lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <4AF00EA0.7030407@linux-ipv6.org> Date: Tue, 03 Nov 2009 20:06:08 +0900 From: YOSHIFUJI Hideaki <yoshfuji@...ux-ipv6.org> To: Andrew Morton <akpm@...ux-foundation.org>, green@....ru CC: netdev@...r.kernel.org, bugzilla-daemon@...zilla.kernel.org, bugme-daemon@...zilla.kernel.org, yoshfuji@...ux-ipv6.org, Pekka Savola <pekkas@...core.fi>, davem@...emloft.net Subject: Re: [Bugme-new] [Bug 14427] New: ipv6 forward cause strange route Hello. This is not a bug but a feature of IPv6 called "subnet anycast address." The address is automatically assigned on routers. References: RFC 2526: Reserved IPv6 Subnet Anycast Addresses RFC 3627: Use of /127 Prefix Length Between Routers Considered Harmful --yoshfuji Andrew Morton wrote: > (switched to email. Please respond via emailed reply-to-all, not via the > bugzilla web interface). > > On Sat, 17 Oct 2009 10:42:01 GMT bugzilla-daemon@...zilla.kernel.org wrote: > >> http://bugzilla.kernel.org/show_bug.cgi?id=14427 >> >> Summary: ipv6 forward cause strange route >> Product: Networking >> Version: 2.5 >> Platform: All >> OS/Version: Linux >> Tree: Mainline >> Status: NEW >> Severity: normal >> Priority: P1 >> Component: IPV6 >> AssignedTo: yoshfuji@...ux-ipv6.org >> ReportedBy: green@....ru >> Regression: No >> >> >> When enabling forwarding for IPv6 on interface, in the routing table local >> appears new route. It like route to local ip but with all host bits set to 0. >> Example: >> -------------------------------------------------- >> # cat /proc/sys/net/ipv6/conf/eth0/forwarding >> 0 >> # ip -6 addr add 2001:db8:1:1::5/64 dev eth0 >> # ip -6 route show table local >> ... >> local 2001:db8:1:1::5 via :: dev lo proto none metric 0 mtu 16436 advmss >> 16376 hoplimit 4294967295 >> ... >> # echo 1 > /proc/sys/net/ipv6/conf/eth0/forwarding >> # ip -6 route show table local >> ... >> local 2001:db8:1:1:: via :: dev lo proto none metric 0 mtu 16436 advmss >> 16376 hoplimit 4294967295 >> local 2001:db8:1:1::5 via :: dev lo proto none metric 0 mtu 16436 advmss >> 16376 hoplimit 4294967295 >> ... >> -------------------------------------------------- >> After enabling forwarding, route "2001:db8:1:1:: via :: dev lo" is added. No >> matter, forwarding is enabled before or after adding of address, this route is >> "on" with forwarding and "off" without it. >> Such behavior causes problems with /127 network masks. For example: >> -------------------------------------------------- >> # echo 1 > /proc/sys/net/ipv6/conf/eth0/forwarding >> # ip -6 addr add 2001:db8:1:1::5/127 dev eth0 >> # ip -6 route add default via 2001:db8:1:1::4 >> RTNETLINK answers: Invalid argument >> -------------------------------------------------- >> But if we disable forwarding (and strange route) when adding needed route, we >> will succeed. >> -------------------------------------------------- >> # echo 0 > /proc/sys/net/ipv6/conf/eth0/forwarding >> # ip -6 route add default via 2001:db8:1:1::4 >> # echo 1 > /proc/sys/net/ipv6/conf/eth0/forwarding >> -------------------------------------------------- >> Default route remains in the table after enabling forwarding and it is doing in >> work. But in this case we still can not access 2001:db8:1:1::4, because it is >> routed to loopback: >> -------------------------------------------------- >> # ping6 -c 1 2001:db8:1:1::4 >> PING 2001:db8:1:1::4(2001:db8:1:1::4) 56 data bytes >> 64 bytes from 2001:db8:1:1::5: icmp_seq=1 ttl=64 time=0.114 ms >> -------------------------------------------------- >> We get reply from self interface. >> >> This was tested on x86 and x86_64 with 2.6.30 kernel and some previous versions >> on ArchLinux (2.6.30 x86 and x86_64), Ubuntu (2.6.28-15-generic x86_64) and >> gentoo (2.6.30-gentoo-r5 x86_64). >> > > -- > To unsubscribe from this list: send the line "unsubscribe netdev" in > the body of a message to majordomo@...r.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists