nd6.c revision 1.17
1 /* $NetBSD: nd6.c,v 1.17 2000/02/06 12:49:47 itojun Exp $ */ 2 3 /* 4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the project nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 /* 33 * XXX 34 * KAME 970409 note: 35 * BSD/OS version heavily modifies this code, related to llinfo. 36 * Since we don't have BSD/OS version of net/route.c in our hand, 37 * I left the code mostly as it was in 970310. -- itojun 38 */ 39 40 #include <sys/param.h> 41 #include <sys/systm.h> 42 #include <sys/malloc.h> 43 #include <sys/mbuf.h> 44 #include <sys/socket.h> 45 #include <sys/sockio.h> 46 #include <sys/time.h> 47 #include <sys/kernel.h> 48 #include <sys/errno.h> 49 #include <sys/ioctl.h> 50 #include <sys/syslog.h> 51 #include <sys/queue.h> 52 53 #include <net/if.h> 54 #include <net/if_dl.h> 55 #include <net/if_types.h> 56 #include <net/if_atm.h> 57 #include <net/route.h> 58 59 #include <netinet/in.h> 60 #include <net/if_ether.h> 61 #include <netinet/if_inarp.h> 62 #include <net/if_fddi.h> 63 #include <netinet6/in6_var.h> 64 #include <netinet/ip6.h> 65 #include <netinet6/ip6_var.h> 66 #include <netinet6/nd6.h> 67 #include <netinet6/in6_prefix.h> 68 #include <netinet/icmp6.h> 69 70 #include "loop.h" 71 extern struct ifnet loif[NLOOP]; 72 73 #include <net/net_osdep.h> 74 75 #define ND6_SLOWTIMER_INTERVAL (60 * 60) /* 1 hour */ 76 #define ND6_RECALC_REACHTM_INTERVAL (60 * 120) /* 2 hours */ 77 78 #define SIN6(s) ((struct sockaddr_in6 *)s) 79 #define SDL(s) ((struct sockaddr_dl *)s) 80 81 /* timer values */ 82 int nd6_prune = 1; /* walk list every 1 seconds */ 83 int nd6_delay = 5; /* delay first probe time 5 second */ 84 int nd6_umaxtries = 3; /* maximum unicast query */ 85 int nd6_mmaxtries = 3; /* maximum multicast query */ 86 int nd6_useloopback = 1; /* use loopback interface for local traffic */ 87 int nd6_proxyall = 0; /* enable Proxy Neighbor Advertisement */ 88 89 /* preventing too many loops in ND option parsing */ 90 int nd6_maxndopt = 10; /* max # of ND options allowed */ 91 92 /* for debugging? */ 93 static int nd6_inuse, nd6_allocated; 94 95 struct llinfo_nd6 llinfo_nd6 = {&llinfo_nd6, &llinfo_nd6}; 96 struct nd_ifinfo *nd_ifinfo = NULL; 97 struct nd_drhead nd_defrouter; 98 struct nd_prhead nd_prefix = { 0 }; 99 100 int nd6_recalc_reachtm_interval = ND6_RECALC_REACHTM_INTERVAL; 101 static struct sockaddr_in6 all1_sa; 102 103 static void nd6_slowtimo __P((void *)); 104 105 void 106 nd6_init() 107 { 108 static int nd6_init_done = 0; 109 int i; 110 111 if (nd6_init_done) { 112 log(LOG_NOTICE, "nd6_init called more than once(ignored)\n"); 113 return; 114 } 115 116 all1_sa.sin6_family = AF_INET6; 117 all1_sa.sin6_len = sizeof(struct sockaddr_in6); 118 for (i = 0; i < sizeof(all1_sa.sin6_addr); i++) 119 all1_sa.sin6_addr.s6_addr[i] = 0xff; 120 121 /* initialization of the default router list */ 122 TAILQ_INIT(&nd_defrouter); 123 124 nd6_init_done = 1; 125 126 /* start timer */ 127 timeout(nd6_slowtimo, (caddr_t)0, ND6_SLOWTIMER_INTERVAL * hz); 128 } 129 130 void 131 nd6_ifattach(ifp) 132 struct ifnet *ifp; 133 { 134 static size_t if_indexlim = 8; 135 136 /* 137 * We have some arrays that should be indexed by if_index. 138 * since if_index will grow dynamically, they should grow too. 139 */ 140 if (nd_ifinfo == NULL || if_index >= if_indexlim) { 141 size_t n; 142 caddr_t q; 143 144 while (if_index >= if_indexlim) 145 if_indexlim <<= 1; 146 147 /* grow nd_ifinfo */ 148 n = if_indexlim * sizeof(struct nd_ifinfo); 149 q = (caddr_t)malloc(n, M_IP6NDP, M_WAITOK); 150 bzero(q, n); 151 if (nd_ifinfo) { 152 bcopy((caddr_t)nd_ifinfo, q, n/2); 153 free((caddr_t)nd_ifinfo, M_IP6NDP); 154 } 155 nd_ifinfo = (struct nd_ifinfo *)q; 156 } 157 158 #define ND nd_ifinfo[ifp->if_index] 159 ND.linkmtu = ifindex2ifnet[ifp->if_index]->if_mtu; 160 ND.chlim = IPV6_DEFHLIM; 161 ND.basereachable = REACHABLE_TIME; 162 ND.reachable = ND_COMPUTE_RTIME(ND.basereachable); 163 ND.retrans = RETRANS_TIMER; 164 ND.receivedra = 0; 165 nd6_setmtu(ifp); 166 #undef ND 167 } 168 169 /* 170 * Reset ND level link MTU. This function is called when the physical MTU 171 * changes, which means we might have to adjust the ND level MTU. 172 */ 173 void 174 nd6_setmtu(ifp) 175 struct ifnet *ifp; 176 { 177 #define MIN(a,b) ((a) < (b) ? (a) : (b)) 178 struct nd_ifinfo *ndi = &nd_ifinfo[ifp->if_index]; 179 u_long oldmaxmtu = ndi->maxmtu; 180 u_long oldlinkmtu = ndi->linkmtu; 181 182 switch(ifp->if_type) { 183 case IFT_ARCNET: /* XXX MTU handling needs more work */ 184 ndi->maxmtu = MIN(60480, ifp->if_mtu); 185 break; 186 case IFT_ETHER: 187 ndi->maxmtu = MIN(ETHERMTU, ifp->if_mtu); 188 break; 189 case IFT_ATM: 190 ndi->maxmtu = MIN(ATMMTU, ifp->if_mtu); 191 break; 192 default: 193 ndi->maxmtu = ifp->if_mtu; 194 break; 195 } 196 197 if (oldmaxmtu != ndi->maxmtu) { 198 /* 199 * If the ND level MTU is not set yet, or if the maxmtu 200 * is reset to a smaller value than the ND level MTU, 201 * also reset the ND level MTU. 202 */ 203 if (ndi->linkmtu == 0 || 204 ndi->maxmtu < ndi->linkmtu) { 205 ndi->linkmtu = ndi->maxmtu; 206 /* also adjust in6_maxmtu if necessary. */ 207 if (oldlinkmtu == 0) { 208 /* 209 * XXX: the case analysis is grotty, but 210 * it is not efficient to call in6_setmaxmtu() 211 * here when we are during the initialization 212 * procedure. 213 */ 214 if (in6_maxmtu < ndi->linkmtu) 215 in6_maxmtu = ndi->linkmtu; 216 } 217 else 218 in6_setmaxmtu(); 219 } 220 } 221 #undef MIN 222 } 223 224 void 225 nd6_option_init(opt, icmp6len, ndopts) 226 void *opt; 227 int icmp6len; 228 union nd_opts *ndopts; 229 { 230 bzero(ndopts, sizeof(*ndopts)); 231 ndopts->nd_opts_search = (struct nd_opt_hdr *)opt; 232 ndopts->nd_opts_last 233 = (struct nd_opt_hdr *)(((u_char *)opt) + icmp6len); 234 235 if (icmp6len == 0) { 236 ndopts->nd_opts_done = 1; 237 ndopts->nd_opts_search = NULL; 238 } 239 } 240 241 /* 242 * Take one ND option. 