lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4AF00EA0.7030407@linux-ipv6.org>
Date:	Tue, 03 Nov 2009 20:06:08 +0900
From:	YOSHIFUJI Hideaki <yoshfuji@...ux-ipv6.org>
To:	Andrew Morton <akpm@...ux-foundation.org>, green@....ru
CC:	netdev@...r.kernel.org, bugzilla-daemon@...zilla.kernel.org,
	bugme-daemon@...zilla.kernel.org, yoshfuji@...ux-ipv6.org,
	Pekka Savola <pekkas@...core.fi>, davem@...emloft.net
Subject: Re: [Bugme-new] [Bug 14427] New: ipv6 forward cause strange route

Hello.

This is not a bug but a feature of IPv6 called "subnet anycast
address."  The address is automatically assigned on routers.

References:
RFC 2526: Reserved IPv6 Subnet Anycast Addresses
RFC 3627: Use of /127 Prefix Length Between Routers Considered Harmful

--yoshfuji

Andrew Morton wrote:
> (switched to email.  Please respond via emailed reply-to-all, not via the
> bugzilla web interface).
> 
> On Sat, 17 Oct 2009 10:42:01 GMT bugzilla-daemon@...zilla.kernel.org wrote:
> 
>> http://bugzilla.kernel.org/show_bug.cgi?id=14427
>>
>>            Summary: ipv6 forward cause strange route
>>            Product: Networking
>>            Version: 2.5
>>           Platform: All
>>         OS/Version: Linux
>>               Tree: Mainline
>>             Status: NEW
>>           Severity: normal
>>           Priority: P1
>>          Component: IPV6
>>         AssignedTo: yoshfuji@...ux-ipv6.org
>>         ReportedBy: green@....ru
>>         Regression: No
>>
>>
>> When enabling forwarding for IPv6 on interface, in the routing table local
>> appears new route. It like route to local ip but with all host bits set to 0.
>> Example:
>> --------------------------------------------------
>>   # cat /proc/sys/net/ipv6/conf/eth0/forwarding
>>   0
>>   # ip -6 addr add 2001:db8:1:1::5/64 dev eth0
>>   # ip -6 route show table local
>>   ...
>>   local 2001:db8:1:1::5 via :: dev lo  proto none  metric 0  mtu 16436 advmss
>> 16376 hoplimit 4294967295
>>   ...
>>   # echo 1 > /proc/sys/net/ipv6/conf/eth0/forwarding 
>>   # ip -6 route show table local
>>   ...
>>   local 2001:db8:1:1:: via :: dev lo  proto none  metric 0  mtu 16436 advmss
>> 16376 hoplimit 4294967295
>>   local 2001:db8:1:1::5 via :: dev lo  proto none  metric 0  mtu 16436 advmss
>> 16376 hoplimit 4294967295
>>   ...
>> --------------------------------------------------
>> After enabling forwarding, route "2001:db8:1:1:: via :: dev lo" is added. No
>> matter, forwarding is enabled before or after adding of address, this route is
>> "on" with forwarding and "off" without it.
>> Such behavior causes problems with /127 network masks. For example:
>> --------------------------------------------------
>>   # echo 1 > /proc/sys/net/ipv6/conf/eth0/forwarding 
>>   # ip -6 addr add 2001:db8:1:1::5/127 dev eth0
>>   # ip -6 route add default via 2001:db8:1:1::4
>>   RTNETLINK answers: Invalid argument
>> --------------------------------------------------
>> But if we disable forwarding (and strange route) when adding needed route, we
>> will succeed.
>> --------------------------------------------------
>>   # echo 0 > /proc/sys/net/ipv6/conf/eth0/forwarding 
>>   # ip -6 route add default via 2001:db8:1:1::4
>>   # echo 1 > /proc/sys/net/ipv6/conf/eth0/forwarding 
>> --------------------------------------------------
>> Default route remains in the table after enabling forwarding and it is doing in
>> work. But in this case we still can not access 2001:db8:1:1::4, because it is
>> routed to loopback:
>> --------------------------------------------------
>>   # ping6 -c 1 2001:db8:1:1::4
>>   PING 2001:db8:1:1::4(2001:db8:1:1::4) 56 data bytes
>>   64 bytes from 2001:db8:1:1::5: icmp_seq=1 ttl=64 time=0.114 ms
>> --------------------------------------------------
>> We get reply from self interface.
>>
>> This was tested on x86 and x86_64 with 2.6.30 kernel and some previous versions
>> on ArchLinux (2.6.30 x86 and x86_64), Ubuntu (2.6.28-15-generic x86_64) and
>> gentoo (2.6.30-gentoo-r5 x86_64).
>>
> 
> --
> To unsubscribe from this list: send the line "unsubscribe netdev" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists