lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 30 Dec 2020 00:48:32 -0800 From: Praveen Chaudhary <praveen5582@...il.com> To: davem@...emloft.net, kuba@...nel.org, corbet@....net, kuznet@....inr.ac.ru, yoshfuji@...ux-ipv6.org, netdev@...r.kernel.org, linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org Subject: [PATCH] Allow user to set metric on default route learned via Router Advertisement. Allow user to set metric on default route learned via Router Advertisement. Not: RFC 4191 does not say anything for metric for IPv6 default route. Fix: For IPv4, default route is learned via DHCPv4 and user is allowed to change metric using config etc/network/interfaces. But for IPv6, default route can be learned via RA, for which, currently a fixed metric value 1024 is used. Ideally, user should be able to configure metric on default route for IPv6 similar to IPv4. This fix adds sysctl for the same. Logs: ---------------------------------------------------------------- For IPv4: ---------------------------------------------------------------- Config in etc/network/interfaces ---------------------------------------------------------------- ``` auto eth0 iface eth0 inet dhcp metric 4261413864 ``` IPv4 Kernel Route Table: ---------------------------------------------------------------- ``` $ sudo route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 172.11.44.1 0.0.0.0 UG -33553432 0 0 eth0 ``` FRR Table, if default route is learned via routing protocol too. ---------------------------------------------------------------- ``` # show ip route Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, P - PIM, E - EIGRP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP, > - selected route, * - FIB route S>* 0.0.0.0/0 [20/0] is directly connected, eth0, 00:00:03 K 0.0.0.0/0 [254/1000] via 172.21.47.1, eth0, 6d08h51m ``` ---------------------------------------------------------------- i.e. User can prefer Default Router learned via Routing Protocol, Similar behavior is not possible for IPv6, without this fix. ---------------------------------------------------------------- After fix [for IPv6]: ---------------------------------------------------------------- ``` sudo sysctl -w net.ipv6.conf.eth0.net.ipv6.conf.eth0.accept_ra_defrtr_metric=0x770003e9 ``` IP monitor: ---------------------------------------------------------------- ``` default via fe80::be16:65ff:feb3:ce8e dev eth0 proto ra metric 1996489705 pref high ``` Kernel IPv6 routing table ---------------------------------------------------------------- ``` Destination Next Hop Flag Met Ref Use If ::/0 fe80::be16:65ff:feb3:ce8e UGDAe 1996489705 0 0 eth0 ``` FRR Routing Table, if default route is learned via routing protocol. ---------------------------------------------------------------- # show ipv6 route Codes: K - kernel route, C - connected, S - static, R - RIPng, O - OSPFv3, I - IS-IS, B - BGP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP, > - selected route, * - FIB route S>* ::/0 [20/0] is directly connected, eth0, 00:00:06 K ::/0 [119/1001] via fe80::be16:65ff:feb3:ce8e, eth0, 6d07h43m ---------------------------------------------------------------- Praveen Chaudhary (1): Allow user to set metric on default route learned via Router Advertisement. Documentation/networking/ip-sysctl.rst | 8 ++++++++ include/linux/ipv6.h | 1 + include/net/ip6_route.h | 3 ++- include/uapi/linux/ipv6.h | 1 + include/uapi/linux/sysctl.h | 1 + net/ipv6/addrconf.c | 10 ++++++++++ net/ipv6/ndisc.c | 15 +++++++++++---- net/ipv6/route.c | 8 +++++--- 8 files changed, 39 insertions(+), 8 deletions(-) -- 2.7.4
Powered by blists - more mailing lists