243 */ 244 struct nd_opt_hdr * 245 nd6_option(ndopts) 246 union nd_opts *ndopts; 247 { 248 struct nd_opt_hdr *nd_opt; 249 int olen; 250 251 if (!ndopts) 252 panic("ndopts == NULL in nd6_option\n"); 253 if (!ndopts->nd_opts_last) 254 panic("uninitialized ndopts in nd6_option\n"); 255 if (!ndopts->nd_opts_search) 256 return NULL; 257 if (ndopts->nd_opts_done) 258 return NULL; 259 260 nd_opt = ndopts->nd_opts_search; 261 262 olen = nd_opt->nd_opt_len << 3; 263 if (olen == 0) { 264 /* 265 * Message validation requires that all included 266 * options have a length that is greater than zero. 267 */ 268 bzero(ndopts, sizeof(*ndopts)); 269 return NULL; 270 } 271 272 ndopts->nd_opts_search = (struct nd_opt_hdr *)((caddr_t)nd_opt + olen); 273 if (!(ndopts->nd_opts_search < ndopts->nd_opts_last)) { 274 ndopts->nd_opts_done = 1; 275 ndopts->nd_opts_search = NULL; 276 } 277 return nd_opt; 278 } 279 280 /* 281 * Parse multiple ND options. 282 * This function is much easier to use, for ND routines that do not need 283 * multiple options of the same type. 284 */ 285 int 286 nd6_options(ndopts) 287 union nd_opts *ndopts; 288 { 289 struct nd_opt_hdr *nd_opt; 290 int i = 0; 291 292 if (!ndopts) 293 panic("ndopts == NULL in nd6_options\n"); 294 if (!ndopts->nd_opts_last) 295 panic("uninitialized ndopts in nd6_options\n"); 296 if (!ndopts->nd_opts_search) 297 return 0; 298 299 while (1) { 300 nd_opt = nd6_option(ndopts); 301 if (!nd_opt && !ndopts->nd_opts_last) { 302 /* 303 * Message validation requires that all included 304 * options have a length that is greater than zero. 305 */ 306 bzero(ndopts, sizeof(*ndopts)); 307 return -1; 308 } 309 310 if (!nd_opt) 311 goto skip1; 312 313 switch (nd_opt->nd_opt_type) { 314 case ND_OPT_SOURCE_LINKADDR: 315 case ND_OPT_TARGET_LINKADDR: 316 case ND_OPT_MTU: 317 case ND_OPT_REDIRECTED_HEADER: 318 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) { 319 printf("duplicated ND6 option found " 320 "(type=%d)\n", nd_opt->nd_opt_type); 321 /* XXX bark? */ 322 } else { 323 ndopts->nd_opt_array[nd_opt->nd_opt_type] 324 = nd_opt; 325 } 326 break; 327 case ND_OPT_PREFIX_INFORMATION: 328 if (ndopts->nd_opt_array[nd_opt->nd_opt_type] == 0) { 329 ndopts->nd_opt_array[nd_opt->nd_opt_type] 330 = nd_opt; 331 } 332 ndopts->nd_opts_pi_end = 333 (struct nd_opt_prefix_info *)nd_opt; 334 break; 335 default: 336 /* 337 * Unknown options must be silently ignored, 338 * to accomodate future extension to the protocol. 339 */ 340 log(LOG_INFO, 341 "nd6_options: unsupported option %d - " 342 "option ignored\n", nd_opt->nd_opt_type); 343 } 344 345 skip1: 346 i++; 347 if (i > nd6_maxndopt) { 348 icmp6stat.icp6s_nd_toomanyopt++; 349 printf("too many loop in nd opt\n"); 350 break; 351 } 352 353 if (ndopts->nd_opts_done) 354 break; 355 } 356 357 return 0; 358 } 359 360 /* 361 * ND6 timer routine to expire default route list and prefix list 362 */ 363 void 364 nd6_timer(ignored_arg) 365 void *ignored_arg; 366 { 367 int s; 368 register struct llinfo_nd6 *ln; 369 register struct nd_defrouter *dr; 370 register struct nd_prefix *pr; 371 long time_second = time.tv_sec; 372 373 s = splsoftnet(); 374 timeout(nd6_timer, (caddr_t)0, nd6_prune * hz); 375 376 ln = llinfo_nd6.ln_next; 377 /* XXX BSD/OS separates this code -- itojun */ 378 while (ln && ln != &llinfo_nd6) { 379 struct rtentry *rt; 380 struct ifnet *ifp; 381 struct sockaddr_in6 *dst; 382 struct llinfo_nd6 *next = ln->ln_next; 383 384 if ((rt = ln->ln_rt) == NULL) { 385 ln = next; 386 continue; 387 } 388 if ((ifp = rt->rt_ifp) == NULL) { 389 ln = next; 390 continue; 391 } 392 dst = (struct sockaddr_in6 *)rt_key(rt); 393 394 if (ln->ln_expire > time_second) { 395 ln = next; 396 continue; 397 } 398 399 /* sanity check */ 400 if (!rt) 401 panic("rt=0 in nd6_timer(ln=%p)\n", ln); 402 if (!dst) 403 panic("dst=0 in nd6_timer(ln=%p)\n", ln); 404 405 switch (ln->ln_state) { 406 case ND6_LLINFO_INCOMPLETE: 407 if (ln->ln_asked < nd6_mmaxtries) { 408 ln->ln_asked++; 409 ln->ln_expire = time_second + 410 nd_ifinfo[ifp->if_index].retrans / 1000; 411 nd6_ns_output(ifp, NULL, &dst->sin6_addr, 412 ln, 0); 413 } else { 414 struct mbuf *m = ln->ln_hold; 415 if (m) { 416 if (rt->rt_ifp) { 417 /* 418 * Fake rcvif to make ICMP error 419 * more helpful in diagnosing 420 * for the receiver. 421 * XXX: should we consider 422 * older rcvif? 423 */ 424 m->m_pkthdr.rcvif = rt->rt_ifp; 425 } 426 icmp6_error(m, ICMP6_DST_UNREACH, 427 ICMP6_DST_UNREACH_ADDR, 0); 428 ln->ln_hold = NULL; 429 } 430 nd6_free(rt); 431 } 432 break; 433 case ND6_LLINFO_REACHABLE: 434 if (ln->ln_expire) { 435 ln->ln_state = ND6_LLINFO_STALE; 436 } 437 break; 438 /* 439 * ND6_LLINFO_STALE state requires nothing for timer 440 * routine. 441 */ 442 case ND6_LLINFO_DELAY: 443 ln->ln_asked = 1; 444 ln->ln_state = ND6_LLINFO_PROBE; 445 ln->ln_expire = time_second + 446 nd_ifinfo[ifp->if_index].retrans / 1000; 447 nd6_ns_output(ifp, &dst->sin6_addr, &dst->sin6_addr, 448 ln, 0); 449 break; 450 451 case ND6_LLINFO_PROBE: 452 if (ln->ln_asked < nd6_umaxtries) { 453 ln->ln_asked++; 454 ln->ln_expire = time_second + 455 nd_ifinfo[ifp->if_index].retrans / 1000; 456 nd6_ns_output(ifp, &dst->sin6_addr, 457 &dst->sin6_addr, ln, 0); 458 } else { 459 nd6_free(rt); 460 } 461 break; 462 case ND6_LLINFO_WAITDELETE: 463 nd6_free(rt); 464 break; 465 } 466 ln = next; 467 } 468 469 /* expire */ 470 dr = TAILQ_FIRST(&nd_defrouter); 471 while (dr) { 472 if (dr->expire && dr->expire < time_second) { 473 struct nd_defrouter *t; 474 t = TAILQ_NEXT(dr, dr_entry); 475 defrtrlist_del(dr); 476 dr = t; 477 } else 478 dr = TAILQ_NEXT(dr, dr_entry); 479 } 480 pr = nd_prefix.lh_first; 481 while (pr) { 482 struct in6_ifaddr *ia6; 483 struct in6_addrlifetime *lt6; 484 485 if (IN6_IS_ADDR_UNSPECIFIED(&pr->ndpr_addr)) 486 ia6 = NULL; 487 else 488 ia6 = in6ifa_ifpwithaddr(pr->ndpr_ifp, &pr->ndpr_addr); 489 490 if (ia6) { 491 /* check address lifetime */ 492 lt6 = &ia6->ia6_lifetime; 493 if (lt6->ia6t_preferred && lt6->ia6t_preferred < time_second) 494 ia6->ia6_flags |= IN6_IFF_DEPRECATED; 495 if (lt6->ia6t_expire && lt6->ia6t_expire < time_second) { 496 if (!IN6_IS_ADDR_UNSPECIFIED(&pr->ndpr_addr)) 497 in6_ifdel(pr->ndpr_ifp, &pr->ndpr_addr); 498 /* xxx ND_OPT_PI_FLAG_ONLINK processing */ 499 } 500 } 501 502 /* 503 * check prefix lifetime. 