On Fri, Dec 08, 2023 at 06:49:12PM +0100, Stefano Brivio wrote: > Currently, we have no mechanism to dynamically update IPv6 > addressing, routing or DNS information (which should eventually be > implemented via netlink monitor), so it makes no sense to limit > lifetimes of NDP information to any particular value. > > If we do, with common configurations of systemd-networkd in a guest, > we can end up in a situation where we have a /128 address assigned > via DHCPv6, the NDP-assigned prefix expires, and the default route > also expires. However, as there's a valid address, the prefix is > not renewed. As a result, the default route becomes invalid and we > lose it altogether, which implies that the guest loses IPv6 > connectivity except for link-local communication. > > Set the router lifetime to the maximum allowed by RFC 8319, that is, > 65535 seconds (about 18 hours). RFC 4861 limited this value to 9000 > seconds, but RFC 8319 later updated this limit. > > Set prefix and DNS information lifetime to infinity. This is allowed > by RFC 4861 and RFC 8319. > > Signed-off-by: Stefano Brivio Reviewed-by: David Gibson > --- > ndp.c | 10 +++++----- > 1 file changed, 5 insertions(+), 5 deletions(-) > > diff --git a/ndp.c b/ndp.c > index adab1d2..4c85ab8 100644 > --- a/ndp.c > +++ b/ndp.c > @@ -94,7 +94,7 @@ int ndp(struct ctx *c, const struct icmp6hdr *ih, const struct in6_addr *saddr) > ihr->icmp6_type = RA; > ihr->icmp6_code = 0; > ihr->icmp6_hop_limit = 255; > - ihr->icmp6_rt_lifetime = htons(9000); > + ihr->icmp6_rt_lifetime = htons(65535); /* RFC 8319 */ > ihr->icmp6_addrconf_managed = 1; > > p = (unsigned char *)(ihr + 1); > @@ -103,9 +103,9 @@ int ndp(struct ctx *c, const struct icmp6hdr *ih, const struct in6_addr *saddr) > *p++ = 4; /* length */ > *p++ = 64; /* prefix length */ > *p++ = 0xc0; /* prefix flags: L, A */ > - *(uint32_t *)p = htonl(3600); /* lifetime */ > + *(uint32_t *)p = (uint32_t)~0U; /* lifetime */ > p += 4; > - *(uint32_t *)p = htonl(3600); /* preferred lifetime */ > + *(uint32_t *)p = (uint32_t)~0U; /* preferred lifetime */ > p += 8; > memcpy(p, &c->ip6.addr, 8); /* prefix */ > p += 16; > @@ -126,7 +126,7 @@ int ndp(struct ctx *c, const struct icmp6hdr *ih, const struct in6_addr *saddr) > *p++ = 25; /* RDNSS */ > *p++ = 1 + 2 * n; /* length */ > p += 2; /* reserved */ > - *(uint32_t *)p = htonl(60); /* lifetime */ > + *(uint32_t *)p = (uint32_t)~0U; /* lifetime */ > p += 4; > > for (i = 0; i < n; i++) { > @@ -142,7 +142,7 @@ int ndp(struct ctx *c, const struct icmp6hdr *ih, const struct in6_addr *saddr) > *p++ = 31; /* DNSSL */ > *p++ = (dns_s_len + 8 - 1) / 8 + 1; /* length */ > p += 2; /* reserved */ > - *(uint32_t *)p = htonl(60); /* lifetime */ > + *(uint32_t *)p = (uint32_t)~0U; /* lifetime */ > p += 4; > > for (i = 0; i < n; i++) { -- David Gibson | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_ | _way_ _around_! http://www.ozlabs.org/~dgibson