 "<%s> RA with invalid hop limit(%d) "
695 "received from %s on %s",
696 __FUNCTION__, *hlimp,
697 inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf,
699 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
702 if (icp->icmp6_code) {
704 "<%s> RA with invalid ICMP6 code(%d) "
705 "received from %s on %s",
706 __FUNCTION__, icp->icmp6_code,
707 inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf,
709 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
712 if (i < sizeof(struct nd_router_advert)) {
714 "<%s> RA from %s on %s does not have enough "
717 inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf,
719 if_indextoname(pi->ipi6_ifindex, ifnamebuf), i);
722 ra_input(i, (struct nd_router_advert *)icp, pi, &from);
724 case ICMP6_ROUTER_RENUMBERING:
725 if (accept_rr == 0) {
727 "<%s> received a router renumbering "
728 "message, but not allowed to be accepted",
732 rr_input(i, (struct icmp6_router_renum *)icp, pi, &from,
737 * Note that this case is POSSIBLE, especially just
738 * after invocation of the daemon. This is because we
739 * could receive message after opening the socket and
740 * before setting ICMP6 type filter(see sock_open()).
743 "<%s> invalid icmp type(%d)",
744 __FUNCTION__, icp->icmp6_type);
752 rs_input(int len, struct nd_router_solicit *rs,
753 struct in6_pktinfo *pi, struct sockaddr_in6 *from)
755 u_char ntopbuf[INET6_ADDRSTRLEN], ifnamebuf[IFNAMSIZ];
756 union nd_opts ndopts;
760 "<%s> RS received from %s on %s",
762 inet_ntop(AF_INET6, &from->sin6_addr,
763 ntopbuf, INET6_ADDRSTRLEN),
764 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
766 /* ND option check */
767 memset(&ndopts, 0, sizeof(ndopts));
768 if (nd6_options((struct nd_opt_hdr *)(rs + 1),
769 len - sizeof(struct nd_router_solicit),
770 &ndopts, NDOPT_FLAG_SRCLINKADDR)) {
772 "<%s> ND option check failed for an RS from %s on %s",
774 inet_ntop(AF_INET6, &from->sin6_addr,
775 ntopbuf, INET6_ADDRSTRLEN),
776 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
781 * If the IP source address is the unspecified address, there
782 * must be no source link-layer address option in the message.
785 if (IN6_IS_ADDR_UNSPECIFIED(&from->sin6_addr) &&
786 ndopts.nd_opts_src_lladdr) {
788 "<%s> RS from unspecified src on %s has a link-layer"
791 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
797 if (pi->ipi6_ifindex == ra->ifindex)
803 "<%s> RS received on non advertising interface(%s)",
805 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
809 ra->rsinput++; /* increment statistics */
812 * Decide whether to send RA according to the rate-limit
816 long delay; /* must not be greater than 1000000 */
817 struct timeval interval, now, min_delay, tm_tmp, *rest;
818 struct soliciter *sol;
821 * record sockaddr waiting for RA, if possible
823 sol = (struct soliciter *)malloc(sizeof(*sol));
826 /*XXX RFC2553 need clarification on flowinfo */
827 sol->addr.sin6_flowinfo = 0;
828 sol->next = ra->soliciter;
829 ra->soliciter = sol->next;
833 * If there is already a waiting RS packet, don't
840 * Compute a random delay. If the computed value
841 * corresponds to a time later than the time the next
842 * multicast RA is scheduled to be sent, ignore the random
843 * delay and send the advertisement at the
844 * already-scheduled time. RFC-2461 6.2.6
846 delay = random() % MAX_RA_DELAY_TIME;
848 interval.tv_usec = delay;
849 rest = rtadvd_timer_rest(ra->timer);
850 if (TIMEVAL_LT(*rest, interval)) {
852 "<%s> random delay is larger than "
853 "the rest of normal timer",
859 * If we sent a multicast Router Advertisement within
860 * the last MIN_DELAY_BETWEEN_RAS seconds, schedule
861 * the advertisement to be sent at a time corresponding to
862 * MIN_DELAY_BETWEEN_RAS plus the random value after the
863 * previous advertisement was sent.
865 gettimeofday(&now, NULL);
866 TIMEVAL_SUB(&now, &ra->lastsent, &tm_tmp);
867 min_delay.tv_sec = MIN_DELAY_BETWEEN_RAS;
868 min_delay.tv_usec = 0;
869 if (TIMEVAL_LT(tm_tmp, min_delay)) {
870 TIMEVAL_SUB(&min_delay, &tm_tmp, &min_delay);
871 TIMEVAL_ADD(&min_delay, &interval, &interval);
873 rtadvd_set_timer(&interval, ra->timer);
878 free_ndopts(&ndopts);
883 ra_input(int len, struct nd_router_advert *ra,
884 struct in6_pktinfo *pi, struct sockaddr_in6 *from)
887 u_char ntopbuf[INET6_ADDRSTRLEN], ifnamebuf[IFNAMSIZ];
888 union nd_opts ndopts;
889 char *on_off[] = {"OFF", "ON"};
890 u_int32_t reachabletime, retranstimer, mtu;
891 int inconsistent = 0;
894 "<%s> RA received from %s on %s",
896 inet_ntop(AF_INET6, &from->sin6_addr,
897 ntopbuf, INET6_ADDRSTRLEN),
898 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
900 /* ND option check */
901 memset(&ndopts, 0, sizeof(ndopts));
902 if (nd6_options((struct nd_opt_hdr *)(ra + 1),
903 len - sizeof(struct nd_router_advert),
904 &ndopts, NDOPT_FLAG_SRCLINKADDR |
905 NDOPT_FLAG_PREFIXINFO | NDOPT_FLAG_MTU)) {
907 "<%s> ND option check failed for an RA from %s on %s",
909 inet_ntop(AF_INET6, &from->sin6_addr,
910 ntopbuf, INET6_ADDRSTRLEN),
911 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
916 * RA consistency check according to RFC-2461 6.2.7
918 if ((rai = if_indextorainfo(pi->ipi6_ifindex)) == 0) {
920 "<%s> received RA from %s on non-advertising"
923 inet_ntop(AF_INET6, &from->sin6_addr,
924 ntopbuf, INET6_ADDRSTRLEN),
925 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
928 rai->rainput++; /* increment statistics */
930 /* Cur Hop Limit value */
931 if (ra->nd_ra_curhoplimit && rai->hoplimit &&
932 ra->nd_ra_curhoplimit != rai->hoplimit) {
934 "<%s> CurHopLimit inconsistent on %s:"
935 " %d from %s, %d from us",
938 ra->nd_ra_curhoplimit,
939 inet_ntop(AF_INET6, &from->sin6_addr,
940 ntopbuf, INET6_ADDRSTRLEN),
945 if ((ra->nd_ra_flags_reserved & ND_RA_FLAG_MANAGED) !=
948 "<%s> M flag inconsistent on %s:"
949 " %s from %s, %s from us",
952 on_off[!rai->managedflg],
953 inet_ntop(AF_INET6, &from->sin6_addr,
954 ntopbuf, INET6_ADDRSTRLEN),
955 on_off[rai->managedflg]);
959 if ((ra->nd_ra_flags_reserved & ND_RA_FLAG_OTHER) !=
962 "<%s> O flag inconsistent on %s:"
963 " %s from %s, %s from us",
966 on_off[!rai->otherflg],
967 inet_ntop(AF_INET6, &from->sin6_addr,
968 ntopbuf, INET6_ADDRSTRLEN),
969 on_off[rai->otherflg]);
973 reachabletime = ntohl(ra->nd_ra_reachable);
974 if (reachabletime && rai->reachabletime &&
975 reachabletime != rai->reachabletime) {
