lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Mon, 17 Feb 2020 09:39:41 +0200
From:   Ido Schimmel <idosch@...sch.org>
To:     Stephen Hemminger <stephen@...workplumber.org>, dsahern@...il.com,
        rm+bko@...anrm.net
Cc:     netdev@...r.kernel.org
Subject: Re: Fw: [Bug 206523] New: Can no longer add routes while the link is
 down, RTNETLINK answers: Network is down

On Sun, Feb 16, 2020 at 09:43:07AM -0800, Stephen Hemminger wrote:
> 
> 
> Begin forwarded message:
> 
> Date: Thu, 13 Feb 2020 18:04:40 +0000
> From: bugzilla-daemon@...zilla.kernel.org
> To: stephen@...workplumber.org
> Subject: [Bug 206523] New: Can no longer add routes while the link is down, RTNETLINK answers: Network is down
> 
> 
> https://bugzilla.kernel.org/show_bug.cgi?id=206523
> 
>             Bug ID: 206523
>            Summary: Can no longer add routes while the link is down,
>                     RTNETLINK answers: Network is down
>            Product: Networking
>            Version: 2.5
>     Kernel Version: 5.4.19
>           Hardware: All
>                 OS: Linux
>               Tree: Mainline
>             Status: NEW
>           Severity: normal
>           Priority: P1
>          Component: Other
>           Assignee: stephen@...workplumber.org
>           Reporter: rm+bko@...anrm.net
>         Regression: No
> 
> Hello,
> 
> I'm upgrading my machines from kernel 4.14 to the 5.4 series, and noticed quite
> a significant behavior change, so I was wondering if this was intentional or a
> side effect of something, or a bug. It already broke my network connectivity
> for a while and required troubleshooting, to figure out that a certain script
> that I had, used to set up all routes before, and only then putting the
> interface up.
> 
> On 4.14.170 this works:
> 
> # ip link add dummy100 type dummy
> # ip route add fd99::/128 dev dummy100
> # ip -6 route | grep dummy
> fd99:: dev dummy100 metric 1024 linkdown  pref medium
> #
> 
> On 5.4.19 however:
> 
> # ip link add dummy100 type dummy
> # ip route add fd99::/128 dev dummy100
> RTNETLINK answers: Network is down
> # ip -6 route | grep dummy
> #
> 
> Sorry for not narrowing it down more precisely between 4.14 and 5.4, but I'm
> sure for the right people this will be easily either an "oh shit" or "yeah,
> that", even without any more precise version information :)

Hi,

This was added over two years ago in commit 955ec4cb3b54 ("net/ipv6: Do
not allow route add with a device that is down"), kernel 4.16

With recent iproute2 you can get extended ack from the kernel:
# ip route add fd99::/128 dev dummy10
Error: Nexthop device is not up.

IMO, it's better to keep it consistent with IPv4. We can also add a
sysctl, but I would like to avoid it if possible.

Adding David in case he has other suggestions.

Powered by blists - more mailing lists