nd6.c revision 1.26
1 /* $NetBSD: nd6.c,v 1.26 2000/04/16 15:28:00 itojun Exp $ */ 2 /* $KAME: nd6.c,v 1.55 2000/04/16 14:08:30 itojun Exp $ */ 3 4 /* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 /* 34 * XXX 35 * KAME 970409 note: 36 * BSD/OS version heavily modifies this code, related to llinfo. 37 * Since we don't have BSD/OS version of net/route.c in our hand, 38 * I left the code mostly as it was in 970310. -- itojun 39 */ 40 41 #include <sys/param.h> 42 #include <sys/systm.h> 43 #include <sys/callout.h> 44 #include <sys/malloc.h> 45 #include <sys/mbuf.h> 46 #include <sys/socket.h> 47 #include <sys/sockio.h> 48 #include <sys/time.h> 49 #include <sys/kernel.h> 50 #include <sys/protosw.h> 51 #include <sys/errno.h> 52 #include <sys/ioctl.h> 53 #include <sys/syslog.h> 54 #include <sys/queue.h> 55 56 #include <net/if.h> 57 #include <net/if_dl.h> 58 #include <net/if_types.h> 59 #include <net/if_atm.h> 60 #include <net/route.h> 61 62 #include <netinet/in.h> 63 #include <net/if_ether.h> 64 #include <netinet/if_inarp.h> 65 #include <net/if_fddi.h> 66 #include <netinet6/in6_var.h> 67 #include <netinet/ip6.h> 68 #include <netinet6/ip6_var.h> 69 #include <netinet6/nd6.h> 70 #include <netinet6/in6_prefix.h> 71 #include <netinet/icmp6.h> 72 73 #include "loop.h" 74 extern struct ifnet loif[NLOOP]; 75 76 #include <net/net_osdep.h> 77 78 #define ND6_SLOWTIMER_INTERVAL (60 * 60) /* 1 hour */ 79 #define ND6_RECALC_REACHTM_INTERVAL (60 * 120) /* 2 hours */ 80 81 #define SIN6(s) ((struct sockaddr_in6 *)s) 82 #define SDL(s) ((struct sockaddr_dl *)s) 83 84 /* timer values */ 85 int nd6_prune = 1; /* walk list every 1 seconds */ 86 int nd6_delay = 5; /* delay first probe time 5 second */ 87 int nd6_umaxtries = 3; /* maximum unicast query */ 88 int nd6_mmaxtries = 3; /* maximum multicast query */ 89 int nd6_useloopback = 1; /* use loopback interface for local traffic */ 90 91 /* preventing too many loops in ND option parsing */ 92 int nd6_maxndopt = 10; /* max # of ND options allowed */ 93 94 /* for debugging? */ 95 static int nd6_inuse, nd6_allocated; 96 97 struct llinfo_nd6 llinfo_nd6 = {&llinfo_nd6, &llinfo_nd6}; 98 struct nd_ifinfo *nd_ifinfo = NULL; 99 struct nd_drhead nd_defrouter; 100 struct nd_prhead nd_prefix = { 0 }; 101 102 int nd6_recalc_reachtm_interval = ND6_RECALC_REACHTM_INTERVAL; 103 static struct sockaddr_in6 all1_sa; 104 105 static void nd6_slowtimo __P((void *)); 106 107 struct callout nd6_slowtimo_ch; 108 struct callout nd6_timer_ch; 109 110 void 111 nd6_init() 112 { 113 static int nd6_init_done = 0; 114 int i; 115 116 if (nd6_init_done) { 117 log(LOG_NOTICE, "nd6_init called more than once(ignored)\n"); 118 return; 119 } 120 121 all1_sa.sin6_family = AF_INET6; 122 all1_sa.sin6_len = sizeof(struct sockaddr_in6); 123 for (i = 0; i < sizeof(all1_sa.sin6_addr); i++) 124 all1_sa.sin6_addr.s6_addr[i] = 0xff; 125 126 /* initialization of the default router list */ 127 TAILQ_INIT(&nd_defrouter); 128 129 nd6_init_done = 1; 130 131 /* start timer */ 132 callout_reset(&nd6_slowtimo_ch, ND6_SLOWTIMER_INTERVAL * hz, 133 nd6_slowtimo, NULL); 134 } 135 136 void 137 nd6_ifattach(ifp) 138 struct ifnet *ifp; 139 { 140 static size_t if_indexlim = 8; 141 142 /* 143 * We have some arrays that should be indexed by if_index. 144 * since if_index will grow dynamically, they should grow too. 145 */ 146 if (nd_ifinfo == NULL || if_index >= if_indexlim) { 147 size_t n; 148 caddr_t q; 149 150 while (if_index >= if_indexlim) 151 if_indexlim <<= 1; 152 153 /* grow nd_ifinfo */ 154 n = if_indexlim * sizeof(struct nd_ifinfo); 155 q = (caddr_t)malloc(n, M_IP6NDP, M_WAITOK); 156 bzero(q, n); 157 if (nd_ifinfo) { 158 bcopy((caddr_t)nd_ifinfo, q, n/2); 159 free((caddr_t)nd_ifinfo, M_IP6NDP); 160 } 161 nd_ifinfo = (struct nd_ifinfo *)q; 162 } 163 164 #define ND nd_ifinfo[ifp->if_index] 165 166 /* don't initialize if called twice */ 167 if (ND.linkmtu) 168 return; 169 170 ND.linkmtu = ifindex2ifnet[ifp->if_index]->if_mtu; 171 ND.chlim = IPV6_DEFHLIM; 172 ND.basereachable = REACHABLE_TIME; 173 ND.reachable = ND_COMPUTE_RTIME(ND.basereachable); 174 ND.retrans = RETRANS_TIMER; 175 ND.receivedra = 0; 176 ND.flags = ND6_IFF_PERFORMNUD; 177 nd6_setmtu(ifp); 178 #undef ND 179 } 180 181 /* 182 * Reset ND level link MTU. This function is called when the physical MTU 183 * changes, which means we might have to adjust the ND level MTU. 184 */ 185 void 186 nd6_setmtu(ifp) 187 struct ifnet *ifp; 188 { 189 #define MIN(a,b) ((a) < (b) ? (a) : (b)) 190 struct nd_ifinfo *ndi = &nd_ifinfo[ifp->if_index]; 191 u_long oldmaxmtu = ndi->maxmtu; 192 u_long oldlinkmtu = ndi->linkmtu; 193 194 switch(ifp->if_type) { 195 case IFT_ARCNET: /* XXX MTU handling needs more work */ 196 ndi->maxmtu = MIN(60480, ifp->if_mtu); 197 break; 198 case IFT_ETHER: 199 ndi->maxmtu = MIN(ETHERMTU, ifp->if_mtu); 200 break; 201 case IFT_ATM: 202 ndi->maxmtu = MIN(ATMMTU, ifp->if_mtu); 203 break; 204 default: 205 ndi->maxmtu = ifp->if_mtu; 206 break; 207 } 208 209 if (oldmaxmtu != ndi->maxmtu) { 210 /* 211 * If the ND level MTU is not set yet, or if the maxmtu 212 * is reset to a smaller value than the ND level MTU, 213 * also reset the ND level MTU. 214 */ 215 if (ndi->linkmtu == 0 || 216 ndi->maxmtu < ndi->linkmtu) { 217 ndi->linkmtu = ndi->maxmtu; 218 /* also adjust in6_maxmtu if necessary. */ 219 if (oldlinkmtu == 0) { 220 /* 221 * XXX: the case analysis is grotty, but 222 * it is not efficient to call in6_setmaxmtu() 223 * here when we are during the initialization 224 * procedure. 225 */ 226 if (in6_maxmtu < ndi->linkmtu) 227 in6_maxmtu = ndi->linkmtu; 228 } 229 else 230 in6_setmaxmtu(); 231 } 232 } 233 #undef MIN 234 } 235 236 void 237 nd6_option_init(opt, icmp6len, ndopts) 238 void *opt; 239 int icmp6len; 240 union nd_opts *ndopts; 241 { 242 bzero(ndopts, sizeof(*ndopts)); 243 ndopts->nd_opts_search = (struct nd_opt_hdr *)opt; 244 ndopts->nd_opts_last 245 = (struct nd_opt_hdr *)(((u_char *)opt) + icmp6len); 246 247 if (icmp6len == 0) { 248 ndopts->nd_opts_done = 1; 249 ndopts->nd_opts_search = NULL; 250 } 251 } 252 253 /* 254 * Take one ND option. 