504 * since pltime is just for autoconf, pltime processing for 505 * prefix is not necessary. 506 * 507 * we offset expire time by NDPR_KEEP_EXPIRE, so that we 508 * can use the old prefix information to validate the 509 * next prefix information to come. See prelist_update() 510 * for actual validation. 511 */ 512 if (pr->ndpr_expire 513 && pr->ndpr_expire + NDPR_KEEP_EXPIRED < time_second) { 514 struct nd_prefix *t; 515 t = pr->ndpr_next; 516 517 /* 518 * address expiration and prefix expiration are 519 * separate. NEVER perform in6_ifdel here. 520 */ 521 522 prelist_remove(pr); 523 pr = t; 524 } else 525 pr = pr->ndpr_next; 526 } 527 splx(s); 528 } 529 530 /* 531 * Nuke neighbor cache/prefix/default router management table, right before 532 * ifp goes away. 533 */ 534 void 535 nd6_purge(ifp) 536 struct ifnet *ifp; 537 { 538 struct llinfo_nd6 *ln, *nln; 539 struct nd_defrouter *dr, *ndr, drany; 540 struct nd_prefix *pr, *npr; 541 542 /* Nuke default router list entries toward ifp */ 543 if ((dr = TAILQ_FIRST(&nd_defrouter)) != NULL) { 544 /* 545 * The first entry of the list may be stored in 546 * the routing table, so we'll delete it later. 547 */ 548 for (dr = TAILQ_NEXT(dr, dr_entry); dr; dr = ndr) { 549 ndr = TAILQ_NEXT(dr, dr_entry); 550 if (dr->ifp == ifp) 551 defrtrlist_del(dr); 552 } 553 dr = TAILQ_FIRST(&nd_defrouter); 554 if (dr->ifp == ifp) 555 defrtrlist_del(dr); 556 } 557 558 /* Nuke prefix list entries toward ifp */ 559 for (pr = nd_prefix.lh_first; pr; pr = npr) { 560 npr = pr->ndpr_next; 561 if (pr->ndpr_ifp == ifp) { 562 if (!IN6_IS_ADDR_UNSPECIFIED(&pr->ndpr_addr)) 563 in6_ifdel(pr->ndpr_ifp, &pr->ndpr_addr); 564 prelist_remove(pr); 565 } 566 } 567 568 /* cancel default outgoing interface setting */ 569 if (nd6_defifindex == ifp->if_index) 570 nd6_setdefaultiface(0); 571 572 /* refresh default router list */ 573 bzero(&drany, sizeof(drany)); 574 defrouter_delreq(&drany, 0); 575 defrouter_select(); 576 577 /* 578 * Nuke neighbor cache entries for the ifp. 579 * Note that rt->rt_ifp may not be the same as ifp, 580 * due to KAME goto ours hack. See RTM_RESOLVE case in 581 * nd6_rtrequest(), and ip6_input()). 582 */ 583 ln = llinfo_nd6.ln_next; 584 while (ln && ln != &llinfo_nd6) { 585 struct rtentry *rt; 586 struct sockaddr_dl *sdl; 587 588 nln = ln->ln_next; 589 rt = ln->ln_rt; 590 if (rt && rt->rt_gateway && 591 rt->rt_gateway->sa_family == AF_LINK) { 592 sdl = (struct sockaddr_dl *)rt->rt_gateway; 593 if (sdl->sdl_index == ifp->if_index) 594 nd6_free(rt); 595 } 596 ln = nln; 597 } 598 599 /* 600 * Interface route will be retained by nd6_free(). Nuke it. 601 */ 602 ln = llinfo_nd6.ln_next; 603 while (ln && ln != &llinfo_nd6) { 604 struct rtentry *rt; 605 struct sockaddr_dl *sdl; 606 607 nln = ln->ln_next; 608 rt = ln->ln_rt; 609 if (rt && rt->rt_gateway && 610 rt->rt_gateway->sa_family == AF_LINK) { 611 sdl = (struct sockaddr_dl *)rt->rt_gateway; 612 if (sdl->sdl_index == ifp->if_index) { 613 rtrequest(RTM_DELETE, rt_key(rt), 614 (struct sockaddr *)0, rt_mask(rt), 0, 615 (struct rtentry **)0); 616 } 617 } 618 ln = nln; 619 } 620 } 621 622 struct rtentry * 623 nd6_lookup(addr6, create, ifp) 624 struct in6_addr *addr6; 625 int create; 626 struct ifnet *ifp; 627 { 628 struct rtentry *rt; 629 struct sockaddr_in6 sin6; 630 631 bzero(&sin6, sizeof(sin6)); 632 sin6.sin6_len = sizeof(struct sockaddr_in6); 633 sin6.sin6_family = AF_INET6; 634 sin6.sin6_addr = *addr6; 635 rt = rtalloc1((struct sockaddr *)&sin6, create); 636 if (rt && (rt->rt_flags & RTF_LLINFO) == 0) { 637 /* 638 * This is the case for the default route. 639 * If we want to create a neighbor cache for the address, we 640 * should free the route for the destination and allocate an 641 * interface route. 642 */ 643 if (create) { 644 RTFREE(rt); 645 rt = 0; 646 } 647 } 648 if (!rt) { 649 if (create && ifp) { 650 /* 651 * If no route is available and create is set, 652 * we allocate a host route for the destination 653 * and treat it like an interface route. 654 * This hack is necessary for a neighbor which can't 655 * be covered by our own prefix. 656 */ 657 struct ifaddr *ifa = 658 ifaof_ifpforaddr((struct sockaddr *)&sin6, ifp); 659 if (ifa == NULL) 660 return(NULL); 661 662 /* 663 * Create a new route. RTF_LLINFO is necessary 664 * to create a Neighbor Cache entry for the 665 * destination in nd6_rtrequest which will be 666 * called in rtequest via ifa->ifa_rtrequest. 667 */ 668 if (rtrequest(RTM_ADD, (struct sockaddr *)&sin6, 669 ifa->ifa_addr, 670 (struct sockaddr *)&all1_sa, 671 (ifa->ifa_flags | 672 RTF_HOST | RTF_LLINFO) & ~RTF_CLONING, 673 &rt)) 674 log(LOG_ERR, 675 "nd6_lookup: failed to add route for a " 676 "neighbor(%s)\n", ip6_sprintf(addr6)); 677 if (rt == NULL) 678 return(NULL); 679 if (rt->rt_llinfo) { 680 struct llinfo_nd6 *ln = 681 (struct llinfo_nd6 *)rt->rt_llinfo; 682 ln->ln_state = ND6_LLINFO_NOSTATE; 683 } 684 } 685 else 686 return(NULL); 687 } 688 rt->rt_refcnt--; 689 /* 690 * Validation for the entry. 691 * XXX: we can't use rt->rt_ifp to check for the interface, since 692 * it might be the loopback interface if the entry is for our 693 * own address on a non-loopback interface. Instead, we should 694 * use rt->rt_ifa->ifa_ifp, which would specify the REAL interface. 