977 "<%s> ReachableTime inconsistent on %s:"
978 " %d from %s, %d from us",
982 inet_ntop(AF_INET6, &from->sin6_addr,
983 ntopbuf, INET6_ADDRSTRLEN),
988 retranstimer = ntohl(ra->nd_ra_retransmit);
989 if (retranstimer && rai->retranstimer &&
990 retranstimer != rai->retranstimer) {
992 "<%s> RetranceTimer inconsistent on %s:"
993 " %d from %s, %d from us",
997 inet_ntop(AF_INET6, &from->sin6_addr,
998 ntopbuf, INET6_ADDRSTRLEN),
1002 /* Values in the MTU options */
1003 if (ndopts.nd_opts_mtu) {
1004 mtu = ntohl(ndopts.nd_opts_mtu->nd_opt_mtu_mtu);
1005 if (mtu && rai->linkmtu && mtu != rai->linkmtu) {
1007 "<%s> MTU option value inconsistent on %s:"
1008 " %d from %s, %d from us",
1011 inet_ntop(AF_INET6, &from->sin6_addr,
1012 ntopbuf, INET6_ADDRSTRLEN),
1017 /* Preferred and Valid Lifetimes for prefixes */
1019 struct nd_optlist *optp = ndopts.nd_opts_list;
1021 if (ndopts.nd_opts_pi) {
1022 if (prefix_check(ndopts.nd_opts_pi, rai, from))
1026 if (prefix_check((struct nd_opt_prefix_info *)optp->opt,
1034 rai->rainconsistent++;
1037 free_ndopts(&ndopts);
1041 /* return a non-zero value if the received prefix is inconsitent with ours */
1043 prefix_check(struct nd_opt_prefix_info *pinfo,
1044 struct rainfo *rai, struct sockaddr_in6 *from)
1046 u_int32_t preferred_time, valid_time;
1048 int inconsistent = 0;
1049 u_char ntopbuf[INET6_ADDRSTRLEN], prefixbuf[INET6_ADDRSTRLEN];
1052 #if 0 /* impossible */
1053 if (pinfo->nd_opt_pi_type != ND_OPT_PREFIX_INFORMATION)
1058 * log if the adveritsed prefix has link-local scope(sanity check?)
1060 if (IN6_IS_ADDR_LINKLOCAL(&pinfo->nd_opt_pi_prefix)) {
1062 "<%s> link-local prefix %s/%d is advertised "
1065 inet_ntop(AF_INET6, &pinfo->nd_opt_pi_prefix,
1066 prefixbuf, INET6_ADDRSTRLEN),
1067 pinfo->nd_opt_pi_prefix_len,
1068 inet_ntop(AF_INET6, &from->sin6_addr,
1069 ntopbuf, INET6_ADDRSTRLEN),
1073 if ((pp = find_prefix(rai, &pinfo->nd_opt_pi_prefix,
1074 pinfo->nd_opt_pi_prefix_len)) == NULL) {
1076 "<%s> prefix %s/%d from %s on %s is not in our list",
1078 inet_ntop(AF_INET6, &pinfo->nd_opt_pi_prefix,
1079 prefixbuf, INET6_ADDRSTRLEN),
1080 pinfo->nd_opt_pi_prefix_len,
1081 inet_ntop(AF_INET6, &from->sin6_addr,
1082 ntopbuf, INET6_ADDRSTRLEN),
1087 preferred_time = ntohl(pinfo->nd_opt_pi_preferred_time);
1088 if (pp->pltimeexpire) {
1090 * The lifetime is decremented in real time, so we should
1091 * compare the expiration time.
1092 * (RFC 2461 Section 6.2.7.)
1093 * XXX: can we really expect that all routers on the link
1094 * have synchronized clocks?