255 */ 256 struct nd_opt_hdr * 257 nd6_option(ndopts) 258 union nd_opts *ndopts; 259 { 260 struct nd_opt_hdr *nd_opt; 261 int olen; 262 263 if (!ndopts) 264 panic("ndopts == NULL in nd6_option\n"); 265 if (!ndopts->nd_opts_last) 266 panic("uninitialized ndopts in nd6_option\n"); 267 if (!ndopts->nd_opts_search) 268 return NULL; 269 if (ndopts->nd_opts_done) 270 return NULL; 271 272 nd_opt = ndopts->nd_opts_search; 273 274 olen = nd_opt->nd_opt_len << 3; 275 if (olen == 0) { 276 /* 277 * Message validation requires that all included 278 * options have a length that is greater than zero. 279 */ 280 bzero(ndopts, sizeof(*ndopts)); 281 return NULL; 282 } 283 284 ndopts->nd_opts_search = (struct nd_opt_hdr *)((caddr_t)nd_opt + olen); 285 if (!(ndopts->nd_opts_search < ndopts->nd_opts_last)) { 286 ndopts->nd_opts_done = 1; 287 ndopts->nd_opts_search = NULL; 288 } 289 return nd_opt; 290 } 291 292 /* 293 * Parse multiple ND options. 294 * This function is much easier to use, for ND routines that do not need 295 * multiple options of the same type. 296 */ 297 int 298 nd6_options(ndopts) 299 union nd_opts *ndopts; 300 { 301 struct nd_opt_hdr *nd_opt; 302 int i = 0; 303 304 if (!ndopts) 305 panic("ndopts == NULL in nd6_options\n"); 306 if (!ndopts->nd_opts_last) 307 panic("uninitialized ndopts in nd6_options\n"); 308 if (!ndopts->nd_opts_search) 309 return 0; 310 311 while (1) { 312 nd_opt = nd6_option(ndopts); 313 if (!nd_opt && !ndopts->nd_opts_last) { 314 /* 315 * Message validation requires that all included 316 * options have a length that is greater than zero. 317 */ 318 bzero(ndopts, sizeof(*ndopts)); 319 return -1; 320 } 321 322 if (!nd_opt) 323 goto skip1; 324 325 switch (nd_opt->nd_opt_type) { 326 case ND_OPT_SOURCE_LINKADDR: 327 case ND_OPT_TARGET_LINKADDR: 328 case ND_OPT_MTU: 329 case ND_OPT_REDIRECTED_HEADER: 330 if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) { 331 printf("duplicated ND6 option found " 332 "(type=%d)\n", nd_opt->nd_opt_type); 333 /* XXX bark? */ 334 } else { 335 ndopts->nd_opt_array[nd_opt->nd_opt_type] 336 = nd_opt; 337 } 338 break; 339 case ND_OPT_PREFIX_INFORMATION: 340 if (ndopts->nd_opt_array[nd_opt->nd_opt_type] == 0) { 341 ndopts->nd_opt_array[nd_opt->nd_opt_type] 342 = nd_opt; 343 } 344 ndopts->nd_opts_pi_end = 345 (struct nd_opt_prefix_info *)nd_opt; 346 break; 347 default: 348 /* 349 * Unknown options must be silently ignored, 350 * to accomodate future extension to the protocol. 351 */ 352 log(LOG_DEBUG, 353 "nd6_options: unsupported option %d - " 354 "option ignored\n", nd_opt->nd_opt_type); 355 } 356 357 skip1: 358 i++; 359 if (i > nd6_maxndopt) { 360 icmp6stat.icp6s_nd_toomanyopt++; 361 printf("too many loop in nd opt\n"); 362 break; 363 } 364 365 if (ndopts->nd_opts_done) 366 break; 367 } 368 369 return 0; 370 } 371 372 /* 373 * ND6 timer routine to expire default route list and prefix list 374 */ 375 void 376 nd6_timer(ignored_arg) 377 void *ignored_arg; 378 { 379 int s; 380 register struct llinfo_nd6 *ln; 381 register struct nd_defrouter *dr; 382 register struct nd_prefix *pr; 383 long time_second = time.tv_sec; 384 385 s = splsoftnet(); 386 callout_reset(&nd6_timer_ch, nd6_prune * hz, 387 nd6_timer, NULL); 388 389 ln = llinfo_nd6.ln_next; 390 /* XXX BSD/OS separates this code -- itojun */ 391 while (ln && ln != &llinfo_nd6) { 392 struct rtentry *rt; 393 struct ifnet *ifp; 394 struct sockaddr_in6 *dst; 395 struct llinfo_nd6 *next = ln->ln_next; 396 /* XXX: used for the DELAY case only: */ 397 struct nd_ifinfo *ndi = NULL; 398 399 if ((rt = ln->ln_rt) == NULL) { 400 ln = next; 401 continue; 402 } 403 if ((ifp = rt->rt_ifp) == NULL) { 404 ln = next; 405 continue; 406 } 407 ndi = &nd_ifinfo[ifp->if_index]; 408 dst = (struct sockaddr_in6 *)rt_key(rt); 409 410 if (ln->ln_expire > time_second) { 411 ln = next; 412 continue; 413 } 414 415 /* sanity check */ 416 if (!rt) 417 panic("rt=0 in nd6_timer(ln=%p)\n", ln); 418 if (rt->rt_llinfo && (struct llinfo_nd6 *)rt->rt_llinfo != ln) 419 panic("rt_llinfo(%p) is not equal to ln(%p)\n", 420 rt->rt_llinfo, ln); 421 if (!dst) 422 panic("dst=0 in nd6_timer(ln=%p)\n", ln); 423 424 switch (ln->ln_state) { 425 case ND6_LLINFO_INCOMPLETE: 426 if (ln->ln_asked < nd6_mmaxtries) { 427 ln->ln_asked++; 428 ln->ln_expire = time_second + 429 nd_ifinfo[ifp->if_index].retrans / 1000; 430 nd6_ns_output(ifp, NULL, &dst->sin6_addr, 431 ln, 0); 432 } else { 433 struct mbuf *m = ln->ln_hold; 434 if (m) { 435 if (rt->rt_ifp) { 436 /* 437 * Fake rcvif to make ICMP error 438 * more helpful in diagnosing 439 * for the receiver. 440 * XXX: should we consider 441 * older rcvif? 442 */ 443 m->m_pkthdr.rcvif = rt->rt_ifp; 444 } 445 icmp6_error(m, ICMP6_DST_UNREACH, 446 ICMP6_DST_UNREACH_ADDR, 0); 447 ln->ln_hold = NULL; 448 } 449 nd6_free(rt); 450 } 451 break; 452 case ND6_LLINFO_REACHABLE: 453 if (ln->ln_expire) 454 ln->ln_state = ND6_LLINFO_STALE; 455 break; 456 /* 457 * ND6_LLINFO_STALE state requires nothing for timer 458 * routine. 459 */ 460 case ND6_LLINFO_DELAY: 461 if (ndi && (ndi->flags & ND6_IFF_PERFORMNUD) != 0) { 462 /* We need NUD */ 463 ln->ln_asked = 1; 464 ln->ln_state = ND6_LLINFO_PROBE; 465 ln->ln_expire = time_second + 466 ndi->retrans / 1000; 467 nd6_ns_output(ifp, &dst->sin6_addr, 468 &dst->sin6_addr, 469 ln, 0); 470 } 471 else 472 ln->ln_state = ND6_LLINFO_STALE; /* XXX */ 473 break; 474 case ND6_LLINFO_PROBE: 475 if (ln->ln_asked < nd6_umaxtries) { 476 ln->ln_asked++; 477 ln->ln_expire = time_second + 478 nd_ifinfo[ifp->if_index].retrans / 1000; 479 nd6_ns_output(ifp, &dst->sin6_addr, 480 &dst->sin6_addr, ln, 0); 481 } else { 482 nd6_free(rt); 483 } 484 break; 485 case ND6_LLINFO_WAITDELETE: 486 nd6_free(rt); 487 break; 488 } 489 ln = next; 490 } 491 492 /* expire */ 493 dr = TAILQ_FIRST(&nd_defrouter); 494 while (dr) { 495 if (dr->expire && dr->expire < time_second) { 496 struct nd_defrouter *t; 497 t = TAILQ_NEXT(dr, dr_entry); 498 defrtrlist_del(dr); 499 dr = t; 500 } else 501 dr = TAILQ_NEXT(dr, dr_entry); 502 } 503 pr = nd_prefix.lh_first; 504 while (pr) { 505 struct in6_ifaddr *ia6; 506 struct in6_addrlifetime *lt6; 507 508 if (IN6_IS_ADDR_UNSPECIFIED(&pr->ndpr_addr)) 509 ia6 = NULL; 510 else 511 ia6 = in6ifa_ifpwithaddr(pr->ndpr_ifp, &pr->ndpr_addr); 512 513 if (ia6) { 514 /* check address lifetime */ 515 lt6 = &ia6->ia6_lifetime; 516 if (lt6->ia6t_preferred && lt6->ia6t_preferred < time_second) 517 ia6->ia6_flags |= IN6_IFF_DEPRECATED; 518 if (lt6->ia6t_expire && lt6->ia6t_expire < time_second) { 519 if (!IN6_IS_ADDR_UNSPECIFIED(&pr->ndpr_addr)) 520 in6_ifdel(pr->ndpr_ifp, &pr->ndpr_addr); 521 /* xxx ND_OPT_PI_FLAG_ONLINK processing */ 522 } 523 } 524 525 /* 526 * check prefix lifetime. 527 * since pltime is just for autoconf, pltime processing for 528 * prefix is not necessary. 529 * 530 * we offset expire time by NDPR_KEEP_EXPIRE, so that we 531 * can use the old prefix information to validate the 532 * next prefix information to come. See prelist_update() 533 * for actual validation. 534 */ 535 if (pr->ndpr_expire 536 && pr->ndpr_expire + NDPR_KEEP_EXPIRED < time_second) { 537 struct nd_prefix *t; 538 t = pr->ndpr_next; 539 540 /* 541 * address expiration and prefix expiration are 542 * separate. NEVER perform in6_ifdel here. 543 */ 544 545 prelist_remove(pr); 546 pr = t; 547 } else 548 pr = pr->ndpr_next; 549 } 550 splx(s); 551 } 552 553 /* 554 * Nuke neighbor cache/prefix/default router management table, right before 555 * ifp goes away. 556 */ 557 void 558 nd6_purge(ifp) 559 struct ifnet *ifp; 560 { 561 struct llinfo_nd6 *ln, *nln; 562 struct nd_defrouter *dr, *ndr, drany; 563 struct nd_prefix *pr, *npr; 564 565 /* Nuke default router list entries toward ifp */ 566 if ((dr = TAILQ_FIRST(&nd_defrouter)) != NULL) { 567 /* 568 * The first entry of the list may be stored in 569 * the routing table, so we'll delete it later. 570 */ 571 for (dr = TAILQ_NEXT(dr, dr_entry); dr; dr = ndr) { 572 ndr = TAILQ_NEXT(dr, dr_entry); 573 if (dr->ifp == ifp) 574 defrtrlist_del(dr); 575 } 576 dr = TAILQ_FIRST(&nd_defrouter); 577 if (dr->ifp == ifp) 578 defrtrlist_del(dr); 579 } 580 581 /* Nuke prefix list entries toward ifp */ 582 for (pr = nd_prefix.lh_first; pr; pr = npr) { 583 npr = pr->ndpr_next; 584 if (pr->ndpr_ifp == ifp) { 585 if (!IN6_IS_ADDR_UNSPECIFIED(&pr->ndpr_addr)) 586 in6_ifdel(pr->ndpr_ifp, &pr->ndpr_addr); 587 prelist_remove(pr); 588 } 589 } 590 591 /* cancel default outgoing interface setting */ 592 if (nd6_defifindex == ifp->if_index) 593 nd6_setdefaultiface(0); 594 595 /* refresh default router list */ 596 bzero(&drany, sizeof(drany)); 597 defrouter_delreq(&drany, 0); 598 defrouter_select(); 599 600 /* 601 * Nuke neighbor cache entries for the ifp. 602 * Note that rt->rt_ifp may not be the same as ifp, 603 * due to KAME goto ours hack. See RTM_RESOLVE case in 604 * nd6_rtrequest(), and ip6_input(). 605 */ 606 ln = llinfo_nd6.ln_next; 607 while (ln && ln != &llinfo_nd6) { 608 struct rtentry *rt; 609 struct sockaddr_dl *sdl; 610 611 nln = ln->ln_next; 612 rt = ln->ln_rt; 613 if (rt && rt->rt_gateway && 614 rt->rt_gateway->sa_family == AF_LINK) { 615 sdl = (struct sockaddr_dl *)rt->rt_gateway; 616 if (sdl->sdl_index == ifp->if_index) 617 nd6_free(rt); 618 } 619 ln = nln; 620 } 621 622 /* 623 * Neighbor cache entry for interface route will be retained 624 * with ND6_LLINFO_WAITDELETE state, by nd6_free(). Nuke it. 625 */ 626 ln = llinfo_nd6.ln_next; 627 while (ln && ln != &llinfo_nd6) { 628 struct rtentry *rt; 629 struct sockaddr_dl *sdl; 630 631 nln = ln->ln_next; 632 rt = ln->ln_rt; 633 if (rt && rt->rt_gateway && 634 rt->rt_gateway->sa_family == AF_LINK) { 635 sdl = (struct sockaddr_dl *)rt->rt_gateway; 636 if (sdl->sdl_index == ifp->if_index) { 637 rtrequest(RTM_DELETE, rt_key(rt), 638 (struct sockaddr *)0, rt_mask(rt), 0, 639 (struct rtentry **)0); 640 } 641 } 642 ln = nln; 643 } 644 } 645 646 struct rtentry * 647 nd6_lookup(addr6, create, ifp) 648 struct in6_addr *addr6; 649 int create; 650 struct ifnet *ifp; 651 { 652 struct rtentry *rt; 653 struct sockaddr_in6 sin6; 654 655 bzero(&sin6, sizeof(sin6)); 656 sin6.sin6_len = sizeof(struct sockaddr_in6); 657 sin6.sin6_family = AF_INET6; 658 sin6.sin6_addr = *addr6; 659 rt = rtalloc1((struct sockaddr *)&sin6, create); 660 if (rt && (rt->rt_flags & RTF_LLINFO) == 0) { 661 /* 662 * This is the case for the default route. 663 * If we want to create a neighbor cache for the address, we 664 * should free the route for the destination and allocate an 665 * interface route. 666 */ 667 if (create) { 668 RTFREE(rt); 669 rt = 0; 670 } 671 } 672 if (!rt) { 673 if (create && ifp) { 674 int e; 675 676 /* 677 * If no route is available and create is set, 678 * we allocate a host route for the destination 679 * and treat it like an interface route. 680 * This hack is necessary for a neighbor which can't 681 * be covered by our own prefix. 682 */ 683 struct ifaddr *ifa = 684 ifaof_ifpforaddr((struct sockaddr *)&sin6, ifp); 685 if (ifa == NULL) 686 return(NULL); 687 688 /* 689 * Create a new route. RTF_LLINFO is necessary 690 * to create a Neighbor Cache entry for the 691 * destination in nd6_rtrequest which will be 692 * called in rtequest via ifa->ifa_rtrequest. 693 */ 694 if ((e = rtrequest(RTM_ADD, (struct sockaddr *)&sin6, 695 ifa->ifa_addr, 696 (struct sockaddr *)&all1_sa, 697 (ifa->ifa_flags | 698 RTF_HOST | RTF_LLINFO) & 699 ~RTF_CLONING, 700 &rt)) != 0) 701 log(LOG_ERR, 702 "nd6_lookup: failed to add route for a " 703 "neighbor(%s), errno=%d\n", 704 ip6_sprintf(addr6), e); 705 if (rt == NULL) 706 return(NULL); 707 if (rt->rt_llinfo) { 708 struct llinfo_nd6 *ln = 709 (struct llinfo_nd6 *)rt->rt_llinfo; 710 ln->ln_state = ND6_LLINFO_NOSTATE; 711 } 712 } 713 else 714 return(NULL); 715 } 716 rt->rt_refcnt--; 717 /* 718 * Validation for the entry. 719 * XXX: we can't use rt->rt_ifp to check for the interface, since 720 * it might be the loopback interface if the entry is for our 721 * own address on a non-loopback interface. Instead, we should 722 * use rt->rt_ifa->ifa_ifp, which would specify the REAL interface. 723 */ 724 if ((rt->rt_flags & RTF_GATEWAY) || (rt->rt_flags & RTF_LLINFO) == 0 || 725 rt->rt_gateway->sa_family != AF_LINK || 726 (ifp && rt->rt_ifa->ifa_ifp != ifp)) { 727 if (create) { 728 log(LOG_DEBUG, "nd6_lookup: failed to lookup %s (if = %s)\n", 729 ip6_sprintf(addr6), ifp ? if_name(ifp) : "unspec"); 730 /* xxx more logs... kazu */ 731 } 732 return(0); 733 } 734 return(rt); 735 } 736 737 /* 738 * Detect if a given IPv6 address identifies a neighbor on a given link. 739 * XXX: should take care of the destination of a p2p link? 740 */ 741 int 742 nd6_is_addr_neighbor(addr, ifp) 743 struct in6_addr *addr; 744 struct ifnet *ifp; 745 { 746 register struct ifaddr *ifa; 747 int i; 748 749 #define IFADDR6(a) ((((struct in6_ifaddr *)(a))->ia_addr).sin6_addr) 750 #define IFMASK6(a) ((((struct in6_ifaddr *)(a))->ia_prefixmask).sin6_addr) 751 752 /* A link-local address is always a neighbor. */ 753 if (IN6_IS_ADDR_LINKLOCAL(addr)) 754 return(1); 755 756 /* 757 * If the address matches one of our addresses, 758 * it should be a neighbor. 759 */ 760 for (ifa = ifp->if_addrlist.tqh_first; 761 ifa; 762 ifa = ifa->ifa_list.tqe_next) 763 { 764 if (ifa->ifa_addr->sa_family != AF_INET6) 765 next: continue; 766 767 for (i = 0; i < 4; i++) { 768 if ((IFADDR6(ifa).s6_addr32[i] ^ addr->s6_addr32[i]) & 769 IFMASK6(ifa).s6_addr32[i]) 770 goto next; 771 } 772 return(1); 773 } 774 775 /* 776 * Even if the address matches none of our addresses, it might be 777 * in the neighbor cache. 778 */ 779 if (nd6_lookup(addr, 0, ifp)) 780 return(1); 781 782 return(0); 783 #undef IFADDR6 784 #undef IFMASK6 785 } 786 787 /* 788 * Free an nd6 llinfo entry. 789 */ 790 void 791 nd6_free(rt) 792 struct rtentry *rt; 793 { 794 struct llinfo_nd6 *ln = (struct llinfo_nd6 *)rt->rt_llinfo; 795 struct sockaddr_dl *sdl; 796 struct in6_addr in6 = ((struct sockaddr_in6 *)rt_key(rt))->sin6_addr; 797 struct nd_defrouter *dr; 798 799 /* 800 * Clear all destination cache entries for the neighbor. 801 * XXX: is it better to restrict this to hosts? 802 */ 803 pfctlinput(PRC_HOSTDEAD, rt_key(rt)); 804 805 if (!ip6_forwarding && ip6_accept_rtadv) { /* XXX: too restrictive? */ 806 int s; 807 s = splsoftnet(); 808 dr = defrouter_lookup(&((struct sockaddr_in6 *)rt_key(rt))->sin6_addr, 809 rt->rt_ifp); 810 if (ln->ln_router || dr) { 811 /* 812 * rt6_flush must be called whether or not the neighbor 813 * is in the Default Router List. 814 * See a corresponding comment in nd6_na_input(). 815 */ 816 rt6_flush(&in6, rt->rt_ifp); 817 } 818 819 if (dr) { 820 /* 821 * Unreachablity of a router might affect the default 822 * router selection and on-link detection of advertised 823 * prefixes. 824 */ 825 826 /* 827 * Temporarily fake the state to choose a new default 828 * router and to perform on-link determination of 829 * prefixes coreectly. 830 * Below the state will be set correctly, 831 * or the entry itself will be deleted. 832 */ 833 ln->ln_state = ND6_LLINFO_INCOMPLETE; 834 835 if (dr == TAILQ_FIRST(&nd_defrouter)) { 836 /* 837 * It is used as the current default router, 838 * so we have to move it to the end of the 839 * list and choose a new one. 840 * XXX: it is not very efficient if this is 841 * the only router. 842 */ 843 TAILQ_REMOVE(&nd_defrouter, dr, dr_entry); 844 TAILQ_INSERT_TAIL(&nd_defrouter, dr, dr_entry); 845 846 defrouter_select(); 847 } 848 pfxlist_onlink_check(); 849 } 850 splx(s); 851 } 852 853 if (rt->rt_refcnt > 0 && (sdl = SDL(rt->rt_gateway)) && 854 sdl->sdl_family == AF_LINK) { 855 sdl->sdl_alen = 0; 856 ln->ln_state = ND6_LLINFO_WAITDELETE; 857 ln->ln_asked = 0; 858 rt->rt_flags &= ~RTF_REJECT; 859 return; 860 } 861 862 rtrequest(RTM_DELETE, rt_key(rt), (struct sockaddr *)0, 863 rt_mask(rt), 0, (struct rtentry **)0); 864 } 865 866 /* 867 * Upper-layer reachability hint for Neighbor Unreachability Detection. 868 * 869 * XXX cost-effective metods? 870 */ 871 void 872 nd6_nud_hint(rt, dst6) 873 struct rtentry *rt; 874 struct in6_addr *dst6; 875 { 876 struct llinfo_nd6 *ln; 877 long time_second = time.tv_sec; 878 879 /* 880 * If the caller specified "rt", use that. Otherwise, resolve the 881 * routing table by supplied "dst6". 882 */ 883 if (!rt) { 884 if (!dst6) 885 return; 886 if (!(rt = nd6_lookup(dst6, 0, NULL))) 887 return; 888 } 889 890 if ((rt->rt_flags & RTF_GATEWAY) 891 || (rt->rt_flags & RTF_LLINFO) == 0 892 || !rt->rt_llinfo 893 || !rt->rt_gateway 894 || rt->rt_gateway->sa_family != AF_LINK) { 895 /* This is not a host route. */ 896 return; 897 } 898 899 ln = (struct llinfo_nd6 *)rt->rt_llinfo; 900 if (ln->ln_state < ND6_LLINFO_REACHABLE) 901 return; 902 903 ln->ln_state = ND6_LLINFO_REACHABLE; 904 if (ln->ln_expire) 905 ln->ln_expire = time_second + 906 nd_ifinfo[rt->rt_ifp->if_index].reachable; 907 } 908 909 #ifdef OLDIP6OUTPUT 910 /* 911 * Resolve an IP6 address into an ethernet address. If success, 912 * desten is filled in. If there is no entry in ndptab, 913 * set one up and multicast a solicitation for the IP6 address. 914 * Hold onto this mbuf and resend it once the address 915 * is finally resolved. A return value of 1 indicates 916 * that desten has been filled in and the packet should be sent 917 * normally; a 0 return indicates that the packet has been 918 * taken over here, either now or for later transmission. 919 */ 920 int 921 nd6_resolve(ifp, rt, m, dst, desten) 922 struct ifnet *ifp; 923 struct rtentry *rt; 924 struct mbuf *m; 925 struct sockaddr *dst; 926 u_char *desten; 927 { 928 struct llinfo_nd6 *ln = (struct llinfo_nd6 *)NULL; 929 struct sockaddr_dl *sdl; 930 long time_second = time.tv_sec; 931 932 if (m->m_flags & M_MCAST) { 933 switch (ifp->if_type) { 934 case IFT_ETHER: 935 case IFT_FDDI: 936 ETHER_MAP_IPV6_MULTICAST(&SIN6(dst)->sin6_addr, 937 desten); 938 return(1); 939 break; 940 case IFT_ARCNET: 941 *desten = 0; 942 return(1); 943 break; 944 default: 945 return(0); 946 } 947 } 948 if (rt && (rt->rt_flags & RTF_LLINFO) != 0) 949 ln = (struct llinfo_nd6 *)rt->rt_llinfo; 950 else { 951 if ((rt = nd6_lookup(&(SIN6(dst)->sin6_addr), 1, ifp)) != NULL) 952 ln = (struct llinfo_nd6 *)rt->rt_llinfo; 953 } 954 if (!ln || !rt) { 955 log(LOG_DEBUG, "nd6_resolve: can't allocate llinfo for %s\n", 956 ip6_sprintf(&(SIN6(dst)->sin6_addr))); 957 m_freem(m); 958 return(0); 959 } 960 sdl = SDL(rt->rt_gateway); 961 /* 962 * Ckeck the address family and length is valid, the address 963 * is resolved; otherwise, try to resolve. 964 */ 965 if (ln->ln_state >= ND6_LLINFO_REACHABLE 966 && sdl->sdl_family == AF_LINK 967 && sdl->sdl_alen != 0) { 968 bcopy(LLADDR(sdl), desten, sdl->sdl_alen); 969 if (ln->ln_state == ND6_LLINFO_STALE) { 970 ln->ln_asked = 0; 971 ln->ln_state = ND6_LLINFO_DELAY; 972 ln->ln_expire = time_second + nd6_delay; 973 } 974 return(1); 975 } 976 /* 977 * There is an ndp entry, but no ethernet address 978 * response yet. Replace the held mbuf with this 979 * latest one. 980 * 981 * XXX Does the code conform to rate-limiting rule? 982 * (RFC 2461 7.2.2) 983 */ 984 if (ln->ln_state == ND6_LLINFO_WAITDELETE || 985 ln->ln_state == ND6_LLINFO_NOSTATE) 986 ln->ln_state = ND6_LLINFO_INCOMPLETE; 987 if (ln->ln_hold) 988 m_freem(ln->ln_hold); 989 ln->ln_hold = m; 990 if (ln->ln_expire) { 991 rt->rt_flags &= ~RTF_REJECT; 992 if (ln->ln_asked < nd6_mmaxtries && 993 ln->ln_expire < time_second) { 994 ln->ln_asked++; 995 ln->ln_expire = time_second + 996 nd_ifinfo[ifp->if_index].retrans / 1000; 997 nd6_ns_output(ifp, NULL, &(SIN6(dst)->sin6_addr), 998 ln, 0); 999 } 1000 } 1001 return(0); 1002 } 1003 #endif /* OLDIP6OUTPUT */ 1004 1005 void 1006 nd6_rtrequest(req, rt, sa) 1007 int req; 1008 struct rtentry *rt; 