695 */ 696 if ((rt->rt_flags & RTF_GATEWAY) || (rt->rt_flags & RTF_LLINFO) == 0 || 697 rt->rt_gateway->sa_family != AF_LINK || 698 (ifp && rt->rt_ifa->ifa_ifp != ifp)) { 699 if (create) { 700 log(LOG_DEBUG, "nd6_lookup: failed to lookup %s (if = %s)\n", 701 ip6_sprintf(addr6), ifp ? if_name(ifp) : "unspec"); 702 /* xxx more logs... kazu */ 703 } 704 return(0); 705 } 706 return(rt); 707 } 708 709 /* 710 * Detect if a given IPv6 address identifies a neighbor on a given link. 711 * XXX: should take care of the destination of a p2p link? 712 */ 713 int 714 nd6_is_addr_neighbor(addr, ifp) 715 struct in6_addr *addr; 716 struct ifnet *ifp; 717 { 718 register struct ifaddr *ifa; 719 int i; 720 721 #define IFADDR6(a) ((((struct in6_ifaddr *)(a))->ia_addr).sin6_addr) 722 #define IFMASK6(a) ((((struct in6_ifaddr *)(a))->ia_prefixmask).sin6_addr) 723 724 /* A link-local address is always a neighbor. */ 725 if (IN6_IS_ADDR_LINKLOCAL(addr)) 726 return(1); 727 728 /* 729 * If the address matches one of our addresses, 730 * it should be a neighbor. 731 */ 732 for (ifa = ifp->if_addrlist.tqh_first; 733 ifa; 734 ifa = ifa->ifa_list.tqe_next) 735 { 736 if (ifa->ifa_addr->sa_family != AF_INET6) 737 next: continue; 738 739 for (i = 0; i < 4; i++) { 740 if ((IFADDR6(ifa).s6_addr32[i] ^ addr->s6_addr32[i]) & 741 IFMASK6(ifa).s6_addr32[i]) 742 goto next; 743 } 744 return(1); 745 } 746 747 /* 748 * Even if the address matches none of our addresses, it might be 749 * in the neighbor cache. 750 */ 751 if (nd6_lookup(addr, 0, ifp)) 752 return(1); 753 754 return(0); 755 #undef IFADDR6 756 #undef IFMASK6 757 } 758 759 /* 760 * Free an nd6 llinfo entry. 761 */ 762 void 763 nd6_free(rt) 764 struct rtentry *rt; 765 { 766 struct llinfo_nd6 *ln = (struct llinfo_nd6 *)rt->rt_llinfo; 767 struct sockaddr_dl *sdl; 768 struct in6_addr in6 = ((struct sockaddr_in6 *)rt_key(rt))->sin6_addr; 769 struct nd_defrouter *dr; 770 771 if (!ip6_forwarding && ip6_accept_rtadv) { /* XXX: too restrictive? */ 772 int s; 773 s = splsoftnet(); 774 dr = defrouter_lookup(&((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, 775 rt->rt_ifp); 776 if (ln->ln_router || dr) { 777 /* 778 * rt6_flush must be called whether or not the neighbor 779 * is in the Default Router List. 780 * See a corresponding comment in nd6_na_input(). 781 */ 782 rt6_flush(&in6, rt->rt_ifp); 783 } 784 785 if (dr) { 786 /* 787 * Unreachablity of a router might affect the default 788 * router selection and on-link detection of advertised 789 * prefixes. 790 */ 791 792 /* 793 * Temporarily fake the state to choose a new default 794 * router and to perform on-link determination of 795 * prefixes coreectly. 796 * Below the state will be set correctly, 797 * or the entry itself will be deleted. 798 */ 799 ln->ln_state = ND6_LLINFO_INCOMPLETE; 800 801 if (dr == TAILQ_FIRST(&nd_defrouter)) { 802 /* 803 * It is used as the current default router, 804 * so we have to move it to the end of the 805 * list and choose a new one. 806 * XXX: it is not very efficient if this is 807 * the only router. 808 */ 809 TAILQ_REMOVE(&nd_defrouter, dr, dr_entry); 810 TAILQ_INSERT_TAIL(&nd_defrouter, dr, dr_entry); 811 812 defrouter_select(); 813 } 814 pfxlist_onlink_check(); 815 } 816 splx(s); 817 } 818 819 if (rt->rt_refcnt > 0 && (sdl = SDL(rt->rt_gateway)) && 820 sdl->sdl_family == AF_LINK) { 821 sdl->sdl_alen = 0; 822 ln->ln_state = ND6_LLINFO_WAITDELETE; 823 ln->ln_asked = 0; 824 rt->rt_flags &= ~RTF_REJECT; 825 return; 826 } 827 828 rtrequest(RTM_DELETE, rt_key(rt), (struct sockaddr *)0, 829 rt_mask(rt), 0, (struct rtentry **)0); 830 } 831 832 /* 833 * Upper-layer reachability hint for Neighbor Unreachability Detection. 834 * 835 * XXX cost-effective metods? 836 */ 837 void 838 nd6_nud_hint(rt, dst6) 839 struct rtentry *rt; 840 struct in6_addr *dst6; 841 { 842 struct llinfo_nd6 *ln; 843 long time_second = time.tv_sec; 844 845 /* 846 * If the caller specified "rt", use that. Otherwise, resolve the 847 * routing table by supplied "dst6". 848 */ 849 if (!rt) { 850 if (!dst6) 851 return; 852 if (!(rt = nd6_lookup(dst6, 0, NULL))) 853 return; 854 } 855 856 if ((rt->rt_flags & RTF_GATEWAY) 857 || (rt->rt_flags & RTF_LLINFO) == 0 858 || !rt->rt_llinfo 859 || !rt->rt_gateway 860 || rt->rt_gateway->sa_family != AF_LINK) { 861 /* This is not a host route. */ 862 return; 863 } 864 865 ln = (struct llinfo_nd6 *)rt->rt_llinfo; 866 if (ln->ln_state == ND6_LLINFO_INCOMPLETE) 867 return; 868 869 ln->ln_state = ND6_LLINFO_REACHABLE; 870 if (ln->ln_expire) 871 ln->ln_expire = time_second + 872 nd_ifinfo[rt->rt_ifp->if_index].reachable; 873 } 874 875 #ifdef OLDIP6OUTPUT 876 /* 877 * Resolve an IP6 address into an ethernet address. If success, 878 * desten is filled in. If there is no entry in ndptab, 879 * set one up and multicast a solicitation for the IP6 address. 880 * Hold onto this mbuf and resend it once the address 881 * is finally resolved. A return value of 1 indicates 882 * that desten has been filled in and the packet should be sent 883 * normally; a 0 return indicates that the packet has been 884 * taken over here, either now or for later transmission. 885 */ 886 int 887 nd6_resolve(ifp, rt, m, dst, desten) 888 struct ifnet *ifp; 889 struct rtentry *rt; 890 struct mbuf *m; 891 struct sockaddr *dst; 892 u_char *desten; 893 { 894 struct llinfo_nd6 *ln = (struct llinfo_nd6 *)NULL; 895 struct sockaddr_dl *sdl; 896 long time_second = time.tv_sec; 897 898 if (m->m_flags & M_MCAST) { 899 switch (ifp->if_type) { 900 case IFT_ETHER: 901 case IFT_FDDI: 902 ETHER_MAP_IPV6_MULTICAST(&SIN6(dst)->sin6_addr, 903 desten); 904 return(1); 905 break; 906 case IFT_ARCNET: 907 *desten = 0; 908 return(1); 909 break; 910 default: 911 return(0); 912 } 913 } 914 if (rt && (rt->rt_flags & RTF_LLINFO) != 0) 915 ln = (struct llinfo_nd6 *)rt->rt_llinfo; 916 else { 917 if ((rt = nd6_lookup(&(SIN6(dst)->sin6_addr), 1, ifp)) != NULL) 918 ln = (struct llinfo_nd6 *)rt->rt_llinfo; 919 } 920 if (!ln || !rt) { 921 log(LOG_DEBUG, "nd6_resolve: can't allocate llinfo for %s\n", 922 ip6_sprintf(&(SIN6(dst)->sin6_addr))); 923 m_freem(m); 924 return(0); 925 } 926 sdl = SDL(rt->rt_gateway); 927 /* 928 * Ckeck the address family and length is valid, the address 929 * is resolved; otherwise, try to resolve. 