1096 gettimeofday(&now, NULL);
1097 preferred_time += now.tv_sec;
1099 if (rai->clockskew &&
1100 abs(preferred_time - pp->pltimeexpire) > rai->clockskew) {
1102 "<%s> prefeerred lifetime for %s/%d"
1103 " (decr. in real time) inconsistent on %s:"
1104 " %d from %s, %ld from us",
1106 inet_ntop(AF_INET6, &pinfo->nd_opt_pi_prefix,
1107 prefixbuf, INET6_ADDRSTRLEN),
1108 pinfo->nd_opt_pi_prefix_len,
1109 rai->ifname, preferred_time,
1110 inet_ntop(AF_INET6, &from->sin6_addr,
1111 ntopbuf, INET6_ADDRSTRLEN),
1116 else if (preferred_time != pp->preflifetime) {
1118 "<%s> prefeerred lifetime for %s/%d"
1119 " inconsistent on %s:"
1120 " %d from %s, %d from us",
1122 inet_ntop(AF_INET6, &pinfo->nd_opt_pi_prefix,
1123 prefixbuf, INET6_ADDRSTRLEN),
1124 pinfo->nd_opt_pi_prefix_len,
1125 rai->ifname, preferred_time,
1126 inet_ntop(AF_INET6, &from->sin6_addr,
1127 ntopbuf, INET6_ADDRSTRLEN),
1131 valid_time = ntohl(pinfo->nd_opt_pi_valid_time);
1132 if (pp->vltimeexpire) {
1133 gettimeofday(&now, NULL);
1134 valid_time += now.tv_sec;
1136 if (rai->clockskew &&
1137 abs(valid_time - pp->vltimeexpire) > rai->clockskew) {
1139 "<%s> valid lifetime for %s/%d"
1140 " (decr. in real time) inconsistent on %s:"
1141 " %d from %s, %ld from us",
1143 inet_ntop(AF_INET6, &pinfo->nd_opt_pi_prefix,
1144 prefixbuf, INET6_ADDRSTRLEN),
1145 pinfo->nd_opt_pi_prefix_len,
1146 rai->ifname, preferred_time,
1147 inet_ntop(AF_INET6, &from->sin6_addr,
1148 ntopbuf, INET6_ADDRSTRLEN),
1153 else if (valid_time != pp->validlifetime) {
1155 "<%s> valid lifetime for %s/%d"
1156 " inconsistent on %s:"
1157 " %d from %s, %d from us",
1159 inet_ntop(AF_INET6, &pinfo->nd_opt_pi_prefix,
1160 prefixbuf, INET6_ADDRSTRLEN),
1161 pinfo->nd_opt_pi_prefix_len,
1162 rai->ifname, valid_time,
1163 inet_ntop(AF_INET6, &from->sin6_addr,
1164 ntopbuf, INET6_ADDRSTRLEN),
1169 return(inconsistent);
1173 find_prefix(struct rainfo *rai, struct in6_addr *prefix, int plen)
1176 int bytelen, bitlen;
1178 for (pp = rai->prefix.next; pp != &rai->prefix; pp = pp->next) {
1179 if (plen != pp->prefixlen)
1183 if (memcmp((void *)prefix, (void *)&pp->prefix, bytelen))
1185 if (prefix->s6_addr[bytelen] >> (8 - bitlen) ==
1186 pp->prefix.s6_addr[bytelen] >> (8 - bitlen))
1193 /* check if p0/plen0 matches p1/plen1; return 1 if matches, otherwise 0. */
1195 prefix_match(struct in6_addr *p0, int plen0,
1196 struct in6_addr *p1, int plen1)
1198 int bytelen, bitlen;
1202 bytelen = plen1 / 8;
1204 if (memcmp((void *)p0, (void *)p1, bytelen))
1206 if (p0->s6_addr[bytelen] >> (8 - bitlen) ==
1207 p1->s6_addr[bytelen] >> (8 - bitlen))
1214 nd6_options(struct nd_opt_hdr *hdr, int limit,
1215 union nd_opts *ndopts, u_int32_t optflags)
1219 for (; limit > 0; limit -= optlen) {
1220 hdr = (struct nd_opt_hdr *)((caddr_t)hdr + optlen);
1221 optlen = hdr->nd_opt_len << 3;
1222 if (hdr->nd_opt_len == 0) {
1224 "<%s> bad ND option length(0) (type = %d)",
1225 __FUNCTION__, hdr->nd_opt_type);
1229 if (hdr->nd_opt_type > ND_OPT_MTU) {
