diff options
| author | Bjoern A. Zeeb <bz@FreeBSD.org> | 2018-10-30 20:08:48 +0000 |
|---|---|---|
| committer | Bjoern A. Zeeb <bz@FreeBSD.org> | 2018-10-30 20:08:48 +0000 |
| commit | 201100c58b7ad34aab387ddecb3c96c68cf203c5 (patch) | |
| tree | b3fc0bde04dc3357dd58c84f4faf9d83c8948834 /usr.sbin/ndp | |
| parent | 9978bd996b69dc6b320efce25e9d42dbdb25ac8c (diff) | |
| download | src-201100c58b7ad34aab387ddecb3c96c68cf203c5.tar.gz src-201100c58b7ad34aab387ddecb3c96c68cf203c5.zip | |
Initial implementation of draft-ietf-6man-ipv6only-flag.
This change defines the RA "6" (IPv6-Only) flag which routers
may advertise, kernel logic to check if all routers on a link
have the flag set and accordingly update a per-interface flag.
If all routers agree that it is an IPv6-only link, ether_output_frame(),
based on the interface flag, will filter out all ETHERTYPE_IP/ARP
frames, drop them, and return EAFNOSUPPORT to upper layers.
The change also updates ndp to show the "6" flag, ifconfig to
display the IPV6_ONLY nd6 flag if set, and rtadvd to allow
announcing the flag.
Further changes to tcpdump (contrib code) are availble and will
be upstreamed.
Tested the code (slightly earlier version) with 2 FreeBSD
IPv6 routers, a FreeBSD laptop on ethernet as well as wifi,
and with Win10 and OSX clients (which did not fall over with
the "6" flag set but not understood).
We may also want to (a) implement and RX filter, and (b) over
time enahnce user space to, say, stop dhclient from running
when the interface flag is set. Also we might want to start
IPv6 before IPv4 in the future.
All the code is hidden under the EXPERIMENTAL option and not
compiled by default as the draft is a work-in-progress and
we cannot rely on the fact that IANA will assign the bits
as requested by the draft and hence they may change.
Dear 6man, you have running code.
Discussed with: Bob Hinden, Brian E Carpenter
Notes
Notes:
svn path=/head/; revision=339929
Diffstat (limited to 'usr.sbin/ndp')
| -rw-r--r-- | usr.sbin/ndp/Makefile | 7 | ||||
| -rw-r--r-- | usr.sbin/ndp/ndp.c | 3 |
2 files changed, 10 insertions, 0 deletions
diff --git a/usr.sbin/ndp/Makefile b/usr.sbin/ndp/Makefile index c2ff3090b495..52d8304a436a 100644 --- a/usr.sbin/ndp/Makefile +++ b/usr.sbin/ndp/Makefile @@ -13,6 +13,8 @@ # A PARTICULAR PURPOSE. # $FreeBSD$ +.include <src.opts.mk> + .PATH: ${SRCTOP}/contrib/tcpdump PROG= ndp @@ -22,6 +24,11 @@ SRCS= ndp.c gmt2local.c CFLAGS+= -I. -I${.CURDIR} -I${SRCTOP}/contrib/tcpdump CFLAGS+= -D_U_="" +.if ${MK_EXPERIMENTAL} != "no" +CFLAGS+= -DEXPERIMENTAL +CFLAGS+= -DDRAFT_IETF_6MAN_IPV6ONLY_FLAG +.endif + WARNS?= 3 .include <bsd.prog.mk> diff --git a/usr.sbin/ndp/ndp.c b/usr.sbin/ndp/ndp.c index 10e186d1d9f3..a006006aab3c 100644 --- a/usr.sbin/ndp/ndp.c +++ b/usr.sbin/ndp/ndp.c @@ -1096,6 +1096,9 @@ rtrlist() printf(", flags=%s%s", p->flags & ND_RA_FLAG_MANAGED ? "M" : "", p->flags & ND_RA_FLAG_OTHER ? "O" : ""); +#ifdef DRAFT_IETF_6MAN_IPV6ONLY_FLAG + printf("%s", p->flags & ND_RA_FLAG_IPV6_ONLY ? "6" : ""); +#endif rtpref = ((p->flags & ND_RA_FLAG_RTPREF_MASK) >> 3) & 0xff; printf(", pref=%s", rtpref_str[rtpref]); |