1009 struct sockaddr *sa; /* xxx unused */ 1010 { 1011 struct sockaddr *gate = rt->rt_gateway; 1012 struct llinfo_nd6 *ln = (struct llinfo_nd6 *)rt->rt_llinfo; 1013 static struct sockaddr_dl null_sdl = {sizeof(null_sdl), AF_LINK}; 1014 struct ifnet *ifp = rt->rt_ifp; 1015 struct ifaddr *ifa; 1016 long time_second = time.tv_sec; 1017 1018 if (rt->rt_flags & RTF_GATEWAY) 1019 return; 1020 1021 switch (req) { 1022 case RTM_ADD: 1023 /* 1024 * There is no backward compatibility :) 1025 * 1026 * if ((rt->rt_flags & RTF_HOST) == 0 && 1027 * SIN(rt_mask(rt))->sin_addr.s_addr != 0xffffffff) 1028 * rt->rt_flags |= RTF_CLONING; 1029 */ 1030 if (rt->rt_flags & (RTF_CLONING | RTF_LLINFO)) { 1031 /* 1032 * Case 1: This route should come from 1033 * a route to interface. RTF_LLINFO flag is set 1034 * for a host route whose destination should be 1035 * treated as on-link. 1036 */ 1037 rt_setgate(rt, rt_key(rt), 1038 (struct sockaddr *)&null_sdl); 1039 gate = rt->rt_gateway; 1040 SDL(gate)->sdl_type = ifp->if_type; 1041 SDL(gate)->sdl_index = ifp->if_index; 1042 if (ln) 1043 ln->ln_expire = time_second; 1044 #if 1 1045 if (ln && ln->ln_expire == 0) { 1046 /* cludge for desktops */ 1047 #if 0 1048 printf("nd6_request: time.tv_sec is zero; " 1049 "treat it as 1\n"); 1050 #endif 1051 ln->ln_expire = 1; 1052 } 1053 #endif 1054 if (rt->rt_flags & RTF_CLONING) 1055 break; 1056 } 1057 /* 1058 * In IPv4 code, we try to annonuce new RTF_ANNOUNCE entry here. 1059 * We don't do that here since llinfo is not ready yet. 1060 * 1061 * There are also couple of other things to be discussed: 1062 * - unsolicited NA code needs improvement beforehand 1063 * - RFC2461 says we MAY send multicast unsolicited NA 1064 * (7.2.6 paragraph 4), however, it also says that we 1065 * SHOULD provide a mechanism to prevent multicast NA storm. 1066 * we don't have anything like it right now. 1067 * note that the mechanism need a mutual agreement 1068 * between proxies, which means that we need to implement 1069 * a new protocol, or new kludge. 1070 * - from RFC2461 6.2.4, host MUST NOT send unsolicited NA. 1071 * we need to check ip6forwarding before sending it. 1072 * (or should we allow proxy ND configuration only for 1073 * routers? there's no mention about proxy ND from hosts) 1074 */ 1075 #if 0 1076 /* XXX it does not work */ 1077 if (rt->rt_flags & RTF_ANNOUNCE) 1078 nd6_na_output(ifp, 1079 &SIN6(rt_key(rt))->sin6_addr, 1080 &SIN6(rt_key(rt))->sin6_addr, 1081 ip6_forwarding ? ND_NA_FLAG_ROUTER : 0, 1082 1, NULL); 1083 #endif 1084 /* FALLTHROUGH */ 1085 case RTM_RESOLVE: 1086 if ((ifp->if_flags & IFF_POINTOPOINT) == 0) { 1087 /* 1088 * Address resolution isn't necessary for a point to 1089 * point link, so we can skip this test for a p2p link. 1090 */ 1091 if (gate->sa_family != AF_LINK || 1092 gate->sa_len < sizeof(null_sdl)) { 1093 log(LOG_DEBUG, 1094 "nd6_rtrequest: bad gateway value\n"); 1095 break; 1096 } 1097 SDL(gate)->sdl_type = ifp->if_type; 1098 SDL(gate)->sdl_index = ifp->if_index; 1099 } 1100 if (ln != NULL) 1101 break; /* This happens on a route change */ 1102 /* 1103 * Case 2: This route may come from cloning, or a manual route 1104 * add with a LL address. 1105 */ 1106 R_Malloc(ln, struct llinfo_nd6 *, sizeof(*ln)); 1107 rt->rt_llinfo = (caddr_t)ln; 1108 if (!ln) { 1109 log(LOG_DEBUG, "nd6_rtrequest: malloc failed\n"); 1110 break; 1111 } 1112 nd6_inuse++; 1113 nd6_allocated++; 1114 Bzero(ln, sizeof(*ln)); 1115 ln->ln_rt = rt; 1116 /* this is required for "ndp" command. - shin */ 1117 if (req == RTM_ADD) { 1118 /* 1119 * gate should have some valid AF_LINK entry, 1120 * and ln->ln_expire should have some lifetime 1121 * which is specified by ndp command. 1122 */ 1123 ln->ln_state = ND6_LLINFO_REACHABLE; 1124 } else { 1125 /* 1126 * When req == RTM_RESOLVE, rt is created and 1127 * initialized in rtrequest(), so rt_expire is 0. 1128 */ 1129 ln->ln_state = ND6_LLINFO_NOSTATE; 1130 ln->ln_expire = time_second; 1131 } 1132 rt->rt_flags |= RTF_LLINFO; 1133 ln->ln_next = llinfo_nd6.ln_next; 1134 llinfo_nd6.ln_next = ln; 1135 ln->ln_prev = &llinfo_nd6; 1136 ln->ln_next->ln_prev = ln; 1137 1138 /* 1139 * check if rt_key(rt) is one of my address assigned 1140 * to the interface. 1141 */ 1142 ifa = (struct ifaddr *)in6ifa_ifpwithaddr(rt->rt_ifp, 1143 &SIN6(rt_key(rt))->sin6_addr); 1144 if (ifa) { 1145 caddr_t macp = nd6_ifptomac(ifp); 1146 ln->ln_expire = 0; 1147 ln->ln_state = ND6_LLINFO_REACHABLE; 1148 if (macp) { 1149 Bcopy(macp, LLADDR(SDL(gate)), ifp->if_addrlen); 1150 SDL(gate)->sdl_alen = ifp->if_addrlen; 1151 } 1152 if (nd6_useloopback) { 1153 rt->rt_ifp = &loif[0]; /*XXX*/ 1154 /* 1155 * Make sure rt_ifa be equal to the ifaddr 1156 * corresponding to the address. 1157 * We need this because when we refer 1158 * rt_ifa->ia6_flags in ip6_input, we assume 1159 * that the rt_ifa points to the address instead 1160 * of the loopback address. 1161 */ 1162 if (ifa != rt->rt_ifa) { 1163 IFAFREE(rt->rt_ifa); 1164 IFAREF(ifa); 1165 rt->rt_ifa = ifa; 1166 } 1167 } 1168 } else if (rt->rt_flags & RTF_ANNOUNCE) { 1169 ln->ln_expire = 0; 1170 ln->ln_state = ND6_LLINFO_REACHABLE; 1171 1172 /* join solicited node multicast for proxy ND */ 1173 if (ifp->if_flags & IFF_MULTICAST) { 1174 struct in6_addr llsol; 1175 int error; 1176 1177 llsol = SIN6(rt_key(rt))->sin6_addr; 1178 llsol.s6_addr16[0] = htons(0xff02); 1179 llsol.s6_addr16[1] = htons(ifp->if_index); 1180 llsol.s6_addr32[1] = 0; 1181 llsol.s6_addr32[2] = htonl(1); 1182 llsol.s6_addr8[12] = 0xff; 1183 1184 (void)in6_addmulti(&llsol, ifp, &error); 1185 if (error) 1186 printf( 1187 "nd6_rtrequest: could not join solicited node multicast (errno=%d)\n", error); 1188 } 1189 } 1190 break; 1191 1192 case RTM_DELETE: 1193 if (!ln) 1194 break; 1195 /* leave from solicited node multicast for proxy ND */ 1196 if ((rt->rt_flags & RTF_ANNOUNCE) != 0 && 1197 (ifp->if_flags & IFF_MULTICAST) != 0) { 1198 struct in6_addr llsol; 1199 struct in6_multi *in6m; 1200 1201 llsol = SIN6(rt_key(rt))->sin6_addr; 1202 llsol.s6_addr16[0] = htons(0xff02); 1203 llsol.s6_addr16[1] = htons(ifp->if_index); 1204 llsol.s6_addr32[1] = 0; 1205 llsol.s6_addr32[2] = htonl(1); 1206 llsol.s6_addr8[12] = 0xff; 1207 1208 IN6_LOOKUP_MULTI(llsol, ifp, in6m); 1209 if (in6m) 1210 in6_delmulti(in6m); 1211 } 1212 nd6_inuse--; 1213 ln->ln_next->ln_prev = ln->ln_prev; 1214 ln->ln_prev->ln_next = ln->ln_next; 1215 ln->ln_prev = NULL; 1216 rt->rt_llinfo = 0; 1217 rt->rt_flags &= ~RTF_LLINFO; 1218 if (ln->ln_hold) 1219 m_freem(ln->ln_hold); 1220 Free((caddr_t)ln); 1221 } 1222 } 1223 1224 void 1225 nd6_p2p_rtrequest(req, rt, sa) 1226 int req; 1227 struct rtentry *rt; 1228 struct sockaddr *sa; /* xxx unused */ 1229 { 1230 struct sockaddr *gate = rt->rt_gateway; 1231 static struct sockaddr_dl null_sdl = {sizeof(null_sdl), AF_LINK}; 1232 struct ifnet *ifp = rt->rt_ifp; 1233 struct ifaddr *ifa; 1234 1235 if (rt->rt_flags & RTF_GATEWAY) 1236 return; 1237 1238 switch (req) { 1239 case RTM_ADD: 1240 /* 1241 * There is no backward compatibility :) 1242 * 1243 * if ((rt->rt_flags & RTF_HOST) == 0 && 1244 * SIN(rt_mask(rt))->sin_addr.s_addr != 0xffffffff) 1245 * rt->rt_flags |= RTF_CLONING; 1246 */ 1247 if (rt->rt_flags & RTF_CLONING) { 1248 /* 1249 * Case 1: This route should come from 1250 * a route to interface. 