930 */ 931 if (ln->ln_state >= ND6_LLINFO_REACHABLE 932 && sdl->sdl_family == AF_LINK 933 && sdl->sdl_alen != 0) { 934 bcopy(LLADDR(sdl), desten, sdl->sdl_alen); 935 if (ln->ln_state == ND6_LLINFO_STALE) { 936 ln->ln_asked = 0; 937 ln->ln_state = ND6_LLINFO_DELAY; 938 ln->ln_expire = time_second + nd6_delay; 939 } 940 return(1); 941 } 942 /* 943 * There is an ndp entry, but no ethernet address 944 * response yet. Replace the held mbuf with this 945 * latest one. 946 * 947 * XXX Does the code conform to rate-limiting rule? 948 * (RFC 2461 7.2.2) 949 */ 950 if (ln->ln_state == ND6_LLINFO_WAITDELETE || 951 ln->ln_state == ND6_LLINFO_NOSTATE) 952 ln->ln_state = ND6_LLINFO_INCOMPLETE; 953 if (ln->ln_hold) 954 m_freem(ln->ln_hold); 955 ln->ln_hold = m; 956 if (ln->ln_expire) { 957 rt->rt_flags &= ~RTF_REJECT; 958 if (ln->ln_asked < nd6_mmaxtries && 959 ln->ln_expire < time_second) { 960 ln->ln_asked++; 961 ln->ln_expire = time_second + 962 nd_ifinfo[ifp->if_index].retrans / 1000; 963 nd6_ns_output(ifp, NULL, &(SIN6(dst)->sin6_addr), 964 ln, 0); 965 } 966 } 967 return(0); 968 } 969 #endif /* OLDIP6OUTPUT */ 970 971 void 972 nd6_rtrequest(req, rt, sa) 973 int req; 974 struct rtentry *rt; 975 struct sockaddr *sa; /* xxx unused */ 976 { 977 struct sockaddr *gate = rt->rt_gateway; 978 struct llinfo_nd6 *ln = (struct llinfo_nd6 *)rt->rt_llinfo; 979 static struct sockaddr_dl null_sdl = {sizeof(null_sdl), AF_LINK}; 980 struct ifnet *ifp = rt->rt_ifp; 981 struct ifaddr *ifa; 982 long time_second = time.tv_sec; 983 984 if (rt->rt_flags & RTF_GATEWAY) 985 return; 986 987 switch (req) { 988 case RTM_ADD: 989 /* 990 * There is no backward compatibility :) 991 * 992 * if ((rt->rt_flags & RTF_HOST) == 0 && 993 * SIN(rt_mask(rt))->sin_addr.s_addr != 0xffffffff) 994 * rt->rt_flags |= RTF_CLONING; 995 */ 996 if (rt->rt_flags & RTF_CLONING || rt->rt_flags & RTF_LLINFO) { 997 /* 998 * Case 1: This route should come from 999 * a route to interface. RTF_LLINFO flag is set 1000 * for a host route whose destination should be 1001 * treated as on-link. 1002 */ 1003 rt_setgate(rt, rt_key(rt), 1004 (struct sockaddr *)&null_sdl); 1005 gate = rt->rt_gateway; 1006 SDL(gate)->sdl_type = ifp->if_type; 1007 SDL(gate)->sdl_index = ifp->if_index; 1008 if (ln) 1009 ln->ln_expire = time_second; 1010 #if 1 1011 if (ln && ln->ln_expire == 0) { 1012 /* cludge for desktops */ 1013 #if 0 1014 printf("nd6_request: time.tv_sec is zero; " 1015 "treat it as 1\n"); 1016 #endif 1017 ln->ln_expire = 1; 1018 } 1019 #endif 1020 if (rt->rt_flags & RTF_CLONING) 1021 break; 1022 } 1023 /* Announce a new entry if requested. */ 1024 if (rt->rt_flags & RTF_ANNOUNCE) 1025 nd6_na_output(ifp, 1026 &SIN6(rt_key(rt))->sin6_addr, 1027 &SIN6(rt_key(rt))->sin6_addr, 1028 ip6_forwarding ? ND_NA_FLAG_ROUTER : 0, 1029 1); 1030 /* FALLTHROUGH */ 1031 case RTM_RESOLVE: 1032 if (gate->sa_family != AF_LINK || 1033 gate->sa_len < sizeof(null_sdl)) { 1034 log(LOG_DEBUG, "nd6_rtrequest: bad gateway value\n"); 1035 break; 1036 } 1037 SDL(gate)->sdl_type = ifp->if_type; 1038 SDL(gate)->sdl_index = ifp->if_index; 1039 if (ln != 0) 1040 break; /* This happens on a route change */ 1041 /* 1042 * Case 2: This route may come from cloning, or a manual route 1043 * add with a LL address. 1044 */ 1045 R_Malloc(ln, struct llinfo_nd6 *, sizeof(*ln)); 1046 rt->rt_llinfo = (caddr_t)ln; 1047 if (!ln) { 1048 log(LOG_DEBUG, "nd6_rtrequest: malloc failed\n"); 1049 break; 1050 } 1051 nd6_inuse++; 1052 nd6_allocated++; 1053 Bzero(ln, sizeof(*ln)); 1054 ln->ln_rt = rt; 1055 /* this is required for "ndp" command. - shin */ 1056 if (req == RTM_ADD) { 1057 /* 1058 * gate should have some valid AF_LINK entry, 1059 * and ln->ln_expire should have some lifetime 1060 * which is specified by ndp command. 1061 */ 1062 ln->ln_state = ND6_LLINFO_REACHABLE; 1063 } else { 1064 /* 1065 * When req == RTM_RESOLVE, rt is created and 1066 * initialized in rtrequest(), so rt_expire is 0. 1067 */ 1068 ln->ln_state = ND6_LLINFO_NOSTATE; 1069 ln->ln_expire = time_second; 1070 } 1071 rt->rt_flags |= RTF_LLINFO; 1072 ln->ln_next = llinfo_nd6.ln_next; 1073 llinfo_nd6.ln_next = ln; 1074 ln->ln_prev = &llinfo_nd6; 1075 ln->ln_next->ln_prev = ln; 1076 1077 /* 1078 * check if rt_key(rt) is one of my address assigned 1079 * to the interface. 1080 */ 1081 ifa = (struct ifaddr *)in6ifa_ifpwithaddr(rt->rt_ifp, 1082 &SIN6(rt_key(rt))->sin6_addr); 1083 if (ifa) { 1084 caddr_t macp = nd6_ifptomac(ifp); 1085 ln->ln_expire = 0; 1086 ln->ln_state = ND6_LLINFO_REACHABLE; 1087 if (macp) { 1088 Bcopy(macp, LLADDR(SDL(gate)), ifp->if_addrlen); 1089 SDL(gate)->sdl_alen = ifp->if_addrlen; 1090 } 1091 if (nd6_useloopback) { 1092 rt->rt_ifp = &loif[0]; /*XXX*/ 1093 /* 1094 * Make sure rt_ifa be equal to the ifaddr 1095 * corresponding to the address. 1096 * We need this because when we refer 1097 * rt_ifa->ia6_flags in ip6_input, we assume 1098 * that the rt_ifa points to the address instead 1099 * of the loopback address. 1100 */ 1101 if (ifa != rt->rt_ifa) { 1102 IFAFREE(rt->rt_ifa); 1103 IFAREF(ifa); 1104 rt->rt_ifa = ifa; 1105 } 1106 } 1107 } 1108 break; 1109 1110 case RTM_DELETE: 1111 if (!ln) 1112 break; 1113 nd6_inuse--; 1114 ln->ln_next->ln_prev = ln->ln_prev; 1115 ln->ln_prev->ln_next = ln->ln_next; 1116 ln->ln_prev = NULL; 1117 rt->rt_llinfo = 0; 1118 rt->rt_flags &= ~RTF_LLINFO; 1119 if (ln->ln_hold) 1120 m_freem(ln->ln_hold); 1121 Free((caddr_t)ln); 1122 } 1123 } 1124 1125 void 1126 nd6_p2p_rtrequest(req, rt, sa) 1127 int req; 1128 struct rtentry *rt; 1129 struct sockaddr *sa; /* xxx unused */ 1130 { 1131 struct sockaddr *gate = rt->rt_gateway; 1132 static struct sockaddr_dl null_sdl = {sizeof(null_sdl), AF_LINK}; 1133 struct ifnet *ifp = rt->rt_ifp; 1134 struct ifaddr *ifa; 1135 1136 if (rt->rt_flags & RTF_GATEWAY) 1137 return; 1138 1139 switch (req) { 1140 case RTM_ADD: 1141 /* 1142 * There is no backward compatibility :) 1143 * 1144 * if ((rt->rt_flags & RTF_HOST) == 0 && 1145 * SIN(rt_mask(rt))->sin_addr.s_addr != 0xffffffff) 1146 * rt->rt_flags |= RTF_CLONING; 1147 */ 1148 if (rt->rt_flags & RTF_CLONING) { 1149 /* 1150 * Case 1: This route should come from 1151 * a route to interface. 