From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: passt.top; dmarc=none (p=none dis=none) header.from=gibson.dropbear.id.au Authentication-Results: passt.top; dkim=fail reason="key not found in DNS" header.d=gibson.dropbear.id.au header.i=@gibson.dropbear.id.au header.a=rsa-sha256 header.s=202312 header.b=YOKaSUpE; dkim-atps=neutral Received: from mail.ozlabs.org (gandalf.ozlabs.org [150.107.74.76]) by passt.top (Postfix) with ESMTPS id 6B7D95A0280 for ; Thu, 15 Aug 2024 05:43:28 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gibson.dropbear.id.au; s=202312; t=1723693394; bh=vr3xUzu9lTvYrXcM6q5+9A6prhhtItZABxkvosGeiM8=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=YOKaSUpEF25wxl4UmHd1sb2IqcvO8APS204FFYcGdJiKf8MMiHpLzb/DBVm5aMsMQ YTsx8yGheA/mkpskSJHhkn9mEISzAIkx4crKBVWIybEVDucbZJNgl8JSB0ZTgqJV3b +yYIF916iIthc5AO3t5JB+Xb/NEzdjw/KDBjDXIY+KtH7uGc1+wsKQKfDkbhnYE6T7 y/kOtLatrWlXAaL9+b1dDw+KgTLWju1ceEvjprLIJe3HXq8+t8waKY4cqCf+3zWnRA L6ndsBO2YGlXPeS0SM9bak/6YfGHonRjJTdfKITgn+gr44IGK8QU1FBTh1efBCqH3B 6ozgNp81MzIlQ== Received: by gandalf.ozlabs.org (Postfix, from userid 1007) id 4WkrYt0YcRz4x6k; Thu, 15 Aug 2024 13:43:14 +1000 (AEST) Date: Thu, 15 Aug 2024 13:06:52 +1000 From: David Gibson To: Stefano Brivio Subject: Re: [PATCH 6/7] pasta: Disable neighbour solicitations on device up to prevent DAD Message-ID: References: <20240814225429.3707908-1-sbrivio@redhat.com> <20240814225429.3707908-7-sbrivio@redhat.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="leWbavsGrAIUhu8h" Content-Disposition: inline In-Reply-To: <20240814225429.3707908-7-sbrivio@redhat.com> Message-ID-Hash: CVNHBN7YYNVKRPZULXLZSC6EAB4PSY7U X-Message-ID-Hash: CVNHBN7YYNVKRPZULXLZSC6EAB4PSY7U X-MailFrom: dgibson@gandalf.ozlabs.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: passt-dev@passt.top, Paul Holzinger X-Mailman-Version: 3.3.8 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: --leWbavsGrAIUhu8h Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Aug 15, 2024 at 12:54:28AM +0200, Stefano Brivio wrote: > As soon as we the kernel notifier for IPv6 address configuration > (addrconf_notify()) sees that we bring the target interface up > (NETDEV_UP), it will schedule duplicate address detection, so, by > itself, setting the nodad flag later is useless, because that won't > stop a detection that's already in progress. Ah, I did wonder about that on the earlier patch. > However, if we disable neighbour solicitations with IFF_NOARP (which > is a misnomer for IPv6 interfaces, but there's no possibility of > mixing things up), the notifier will not trigger DAD, because it can't > be done, of course, without neighbour solicitations. >=20 > Set IFF_NOARP as we bring up the device, and drop it after we had a > chance to set the nodad attribute on the link. >=20 > Signed-off-by: Stefano Brivio Reviewed-by: David Gibson > --- > pasta.c | 11 ++++++++++- > 1 file changed, 10 insertions(+), 1 deletion(-) >=20 > diff --git a/pasta.c b/pasta.c > index cebf54f..babbfd5 100644 > --- a/pasta.c > +++ b/pasta.c > @@ -303,10 +303,15 @@ void pasta_ns_conf(struct ctx *c) > strerror(-rc)); > =20 > if (c->pasta_conf_ns) { > + unsigned int flags =3D IFF_UP; > + > if (c->mtu !=3D -1) > nl_link_set_mtu(nl_sock_ns, c->pasta_ifi, c->mtu); > =20 > - nl_link_set_flags(nl_sock_ns, c->pasta_ifi, IFF_UP, IFF_UP); > + if (c->ifi6) /* Avoid duplicate address detection on link up */ > + flags |=3D IFF_NOARP; > + > + nl_link_set_flags(nl_sock_ns, c->pasta_ifi, flags, flags); > =20 > if (c->ifi4) { > if (c->ip4.no_copy_addrs) { > @@ -353,6 +358,10 @@ void pasta_ns_conf(struct ctx *c) > strerror(-rc)); > } > =20 > + /* We dodged DAD: re-enable neighbour solicitations */ > + nl_link_set_flags(nl_sock_ns, c->pasta_ifi, > + 0, IFF_NOARP); > + > if (c->ip6.no_copy_addrs) { > rc =3D nl_addr_set(nl_sock_ns, c->pasta_ifi, > AF_INET6, &c->ip6.addr, 64); --=20 David Gibson (he or they) | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you, not the other way | around. http://www.ozlabs.org/~dgibson --leWbavsGrAIUhu8h Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEO+dNsU4E3yXUXRK2zQJF27ox2GcFAma9cMsACgkQzQJF27ox 2Gdp/Q//YV3IHeDQn1/Yo5JNocYm7T6SeW/F4HVODEKpxT/XqOiENVMz0wr9iNmW 7tiB9igYTjeo6n3Dqwrw8aZeEqflDsf1kNTXDXdH+aVJFhzKsUWaNiiSG1eoCvvS h8EULdobIEtGBrl1OWZVZwUU8d4SDOGccIJwHuhF/nPjVhHke6t3Jm0rbtGJZu6s mCTLkeI0rw3zagnD/FSlj6kyjIyRgXAybyqjtFXu3RzEVo/K9WNaa0S5ShSnsxvH Yr7CB9t3QHxekFOHSAshcgrWcXsQrV46eGppuEX9umIBsud8BenbB1Q02irrrrDN DFs+qrBwcAjee/+jWhyyM3FDCTN43wpQxEXTzJ1HFzlJw4v791jrSIY75H1gHOEq cIpa02vwGhfG4tx7W9mhvbNMC3MFi6KU5BOdpg86inflKHjilCC+/hjaYs68HayT Ma3AlXBcXziREiJ9mzCkSqoGgRnsXZLfBnAQGaXzJAj5V/UlsrRCInuh69edwQQ7 W1gmlge5sqiTFCungXviHBfCCoWvL7q/M0my7ttnHsczBSPu1dQ8H1wkTM3K95kC BHunmWzxPf/fsJKc7COXhMtU7dLbpdTb5qrTq1zdUH2UKwjS34/1j+wettg/tg56 0fd0Yio8IGwMO9Cuo/TjizmzRpJQ1SV9HAEm7M/OcUqL4nCjyWo= =mjfh -----END PGP SIGNATURE----- --leWbavsGrAIUhu8h--