From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: passt.top; dmarc=none (p=none dis=none) header.from=gibson.dropbear.id.au Authentication-Results: passt.top; dkim=pass (2048-bit key; secure) header.d=gibson.dropbear.id.au header.i=@gibson.dropbear.id.au header.a=rsa-sha256 header.s=202510 header.b=ZQlfQqAA; dkim-atps=neutral Received: from mail.ozlabs.org (mail.ozlabs.org [IPv6:2404:9400:2221:ea00::3]) by passt.top (Postfix) with ESMTPS id 4E2735A0271 for ; Thu, 20 Nov 2025 01:05:35 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gibson.dropbear.id.au; s=202510; t=1763597132; bh=k/FFuIUt7LCqcYtM9E67Jcgqoqcha4Va9CWjxbY651Q=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=ZQlfQqAA3QCe08doJyg36qG9mLVEnRXidNZXkNylsmZhsgh20f0G7J1LSXChSUiS6 brO4vzCrv2vmV6o/0iMwacNztgVVVhu78mJwNpOledyPwp+ddygI3PLL32A6PKvGpa mQ278UpXX0WUheu+xEJRsDpEW0mGXUWXRVwRQB1t94T5MHUDEcgog86D2GhR4tf+mP FNgm5Tapg/1yDnXvlE2UkcNYSRvuOLE1RzJSGNrfMiSviBk4E4nBxHaSbpHmxlXcpZ 83YwKJLlPGWZI384mUdB+1weL2EpFkxBGS8Tu4y9QMWr6Aqe87S6sp4Z3iHPZ5rHwH bKMC1heBLvSDA== Received: by gandalf.ozlabs.org (Postfix, from userid 1007) id 4dBdsS14gYz4wBG; Thu, 20 Nov 2025 11:05:32 +1100 (AEDT) Date: Thu, 20 Nov 2025 11:05:25 +1100 From: David Gibson To: Stefano Brivio Subject: Re: [PATCH v3 2/8] util, flow, pif: Simplify sock_l4_sa() interface Message-ID: References: <20251029062628.1647051-1-david@gibson.dropbear.id.au> <20251029062628.1647051-3-david@gibson.dropbear.id.au> <20251113073313.1287b4dc@elisabeth> <20251118011921.4094e698@elisabeth> <20251119124204.25650cb3@elisabeth> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="6h6ygbGLQR6fbaC7" Content-Disposition: inline In-Reply-To: <20251119124204.25650cb3@elisabeth> Message-ID-Hash: GOA63U3JYOTOBHFPEYGNOLC72J5KE4GP X-Message-ID-Hash: GOA63U3JYOTOBHFPEYGNOLC72J5KE4GP X-MailFrom: dgibson@gandalf.ozlabs.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: passt-dev@passt.top X-Mailman-Version: 3.3.8 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: --6h6ygbGLQR6fbaC7 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Nov 19, 2025 at 12:42:04PM +0100, Stefano Brivio wrote: > On Tue, 18 Nov 2025 14:34:58 +1100 > David Gibson wrote: >=20 > > On Tue, Nov 18, 2025 at 01:19:21AM +0100, Stefano Brivio wrote: > > > On Fri, 14 Nov 2025 10:21:46 +1100 > > > David Gibson wrote: > > > =20 > > > > On Thu, Nov 13, 2025 at 07:33:13AM +0100, Stefano Brivio wrote: =20 > > > > > On Wed, 29 Oct 2025 17:26:22 +1100 > > > > > David Gibson wrote: > > > > > =20 > > > > > > sock_l4_sa() has a somewhat confusing 'v6only' option controlli= ng whether > > > > > > to set the IPV6_V6ONLY socket option. Usually it's set when th= e given > > > > > > address is IPv6, but not when we want to create a dual stack li= stening > > > > > > socket. The latter only makes sense when the address is :: how= ever. > > > > > >=20 > > > > > > Clarify this by only keeping the v6only option in an internal h= elper > > > > > > sock_l4_(). External users will call either sock_l4() which al= ways creates > > > > > > a socket bound to a specific IP version, or sock_l4_dualstack()= which > > > > > > creates a dual stack socket, but takes only a port not an addre= ss. =20 > > > > >=20 > > > > > I'm not sure if we'll ever need anything different, but I guess t= hat > > > > > this is not the only obvious semantic of sock_l4_dualstack(), as = it > > > > > could take a sockaddr_inany eventually, and bind() IPv6 address a= nd its > > > > > v4-mapped equivalent (...does that even work?). =20 > > > >=20 > > > > Do you