1251 */ 1252 rt_setgate(rt, rt_key(rt), 1253 (struct sockaddr *)&null_sdl); 1254 gate = rt->rt_gateway; 1255 SDL(gate)->sdl_type = ifp->if_type; 1256 SDL(gate)->sdl_index = ifp->if_index; 1257 break; 1258 } 1259 /* Announce a new entry if requested. */ 1260 if (rt->rt_flags & RTF_ANNOUNCE) 1261 nd6_na_output(ifp, 1262 &SIN6(rt_key(rt))->sin6_addr, 1263 &SIN6(rt_key(rt))->sin6_addr, 1264 ip6_forwarding ? ND_NA_FLAG_ROUTER : 0, 1265 1, NULL); 1266 /* FALLTHROUGH */ 1267 case RTM_RESOLVE: 1268 /* 1269 * check if rt_key(rt) is one of my address assigned 1270 * to the interface. 1271 */ 1272 ifa = (struct ifaddr *)in6ifa_ifpwithaddr(rt->rt_ifp, 1273 &SIN6(rt_key(rt))->sin6_addr); 1274 if (ifa) { 1275 if (nd6_useloopback) { 1276 rt->rt_ifp = &loif[0]; /*XXX*/ 1277 } 1278 } 1279 break; 1280 } 1281 } 1282 1283 int 1284 nd6_ioctl(cmd, data, ifp) 1285 u_long cmd; 1286 caddr_t data; 1287 struct ifnet *ifp; 1288 { 1289 struct in6_drlist *drl = (struct in6_drlist *)data; 1290 struct in6_prlist *prl = (struct in6_prlist *)data; 1291 struct in6_ndireq *ndi = (struct in6_ndireq *)data; 1292 struct in6_nbrinfo *nbi = (struct in6_nbrinfo *)data; 1293 struct in6_ndifreq *ndif = (struct in6_ndifreq *)data; 1294 struct nd_defrouter *dr, any; 1295 struct nd_prefix *pr; 1296 struct rtentry *rt; 1297 int i = 0, error = 0; 1298 int s; 1299 1300 switch (cmd) { 1301 case SIOCGDRLST_IN6: 1302 bzero(drl, sizeof(*drl)); 1303 s = splsoftnet(); 1304 dr = TAILQ_FIRST(&nd_defrouter); 1305 while (dr && i < DRLSTSIZ) { 1306 drl->defrouter[i].rtaddr = dr->rtaddr; 1307 if (IN6_IS_ADDR_LINKLOCAL(&drl->defrouter[i].rtaddr)) { 1308 /* XXX: need to this hack for KAME stack */ 1309 drl->defrouter[i].rtaddr.s6_addr16[1] = 0; 1310 } 1311 else 1312 log(LOG_ERR, 1313 "default router list contains a " 1314 "non-linklocal address(%s)\n", 1315 ip6_sprintf(&drl->defrouter[i].rtaddr)); 1316 1317 drl->defrouter[i].flags = dr->flags; 1318 drl->defrouter[i].rtlifetime = dr->rtlifetime; 1319 drl->defrouter[i].expire = dr->expire; 1320 drl->defrouter[i].if_index = dr->ifp->if_index; 1321 i++; 1322 dr = TAILQ_NEXT(dr, dr_entry); 1323 } 1324 splx(s); 1325 break; 1326 case SIOCGPRLST_IN6: 1327 /* 1328 * XXX meaning of fields, especialy "raflags", is very 1329 * differnet between RA prefix list and RR/static prefix list. 1330 * how about separating ioctls into two? 1331 */ 1332 bzero(prl, sizeof(*prl)); 1333 s = splsoftnet(); 1334 pr = nd_prefix.lh_first; 1335 while (pr && i < PRLSTSIZ) { 1336 struct nd_pfxrouter *pfr; 1337 int j; 1338 1339 prl->prefix[i].prefix = pr->ndpr_prefix.sin6_addr; 1340 prl->prefix[i].raflags = pr->ndpr_raf; 1341 prl->prefix[i].prefixlen = pr->ndpr_plen; 1342 prl->prefix[i].vltime = pr->ndpr_vltime; 1343 prl->prefix[i].pltime = pr->ndpr_pltime; 1344 prl->prefix[i].if_index = pr->ndpr_ifp->if_index; 1345 prl->prefix[i].expire = pr->ndpr_expire; 1346 1347 pfr = pr->ndpr_advrtrs.lh_first; 1348 j = 0; 1349 while(pfr) { 1350 if (j < DRLSTSIZ) { 1351 #define RTRADDR prl->prefix[i].advrtr[j] 1352 RTRADDR = pfr->router->rtaddr; 1353 if (IN6_IS_ADDR_LINKLOCAL(&RTRADDR)) { 1354 /* XXX: hack for KAME */ 1355 RTRADDR.s6_addr16[1] = 0; 1356 } 1357 else 1358 log(LOG_ERR, 1359 "a router(%s) advertises " 1360 "a prefix with " 1361 "non-link local address\n", 1362 ip6_sprintf(&RTRADDR)); 1363 #undef RTRADDR 1364 } 1365 j++; 1366 pfr = pfr->pfr_next; 1367 } 1368 prl->prefix[i].advrtrs = j; 1369 prl->prefix[i].origin = PR_ORIG_RA; 1370 1371 i++; 1372 pr = pr->ndpr_next; 1373 } 1374 { 1375 struct rr_prefix *rpp; 1376 1377 for (rpp = LIST_FIRST(&rr_prefix); rpp; 1378 rpp = LIST_NEXT(rpp, rp_entry)) { 1379 if (i >= PRLSTSIZ) 1380 break; 1381 prl->prefix[i].prefix = rpp->rp_prefix.sin6_addr; 1382 prl->prefix[i].raflags = rpp->rp_raf; 1383 prl->prefix[i].prefixlen = rpp->rp_plen; 1384 prl->prefix[i].vltime = rpp->rp_vltime; 1385 prl->prefix[i].pltime = rpp->rp_pltime; 1386 prl->prefix[i].if_index = rpp->rp_ifp->if_index; 1387 prl->prefix[i].expire = rpp->rp_expire; 1388 prl->prefix[i].advrtrs = 0; 1389 prl->prefix[i].origin = rpp->rp_origin; 1390 i++; 1391 } 1392 } 1393 splx(s); 1394 1395 break; 1396 case SIOCGIFINFO_IN6: 1397 ndi->ndi = nd_ifinfo[ifp->if_index]; 1398 break; 1399 case SIOCSIFINFO_FLAGS: 1400 /* XXX: almost all other fields of ndi->ndi is unused */ 1401 nd_ifinfo[ifp->if_index].flags = ndi->ndi.flags; 1402 break; 1403 case SIOCSNDFLUSH_IN6: /* XXX: the ioctl name is confusing... */ 1404 /* flush default router list */ 1405 /* 1406 * xxx sumikawa: should not delete route if default 1407 * route equals to the top of default router list 1408 */ 1409 bzero(&any, sizeof(any)); 1410 defrouter_delreq(&any, 0); 1411 defrouter_select(); 1412 /* xxx sumikawa: flush prefix list */ 1413 break; 1414 case SIOCSPFXFLUSH_IN6: 1415 { 1416 /* flush all the prefix advertised by routers */ 1417 struct nd_prefix *pr, *next; 1418 1419 s = splsoftnet(); 1420 for (pr = nd_prefix.lh_first; pr; pr = next) { 1421 next = pr->ndpr_next; 1422 if (!IN6_IS_ADDR_UNSPECIFIED(&pr->ndpr_addr)) 1423 in6_ifdel(pr->ndpr_ifp, &pr->ndpr_addr); 1424 prelist_remove(pr); 1425 } 1426 splx(s); 1427 break; 1428 } 1429 case SIOCSRTRFLUSH_IN6: 1430 { 1431 /* flush all the default routers */ 1432 struct nd_defrouter *dr, *next; 1433 1434 s = splsoftnet(); 1435 if ((dr = TAILQ_FIRST(&nd_defrouter)) != NULL) { 1436 /* 1437 * The first entry of the list may be stored in 1438 * the routing table, so we'll delete it later. 