lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CACS3ZpDLpxNStsS61MV_yadERP=PDLJovp44M7e7YSBkadyC8g@mail.gmail.com>
Date:   Thu, 18 Nov 2021 15:12:57 +0200
From:   Juhamatti Kuusisaari <juhamatk@...il.com>
To:     Jeroen Massar <jeroen@...sar.ch>
Cc:     netdev@...r.kernel.org
Subject: Re: IPv6 Router Advertisement Router Preference (RFC 4191) behavior issue

On Thu, 18 Nov 2021 at 12:49, Jeroen Massar <jeroen@...sar.ch> wrote:
>
>
>
> > On 20211118, at 11:35, Juhamatti Kuusisaari <juhamatk@...il.com> wrote:
> >
> > Hello,
> >
> > I have been testing IPv6 Router Advertisement Default Router
> > Preference on 5.1X and it seems it is not honoured by the Linux
> > networking stack. Whenever a new default router preference with a
> > higher or lower preference value is received, a new default gateway is
> > added as an ECMP route in the routing table with equal weight. This is
> > a bit surprising as RFC 4191 Sec. 3.2 mentions that the higher
> > preference value should be preferred. This part seems to be missing
> > from the Linux implementation.
>
> Do watch out that there are a couple of user space tools (yes, that thing) that think that they have to handle RAs.... and thus one might get conflicts about reasoning between the kernel doing it or that user space daemon thing.

Thanks for the heads-up. AFAIK, I am not running anything extra in the
user space of the receiving node.

Here are some more details:

1) RA with pref medium is received over enp0s8 from router X at
fe80::a00:27ff:fe90:5a8a:
::1 dev lo proto kernel metric 256 pref medium
fe80::/64 dev enp0s8 proto kernel metric 256 pref medium
fe80::/64 dev enp0s3 proto kernel metric 256 pref medium
default via fe80::a00:27ff:fe90:5a8a dev enp0s8 proto ra metric 1024
expires 273sec pref medium

2) RA with pref high is received over enp0s8 from router Y at
fe80::ffff:a00:275e:85ca:
::1 dev lo proto kernel metric 256 pref medium
fe80::/64 dev enp0s8 proto kernel metric 256 pref medium
fe80::/64 dev enp0s3 proto kernel metric 256 pref medium
default proto ra metric 1024 expires 276sec pref medium
        nexthop via fe80::a00:27ff:fe90:5a8a dev enp0s8 weight 1
        nexthop via fe80::ffff:a00:275e:85ca dev enp0s8 weight 1

i.e. the default ends up as an ECMP configuration. I would have
expected it to change to a high preference route via
fe80::ffff:a00:275e:85ca only.

BR,
--
 Juhamatti

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