1152 */ 1153 rt_setgate(rt, rt_key(rt), 1154 (struct sockaddr *)&null_sdl); 1155 gate = rt->rt_gateway; 1156 SDL(gate)->sdl_type = ifp->if_type; 1157 SDL(gate)->sdl_index = ifp->if_index; 1158 break; 1159 } 1160 /* Announce a new entry if requested. */ 1161 if (rt->rt_flags & RTF_ANNOUNCE) 1162 nd6_na_output(ifp, 1163 &SIN6(rt_key(rt))->sin6_addr, 1164 &SIN6(rt_key(rt))->sin6_addr, 1165 ip6_forwarding ? ND_NA_FLAG_ROUTER : 0, 1166 1); 1167 /* FALLTHROUGH */ 1168 case RTM_RESOLVE: 1169 /* 1170 * check if rt_key(rt) is one of my address assigned 1171 * to the interface. 1172 */ 1173 ifa = (struct ifaddr *)in6ifa_ifpwithaddr(rt->rt_ifp, 1174 &SIN6(rt_key(rt))->sin6_addr); 1175 if (ifa) { 1176 if (nd6_useloopback) { 1177 rt->rt_ifp = &loif[0]; /*XXX*/ 1178 } 1179 } 1180 break; 1181 } 1182 } 1183 1184 int 1185 nd6_ioctl(cmd, data, ifp) 1186 u_long cmd; 1187 caddr_t data; 1188 struct ifnet *ifp; 1189 { 1190 struct in6_drlist *drl = (struct in6_drlist *)data; 1191 struct in6_prlist *prl = (struct in6_prlist *)data; 1192 struct in6_ndireq *ndi = (struct in6_ndireq *)data; 1193 struct in6_nbrinfo *nbi = (struct in6_nbrinfo *)data; 1194 struct in6_ndifreq *ndif = (struct in6_ndifreq *)data; 1195 struct nd_defrouter *dr, any; 1196 struct nd_prefix *pr; 1197 struct rtentry *rt; 1198 int i = 0, error = 0; 1199 int s; 1200 1201 switch (cmd) { 1202 case SIOCGDRLST_IN6: 1203 bzero(drl, sizeof(*drl)); 1204 s = splsoftnet(); 1205 dr = TAILQ_FIRST(&nd_defrouter); 1206 while (dr && i < DRLSTSIZ) { 1207 drl->defrouter[i].rtaddr = dr->rtaddr; 1208 if (IN6_IS_ADDR_LINKLOCAL(&drl->defrouter[i].rtaddr)) { 1209 /* XXX: need to this hack for KAME stack */ 1210 drl->defrouter[i].rtaddr.s6_addr16[1] = 0; 1211 } 1212 else 1213 log(LOG_ERR, 1214 "default router list contains a " 1215 "non-linklocal address(%s)\n", 1216 ip6_sprintf(&drl->defrouter[i].rtaddr)); 1217 1218 drl->defrouter[i].flags = dr->flags; 1219 drl->defrouter[i].rtlifetime = dr->rtlifetime; 1220 drl->defrouter[i].expire = dr->expire; 1221 drl->defrouter[i].if_index = dr->ifp->if_index; 1222 i++; 1223 dr = TAILQ_NEXT(dr, dr_entry); 1224 } 1225 splx(s); 1226 break; 1227 case SIOCGPRLST_IN6: 1228 bzero(prl, sizeof(*prl)); 1229 s = splsoftnet(); 1230 pr = nd_prefix.lh_first; 1231 while (pr && i < PRLSTSIZ) { 1232 struct nd_pfxrouter *pfr; 1233 int j; 1234 1235 prl->prefix[i].prefix = pr->ndpr_prefix.sin6_addr; 1236 prl->prefix[i].raflags = pr->ndpr_raf; 1237 prl->prefix[i].prefixlen = pr->ndpr_plen; 1238 prl->prefix[i].vltime = pr->ndpr_vltime; 1239 prl->prefix[i].pltime = pr->ndpr_pltime; 1240 prl->prefix[i].if_index = pr->ndpr_ifp->if_index; 1241 prl->prefix[i].expire = pr->ndpr_expire; 1242 1243 pfr = pr->ndpr_advrtrs.lh_first; 1244 j = 0; 1245 while(pfr) { 1246 if (j < DRLSTSIZ) { 1247 #define RTRADDR prl->prefix[i].advrtr[j] 1248 RTRADDR = pfr->router->rtaddr; 1249 if (IN6_IS_ADDR_LINKLOCAL(&RTRADDR)) { 1250 /* XXX: hack for KAME */ 1251 RTRADDR.s6_addr16[1] = 0; 1252 } 1253 else 1254 log(LOG_ERR, 1255 "a router(%s) advertises " 1256 "a prefix with " 1257 "non-link local address\n", 1258 ip6_sprintf(&RTRADDR)); 1259 #undef RTRADDR 1260 } 1261 j++; 1262 pfr = pfr->pfr_next; 1263 } 1264 prl->prefix[i].advrtrs = j; 1265 1266 i++; 1267 pr = pr->ndpr_next; 1268 } 1269 splx(s); 1270 { 1271 struct rr_prefix *rpp; 1272 1273 for (rpp = LIST_FIRST(&rr_prefix); rpp; 1274 rpp = LIST_NEXT(rpp, rp_entry)) { 1275 if (i >= PRLSTSIZ) 1276 break; 1277 prl->prefix[i].prefix = rpp->rp_prefix.sin6_addr; 1278 prl->prefix[i].raflags = rpp->rp_raf; 1279 prl->prefix[i].prefixlen = rpp->rp_plen; 1280 prl->prefix[i].vltime = rpp->rp_vltime; 1281 prl->prefix[i].pltime = rpp->rp_pltime; 1282 prl->prefix[i].if_index = rpp->rp_ifp->if_index; 1283 prl->prefix[i].expire = rpp->rp_expire; 1284 prl->prefix[i].advrtrs = 0; 1285 i++; 1286 } 1287 } 1288 1289 break; 1290 case SIOCGIFINFO_IN6: 1291 ndi->ndi = nd_ifinfo[ifp->if_index]; 1292 break; 1293 case SIOCSNDFLUSH_IN6: /* XXX: the ioctl name is confusing... */ 1294 /* flush default router list */ 1295 /* 1296 * xxx sumikawa: should not delete route if default 1297 * route equals to the top of default router list 1298 */ 1299 bzero(&any, sizeof(any)); 1300 defrouter_delreq(&any, 0); 1301 defrouter_select(); 1302 /* xxx sumikawa: flush prefix list */ 1303 break; 1304 case SIOCSPFXFLUSH_IN6: 1305 { 1306 /* flush all the prefix advertised by routers */ 1307 struct nd_prefix *pr, *next; 1308 1309 s = splsoftnet(); 1310 for (pr = nd_prefix.lh_first; pr; pr = next) { 1311 next = pr->ndpr_next; 1312 if (!IN6_IS_ADDR_UNSPECIFIED(&pr->ndpr_addr)) 1313 in6_ifdel(pr->ndpr_ifp, &pr->ndpr_addr); 1314 prelist_remove(pr); 1315 } 1316 splx(s); 1317 break; 1318 } 1319 case SIOCSRTRFLUSH_IN6: 1320 { 1321 /* flush all the default routers */ 1322 struct nd_defrouter *dr, *next; 1323 1324 s = splsoftnet(); 1325 if ((dr = TAILQ_FIRST(&nd_defrouter)) != NULL) { 1326 /* 1327 * The first entry of the list may be stored in 1328 * the routing table, so we'll delete it later. 1329 */ 1330 for (dr = TAILQ_NEXT(dr, dr_entry); dr; dr = next) { 1331 next = TAILQ_NEXT(dr, dr_entry); 1332 defrtrlist_del(dr); 1333 } 1334 defrtrlist_del(TAILQ_FIRST(&nd_defrouter)); 1335 } 1336 splx(s); 1337 break; 1338 } 1339 case SIOCGNBRINFO_IN6: 1340 { 1341 struct llinfo_nd6 *ln; 1342 struct in6_addr nb_addr = nbi->addr; /* make local for safety */ 1343 1344 /* 1345 * XXX: KAME specific hack for scoped addresses 1346 * XXXX: for other scopes than link-local? 