1231 "<%s> unknown ND option(type %d)",
1237 if ((ndopt_flags[hdr->nd_opt_type] & optflags) == 0) {
1239 "<%s> unexpected ND option(type %d)",
1245 switch(hdr->nd_opt_type) {
1246 case ND_OPT_SOURCE_LINKADDR:
1247 case ND_OPT_TARGET_LINKADDR:
1248 case ND_OPT_REDIRECTED_HEADER:
1250 if (ndopts->nd_opt_array[hdr->nd_opt_type]) {
1252 "<%s> duplicated ND option"
1257 ndopts->nd_opt_array[hdr->nd_opt_type] = hdr;
1259 case ND_OPT_PREFIX_INFORMATION:
1261 struct nd_optlist *pfxlist;
1263 if (ndopts->nd_opts_pi == 0) {
1264 ndopts->nd_opts_pi =
1265 (struct nd_opt_prefix_info *)hdr;
1268 if ((pfxlist = malloc(sizeof(*pfxlist))) == NULL) {
1270 "<%s> can't allocate memory",
1274 pfxlist->next = ndopts->nd_opts_list;
1276 ndopts->nd_opts_list = pfxlist;
1280 default: /* impossible */
1288 free_ndopts(ndopts);
1294 free_ndopts(union nd_opts *ndopts)
1296 struct nd_optlist *opt = ndopts->nd_opts_list, *next;
1308 struct icmp6_filter filt;
1309 struct ipv6_mreq mreq;
1310 struct rainfo *ra = ralist;
1312 /* XXX: should be max MTU attached to the node */
1313 static u_char answer[1500];
1315 rcvcmsgbuflen = CMSG_SPACE(sizeof(struct in6_pktinfo)) +
1316 CMSG_SPACE(sizeof(int));
1317 rcvcmsgbuf = (u_char *)malloc(rcvcmsgbuflen);
1318 if (rcvcmsgbuf == NULL) {
1319 syslog(LOG_ERR, "<%s> not enough core", __FUNCTION__);
1323 sndcmsgbuflen = CMSG_SPACE(sizeof(struct in6_pktinfo)) +
1324 CMSG_SPACE(sizeof(int));
1325 sndcmsgbuf = (u_char *)malloc(sndcmsgbuflen);
1326 if (sndcmsgbuf == NULL) {
1327 syslog(LOG_ERR, "<%s> not enough core", __FUNCTION__);
1331 if ((sock = socket(AF_INET6, SOCK_RAW, IPPROTO_ICMPV6)) < 0) {
1332 syslog(LOG_ERR, "<%s> socket: %s", __FUNCTION__,
1337 /* specify to tell receiving interface */
1339 #ifdef IPV6_RECVPKTINFO
1340 if (setsockopt(sock, IPPROTO_IPV6, IPV6_RECVPKTINFO, &on,
1342 syslog(LOG_ERR, "<%s> IPV6_RECVPKTINFO: %s",
1343 __FUNCTION__, strerror(errno));
1346 #else /* old adv. API */
1347 if (setsockopt(sock, IPPROTO_IPV6, IPV6_PKTINFO, &on,
1349 syslog(LOG_ERR, "<%s> IPV6_PKTINFO: %s",
1350 __FUNCTION__, strerror(errno));
1356 /* specify to tell value of hoplimit field of received IP6 hdr */
1357 #ifdef IPV6_RECVHOPLIMIT
1358 if (setsockopt(sock, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &on,
1360 syslog(LOG_ERR, "<%s> IPV6_RECVHOPLIMIT: %s",
1361 __FUNCTION__, strerror(errno));
1364 #else /* old adv. API */
1365 if (setsockopt(sock, IPPROTO_IPV6, IPV6_HOPLIMIT, &on,
1367 syslog(LOG_ERR, "<%s> IPV6_HOPLIMIT: %s",
1368 __FUNCTION__, strerror(errno));
1373 ICMP6_FILTER_SETBLOCKALL(&filt);
1374 ICMP6_FILTER_SETPASS(ND_ROUTER_SOLICIT, &filt);
1375 ICMP6_FILTER_SETPASS(ND_ROUTER_ADVERT, &filt);
1377 ICMP6_FILTER_SETPASS(ICMP6_ROUTER_RENUMBERING, &filt);
1378 if (setsockopt(sock, IPPROTO_ICMPV6, ICMP6_FILTER, &filt,
1379 sizeof(filt)) < 0) {
1380 syslog(LOG_ERR, "<%s> IICMP6_FILTER: %s",
1381 __FUNCTION__, strerror(errno));
1386 * join all routers multicast address on each advertising interface.
