RFC3484 and ORCHID addresses (fwd)
Pekka Savola <pekkas@netcore.fi> Thu, 13 March 2008 23:45 UTC
Return-Path: <ipv6-bounces@ietf.org>
X-Original-To: ietfarch-ipv6-archive@core3.amsl.com
Delivered-To: ietfarch-ipv6-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 01F0828C8C9; Thu, 13 Mar 2008 16:45:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -100.28
X-Spam-Level:
X-Spam-Status: No, score=-100.28 tagged_above=-999 required=5 tests=[AWL=0.157, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, RDNS_NONE=0.1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lgTf6Lrw7qmY; Thu, 13 Mar 2008 16:45:38 -0700 (PDT)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id F408228C2A2; Thu, 13 Mar 2008 16:45:37 -0700 (PDT)
X-Original-To: ipv6@core3.amsl.com
Delivered-To: ipv6@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2DD2B28C2A2 for <ipv6@core3.amsl.com>; Thu, 13 Mar 2008 16:45:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gpjnKGPU0CSa for <ipv6@core3.amsl.com>; Thu, 13 Mar 2008 16:45:36 -0700 (PDT)
Received: from netcore.fi (eunet-gw.ipv6.netcore.fi [IPv6:2001:670:86:3001::1]) by core3.amsl.com (Postfix) with ESMTP id C276F28C125 for <ipv6@ietf.org>; Thu, 13 Mar 2008 16:45:35 -0700 (PDT)
Received: from netcore.fi (localhost [127.0.0.1]) by netcore.fi (8.13.8/8.13.8) with ESMTP id m2DNhFAB009094 for <ipv6@ietf.org>; Fri, 14 Mar 2008 01:43:15 +0200
Received: from localhost (pekkas@localhost) by netcore.fi (8.13.8/8.13.8/Submit) with ESMTP id m2DNhFm1009091 for <ipv6@ietf.org>; Fri, 14 Mar 2008 01:43:15 +0200
Date: Fri, 14 Mar 2008 01:43:15 +0200
From: Pekka Savola <pekkas@netcore.fi>
To: ipv6@ietf.org
Subject: RFC3484 and ORCHID addresses (fwd)
Message-ID: <alpine.LRH.1.00.0803140137490.8914@netcore.fi>
User-Agent: Alpine 1.00 (LRH 882 2007-12-20)
MIME-Version: 1.0
X-Virus-Scanned: ClamAV 0.92.1/6220/Thu Mar 13 00:33:03 2008 on otso.netcore.fi
X-Virus-Status: Clean
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ipv6-bounces@ietf.org
Errors-To: ipv6-bounces@ietf.org
FYI, While we're considering RFC3484 changes, here's one additional proposed modification to RFC3484 for Linux with ORCHID (RFC 4843) that is worth serious consideration. (Discussion on the best implementation choice(s) and glibc changes is still going on.) One may debate whether ORCHID addresses should be dealt with the policy table or in the spec. ---------- Forwarded message ---------- Date: Thu, 21 Feb 2008 12:08:42 +0200 From: Juha-Matti Tapio <jmtapio@verkkotelakka.net> To: netdev@vger.kernel.org Subject: [PATCH 2/2] [IPV6]: Fix source address selection for ORCHID addresses Skip the prefix length matching in source address selection for orchid -> non-orchid addresses. Overlay Routable Cryptographic Hash IDentifiers (RFC 4843, 2001:10::/28) are currenty not globally reachable. Without this check a host with an ORCHID address can end up preferring those over regular addresses when talking to other regular hosts in the 2001::/16 range thus breaking non-orchid connections. Signed-off-by: Juha-Matti Tapio <jmtapio@verkkotelakka.net> --- include/net/ipv6.h | 10 ++++++++++ net/ipv6/addrconf.c | 5 +++++ 2 files changed, 15 insertions(+), 0 deletions(-) diff --git a/include/net/ipv6.h b/include/net/ipv6.h index c0c019f..67e024a 100644 --- a/include/net/ipv6.h +++ b/include/net/ipv6.h @@ -384,6 +384,16 @@ static inline int ipv6_addr_v4mapped(const struct in6_addr *a) } /* + * Check for a RFC 4843 ORCHID address + * (Overlay Routable Cryptographic Hash Identifiers) + */ +static inline int ipv6_addr_orchid(const struct in6_addr *a) +{ + return ((a->s6_addr32[0] & htonl(0xfffffff0)) + == htonl(0x20010010)); +} + +/* * find the first different bit between two addresses * length of address must be a multiple of 32bits */ diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c index e40213d..2474d20 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c @@ -1125,6 +1125,11 @@ int ipv6_dev_get_saddr(struct net_device *daddr_dev, if (hiscore.rule < 7) hiscore.rule++; #endif + + /* Skip rule 8 for orchid -> non-orchid address pairs. */ + if (ipv6_addr_orchid(&ifa->addr) && !ipv6_addr_orchid(daddr)) + continue; + /* Rule 8: Use longest matching prefix */ if (hiscore.rule < 8) { hiscore.matchlen = ipv6_addr_diff(&ifa_result->addr, daddr); -- 1.5.3.8 -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
- RFC3484 and ORCHID addresses (fwd) Pekka Savola
- Re: RFC3484 and ORCHID addresses (fwd) David Malone
- Re: RFC3484 and ORCHID addresses (fwd) Brian E Carpenter