Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp1838625pxk; Tue, 1 Sep 2020 09:00:11 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxwMfZ0iOJbIdl6zJlrsLoG9vcROKEFcjdKXKx0smwk2JVnyLYoHgDlTS+VmAa9v8tRGdA+ X-Received: by 2002:a17:906:4103:: with SMTP id j3mr2044740ejk.5.1598976011558; Tue, 01 Sep 2020 09:00:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1598976011; cv=none; d=google.com; s=arc-20160816; b=nu0JS6iGWy57qWdYdOU3a0NDzLWEJX1w1MFtQkBtFsEchk9aWD8wNTTp0ad5CSoaY5 Ffnl4ce6vJxRLlaOysBRwC67wzPVKtBo2IsctLUrtVp93f3w9P1UvMI5o2Kvw+SmyxWJ 5Un4c9xM9ZkfY8AFi9W9tFcx+ev2M18GGySxWLMa5z39Lye922AeEWdoesh/FhILxnKS eFkPurtfwCo3SMTeJYeaA5GHiemwGuC/pt3xqLCD9QySvrU+4oGEhLftxBiERrpfPGuE Vh819zqZ0//++sI2BFayq+7mNtjA+yEBxnPp5T9H9J1F2HKqSCHQTVdGxqBYj4AH+4yq 5qvA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=oSyU4rbRCx7oJC6Q+h2Vq9u8C2zTFP5KkB72aQOvBJ8=; b=FfPFfrvw+OjXPtALYygZLzNNa4YjY04E+XNiR9m7WVC0jp7FvkoJZ+ckf9ARNp9b84 ptxH483wQxyKyawQ/SpXS1ooFaPyBh64PrlLwfEXH48z16q8Ahgf66c/xH4OhBXoxM7/ /atFZh7PvJFsZPXf+uNbVhRYNAF5JfgTj6lXnc1Vm7rLwOlvlvGAgYQlvdjmTAhELKmK Vi6qYBajchYp90EP6R6AuvCrDHLvo25EHU4bjSJ+3cj3xn2mew+96hTv5mXCrVHWJxX9 iNqbAqR4oxDxKidlbB7QH0DnzB5/+6YrZSjUS+m8L1WMhGrqFelxLo/yQ7UWYCaXfA/G VVlg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=MuQINPXd; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id w16si807344eje.414.2020.09.01.08.59.48; Tue, 01 Sep 2020 09:00:11 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=MuQINPXd; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728988AbgIAP6G (ORCPT + 99 others); Tue, 1 Sep 2020 11:58:06 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56324 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731763AbgIAPn7 (ORCPT ); Tue, 1 Sep 2020 11:43:59 -0400 Received: from mail-qv1-xf43.google.com (mail-qv1-xf43.google.com [IPv6:2607:f8b0:4864:20::f43]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DD70BC061245 for ; Tue, 1 Sep 2020 08:43:58 -0700 (PDT) Received: by mail-qv1-xf43.google.com with SMTP id j10so714427qvk.11 for ; Tue, 01 Sep 2020 08:43:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=oSyU4rbRCx7oJC6Q+h2Vq9u8C2zTFP5KkB72aQOvBJ8=; b=MuQINPXdDrFew7Qa+o4Y65wC8+8poRZ475eqCEsF/tyACMmEKt7Q5v4ZlrFecQMipm vVDiPRVj7HRGUHkQLsqTUb4IB8G8UP8gkMK2qm8/b7i0tAGTme3VryVogvWj5mRTigYZ wYgXh7ZcJTvneS+FXmHjn+1/UErf/NgIMlLBtHzW8OLg3TKv4gRu+6/CWuRHzc33vMWV tWkb2f/EW/3IxM7aNuN+j56JHX3vIiMZbu/bE9hqUkImhHivX/pQBvrJ734Lkc304JLO 6KVhTFRHoU1cCiCKMJcV0aDWsyTHecGyYE1aqjQAVhFJNeQYDjAc9Fveve6DHr1MO30L LrXQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=oSyU4rbRCx7oJC6Q+h2Vq9u8C2zTFP5KkB72aQOvBJ8=; b=uW+6QoNqBLds2Xh7wtZv5PqzYTZ10wu/hPjEz9qAgayoJI1phS3pwswbWPBhXT/T7l +89Rnkpvfy7bjeqjU4ysGK8pgxdzfQY1BaFfCPosyIuyDO394zNZ7dVBYT2VQb0U1CpC 3YUB4bGVG5OcPdyQiCJzVjxyGabcuD5jsB0IBYp8TyDo/GGDTd6Vn0ax3PegIyklso/2 gZX61tYZnU2RKndf1z4RcHhyTQgFk8LNUPDKUYoKaTdSvS82SOCMqE/moRiQry32IZ1X pKfTs1UxjZo1w7Le4q0aBiBe2eyHHJylQBaeVJylxyGQki31BBfLX5j8cQaWvH6iVtg5 GDrQ== X-Gm-Message-State: AOAM5324MsiXzzK7HUmYFlzNQdyucKwCG1xI0l468ohNUIvzIZNVjShe RfQ752aIeuLcZ+IJ2KcMX8jbsKXxz5TbrsiJ+/CGMUT1y0SbWprA X-Received: by 2002:a0c:de0e:: with SMTP id t14mr2468615qvk.57.1598975037745; Tue, 01 Sep 2020 08:43:57 -0700 (PDT) MIME-Version: 1.0 References: <20200901065758.1141786-1-brianvv@google.com> In-Reply-To: From: Brian Vazquez Date: Tue, 1 Sep 2020 08:43:45 -0700 Message-ID: Subject: Re: [PATCH] net: ipv6: fix __rt6_purge_dflt_routers when forwarding is not set on all ifaces To: Eric Dumazet Cc: Brian Vazquez , "David S . Miller" , LKML , netdev , David Ahern Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Sep 1, 2020 at 1:20 AM Eric Dumazet wrote: > > On Tue, Sep 1, 2020 at 8:58 AM Brian Vazquez wrote: > > > > The problem is exposed when the system has multiple ifaces and > > forwarding is enabled on a subset of them, __rt6_purge_dflt_routers will > > clean the default route on all the ifaces which is not desired. > > What is the exact problem you want to fix ? Imagine you have a host with 2 interfaces. 1 is using SLAAC, the other one it isn't. On your main routing table you have the default SLAAC route for iface A Then you're setting a second interface B and you enable forwarding only on this iface: echo 1 > /proc/sys/net/ipv6/conf/B/forwarding. Changing the sysctl which call the rt6_purge_dflt_routers which would delete your default route on iface A, so effectively you will lose connection via iface A, until the default entry is added again which would happen because that iface has accept_ra = 1 and forwarding = 0, but it would take some time. It feels weird that modifying interface B deletes default route A which would be added back anyway, but you lose connection on A for some minutes. > > > > > This patches fixes that by cleaning only the routes where the iface has > > forwarding enabled. > > This seems like a new feature, and this might break some setups. Fair enough, the main issue here is that the behaviour of a host in a mixed environment is not well defined. > > linux always had removed any IPv6 address and default route it learnt via SLAAC. > (this might be to conform to one RFC or known security rule). > It would be nice to add a nice comment giving references. > > > > > Fixes: 830218c1add1 ("net: ipv6: Fix processing of RAs in presence of VRF") > > Please provide a test, or a better commit message ? > > If your patch targets the net tree, then it should only fix a bug. > > Thanks.