1388 if (inet_pton(AF_INET6, ALLROUTERS_LINK,
1389 &mreq.ipv6mr_multiaddr.s6_addr)
1391 syslog(LOG_ERR, "<%s> inet_pton failed(library bug?)",
1396 mreq.ipv6mr_interface = ra->ifindex;
1397 if (setsockopt(sock, IPPROTO_IPV6, IPV6_JOIN_GROUP, &mreq,
1398 sizeof(mreq)) < 0) {
1399 syslog(LOG_ERR, "<%s> IPV6_JOIN_GROUP(link) on %s: %s",
1400 __FUNCTION__, ra->ifname, strerror(errno));
1407 * When attending router renumbering, join all-routers site-local
1411 if (inet_pton(AF_INET6, ALLROUTERS_SITE,
1412 &in6a_site_allrouters) != 1) {
1413 syslog(LOG_ERR, "<%s> inet_pton failed(library bug?)",
1417 mreq.ipv6mr_multiaddr = in6a_site_allrouters;
1419 if ((mreq.ipv6mr_interface = if_nametoindex(mcastif))
1422 "<%s> invalid interface: %s",
1423 __FUNCTION__, mcastif);
1427 mreq.ipv6mr_interface = ralist->ifindex;
1428 if (setsockopt(sock, IPPROTO_IPV6, IPV6_JOIN_GROUP,
1429 &mreq, sizeof(mreq)) < 0) {
1431 "<%s> IPV6_JOIN_GROUP(site) on %s: %s",
1433 mcastif ? mcastif : ralist->ifname,
1439 /* initialize msghdr for receiving packets */
1440 rcviov[0].iov_base = (caddr_t)answer;
1441 rcviov[0].iov_len = sizeof(answer);
1442 rcvmhdr.msg_name = (caddr_t)&from;
1443 rcvmhdr.msg_namelen = sizeof(from);
1444 rcvmhdr.msg_iov = rcviov;
1445 rcvmhdr.msg_iovlen = 1;
1446 rcvmhdr.msg_control = (caddr_t) rcvcmsgbuf;
1447 rcvmhdr.msg_controllen = rcvcmsgbuflen;
1449 /* initialize msghdr for sending packets */
1450 sndmhdr.msg_namelen = sizeof(struct sockaddr_in6);
1451 sndmhdr.msg_iov = sndiov;
1452 sndmhdr.msg_iovlen = 1;
1453 sndmhdr.msg_control = (caddr_t)sndcmsgbuf;
1454 sndmhdr.msg_controllen = sndcmsgbuflen;
1459 /* open a routing socket to watch the routing table */
1463 if ((rtsock = socket(PF_ROUTE, SOCK_RAW, 0)) < 0) {
1465 "<%s> socket: %s", __FUNCTION__, strerror(errno));
1471 if_indextorainfo(int index)
1473 struct rainfo *rai = ralist;
1475 for (rai = ralist; rai; rai = rai->next) {
1476 if (rai->ifindex == index)
1480 return(NULL); /* search failed */
1485 struct rainfo *rainfo;
1489 struct in6_pktinfo *pi;
1490 struct soliciter *sol, *nextsol;
1492 if ((iflist[rainfo->ifindex]->ifm_flags & IFF_UP) == 0) {
1493 syslog(LOG_DEBUG, "<%s> %s is not up, skip sending RA",
1494 __FUNCTION__, rainfo->ifname);
1498 make_packet(rainfo); /* XXX: inefficient */
1500 sndmhdr.msg_name = (caddr_t)&sin6_allnodes;
1501 sndmhdr.msg_iov[0].iov_base = (caddr_t)rainfo->ra_data;
1502 sndmhdr.msg_iov[0].iov_len = rainfo->ra_datalen;
1504 cm = CMSG_FIRSTHDR(&sndmhdr);
1505 /* specify the outgoing interface */
1506 cm->cmsg_level = IPPROTO_IPV6;
1507 cm->cmsg_type = IPV6_PKTINFO;
1508 cm->cmsg_len = CMSG_LEN(sizeof(struct in6_pktinfo));
1509 pi = (struct in6_pktinfo *)CMSG_DATA(cm);
1510 memset(&pi->ipi6_addr, 0, sizeof(pi->ipi6_addr)); /*XXX*/
1511 pi->ipi6_ifindex = rainfo->ifindex;
1513 /* specify the hop limit of the packet */
1517 cm = CMSG_NXTHDR(&sndmhdr, cm);
1518 cm->cmsg_level = IPPROTO_IPV6;
1519 cm->cmsg_type = IPV6_HOPLIMIT;
1520 cm->cmsg_len = CMSG_LEN(sizeof(int));
1521 memcpy(CMSG_DATA(cm), &hoplimit, sizeof(int));
1525 "<%s> send RA on %s, # of waitings = %d",
1526 __FUNCTION__, rainfo->ifname, rainfo->waiting);
1528 i = sendmsg(sock, &sndmhdr, 0);
1530 if (i < 0 || i != rainfo->ra_datalen) {
1532 syslog(LOG_ERR, "<%s> sendmsg on %s: %s",
1533 __FUNCTION__, rainfo->ifname,
1539 * unicast advertisements
1540 * XXX commented out. reason: though spec does not forbit it, unicast
1541 * advert does not really help
1543 for (sol = rainfo->soliciter; sol; sol = nextsol) {
1544 nextsol = sol->next;
1547 sndmhdr.msg_name = (caddr_t)&sol->addr;
1548 i = sendmsg(sock, &sndmhdr, 0);
1549 if (i < 0 || i != rainfo->ra_datalen) {
1552 "<%s> unicast sendmsg on %s: %s",
1553 __FUNCTION__, rainfo->ifname,
1562 rainfo->soliciter = NULL;
1564 /* update counter */
1565 if (rainfo->initcounter < MAX_INITIAL_RTR_ADVERTISEMENTS)
1566 rainfo->initcounter++;
1569 /* update timestamp */
1570 gettimeofday(&rainfo->lastsent, NULL);
1572 /* reset waiting conter */
1573 rainfo->waiting = 0;
1576 /* process RA timer */
1578 ra_timeout(void *data)
1580 struct rainfo *rai = (struct rainfo *)data;
1583 /* if necessary, reconstruct the packet. */
1587 "<%s> RA timer on %s is expired",
1588 __FUNCTION__, rai->ifname);
1593 /* update RA timer */
1595 ra_timer_update(void *data, struct timeval *tm)
1597 struct rainfo *rai = (struct rainfo *)data;
1601 * Whenever a multicast advertisement is sent from an interface,
1602 * the timer is reset to a uniformly-distributed random value
1603 * between the interface's configured MinRtrAdvInterval and
1604 * MaxRtrAdvInterval (RFC2461 6.2.4).
1606 interval = rai->mininterval;
1607 interval += random() % (rai->maxinterval - rai->mininterval);
1610 * For the first few advertisements (up to
1611 * MAX_INITIAL_RTR_ADVERTISEMENTS), if the randomly chosen interval
1612 * is greater than MAX_INITIAL_RTR_ADVERT_INTERVAL, the timer
1613 * SHOULD be set to MAX_INITIAL_RTR_ADVERT_INTERVAL instead.
1616 if (rai->initcounter < MAX_INITIAL_RTR_ADVERTISEMENTS &&
1617 interval > MAX_INITIAL_RTR_ADVERT_INTERVAL)
1618 interval = MAX_INITIAL_RTR_ADVERT_INTERVAL;
1620 tm->tv_sec = interval;
1624 "<%s> RA timer on %s is set to %ld:%ld",
1625 __FUNCTION__, rai->ifname,
1626 (long int)tm->tv_sec, (long int)tm->tv_usec);
projects / FreeBSD / FreeBSD.git / blob