1439 */ 1440 for (dr = TAILQ_NEXT(dr, dr_entry); dr; dr = next) { 1441 next = TAILQ_NEXT(dr, dr_entry); 1442 defrtrlist_del(dr); 1443 } 1444 defrtrlist_del(TAILQ_FIRST(&nd_defrouter)); 1445 } 1446 splx(s); 1447 break; 1448 } 1449 case SIOCGNBRINFO_IN6: 1450 { 1451 struct llinfo_nd6 *ln; 1452 struct in6_addr nb_addr = nbi->addr; /* make local for safety */ 1453 1454 /* 1455 * XXX: KAME specific hack for scoped addresses 1456 * XXXX: for other scopes than link-local? 1457 */ 1458 if (IN6_IS_ADDR_LINKLOCAL(&nbi->addr) || 1459 IN6_IS_ADDR_MC_LINKLOCAL(&nbi->addr)) { 1460 u_int16_t *idp = (u_int16_t *)&nb_addr.s6_addr[2]; 1461 1462 if (*idp == 0) 1463 *idp = htons(ifp->if_index); 1464 } 1465 1466 s = splsoftnet(); 1467 if ((rt = nd6_lookup(&nb_addr, 0, ifp)) == NULL) { 1468 error = EINVAL; 1469 splx(s); 1470 break; 1471 } 1472 ln = (struct llinfo_nd6 *)rt->rt_llinfo; 1473 nbi->state = ln->ln_state; 1474 nbi->asked = ln->ln_asked; 1475 nbi->isrouter = ln->ln_router; 1476 nbi->expire = ln->ln_expire; 1477 splx(s); 1478 1479 break; 1480 } 1481 case SIOCGDEFIFACE_IN6: /* XXX: should be implemented as a sysctl? */ 1482 ndif->ifindex = nd6_defifindex; 1483 break; 1484 case SIOCSDEFIFACE_IN6: /* XXX: should be implemented as a sysctl? */ 1485 return(nd6_setdefaultiface(ndif->ifindex)); 1486 break; 1487 } 1488 return(error); 1489 } 1490 1491 /* 1492 * Create neighbor cache entry and cache link-layer address, 1493 * on reception of inbound ND6 packets. (RS/RA/NS/redirect) 1494 */ 1495 struct rtentry * 1496 nd6_cache_lladdr(ifp, from, lladdr, lladdrlen, type, code) 1497 struct ifnet *ifp; 1498 struct in6_addr *from; 1499 char *lladdr; 1500 int lladdrlen; 1501 int type; /* ICMP6 type */ 1502 int code; /* type dependent information */ 1503 { 1504 struct rtentry *rt = NULL; 1505 struct llinfo_nd6 *ln = NULL; 1506 int is_newentry; 1507 struct sockaddr_dl *sdl = NULL; 1508 int do_update; 1509 int olladdr; 1510 int llchange; 1511 int newstate = 0; 1512 long time_second = time.tv_sec; 1513 1514 if (!ifp) 1515 panic("ifp == NULL in nd6_cache_lladdr"); 1516 if (!from) 1517 panic("from == NULL in nd6_cache_lladdr"); 1518 1519 /* nothing must be updated for unspecified address */ 1520 if (IN6_IS_ADDR_UNSPECIFIED(from)) 1521 return NULL; 1522 1523 /* 1524 * Validation about ifp->if_addrlen and lladdrlen must be done in 1525 * the caller. 1526 * 1527 * XXX If the link does not have link-layer adderss, what should 1528 * we do? (ifp->if_addrlen == 0) 1529 * Spec says nothing in sections for RA, RS and NA. There's small 1530 * description on it in NS section (RFC 2461 7.2.3). 1531 */ 1532 1533 rt = nd6_lookup(from, 0, ifp); 1534 if (!rt) { 1535 #if 0 1536 /* nothing must be done if there's no lladdr */ 1537 if (!lladdr || !lladdrlen) 1538 return NULL; 1539 #endif 1540 1541 rt = nd6_lookup(from, 1, ifp); 1542 is_newentry = 1; 1543 } else 1544 is_newentry = 0; 1545 1546 if (!rt) 1547 return NULL; 1548 if ((rt->rt_flags & (RTF_GATEWAY | RTF_LLINFO)) != RTF_LLINFO) { 1549 fail: 1550 nd6_free(rt); 1551 return NULL; 1552 } 1553 ln = (struct llinfo_nd6 *)rt->rt_llinfo; 1554 if (!ln) 1555 goto fail; 1556 if (!rt->rt_gateway) 1557 goto fail; 1558 if (rt->rt_gateway->sa_family != AF_LINK) 1559 goto fail; 1560 sdl = SDL(rt->rt_gateway); 1561 1562 olladdr = (sdl->sdl_alen) ? 1 : 0; 1563 if (olladdr && lladdr) { 1564 if (bcmp(lladdr, LLADDR(sdl), ifp->if_addrlen)) 1565 llchange = 1; 1566 else 1567 llchange = 0; 1568 } else 1569 llchange = 0; 1570 1571 /* 1572 * newentry olladdr lladdr llchange (*=record) 1573 * 0 n n -- (1) 1574 * 0 y n -- (2) 1575 * 0 n y -- (3) * STALE 1576 * 0 y y n (4) * 1577 * 0 y y y (5) * STALE 1578 * 1 -- n -- (6) NOSTATE(= PASSIVE) 1579 * 1 -- y -- (7) * STALE 1580 */ 1581 1582 if (lladdr) { /*(3-5) and (7)*/ 1583 /* 1584 * Record source link-layer address 1585 * XXX is it dependent to ifp->if_type? 1586 */ 1587 sdl->sdl_alen = ifp->if_addrlen; 1588 bcopy(lladdr, LLADDR(sdl), ifp->if_addrlen); 1589 } 1590 1591 if (!is_newentry) { 1592 if ((!olladdr && lladdr) /*(3)*/ 1593 || (olladdr && lladdr && llchange)) { /*(5)*/ 1594 do_update = 1; 1595 newstate = ND6_LLINFO_STALE; 1596 } else /*(1-2,4)*/ 1597 do_update = 0; 1598 } else { 1599 do_update = 1; 1600 if (!lladdr) /*(6)*/ 1601 newstate = ND6_LLINFO_NOSTATE; 1602 else /*(7)*/ 1603 newstate = ND6_LLINFO_STALE; 1604 } 1605 1606 if (do_update) { 1607 /* 1608 * Update the state of the neighbor cache. 1609 */ 1610 ln->ln_state = newstate; 1611 1612 if (ln->ln_state == ND6_LLINFO_STALE) { 1613 rt->rt_flags &= ~RTF_REJECT; 1614 if (ln->ln_hold) { 1615 #ifdef OLDIP6OUTPUT 1616 (*ifp->if_output)(ifp, ln->ln_hold, 1617 rt_key(rt), rt); 1618 #else 1619 nd6_output(ifp, ln->ln_hold, 1620 (struct sockaddr_in6 *)rt_key(rt), 1621 rt); 1622 #endif 1623 ln->ln_hold = 0; 1624 } 1625 } else if (ln->ln_state == ND6_LLINFO_INCOMPLETE) { 1626 /* probe right away */ 1627 ln->ln_expire = time_second; 1628 } 1629 } 1630 1631 /* 1632 * ICMP6 type dependent behavior. 1633 * 1634 * NS: clear IsRouter if new entry 1635 * RS: clear IsRouter 1636 * RA: set IsRouter if there's lladdr 1637 * redir: clear IsRouter if new entry 1638 * 1639 * RA case, (1): 1640 * The spec says that we must set IsRouter in the following cases: 1641 * - If lladdr exist, set IsRouter. This means (1-5). 1642 * - If it is old entry (!newentry), set IsRouter. This means (7). 1643 * So, based on the spec, in (1-5) and (7) cases we must set IsRouter. 1644 * A quetion arises for (1) case. (1) case has no lladdr in the 1645 * neighbor cache, this is similar to (6). 1646 * This case is rare but we figured that we MUST NOT set IsRouter. 1647 * 1648 * newentry olladdr lladdr llchange NS RS RA redir 1649 * D R 1650 * 0 n n -- (1) c ? s 1651 * 0 y n -- (2) c s s 1652 * 0 n y -- (3) c s s 1653 * 0 y y n (4) c s s 1654 * 0 y y y (5) c s s 1655 * 1 -- n -- (6) c c c s 1656 * 1 -- y -- (7) c c s c s 1657 * 1658 * (c=clear s=set) 1659 */ 1660 switch (type & 0xff) { 1661 case ND_NEIGHBOR_SOLICIT: 1662 /* 1663 * New entry must have is_router flag cleared. 1664 */ 1665 if (is_newentry) /*(6-7)*/ 1666 ln->ln_router = 0; 1667 break; 1668 case ND_REDIRECT: 1669 /* 1670 * If the icmp is a redirect to a better router, always set the 1671 * is_router flag. Otherwise, if the entry is newly created, 1672 * clear the flag. [RFC 2461, sec 8.3] 1673 */ 1674 if (code == ND_REDIRECT_ROUTER) 1675 ln->ln_router = 1; 1676 else if (is_newentry) /*(6-7)*/ 1677 ln->ln_router = 0; 1678 break; 1679 case ND_ROUTER_SOLICIT: 1680 /* 1681 * is_router flag must always be cleared. 1682 */ 1683 ln->ln_router = 0; 1684 break; 1685 case ND_ROUTER_ADVERT: 1686 /* 1687 * Mark an entry with lladdr as a router. 