1347 */ 1348 if (IN6_IS_ADDR_LINKLOCAL(&nbi->addr) || 1349 IN6_IS_ADDR_MC_LINKLOCAL(&nbi->addr)) { 1350 u_int16_t *idp = (u_int16_t *)&nb_addr.s6_addr[2]; 1351 1352 if (*idp == 0) 1353 *idp = htons(ifp->if_index); 1354 } 1355 1356 s = splsoftnet(); 1357 if ((rt = nd6_lookup(&nb_addr, 0, ifp)) == NULL) { 1358 error = EINVAL; 1359 splx(s); 1360 break; 1361 } 1362 ln = (struct llinfo_nd6 *)rt->rt_llinfo; 1363 nbi->state = ln->ln_state; 1364 nbi->asked = ln->ln_asked; 1365 nbi->isrouter = ln->ln_router; 1366 nbi->expire = ln->ln_expire; 1367 splx(s); 1368 1369 break; 1370 } 1371 case SIOCGDEFIFACE_IN6: /* XXX: should be implemented as a sysctl? */ 1372 ndif->ifindex = nd6_defifindex; 1373 break; 1374 case SIOCSDEFIFACE_IN6: /* XXX: should be implemented as a sysctl? */ 1375 return(nd6_setdefaultiface(ndif->ifindex)); 1376 break; 1377 } 1378 return(error); 1379 } 1380 1381 /* 1382 * Create neighbor cache entry and cache link-layer address, 1383 * on reception of inbound ND6 packets. (RS/RA/NS/redirect) 1384 */ 1385 struct rtentry * 1386 nd6_cache_lladdr(ifp, from, lladdr, lladdrlen, type, code) 1387 struct ifnet *ifp; 1388 struct in6_addr *from; 1389 char *lladdr; 1390 int lladdrlen; 1391 int type; /* ICMP6 type */ 1392 int code; /* type dependent information */ 1393 { 1394 struct rtentry *rt = NULL; 1395 struct llinfo_nd6 *ln = NULL; 1396 int is_newentry; 1397 struct sockaddr_dl *sdl = NULL; 1398 int do_update; 1399 int olladdr; 1400 int llchange; 1401 int newstate = 0; 1402 long time_second = time.tv_sec; 1403 1404 if (!ifp) 1405 panic("ifp == NULL in nd6_cache_lladdr"); 1406 if (!from) 1407 panic("from == NULL in nd6_cache_lladdr"); 1408 1409 /* nothing must be updated for unspecified address */ 1410 if (IN6_IS_ADDR_UNSPECIFIED(from)) 1411 return NULL; 1412 1413 /* 1414 * Validation about ifp->if_addrlen and lladdrlen must be done in 1415 * the caller. 1416 * 1417 * XXX If the link does not have link-layer adderss, what should 1418 * we do? (ifp->if_addrlen == 0) 1419 * Spec says nothing in sections for RA, RS and NA. There's small 1420 * description on it in NS section (RFC 2461 7.2.3). 1421 */ 1422 1423 rt = nd6_lookup(from, 0, ifp); 1424 if (!rt) { 1425 #if 0 1426 /* nothing must be done if there's no lladdr */ 1427 if (!lladdr || !lladdrlen) 1428 return NULL; 1429 #endif 1430 1431 rt = nd6_lookup(from, 1, ifp); 1432 is_newentry = 1; 1433 } else 1434 is_newentry = 0; 1435 1436 if (!rt) 1437 return NULL; 1438 if ((rt->rt_flags & (RTF_GATEWAY | RTF_LLINFO)) != RTF_LLINFO) { 1439 fail: 1440 nd6_free(rt); 1441 return NULL; 1442 } 1443 ln = (struct llinfo_nd6 *)rt->rt_llinfo; 1444 if (!ln) 1445 goto fail; 1446 if (!rt->rt_gateway) 1447 goto fail; 1448 if (rt->rt_gateway->sa_family != AF_LINK) 1449 goto fail; 1450 sdl = SDL(rt->rt_gateway); 1451 1452 olladdr = (sdl->sdl_alen) ? 1 : 0; 1453 if (olladdr && lladdr) { 1454 if (bcmp(lladdr, LLADDR(sdl), ifp->if_addrlen)) 1455 llchange = 1; 1456 else 1457 llchange = 0; 1458 } else 1459 llchange = 0; 1460 1461 /* 1462 * newentry olladdr lladdr llchange (*=record) 1463 * 0 n n -- (1) 1464 * 0 y n -- (2) 1465 * 0 n y -- (3) * STALE 1466 * 0 y y n (4) * 1467 * 0 y y y (5) * STALE 1468 * 1 -- n -- (6) NOSTATE(= PASSIVE) 1469 * 1 -- y -- (7) * STALE 1470 */ 1471 1472 if (lladdr) { /*(3-5) and (7)*/ 1473 /* 1474 * Record source link-layer address 1475 * XXX is it dependent to ifp->if_type? 1476 */ 1477 sdl->sdl_alen = ifp->if_addrlen; 1478 bcopy(lladdr, LLADDR(sdl), ifp->if_addrlen); 1479 } 1480 1481 if (!is_newentry) { 1482 if ((!olladdr && lladdr) /*(3)*/ 1483 || (olladdr && lladdr && llchange)) { /*(5)*/ 1484 do_update = 1; 1485 newstate = ND6_LLINFO_STALE; 1486 } else /*(1-2,4)*/ 1487 do_update = 0; 1488 } else { 1489 do_update = 1; 1490 if (!lladdr) /*(6)*/ 1491 newstate = ND6_LLINFO_NOSTATE; 1492 else /*(7)*/ 1493 newstate = ND6_LLINFO_STALE; 1494 } 1495 1496 if (do_update) { 1497 /* 1498 * Update the state of the neighbor cache. 1499 */ 1500 ln->ln_state = newstate; 1501 1502 if (ln->ln_state == ND6_LLINFO_STALE) { 1503 rt->rt_flags &= ~RTF_REJECT; 1504 if (ln->ln_hold) { 1505 #ifdef OLDIP6OUTPUT 1506 (*ifp->if_output)(ifp, ln->ln_hold, 1507 rt_key(rt), rt); 1508 #else 1509 nd6_output(ifp, ln->ln_hold, 1510 (struct sockaddr_in6 *)rt_key(rt), 1511 rt); 1512 #endif 1513 ln->ln_hold = 0; 1514 } 1515 } else if (ln->ln_state == ND6_LLINFO_INCOMPLETE) { 1516 /* probe right away */ 1517 ln->ln_expire = time_second; 1518 } 1519 } 1520 1521 /* 1522 * ICMP6 type dependent behavior. 1523 * 1524 * NS: clear IsRouter if new entry 1525 * RS: clear IsRouter 1526 * RA: set IsRouter if there's lladdr 1527 * redir: clear IsRouter if new entry 1528 * 1529 * RA case, (1): 1530 * The spec says that we must set IsRouter in the following cases: 1531 * - If lladdr exist, set IsRouter. This means (1-5). 1532 * - If it is old entry (!newentry), set IsRouter. This means (7). 1533 * So, based on the spec, in (1-5) and (7) cases we must set IsRouter. 1534 * A quetion arises for (1) case. (1) case has no lladdr in the 1535 * neighbor cache, this is similar to (6). 1536 * This case is rare but we figured that we MUST NOT set IsRouter. 1537 * 1538 * newentry olladdr lladdr llchange NS RS RA redir 1539 * D R 1540 * 0 n n -- (1) c ? s 1541 * 0 y n -- (2) c s s 1542 * 0 n y -- (3) c s s 1543 * 0 y y n (4) c s s 1544 * 0 y y y (5) c s s 1545 * 1 -- n -- (6) c c c s 1546 * 1 -- y -- (7) c c s c s 1547 * 1548 * (c=clear s=set) 1549 */ 1550 switch (type & 0xff) { 1551 case ND_NEIGHBOR_SOLICIT: 1552 /* 1553 * New entry must have is_router flag cleared. 1554 */ 1555 if (is_newentry) /*(6-7)*/ 1556 ln->ln_router = 0; 1557 break; 1558 case ND_REDIRECT: 1559 /* 1560 * If the icmp is a redirect to a better router, always set the 1561 * is_router flag. Otherwise, if the entry is newly created, 1562 * clear the flag. [RFC 2461, sec 8.3] 1563 * 1564 */ 1565 if (code == ND_REDIRECT_ROUTER) 1566 ln->ln_router = 1; 1567 else if (is_newentry) /*(6-7)*/ 1568 ln->ln_router = 0; 1569 break; 1570 case ND_ROUTER_SOLICIT: 1571 /* 1572 * is_router flag must always be cleared. 