mean that if we have a v4-mapped address, then using an IPv6 > > > > "dual stack" socket will listen both for IPv4 traffic and for IPv6 > > > > traffic actually using that v4-mapped address on the wire (presumab= ly > > > > as a result of a router translating to a local IPv6-only network)? = I > > > > think that will work, though I haven't tested. =20 > > >=20 > > > Yes, that's what I meant. > > > =20 > > > > In that case we can determine that we need IPV6_V6ONLY from the > > > > address. The only case that doesn't cover is if we want to listen = for > > > > v4-mapped traffic already translated by a router but *not* native I= Pv4 > > > > traffic. I don't see a lot of reason to ever do that, so it's in t= he > > > > "refactor if we ever discover we need it" pile. =20 > > >=20 > > > I thought that we might want to listen on both IP versions for whatev= er > > > reason, on a single socket, with a specific address (say, that v4-map= ped > > > address and the equivalent untranslated address...?). =20 > >=20 > > I'm not really sure what you mean by an "equivalent untranslated > > address". AFAIK, the only non-wildcard case that will actually listen > > on both IP versions is a v4-mapped address. >=20 > I mean 192.0.2.1 (untranslated, IPv4) and ::ffff:192.0.2.1 (v4-mapped). > Will we ever want to listen to both? Maybe one day, but not soon, I think. > I don't think we have to care about that right now, though. Agreed. > > So, yes we probably should explicitly set IPV6_V6ONLY=3D=3D0 for v4-map= ped > > addresses as well. > >=20 > > > I know it can't be done now anyway, I'm just saying that > > > sock_l4_dualstack() forcing wildcard addresses isn't something we sho= uld > > > imply as part of "dualstack". =20 > >=20 > > Hm, ok. What if I renamed it to sock_l4_dualwild()? >=20 > Short-hands for "wildcard" aren't necessarily obvious. I would have > gone with "dual_any" or "dualstack_any" or "v4v6_any" or "inany_any". 'dualstack_any' is definitely a better idea. Unfortunately, I forget to change this in my last spin. > But actually it can also stay like that, I guess, especially as this > looks refactor-prone for https://bugs.passt.top/show_bug.cgi?id=3D140. True. > I > just wanted to raise the fact it's not obvious that "dualstack" implies > :: and 0.0.0.0. It doesn't need to be addressed in code or comments now, > or ever. Ok. Sounds like it's definitely worth a respin. Perhaps I'll add a rename patch into some future series. --=20 David Gibson (he or they) | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you, not the other way | around. http://www.ozlabs.org/~dgibson --6h6ygbGLQR6fbaC7 Content-Type: application/pgp-signature; name=signature.asc -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEO+dNsU4E3yXUXRK2zQJF27ox2GcFAmkeWzcACgkQzQJF27ox 2GdMCxAAmXgvb9Kk5qBESszMwX+jwwfanrKHW9JleciwXbtcUD4bm+LNPDKsRfB/ TRLNae78LHFHp6Wfm1y212HprwMQKxflMZ08a7J2ICx1QQ1Pmjp/lIzSfGcE0+ig rphcbG/08q8VZMLe1mlJfOOWAmg9lEy8GeXzUyS0Y36BpykmUCWJrtOyMIo4S/kK Ph5wjcqLVZbsaP/Rb0l6KpobjsLRe16U1oVpAMDVrK8U12DrmRTebLKVW+mBjtLv 3BH3FqCyKHM6UrOzoB/98CajYUd6TCC/uj+V1e8/SlAvShoDVtJRz9e2secTfrRP 2hbiizSvTaZgiiyQvAe0Up4Xaw9Cg5wSvUXIxsWwo16ZuGyYpGA5meoWyVLJWwgj 72RSFTflNwkBoeFSWUl004syn5tU/7JKwMga2zwB/6NIRlYHXugFKbeee5gmOgxm m+cWAvJaZyvT+kRaKBuAs009FCitQrSL0FbZTa3zjkMi5A7c4xt6so9+Z6iPz3XH Ykq1YIcdZt9mbJidPrd98XuO+cA99/MxAXplP47VEUJUSLWt+LzofHXOT1fvhrNP DEkZ4IOsTpGic1eIHSWlthmNQOu/pyNFgom/eEopsIBXB3gSoyt6WzW3AHUVOl0v XRFnNsnmqThy0ZnmH+HQaBVQ3NcyKNryHy0JAQh3TdxmrNC/0EA= =bRN/ -----END PGP SIGNATURE----- --6h6ygbGLQR6fbaC7--