1688 */ 1689 if ((!is_newentry && (olladdr || lladdr)) /*(2-5)*/ 1690 || (is_newentry && lladdr)) { /*(7)*/ 1691 ln->ln_router = 1; 1692 } 1693 break; 1694 } 1695 1696 return rt; 1697 } 1698 1699 static void 1700 nd6_slowtimo(ignored_arg) 1701 void *ignored_arg; 1702 { 1703 int s = splsoftnet(); 1704 register int i; 1705 register struct nd_ifinfo *nd6if; 1706 1707 callout_reset(&nd6_slowtimo_ch, ND6_SLOWTIMER_INTERVAL * hz, 1708 nd6_slowtimo, NULL); 1709 for (i = 1; i < if_index + 1; i++) { 1710 nd6if = &nd_ifinfo[i]; 1711 if (nd6if->basereachable && /* already initialized */ 1712 (nd6if->recalctm -= ND6_SLOWTIMER_INTERVAL) <= 0) { 1713 /* 1714 * Since reachable time rarely changes by router 1715 * advertisements, we SHOULD insure that a new random 1716 * value gets recomputed at least once every few hours. 1717 * (RFC 2461, 6.3.4) 1718 */ 1719 nd6if->recalctm = nd6_recalc_reachtm_interval; 1720 nd6if->reachable = ND_COMPUTE_RTIME(nd6if->basereachable); 1721 } 1722 } 1723 splx(s); 1724 } 1725 1726 #define senderr(e) { error = (e); goto bad;} 1727 int 1728 nd6_output(ifp, m0, dst, rt0) 1729 register struct ifnet *ifp; 1730 struct mbuf *m0; 1731 struct sockaddr_in6 *dst; 1732 struct rtentry *rt0; 1733 { 1734 register struct mbuf *m = m0; 1735 register struct rtentry *rt = rt0; 1736 struct llinfo_nd6 *ln = NULL; 1737 int error = 0; 1738 long time_second = time.tv_sec; 1739 1740 if (IN6_IS_ADDR_MULTICAST(&dst->sin6_addr)) 1741 goto sendpkt; 1742 1743 /* 1744 * XXX: we currently do not make neighbor cache on any interface 1745 * other than ARCnet, Ethernet, FDDI and GIF. 1746 * 1747 * draft-ietf-ngtrans-mech-04.txt says: 1748 * - unidirectional tunnels needs no ND 1749 */ 1750 switch (ifp->if_type) { 1751 case IFT_ARCNET: 1752 case IFT_ETHER: 1753 case IFT_FDDI: 1754 case IFT_GIF: /* XXX need more cases? */ 1755 break; 1756 default: 1757 goto sendpkt; 1758 } 1759 1760 if ((ifp->if_flags & IFF_POINTOPOINT) != 0 && 1761 (nd_ifinfo[ifp->if_index].flags & ND6_IFF_PERFORMNUD) == 0) 1762 goto sendpkt; 1763 1764 /* 1765 * next hop determination. This routine is derived from ether_outpout. 1766 */ 1767 if (rt) { 1768 if ((rt->rt_flags & RTF_UP) == 0) { 1769 if ((rt0 = rt = rtalloc1((struct sockaddr *)dst, 1)) != 1770 NULL) 1771 { 1772 rt->rt_refcnt--; 1773 if (rt->rt_ifp != ifp) 1774 return nd6_output(ifp, m0, dst, rt); /* XXX: loop care? */ 1775 } else 1776 senderr(EHOSTUNREACH); 1777 } 1778 if (rt->rt_flags & RTF_GATEWAY) { 1779 if (rt->rt_gwroute == 0) 1780 goto lookup; 1781 if (((rt = rt->rt_gwroute)->rt_flags & RTF_UP) == 0) { 1782 rtfree(rt); rt = rt0; 1783 lookup: rt->rt_gwroute = rtalloc1(rt->rt_gateway, 1); 1784 if ((rt = rt->rt_gwroute) == 0) 1785 senderr(EHOSTUNREACH); 1786 } 1787 } 1788 if (rt->rt_flags & RTF_REJECT) 1789 senderr(rt == rt0 ? EHOSTDOWN : EHOSTUNREACH); 1790 } 1791 1792 /* 1793 * Address resolution or Neighbor Unreachability Detection 1794 * for the next hop. 1795 * At this point, the destination of the packet must be a unicast 1796 * or an anycast address(i.e. not a multicast). 1797 */ 1798 1799 /* Look up the neighbor cache for the nexthop */ 1800 if (rt && (rt->rt_flags & RTF_LLINFO) != 0) 1801 ln = (struct llinfo_nd6 *)rt->rt_llinfo; 1802 else { 1803 if ((rt = nd6_lookup(&dst->sin6_addr, 1, ifp)) != NULL) 1804 ln = (struct llinfo_nd6 *)rt->rt_llinfo; 1805 } 1806 if (!ln || !rt) { 1807 log(LOG_DEBUG, "nd6_output: can't allocate llinfo for %s " 1808 "(ln=%p, rt=%p)\n", 1809 ip6_sprintf(&dst->sin6_addr), ln, rt); 1810 senderr(EIO); /* XXX: good error? */ 1811 } 1812 1813 /* We don't have to do link-layer address resolution on a p2p link. */ 1814 if ((ifp->if_flags & IFF_POINTOPOINT) != 0 && 1815 ln->ln_state < ND6_LLINFO_REACHABLE) 1816 ln->ln_state = ND6_LLINFO_STALE; 1817 1818 /* 1819 * The first time we send a packet to a neighbor whose entry is 1820 * STALE, we have to change the state to DELAY and a sets a timer to 1821 * expire in DELAY_FIRST_PROBE_TIME seconds to ensure do 1822 * neighbor unreachability detection on expiration. 1823 * (RFC 2461 7.3.3) 1824 */ 1825 if (ln->ln_state == ND6_LLINFO_STALE) { 1826 ln->ln_asked = 0; 1827 ln->ln_state = ND6_LLINFO_DELAY; 1828 ln->ln_expire = time_second + nd6_delay; 1829 } 1830 1831 /* 1832 * If the neighbor cache entry has a state other than INCOMPLETE 1833 * (i.e. its link-layer address is already reloved), just 1834 * send the packet. 1835 */ 1836 if (ln->ln_state > ND6_LLINFO_INCOMPLETE) 1837 goto sendpkt; 1838 1839 /* 1840 * There is a neighbor cache entry, but no ethernet address 1841 * response yet. Replace the held mbuf (if any) with this 1842 * latest one. 1843 * 1844 * XXX Does the code conform to rate-limiting rule? 1845 * (RFC 2461 7.2.2) 1846 */ 1847 if (ln->ln_state == ND6_LLINFO_WAITDELETE || 1848 ln->ln_state == ND6_LLINFO_NOSTATE) 1849 ln->ln_state = ND6_LLINFO_INCOMPLETE; 1850 if (ln->ln_hold) 1851 m_freem(ln->ln_hold); 1852 ln->ln_hold = m; 1853 if (ln->ln_expire) { 1854 rt->rt_flags &= ~RTF_REJECT; 1855 if (ln->ln_asked < nd6_mmaxtries && 1856 ln->ln_expire < time_second) { 1857 ln->ln_asked++; 1858 ln->ln_expire = time_second + 1859 nd_ifinfo[ifp->if_index].retrans / 1000; 1860 nd6_ns_output(ifp, NULL, &dst->sin6_addr, ln, 0); 1861 } 1862 } 1863 return(0); 1864 1865 sendpkt: 1866 return((*ifp->if_output)(ifp, m, (struct sockaddr *)dst, rt)); 1867 1868 bad: 1869 if (m) 1870 m_freem(m); 1871 return (error); 1872 } 1873 #undef senderr 1874 1875 int 1876 nd6_storelladdr(ifp, rt, m, dst, desten) 1877 struct ifnet *ifp; 1878 struct rtentry *rt; 1879 struct mbuf *m; 1880 struct sockaddr *dst; 1881 u_char *desten; 1882 { 1883 struct sockaddr_dl *sdl; 1884 1885 if (m->m_flags & M_MCAST) { 1886 switch (ifp->if_type) { 1887 case IFT_ETHER: 1888 case IFT_FDDI: 1889 ETHER_MAP_IPV6_MULTICAST(&SIN6(dst)->sin6_addr, 1890 desten); 1891 return(1); 1892 break; 1893 case IFT_ARCNET: 1894 *desten = 0; 1895 return(1); 1896 default: 1897 return(0); 1898 } 1899 } 1900 1901 if (rt == NULL || 1902 rt->rt_gateway->sa_family != AF_LINK) { 1903 printf("nd6_storelladdr: something odd happens\n"); 1904 return(0); 1905 } 1906 sdl = SDL(rt->rt_gateway); 1907 if (sdl->sdl_alen == 0) { 1908 /* this should be impossible, but we bark here for debugging */ 1909 printf("nd6_storelladdr: sdl_alen == 0\n"); 1910 return(0); 1911 } 1912 1913 bcopy(LLADDR(sdl), desten, sdl->sdl_alen); 1914 return(1); 1915 } 1916
Indexes created Sun Sep 21 20:09:37 GMT 2025