1573 */ 1574 ln->ln_router = 0; 1575 break; 1576 case ND_ROUTER_ADVERT: 1577 /* 1578 * Mark an entry with lladdr as a router. 1579 */ 1580 if ((!is_newentry && (olladdr || lladdr)) /*(2-5)*/ 1581 || (is_newentry && lladdr)) { /*(7)*/ 1582 ln->ln_router = 1; 1583 } 1584 break; 1585 } 1586 1587 return rt; 1588 } 1589 1590 static void 1591 nd6_slowtimo(ignored_arg) 1592 void *ignored_arg; 1593 { 1594 int s = splsoftnet(); 1595 register int i; 1596 register struct nd_ifinfo *nd6if; 1597 1598 timeout(nd6_slowtimo, (caddr_t)0, ND6_SLOWTIMER_INTERVAL * hz); 1599 for (i = 1; i < if_index + 1; i++) { 1600 nd6if = &nd_ifinfo[i]; 1601 if (nd6if->basereachable && /* already initialized */ 1602 (nd6if->recalctm -= ND6_SLOWTIMER_INTERVAL) <= 0) { 1603 /* 1604 * Since reachable time rarely changes by router 1605 * advertisements, we SHOULD insure that a new random 1606 * value gets recomputed at least once every few hours. 1607 * (RFC 2461, 6.3.4) 1608 */ 1609 nd6if->recalctm = nd6_recalc_reachtm_interval; 1610 nd6if->reachable = ND_COMPUTE_RTIME(nd6if->basereachable); 1611 } 1612 } 1613 splx(s); 1614 } 1615 1616 #define senderr(e) { error = (e); goto bad;} 1617 int 1618 nd6_output(ifp, m0, dst, rt0) 1619 register struct ifnet *ifp; 1620 struct mbuf *m0; 1621 struct sockaddr_in6 *dst; 1622 struct rtentry *rt0; 1623 { 1624 register struct mbuf *m = m0; 1625 register struct rtentry *rt = rt0; 1626 struct llinfo_nd6 *ln = NULL; 1627 int error = 0; 1628 long time_second = time.tv_sec; 1629 1630 if (IN6_IS_ADDR_MULTICAST(&dst->sin6_addr)) 1631 goto sendpkt; 1632 1633 /* 1634 * XXX: we currently do not make neighbor cache on any interface 1635 * other than ARCnet, Ethernet and FDDI. 1636 */ 1637 switch (ifp->if_type) { 1638 case IFT_ARCNET: 1639 case IFT_ETHER: 1640 case IFT_FDDI: 1641 break; 1642 default: 1643 goto sendpkt; 1644 } 1645 1646 /* 1647 * next hop determination. This routine is derived from ether_outpout. 1648 */ 1649 if (rt) { 1650 if ((rt->rt_flags & RTF_UP) == 0) { 1651 if ((rt0 = rt = rtalloc1((struct sockaddr *)dst, 1)) != 1652 NULL) 1653 { 1654 rt->rt_refcnt--; 1655 if (rt->rt_ifp != ifp) 1656 return nd6_output(ifp, m0, dst, rt); /* XXX: loop care? */ 1657 } else 1658 senderr(EHOSTUNREACH); 1659 } 1660 if (rt->rt_flags & RTF_GATEWAY) { 1661 if (rt->rt_gwroute == 0) 1662 goto lookup; 1663 if (((rt = rt->rt_gwroute)->rt_flags & RTF_UP) == 0) { 1664 rtfree(rt); rt = rt0; 1665 lookup: rt->rt_gwroute = rtalloc1(rt->rt_gateway, 1); 1666 if ((rt = rt->rt_gwroute) == 0) 1667 senderr(EHOSTUNREACH); 1668 } 1669 } 1670 if (rt->rt_flags & RTF_REJECT) 1671 senderr(rt == rt0 ? EHOSTDOWN : EHOSTUNREACH); 1672 } 1673 1674 /* 1675 * Address resolution or Neighbor Unreachability Detection 1676 * for the next hop. 1677 * At this point, the destination of the packet must be a unicast 1678 * or an anycast address(i.e. not a multicast). 1679 */ 1680 1681 /* Look up the neighbor cache for the nexthop */ 1682 if (rt && (rt->rt_flags & RTF_LLINFO) != 0) 1683 ln = (struct llinfo_nd6 *)rt->rt_llinfo; 1684 else { 1685 if ((rt = nd6_lookup(&dst->sin6_addr, 1, ifp)) != NULL) 1686 ln = (struct llinfo_nd6 *)rt->rt_llinfo; 1687 } 1688 if (!ln || !rt) { 1689 log(LOG_DEBUG, "nd6_output: can't allocate llinfo for %s " 1690 "(ln=%p, rt=%p)\n", 1691 ip6_sprintf(&dst->sin6_addr), ln, rt); 1692 senderr(EIO); /* XXX: good error? */ 1693 } 1694 1695 1696 /* 1697 * The first time we send a packet to a neighbor whose entry is 1698 * STALE, we have to change the state to DELAY and a sets a timer to 1699 * expire in DELAY_FIRST_PROBE_TIME seconds to ensure do 1700 * neighbor unreachability detection on expiration. 1701 * (RFC 2461 7.3.3) 1702 */ 1703 if (ln->ln_state == ND6_LLINFO_STALE) { 1704 ln->ln_asked = 0; 1705 ln->ln_state = ND6_LLINFO_DELAY; 1706 ln->ln_expire = time_second + nd6_delay; 1707 } 1708 1709 /* 1710 * If the neighbor cache entry has a state other than INCOMPLETE 1711 * (i.e. its link-layer address is already reloved), just 1712 * send the packet. 1713 */ 1714 if (ln->ln_state > ND6_LLINFO_INCOMPLETE) 1715 goto sendpkt; 1716 1717 /* 1718 * There is a neighbor cache entry, but no ethernet address 1719 * response yet. Replace the held mbuf (if any) with this 1720 * latest one. 1721 * 1722 * XXX Does the code conform to rate-limiting rule? 1723 * (RFC 2461 7.2.2) 1724 */ 1725 if (ln->ln_state == ND6_LLINFO_WAITDELETE || 1726 ln->ln_state == ND6_LLINFO_NOSTATE) 1727 ln->ln_state = ND6_LLINFO_INCOMPLETE; 1728 if (ln->ln_hold) 1729 m_freem(ln->ln_hold); 1730 ln->ln_hold = m; 1731 if (ln->ln_expire) { 1732 rt->rt_flags &= ~RTF_REJECT; 1733 if (ln->ln_asked < nd6_mmaxtries && 1734 ln->ln_expire < time_second) { 1735 ln->ln_asked++; 1736 ln->ln_expire = time_second + 1737 nd_ifinfo[ifp->if_index].retrans / 1000; 1738 nd6_ns_output(ifp, NULL, &dst->sin6_addr, ln, 0); 1739 } 1740 } 1741 return(0); 1742 1743 sendpkt: 1744 return((*ifp->if_output)(ifp, m, (struct sockaddr *)dst, rt)); 1745 1746 bad: 1747 if (m) 1748 m_freem(m); 1749 return (error); 1750 } 1751 #undef senderr 1752 1753 int 1754 nd6_storelladdr(ifp, rt, m, dst, desten) 1755 struct ifnet *ifp; 1756 struct rtentry *rt; 1757 struct mbuf *m; 1758 struct sockaddr *dst; 1759 u_char *desten; 1760 { 1761 struct sockaddr_dl *sdl; 1762 1763 if (m->m_flags & M_MCAST) { 1764 switch (ifp->if_type) { 1765 case IFT_ETHER: 1766 case IFT_FDDI: 1767 ETHER_MAP_IPV6_MULTICAST(&SIN6(dst)->sin6_addr, 1768 desten); 1769 return(1); 1770 break; 1771 case IFT_ARCNET: 1772 *desten = 0; 1773 return(1); 1774 default: 1775 return(0); 1776 } 1777 } 1778 1779 if (rt == NULL || 1780 rt->rt_gateway->sa_family != AF_LINK) { 1781 printf("nd6_storelladdr: something odd happens\n"); 1782 return(0); 1783 } 1784 sdl = SDL(rt->rt_gateway); 1785 if (sdl->sdl_alen != 0) 1786 bcopy(LLADDR(sdl), desten, sdl->sdl_alen); 1787 1788 return(1); 1789 } 1790
Indexes created Tue Sep 23 23:09:58 GMT 2025